# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://github.com/MISP/misp-galaxy/blob/main/clusters/rat.json
# Reference: https://www.virustotal.com/gui/file/1677e0afc52a9166c9a433e5db3864f71fe5816a98784f6ee3e86540827da084/detection

86.107.197.52:5656

# Reference: https://twitter.com/karol_paciorek/status/1721423283323564531
# Reference: https://tria.ge/231106-hfpk6ahe61/behavioral1

206.189.20.127:20000

# Reference: https://www.fortinet.com/blog/threat-research/phishing-campaign-targeting-companies-via-upcrypter

103.8.27.52:8001
afxwd.ddns.net
xtadts.ddns.net

# Reference: https://www.virustotal.com/gui/file/c8d9334dafbba9db79280a2567d9d2ede04e27255c528dff3c13e589f34e7125/detection

87.120.115.216:8080
lotuseffectllc.com
webdot.ddns.net
