# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://blog.talosintelligence.com/2020/07/prometei-botnet-and-its-quest-for-monero.html

http://103.11.244.221
208.66.132.3:8080
211.23.16.239:443
69.28.95.50:180
69.84.240.57:180
bk1.bitspiritfun2.net
p1.feefreepool.net
gb7ni5rgeexdcncj.onion

# Generic

/cgi-bin/prometei.cgi
/chk445.php
/dllr0.php
/srchindx2.php
/walker14364.php
