# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: apt-45, apt45, onyx sleet, silent chollima

# Reference: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/stonefly-north-korea-espionage
# Reference: https://otx.alienvault.com/pulse/626bba5ec3f783b80d69a882

bluedragon.com
cyancow.com
semiconductboard.com
tecnojournals.com

# Reference: https://x.com/threatintel/status/1841507279150940288
# Reference: https://symantec-enterprise-blogs.security.com/threat-intelligence/stonefly-north-korea-extortion
# Reference: https://www.virustotal.com/gui/ip-address/216.120.201.112/relations

216.120.201.112:443
51.81.168.157:443
phpick.com
trollbydefault.com
