# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.virustotal.com/#/file/53a2ad2b8271d1220e3de49c5962ae7f93a339a8e40484c20e1c2e7c06261e2e/detection

tolo.chickenkiller.com

# Reference: https://www.virustotal.com/#/domain/chocolate.zyns.com

chocolate.zyns.com

# Reference: https://www.sentinelone.com/blog/zusy-powerpoint-malware-spreads-without-needing-macros/

cccn.nl

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Zusy-C/detailed-analysis.aspx

ekadus.be
eksyghskgsbakrys.com
felsy.be
msrgejsdyvekadh.com

# Reference: https://www.hybrid-analysis.com/sample/72d6e9c228eeae8aba33f653d16adf63c231d4370e989a0ab10853fa87b23562?environmentId=100
# Reference: https://www.virustotal.com/gui/file/72d6e9c228eeae8aba33f653d16adf63c231d4370e989a0ab10853fa87b23562/detection

sobea.in

# Reference: https://blog.talosintelligence.com/2019/10/threat-roundup-for-september-27-to.html (# Win.Malware.Zusy-7191579-1)

brureservtestot.cc

# Reference: https://blog.talosintelligence.com/2019/10/threat-roundup-1011-1018.html (# Win.Malware.Zusy-7288173-1)

spaines.pw

# Reference: https://blog.talosintelligence.com/2019/06/threat-roundup-0614-0621.html (# Win.Malware.Zusy-6995723-0)

qytufpscigbb.com

# Reference: https://blog.talosintelligence.com/2022/01/threat-roundup-0107-0114.html (# Win.Dropper.Zusy-9934735-0)

boc88.net
test.3322.org.cn
1.test.3322.org.cn
2.test.3322.org.cn
3.test.3322.org.cn
4.test.3322.org.cn
5.test.3322.org.cn
6.test.3322.org.cn
7.test.3322.org.cn
8.test.3322.org.cn
9.test.3322.org.cn
dllianyin.3322.org
freesky365.gnway.net
xinzhutw.3322.org

# Reference: https://www.virustotal.com/gui/file/0000862b4cf858e371bfd91ac36f42cae0544218deedf1007b5e6891b8ba950d/detection

mvccs.webege.com

# Reference: http://blog.talosintelligence.com/2022/02/threat-roundup-0211-0218.html (# Win.Malware.Zusy-9938804-0)

kulove123.com
cs.kulove123.com
download.kulove123.com
gky.kulove123.com
hh.kulove123.com
sp.kulove123.com

# Reference: http://blog.talosintelligence.com/2022/02/threat-roundup-0218-0225.html (# Win.Trojan.Zusy-9939468-0)
# Reference: https://www.virustotal.com/gui/file/372e2bd0518187b538b56e6e50490ddbafea386317fcb8cae36c03c32823cb7d/detection

astfv43kol.com
c0p1.com
dgaf2v43.com
dgaf2v.com
lovf43ast.com

# Reference: https://www.virustotal.com/gui/file/ed32349045ac2fd896e2cc78fa57af1f07e8aebeaed57073250755867cdfb78e/detection

330237077.corolain.ru

# Reference: https://blog.talosintelligence.com/2022/05/threat-roundup-0429-0506.html (# Win.Packed.Zusy-9949055-0)

ldrlucky.casa

# Reference: https://www.virustotal.com/gui/file/29074155ce9d467de0538ee93c553663d5fe71c9025860e0e351a060c4469aa5/detection

apples.suroot.com

# Reference: https://www.virustotal.com/gui/file/c45e9dcc24ead51ced1a217c2e39c64a9ac224f8398c00b2509d66e91cdf7049/detection

enscrollsafterbayesocyclic.com
/v5/bgzt.php

# Reference: https://www.virustotal.com/gui/file/a823ff5756905bad53e7dde4c8fafb372aedf8cdb51d8746bf8eece5d5c79736/detection

http://47.110.247.171

# Reference: https://www.virustotal.com/gui/file/090b96986b0537a32c692d13a7025755e3f36e43afc47855ea1ee77635bb9312/detection

31.222.235.218:587
novochrom.us
mail.novochrom.us
