# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: Fabookie.ge, JazoStealer

# Reference: https://twitter.com/JAMESWT_MHT/status/1281154921811841026
# Reference: https://twitter.com/Arkbird_SOLG/status/1281269633992069121
# Reference: https://twitter.com/stamparm/status/1352551926383206400
# Reference: https://app.any.run/tasks/ca9bb8a8-7f62-4082-b246-b63decea1895/
# Reference: https://app.any.run/tasks/52c141f7-3823-43f5-ae90-896262f4483d/
# Reference: https://app.any.run/tasks/e197837b-580d-45c0-9caa-f79c6c8e8212/
# Reference: https://app.any.run/tasks/bcbe1b59-c0a2-4bab-aac1-1e94468b830b/
# Reference: https://app.any.run/tasks/85cf40f9-a5ae-4be1-8d9e-a021745ed87e/
# Reference: https://app.any.run/tasks/56691186-4155-4e8d-99b9-7ea14461ea97/
# Reference: https://www.virustotal.com/gui/file/502ce2c7e598c46b3ce22e24dbbdce07042b2d6e63f8ffc08c8940f3845b8356/detection

2ihsfa.com
wsfsd33sdfer.com
wdsfw34erf93.com
jfiuuhgg.com
jfoaigh.com

# Reference: https://www.virustotal.com/gui/file/ab1dc8ee52c03549f3e6edac87476a325da33d076cd0109b7d863418475b219b/detection

wws23dfwe.com

# Reference: https://www.virustotal.com/gui/file/9df1beaa8e4e864253fef80aa964ccf5876376116e9a62ab46e724491eb09e8a/detection

uyyge5w3ye.2ihsfa.com

# Reference: https://www.virustotal.com/gui/file/96701ee98517a4131272c84c7fc305ba4e3805e44aa763473daa65899e76c17b/detection

uehge4g6gh.2ihsfa.com

# Reference: https://www.virustotal.com/gui/domain/hfuie32.2ihsfa.com/relations

hfuie32.2ihsfa.com

# Reference: https://www.virustotal.com/gui/file/7a6c8ce1e4a64866a8e1341f135544aeb2b7ca4b27d784885dc75df7a96e56f8/detection

pirod-dcn.xyz

# Reference: https://twitter.com/Mesiagh/status/1402322843178729479

waaer435fc.com

# Reference: https://tria.ge/201201-kjhm5lgw4j/behavioral1
# Reference: https://www.virustotal.com/gui/file/fc8f0522f5dcffc6ef41ce4c075a245d3f1ee55dda8a63c647eee6fdba4da25a/detection

http://95.181.155.112

# Reference: https://www.virustotal.com/gui/file/68aab4d5d6d862bbf77cf836e80ea486a14ae11bc32cec46291a32834dd15045/detection

wdsewfsd.com

# Reference: https://www.virustotal.com/gui/file/530e0002c120d13962f54641655060f420625a3ee39b740dac62a644bda96ede/detection

hhiuew33.com

# Reference: https://www.virustotal.com/gui/file/27548c9c3786d5906ecc3e283b4dac95271e88a378e16bc9e61c72be6d944879/detection

youtuuee.com
staticimg.youtuuee.com

# Reference: https://www.virustotal.com/gui/file/1261578647f25a54587282ebcd5ce80c2eb63d05a351c75d99cc6ae18907d105/detection

hdkapx.com

# Reference: https://www.virustotal.com/gui/file/046e4daa736c7e8893915ed97ab371bea38c39e8da63bcd4792cff47a13ee21d/detection

uskskskggkk3.2ihsfa.com

# Reference: https://www.virustotal.com/gui/file/32d081287ed11af4a7cec2a17e44885fd80d8770a4b1ef21da009e68f97bf9b6/detection

phg67.fun
rck.phg67.fun
220825063923457.rck.phg67.fun

# Reference: https://www.virustotal.com/gui/file/1aa2d32ab883de5d4097a6d4fe7718a401f68ce95e0d2aea63212dd905103948/detection

ofu90.fun
ago.ofu90.fun
220909072241620.ago.ofu90.fun

# Reference: https://www.virustotal.com/gui/file/31f8bdd38a00e70cad9429a975013776de36d42df4fef6899ce84869579e4d5a/detection

