# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# (aka DarkComet)

# Reference: https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Backdoor:Win32/Fynloski.A

slimx.comule.com
slimmy.noip.me

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Fynlosk-AC/detailed-analysis.aspx

malka-reklama.com

# Reference: https://www.virustotal.com/en/file/88b322f35736cb13ecaba8539366da9282321945f37deded86aab3a6d3418d95/analysis/
#            https://malwr.com/analysis/ZTFkNTkyOTIyYWY5NGQxNDg3OThhOThmMDY5NGM0OWQ/
#            https://malwr.com/analysis/NTliNzQ4MmUwODVlNGMxNWJiZmExMDViYTJjNzRkNmM/

nobodywithyou.quicksytes.com
unfaithfull.mine.nu
nobodylikeyou.broke-it.net
unfaithfull.golffan.us
noremotenj.dnsfor.me

# Reference: https://blog.talosintelligence.com/2018/09/threat-roundup-0907-0914.html (Win.Dropper.Darkkomet-6680876-0)

val.myftp.org

# Reference: https://citizenlab.ca/2016/08/group5-syria/

alienfiend.3utilities.com
alirezaz74.no-ip.info
amiir.ddns.net
ashiyane.ddns.net

# Reference: https://citizenlab.ca/2015/10/mapping-finfishers-continuing-proliferation/

a.ddns.me
r.ddns.me

# Reference: https://twitter.com/Racco42/status/1046878564359000064

elumadns.eluma101.com

# Reference: https://twitter.com/ScumBots/status/1048377827765223430

control-pc.ddns.net

# Reference: https://twitter.com/fumik0_/status/1050643239273779200

fanddes.ddns.net

# Reference: https://twitter.com/JAMESWT_MHT/status/1108304088477900801

malconwire.ddns.net
mstanley.ufcfan.org
winningstar.ddns.net

# Reference: https://twitter.com/JAMESWT_MHT/status/1118088254224515072
# Reference: https://app.any.run/tasks/99fa923c-c2dd-4915-83d5-9ce6c00263ed
# Reference: https://www.virustotal.com/gui/file/9a35d2cb233f438f07289232971a82c0b70ada771a4769194686c83414abfed6/detection

egusi.duckdns.org
197.210.47.22:1007

# Reference: https://twitter.com/James_inthe_box/status/1029772632638382080

51.254.93.85:22475
