# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: filemess stealer, UAC-0239
# CERT_UA: UAC-0239

# Reference: https://x.com/goldenjackel12/status/1971531984876011672
# Reference: https://x.com/smica83/status/1972574912780148923
# Reference: https://www.virustotal.com/gui/file/f7d46c07ea06e9b2def9a048c58d8f2608842d055f69515755e7fb5e5d9fdeab/detection

185.186.26.98:7324
sbufiles.cloud

# Reference: https://cert.gov.ua/article/6285731
# Reference: https://www.virustotal.com/gui/file/9875e6a4bffdee24d43282648192688051c12edc7aa4965af247ade0409f5c80/detection

87.120.93.239:2264
mrbeam.shop
promoukrnet.xyz
ssu-gov.com
ukrnetpromo.xyz
ukrostars.xyz