apiaaaeg.com
aaa.apiaaaeg.com

# Reference: https://www.virustotal.com/gui/file/23941746340e89fb699e4ecec106fbfd40186fc5b483bf72d82d5d5a2706863f/detection

eiwaggff.com
winrarpc.me
hhe.eiwaggff.com
ss.winrarpc.me

# Reference: https://www.virustotal.com/gui/file/06c9681d0fcdc083535d3aaa823b0d5a483bb93f237fb7857cd8e72b20f4088c/detection

ajn322dd.com
aaa.ajn322dd.com

# Reference: https://www.virustotal.com/gui/file/02074294a16b02d4deb61f85f16c2ef3847f47cf5c53c5c15c011a854486f1ef/detection

eiwaggee.com
e.eiwaggee.com
jkk.eiwaggee.com
kke.eiwaggee.com

# Reference: https://www.virustotal.com/gui/file/05e89787eba776d800d12da5e71a7a6a81a7724306ac2788dd8df4c6f9ac0c4a/detection

eiwagggg.com
bbg.eiwagggg.com
ert.eiwagggg.com
ery.eiwagggg.com
jjf.eiwagggg.com
kkh.eiwagggg.com
llo.eiwagggg.com
vvg.eiwagggg.com

# Reference: https://www.virustotal.com/gui/file/af03c1abaef7a6da4aedc600e8b92bf82fca6ae4b9c1efc628caf5d0f21acb37/detection

bbbeioaag.com
ffbbjjkk.com
ffbbhhtt.com
ffbbyykk.com
iiagjaggg.com
bz.bbbeioaag.com
count.iiagjaggg.com
h.ffbbhhtt.com
j.ffbbjjkk.com
y1.ffbbyykk.com

# Reference: https://medium.com/checkmarx-security/who-broke-npm-malicious-packages-flood-leading-to-denial-of-service-77ac707ddbf1

ghwiwwff.com
ji.ghwiwwff.com

# Reference: https://app.any.run/tasks/7fa313e3-fa28-493f-ae5a-a66525b29fd5/

fhauiehgha.com
imgjeoigaa.com
imgjeoogbb.com
aa.imgjeoogbb.com
us.imgjeoigaa.com
zzz.fhauiehgha.com

# Reference: https://www.virustotal.com/gui/file/0cc7883198df53af5b4e7d6b14204ea5ab51066a52031f8f814cedccc491bd9a/detection

jaoaaoas11.com
ji.jaoaaoas11.com

# Reference: https://www.virustotal.com/gui/file/9f07d1277c2997a4e872084df43c62b031d0c28e9ef51d1f261354d33ef3f72a/detection

alie3ksgbb.com
nnnaajjjgc.com
app.nnnaajjjgc.com
jjz.alie3ksgbb.com
z.nnnaajjjgc.com

# Reference: https://www.virustotal.com/gui/file/ec8c114e9c0bd6154bd58396c72fabe79e2ffe70dea761cabc98b35186723360/detection

alie3ksgdd.com
zzz.alie3ksgdd.com

# Reference: https://www.virustotal.com/gui/file/b10bddd95c77f0d541789e40a9fff56d4c1ccdcfd1cedfb2c6f0ae8eba49787e/detection

alie3ksgbb.com
ji.alie3ksgbb.com

# Reference: https://www.virustotal.com/gui/file/04fd3794814871b31fef000b51e51b6c20ad7646b3c74a585a668f95cf14fa06/detection

jhia6gyygcc.com
ji.jhia6gyygcc.com

# Reference: https://www.virustotal.com/gui/file/7b9c1aa81aef60c0b403ff3859fc4c6be0b48fb56e1a4456f42ed0da84941993/detection

ajn322bb.com
mnh.ajn322bb.com

# Reference: https://www.virustotal.com/gui/file/4436e908111bd5641201fec0b80656609cda5c3d189a5f5e8c3fde69a50f88dc/detection

alie3ksgaa.com
app.alie3ksgaa.com
i.alie3ksgaa.com

# Generic

/api/fbtime
/index.php/api/fb
