# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.cert.pl/en/news/single/ostap-malware-analysis-backswap-dropper/

185.159.82.230:443
217.28.218.217:443
217.29.58.174:4433

# Reference: https://twitter.com/bigmacjpg/status/1197229710591365122

37.252.10.127:443

# Reference: https://twitter.com/pollo290987/status/1196626465078611970

185.130.104.240:443

# Reference: https://twitter.com/JAMESWT_MHT/status/1167403459131465728

185.180.199.91:443

# Reference: https://twitter.com/bigmacjpg/status/1162031778246332417

185.180.199.102:443

# Reference: https://twitter.com/ps66uk/status/1159395052893933568

185.130.104.236:443

# Reference: https://twitter.com/JR0driguezB/status/1156119572770099200

37.252.9.107:443

# Reference: https://twitter.com/jcarndt/status/1154731650145763328

185.159.82.15:443

# Reference: https://twitter.com/HeavyMetalAdmin/status/1201945613321068544
# Reference: https://app.any.run/tasks/78537482-f546-427d-97a9-6748adb5bf07/

pathfinderglobaledupubltd.com.ng

# Reference: https://twitter.com/reecdeep/status/1229752956096057345

http://185.180.199.77

# Reference: https://twitter.com/Bl4ng3l/status/1234523286492635137

45.128.134.14:443

# Reference: https://twitter.com/reecdeep/status/1239499634386534401

45.128.134.20:443

# Reference: https://twitter.com/reecdeep/status/1235878034827337728

95.181.152.55:443
/1/1.php?g=

# Reference: https://twitter.com/reecdeep/status/1237414933442289666

194.87.96.100:443
/1/1.php?h=

# Reference: https://twitter.com/sugimu_sec/status/1239929750564425730

51.83.206.98:443

# Reference: https://twitter.com/reecdeep/status/1270998363111112704

185.159.82.226:443
/wex/eq4fMY.php

# Reference: https://twitter.com/reecdeep/status/1272803491392692224

185.159.82.228:443
/ur5ZgJ/9d3yHQ.php
