# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: gh0st, pcrat

# Reference: https://www.fireeye.com/blog/threat-research/2017/05/threat-actors-leverage-eternalblue-exploit-to-deliver-non-wannacry-payloads.html

bj6po.a1free9bird.com
beiyeye.401hk.com

# Reference: https://otx.alienvault.com/pulse/5c9900511d123a6d16e75561/

mdzz2019.noip.cn

# Reference: https://twitter.com/lazyactivist192/status/1112449219653193736
# Reference: https://www.virustotal.com/gui/file/f1cd38bbb504b38d115b5c127afa913572cef4233395416b5b08aff5f718cfea/relations

z-hacker-y.win

# Reference: https://twitter.com/Jan0fficial/status/1102912998975434752
# Reference: https://pastebin.com/D2pUSzcS
# Reference: https://app.any.run/tasks/1837b1d1-a62c-4e1b-9223-b6d40dc32d9f

haohai.hopto.org
116.196.18.237:8082

# Reference: https://twitter.com/malware_traffic/status/949057588250865665
# Reference: http://www.malware-traffic-analysis.net/2018/01/04/index.html

etybh.com

# Reference: https://twitter.com/JAMESWT_MHT/status/843829412370046977

45.125.17.15:443
