# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: acr stealer, grmsk stealer

# Reference: https://twitter.com/sekoia_io/status/1784943443157930449
# Reference: https://www.virustotal.com/gui/file/5b8290f563694f3977b8fc994b6c5dc3445a3b2b87ee0fd8daf4f5fe97f55547/detection
# Reference: https://www.virustotal.com/gui/file/c20948517d9210c8a7ccac76c4ad2e474157c408c49f07497677c3fcca736976/detection
# Reference: https://www.virustotal.com/gui/file/f7d15a3027d3a430511630c91898c72b91b5fb42bf99315cc5a5ef009a473835/detection
# Reference: https://www.virustotal.com/gui/file/aa02880802bfcd04ebfbd1dcc0289ccfa7cd8143175c1964aacaa18e2834fac8/detection

dervinko.biz
iicc.fun
veronicabal.com

# Reference: https://twitter.com/crep1x/status/1785766443226640666

trxh.xyz
trxq.xyz
trxu.xyz

# Reference: https://x.com/seanmw/status/1824118200620982285
# Reference: https://x.com/ddash_ct/status/1824181880540840274
# Reference: https://www.virustotal.com/gui/file/e8aeacf53531c3e4befc2c750f7592e7d22e0d6a0e728ea60566e798d148ea50/detection
# Reference: https://www.virustotal.com/gui/file/f13acf740d98741b63fdc372029439fe6a703c50a46d1d15fc277cdb06e53751/detection
# Reference: https://www.virustotal.com/gui/file/f8fe61e04324bca052cb7a6808c0e15502128106028e9cd9bbca5426ee2b568f/detection
# Reference: https://www.virustotal.com/gui/file/9b46bfe252190136a14ad3f63628469c0f8e0587b36ffc56ad9edb8e8bc0d510/detection
# Reference: https://www.virustotal.com/gui/file/909c5de972488ba5961601480c7e802dc9eb743000ec0b1ab89a4baf601cb42c/detection
# Reference: https://www.virustotal.com/gui/file/bf04f1095661a32fae746430ff31de02f686ddadd288d9ea3b58d4279e079c41/detection
# Reference: https://www.virustotal.com/gui/file/1ef9e69d370034db2a2d26971b626f15e8da6d4da9f4015738e77f3dbbb2765c/detection

http://188.40.17.118
http://193.233.132.92
http://45.61.136.124
http://81.19.135.226
http://91.103.252.225

# Reference: https://x.com/K_N1kolenko/status/1937745066463809590

cornmealjustly.lat
encountergulf.world
gawkheading.lat
b1.cornmealjustly.lat
b1.encountergulf.world
b1.gawkheading.lat

# Reference: https://www.virustotal.com/gui/file/54f0787516067eddf044fff95af7536b2f05d2f7ac3592b1955a776ea0f7fd88/detection

chatterscalded.top
hashgranite.top
b1.hashgranite.top
h4.chatterscalded.top

# Reference: https://x.com/K_N1kolenko/status/1938568444464746788

crushedwildly.top
husbandlandside.top
wreckermodule.life
xumu.press
b1.crushedwildly.top
b1.husbandlandside.top
b1.wreckermodule.life
ui.xumu.press

# Generic

/ujs/9adbbdfd-2661-43e4-8280-7f9a9698f912
