# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: byeby, microcin, mikroceen, vicious panda

# Reference: https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/

dw.adyboh.com
wy.adyboh.com
feb.kkooppt.com
compdate.my03.com
jocoly.esvnpe.com
bmy.hqoohoa.com
bur.vueleslie.com
wind.windmilldrops.com

# Reference: https://twitter.com/Sebdraven/status/1244532660690718722
# Reference: https://app.any.run/tasks/38c37dfa-b070-4b28-b475-a09763f00d8c/

msdtcupdate.com

# Reference: https://www.welivesecurity.com/2020/05/14/mikroceen-spying-backdoor-high-profile-networks-central-asia/
# Reference: https://github.com/avast/ioc/tree/master/Microcin
# Reference: https://github.com/eset/malware-ioc/tree/master/mikroceen/

612bb.sheetsbrandnewday.com
9hnvb8917gzr.com
ans.moutw.com
app.obokay.com
bzz.utakatarefrain.com
future-hope2011.com
kliju.wulinon.com
log.bestrongerlouder.com
nan.thanhale.com
offcialwrittencomplaint.com
qrot.apjgtipty.com
runtime.heroisshit.com
update.heroisshit.com
yuemt.zzux.com
heroisshit.com

# Reference: https://securelist.com/microcin-is-here/97353/
# Reference: https://otx.alienvault.com/pulse/5ef2300c6b8792647750e3bf

apps.uzdarakchi.com
forum.mediaok.info
forum.uzdarakchi.com
owa.obokay.com
mediaok.info
obokay.com
uzdarakchi.com
