# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://github.com/eset/malware-ioc/tree/master/glupteba

ostdownload.xyz
travelsreview.world
bigdesign.website
sportpics.xyz
kinosport.top
0ev.ru
0df.ru
0d2.ru
0d9.ru
financialtimesguru.com
burnandfire5.com

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/glupteba-campaign-hits-network-routers-and-updates-cc-servers-with-data-from-bitcoin-transactions/
# Reference: https://otx.alienvault.com/pulse/5d6fab77e045042a3b8969f5

bigtext.club
blackempirebuild.com
clubhouse.site
keepmusic.xyz
lienews.world
nxtfdata.xyz
okonewacon.com
phonemus.net
playfire.online
takebad1.com
venoxcontrol.com

# Reference: https://twitter.com/James_inthe_box/status/1171831864945827840

techmega.xyz

# Reference: https://www.cybereason.com/blog/glupteba-expands-operation-and-toolkit-with-lolbins-cryptominer-and-router-exploit
# Reference: https://otx.alienvault.com/pulse/5d7f9d70c73b107dec8cab9d

blackempirebuild.com
fstyline.xyz
okonewacon.com
postnews.club
roundworld.club
venoxcontrol.com
weekdanys.com

# Reference: https://github.com/silence-is-best/c2db#glupteba

/bots/post-ia-data
