# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/ViriBack/status/1698693553168236869
# Reference: https://tria.ge/230904-qwxwgagg94/behavioral2
# Reference: https://www.virustotal.com/gui/file/b81e13b002550265e44bc537de51846a59ef65be6ae2459ccda381b182c3b0b5/detection
# Reference: https://www.virustotal.com/gui/file/276cdb84c5db9d081f107c821a4b28e3b7749a0924a8445d0c021de6fbac72a4/detection
# Reference: https://www.virustotal.com/gui/file/26fd3fa8f1f4374ee00c5c9ca69afdcbc818374aa7d5f5e5c566ad2720db54f6/detection
# Reference: https://www.virustotal.com/gui/file/3f6c9b055bfc0ed718424596eb1ac8ab1126f431e756b140297b772aa4522ab2/detection
# Reference: https://www.virustotal.com/gui/file/1486569f25d01a055597e00b03356fa65456d260eec1533600b7d6d6ad494733/detection
# Reference: https://www.virustotal.com/gui/file/46f5c2493cf9015256aa234588a0ef1a9dfe0a37faaac1f1fb07a167e795372e/detection
# Reference: https://www.virustotal.com/gui/file/33254f29a7fb5d29d9701dc6f2e20221da3dc98625222f5c7c13b8383c9b26b9/detection
# Reference: https://www.virustotal.com/gui/file/3cf2b6a02e50d078784aaaf1ea1b3473c855ad239c903fa668783bf0e0e4ebc2/detection
# Reference: https://www.virustotal.com/gui/file/ff8bac77ee98e0a46e1a91305ef7fbfc6bf8006b031dd768c8989694c705f00d/detection
# Reference: https://www.virustotal.com/gui/file/4ee52fbccb9e4349d47f6c17fcb9bd41e2d0091878a8393af12438e4d5668d7a/detection
# Reference: https://www.virustotal.com/gui/file/81e2d8370eddbd47b707289b7819d8fbf5e94d60d884411923fd191c6a895c96/detection

http://77.91.97.22
151.236.21.79:2133
185.46.46.106:2132
185.46.46.124:2133
185.46.46.124:3333
185.46.46.124:3765
185.46.46.125:2133
185.46.46.125:3333
45.159.250.50:2133
77.91.97.22:2133
77.91.97.82:2133
77.91.97.82:3333
91.219.237.59:2133
94.131.2.125:2133
anticoresa9923p.hopto.org
dwdtte4wjfk8ds5.hopto.org
fdute32sdajfsda.hopto.org
pristolmag32dds.hopto.org
webarhiv23dasda.hopto.org

# Reference: https://www.virustotal.com/gui/file/ed1b3c7c8ad5daac7714461c5c7fecfc832e2b78c199a441ddad7f1b63313b90/detection

109.107.182.4:2133
109.107.182.4:3333
89.23.101.113:2133

# Reference: https://www.virustotal.com/gui/file/7a3e1ae0eac51fe3c3e75b2dd1327ccdeed545941b4c5d3e7a0052e4c918cc5a/detection
# Reference: https://www.virustotal.com/gui/file/234a3a2501b615a82d87fa901ac1cb76922e6f7670c1c718259105e863732eac/detection

109.107.182.4:2556
qqqttteserviceooos.hopto.org

# Reference: https://www.virustotal.com/gui/file/0da1c3b1adf5b708f70447cc5454d2fd58b521eef72d92739951edec283eef26/detection

http://185.221.198.114
185.221.198.114:2862
185.221.198.114:2863
185.221.198.114:2864

# Reference: https://app.validin.com/detail?type=raw&find=The+Paradox#tab=host_pairs

http://85.151.30.176

# Reference: https://x.com/ViriBack/status/1849978750634442801
# Reference: https://www.virustotal.com/gui/file/fb78bbd72d7ef40e9bf1002fe8c6d1b4b4fccc69fcbc7d9b8ca5f1d1d6057c3c/detection
# Reference: https://www.virustotal.com/gui/file/aa17cecc9169ca5f98bf7bd985b3a8f8337ca5e9e2459e6e8b805286b60b503e/detection

http://194.58.33.172
194.58.33.172:443
67b8nd9smfu0n8b7ds.hopto.org
8n7tgfdsn87dsfu9n.hopto.org
dtte48ksk8ds5.hopto.org
kigjfkdstte405.hopto.org
udtte45k8ds5.hopto.org
uiojkps98hjbds405.hopto.org
/api/v1/stealer_check.php
/uploads/Plugins/Stealer.dll

# Reference: https://www.virustotal.com/gui/file/b2bfc1a0ee5b3a1bc4b3bfd8da810f5c09968c13cd3532336650989e2be18f79/detection

185.100.157.232:6666
85.192.29.88:6666

# Reference: https://www.virustotal.com/gui/file/2f795839b213c43389e207cd24a9999f75080e237f018a6578bf0906ef837a2f/detection

silentclickteam.co

# Reference: https://www.virustotal.com/gui/file/26151bcb386780f29ef4ab7cc012d8dd5e0a56f1b0d1429c15e44f491de9e942/detection

91.92.46.78:8888
silentclickteam.store

# Reference: https://www.virustotal.com/gui/file/0cb2fc7090af557b2a0b57cfd3727016a7ebf42d695ecb51c630d3baa8b2c6bc/detection

0avxwqpqjtwkq21.hopto.org
2wdtte4wjfui309.hopto.org
3wljf82qhtyeqow.hopto.org
7nvweq9tqyweo91.hopto.org
7xqmvqlqtn5sjr3.hopto.org
8jfdbwglwi6ns92.hopto.org
91kdy4fjnqtphj2.hopto.org
kqpw8tj2qtph2l9.hopto.org
mqlw8tj29dlqt91.hopto.org
q9dpwljfqt9qh4v.hopto.org
tyqwpnfqht82qlo.hopto.org
vqpw74fqnzqtqe1.hopto.org
vviukjdsjnj25i5.hopto.org
vvu8ghu9oij25i4.hopto.org
vvuuunwwgyuigi2.hopto.org
wwuttenwgyui3s1.hopto.org
xqpw71fnqtwe81v.hopto.org
z8hd74jqpxt19zq.hopto.org

# Reference: https://www.virustotal.com/gui/file/d01fbd813981b35c47ec5ee8dff94a9c823c483d9986024a4bd9c2149a1a465a/detection

http://193.233.126.26

# Reference: https://www.virustotal.com/gui/file/669da3d89bbd669993d7c73dd641e24adf84dbee6a9c954e02fc70e2bb48c2a3/detection

193.233.126.26:443
193.233.126.26:6062
