# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.fireeye.com/blog/threat-research/2015/07/demonstrating_hustle.html (# APT18's campaign)
# Reference: https://github.com/fireeye/iocs/blob/master/APT18/0ae061d7-c624-4a84-8adf-00281b97797b.ioc
# Reference: https://www.virustotal.com/gui/ip-address/137.175.4.132/relations
# Reference: https://www.virustotal.com/gui/ip-address/223.25.233.248/relations

http://137.175.4.132
http://223.25.233.248
223.25.233.248:8080
128.er1620.com
223-25-233-248.revdns.8toinfinity.com.sg
admin.er1620.com
exp0day.com
ftp.exp0day.com
gmail.bkz88.com
good.myftp.org
hello.mjw.bz
info.imly.org
login.3bz.org
logo.mjw.bz
suck.er1620.com
test.3bz.org
zip.redirectme.net
