# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: 1312 stealer, fraudae stealer, pentagon stealer, vilsa stealer

# Reference: https://x.com/ViriBack/status/1817358751726268613

http://37.114.46.97

# Reference: https://x.com/iam_rajhans/status/1795435228460470496

http://185.196.9.142

# Reference: https://x.com/banthisguy9349/status/1817605497056342389
# Reference: https://urlscan.io/search/#hash%3A43ed34a1eb8fa8bd3e53b353c5f26eac036884f36c16d5c2114068ce881913bd

1312stealer.ru
globaldata-cloud.com
stillnotlovingthepolice.ru

# Reference: https://x.com/FalconFeedsio/status/1826567999869845571

http://45.137.70.18

# Reference: https://x.com/iam_rajhans/status/1829478112150646919
# Reference: https://any.run/cybersecurity-blog/pentagon-stealer-malware-analysis/

1312services.ru
1312stealing.ru

# Reference: https://x.com/FalconFeedsio/status/1836714662492360774

http://83.136.208.208

# Reference: https://x.com/ViriBack/status/1837943571409739990
# Reference: https://x.com/suyog41/status/1838474768015638723
# Reference: https://www.virustotal.com/gui/file/ae0b4722db23c6c2144807e313f11e84115741f245f209c2eb8ac80b9fe2e59c/detection

bundeskriminalamt.agency

# Reference: https://x.com/solostalking/status/1873267958874824963
# Reference: https://x.com/Fact_Finder03/status/1911835369324019724
# Reference: https://x.com/cyberfeeddigest/status/1911885348524720539
# Reference: https://any.run/cybersecurity-blog/pentagon-stealer-malware-analysis/
# Reference: https://www.virustotal.com/gui/file/13d7401a23c41df79a1c50d730f3d26816796376b64525613c30995b7b14c7b4/detection
# Reference: https://www.virustotal.com/gui/file/a1b30f01699cefd4b5c02095bc0f1763948a834b10b0f50cb6b3ec1dd08459ae/detection
# Reference: https://www.virustotal.com/gui/file/058bc573ad47068723d2e9f8fbf66200bb79e519f0f422bee4b9fd25beabacf5/detection
# Reference: https://www.virustotal.com/gui/file/7016d0ad464cccb37477257bf8e630568e1c6c838330e256449bee744918fb66/detection
# Reference: https://www.virustotal.com/gui/file/50ac2541b7bb9bc31cc66a7a674448b5eae999a7073e19013c8a098cf8be8658/detection

awndsjkduiukekwltdadjwadawds.ru
pentagon.cy
pentagonstealer.ru
stealer.cy
/awidsmdjnfsd
