# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: d0nut, donut ransomware, donutleaks

# Reference: https://github.com/marktsec/Ransomware_Official_Domains#donutleaks
# Reference: https://www.thedfirspot.com/general-8-1

dk4mkfzqai6ure62oukzgtypedmwlfq57yj2fube7j5wsoi6tuia7nyd.onion
doq32rjiuomfghm5a4lyf3lwwakt2774tkv4ppsos6ueo5mhx7662gid.onion
qkbbaxiuqqcqb5nox4np4qjcniy2q6m7yeluvj7n5i5dn7pgpcwxwfid.onion
sbc2zv2qnz5vubwtx3aobfpkeao6l4igjegm3xx7tk5suqhjkp5jxtqd.onion

# Reference: https://x.com/malwrhunterteam/status/1861313302158061886
# Reference: https://www.virustotal.com/gui/file/884b2dca156a08177d0b717955790255b3504f9113f72827f6766faa563e5398/detection
# Reference: https://www.virustotal.com/gui/file/4b7a85411716775d966284e879a6bda87feade4c9f40cb94ade6e217793e8a84/detection
# Reference: https://www.virustotal.com/gui/file/2ab6abc289406d0d1ab978de646363c27af5b52113dc9ab7d1bfbae386dfc56d/detection

http://148.135.121.165
148.135.121.165:443

# Reference: https://www.virustotal.com/gui/file/0a9993b7cd16c4fc0a1eeb72b70d92b6f2214c6f3357f2552eeb8979f317ca6c/detection

3.142.247.110:3030

# Reference: https://www.virustotal.com/gui/file/973178e08e89af872795011181af63203eb48304a3afa283788f26f96e905657/detection
# Reference: https://www.virustotal.com/gui/file/a0d059c144eca1f9c864919d5f82e31206f5701f6dc9e8a2f33a434193a9c064/detection

onbet88vn.vip
vv12345.top

# Reference: https://x.com/smica83/status/2023397702726484029
# Reference: https://tria.ge/260216-q48b6sgw8g/behavioral1
# Reference: https://www.virustotal.com/gui/file/ae5164110f7dc3098312666f32016d2136cc65e24c2f96ddb917810b186f0234/detection

more-arpc.icu
qbetfhwz.xyz
polygon.qbetfhwz.xyz

# Reference: https://x.com/smica83/status/2024436587925295316

48o7as4fn2.ucarecd.net
