# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.welivesecurity.com/wp-content/uploads/2017/07/Stantinko.pdf
# Reference: https://www.welivesecurity.com/2017/07/20/stantinko-massive-adware-campaign-operating-covertly-since-2012/
# Reference: https://github.com/eset/malware-ioc/tree/master/stantinko

185.28.22.22:81
195.226.218.234:80
93.188.161.17:8000
apihelper.org
biosysltd.com
biosysltd.org
clients1.ultimate-discounter.com
clients2.ultimate-discounter.com
clients3.ultimate-discounter.com
d3dupdate.com
ghosterystore.com
good-journal.net
hdr-group.info
hdr-group.net
hdr-group.org
icloudsrv.com
icloudsrv.info
icloudsrv.net
icloudsrv.org
judgebear.pro
kbdmai.net
mserrep.org
nano-news.info
newssocial.org
news-true.net
nvccupdate.com
rdsbase.com
robothemes.net
safesurfing.me
superbear.pro
teddy-protection.com
teddysave.me
tmrobo.com
tmrobo.org
udiscount.net
udiscounter.org
ultimate-discounter.org
upd-discounter.com
update.ultimate-discounter.com
vp9codec.com
vp9codec.net
wadgeotrust.com
wannaupdate.com
wsaudio.com
wsaudio.net
wsaudio.org
wsslupdate.org
wupdateservice.us

# Generic trails

/images/banners/b1/index.php
