# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: taurus, taurusproject

# Note: TaurusProject is the fork of PredatorTheThief stealer (../malware/static/predatory.txt trail)

# Reference: https://twitter.com/3xp0rtblog/status/1254079067810336768
# Reference: https://twitter.com/3xp0rtblog/status/1254114481942040577
# Reference: https://app.any.run/tasks/61ce3caf-0d75-4cd0-95f1-cdd44ddb4493/
# Reference: https://www.virustotal.com/gui/domain/bit-browser.gq/relations
# Reference: https://twitter.com/James_inthe_box/status/1254125471555436544
# Reference: https://twitter.com/jorgemieres/status/1259962391573475334
# Reference: https://twitter.com/prsecurity_/status/1260334912122482689
# Reference: https://www.virustotal.com/gui/ip-address/185.219.83.222/relations
# Reference: https://twitter.com/VK_Intel/status/1261382405148995584
# Reference: https://www.virustotal.com/gui/file/96607a386593afb5d45891a249e3601512e25acfebd8230a35182db5745650bc/detection

http://185.141.62.161
http://185.219.83.222
http://95.216.10.214
bit-browser.gq
daxex.pro

# Reference: https://twitter.com/James_inthe_box/status/1263176296244195328

cogihold.site

# Reference: https://twitter.com/abuse_ch/status/1269174732773097472

atest001.website

# Reference: https://twitter.com/abuse_ch/status/1271549660453376000

cloudstage.xyz

# Reference: https://twitter.com/ViriBack/status/1273589449453158401
# Reference: https://www.virustotal.com/gui/file/4a30ef818603b0a0f2b8153d9ba6e9494447373e86599bcc7c461135732e64b2/detection

http://64.225.22.106

# Generic

/gate/cfg/?post=
/gate/log/?post=
