# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: apt-c-41 , promethium, strongpity

# Reference: https://www.proofpoint.com/us/daily-ruleset-update-summary-20180522

ms-sys-security.com

# Reference: https://twitter.com/VK_Intel/status/1189939324344766464
# Reference: https://www.virustotal.com/gui/file/b75fbe3b21d83e2000928349d1610f292e1a4c072fd0454309fe1c6c7d85ff46/detection

upd32-secure-serv4.com

# Reference: https://twitter.com/Vishnyak0v/status/1219590822204727296

apt5-secure3-state.com

# Reference: https://www.virustotal.com/gui/file/80ad6598f6e0b7c2b7258cbb69aa782dbcac308ca3d9d451b9bb5290b943a58f/detection

193.235.207.60:443

# Reference: http://www.tgsoft.it/english/news_archivio_eng.asp?id=781

myrappid.com
pinkturtle.me
ralrab.com
mytoshba.com
truecrypte.org
true-crypte.website

# Reference: https://vxcube.com/recent-threats-ioc/5bf0f120a39bb52be98684cd/detail

srv601.ddns.net
srv602.ddns.net
updatesync.com
svnservices.com
ftp.mynetenergy.com
windriversupport.com
truecrypte.org
edicupd002.com

# Reference: https://twitter.com/kyleehmke/status/1220738826513063942
# Reference: https://app.any.run/tasks/6ae5416b-fc75-405f-8888-71d5f6c7de4d/

ms6-upload-serv3.com
state-awe3-apt.com

# Reference: https://twitter.com/CTI_Marc/status/1221809588925800449

serv3-app-system4.com

# Reference: https://twitter.com/kyleehmke/status/1227950151140073472

node1-cdn-network.com

# Reference: https://twitter.com/Vishnyak0v/status/1229725292513636353

syse-update-app4.com

# Reference: https://cybersecurity.att.com/blogs/labs-research/newly-identified-strongpity-operations
# Reference: https://app.any.run/tasks/3ab76ba4-b4ab-4e18-b3b6-9f56e3202056/

apn-state-upd2.com
app-mx3-delivery.com
cdn2-state-upd.com
cdn2-svr-state.com
cdn4-rxe3-map.com
mx-upd2-cdn-state.com
oem-sec4-mx32.com
srv-cdn3-system.com
srv5-upd51-mx3-sec22.com
svr-sec2-system.com
sys4-upload2-srv.com
system6-mxe-ups3.com
upd-ncx4-server.com
upd-network-ms2.com
upd-secure-srv1.com
upd2-app-state.com
upd3-srv-system-app.com
upd56-state3-cdn7-mx8.com
upn-sec3-msd.com

# Reference: https://twitter.com/malwrhunterteam/status/1264137361446899712

hostoperationsystems.com

# Reference: https://twitter.com/voodoodahl1/status/1265340234054668289

mentiononecommon.com
ms21-app3-upload.com
mailtransfersagents.com

# Reference: https://twitter.com/BaoshengbinCumt/status/1313717536865742848
# Reference: https://www.virustotal.com/gui/file/04c6b2e93ee33d4b12f61c565ef164931ce8bb8225d0a80cae32782c1c30a802/detection
# Reference: https://www.virustotal.com/gui/file/2ea1ff8dc4a5ea276f8ae4137cbce0fd80b27d662dc0969127b454f5c0aa34e1/detection
# Reference: https://www.virustotal.com/gui/file/3da5ad345fa5dc65c5313a0846897ba696630e1b4c6b9388e7a479edce27745e/detection

cerulearc.com
protectapplication.com
record-fords.cerulearc.com

# Reference: https://twitter.com/BaoshengbinCumt/status/1330056911195136012

transferprotocolpolicy.com

# Reference: https://twitter.com/BaoshengbinCumt/status/1333302456185339904
# Reference: https://www.virustotal.com/gui/file/0265e9f22753a574dcc0f20fdb1838aaf22ba17e8f2577d1d88a811ed1f6467b/detection
# Reference: https://www.virustotal.com/gui/file/0f4933ae0b67f03154f36c3e47acd5eece9b3872677a30fdaf22df952b96b704/detection

ms-cdn-88.com

# Reference: https://twitter.com/BaoshengbinCumt/status/1333583293636255745
# Reference: https://www.virustotal.com/gui/file/4f4efb22c0bdd0bd8d1af525594571f31c641f8e5aa65b0b563bfad01e4a4505/detection

updserv-east-cdn3.com

# Reference: https://twitter.com/BaoshengbinCumt/status/1342761047967481856
# Reference: https://www.virustotal.com/gui/file/1185998fd595936708c1fc5a3ddeadbdd46b88e216419597da0b461e136ddfa7/detection

uppertrainingtool.com

# Reference: https://twitter.com/BaoshengbinCumt/status/1344270106201784320
# Reference: https://www.virustotal.com/gui/file/4efa6bc5ffe7b39a4e7f674e081e6428e981a11ac8289bd71e527213ec541fc8/detection

findingpcdrivers.com
