# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.welivesecurity.com/2019/03/11/gaming-industry-scope-attackers-asia/

api.goallbandungtravel.com
bugcheck.xigncodeservice.com
dump.gxxservice.com
nw.infestexe.com
checkin.travelsanignacio.com
/Common/Lib/Common_bsod.php
/Common/Lib/Common_Include.php

# Reference: https://www.symantec.com/security-center/writeup/2011-102716-2809-99

lp.apanku.com
ad.jcrsoft.com
rh.jcrsoft.com
bot.timewalk.me
b0t.meibu.com

# Reference: https://securelist.com/winnti-more-than-just-a-game/37029/

jp.xxoo.co
kr.xxoo.co
us.nhntech.com
newpic.dyndns.tv
lp.zzsoft.info
ru.gcgame.info
update.ddns.net
lp.gasoft.us
kr.jcrsoft.com
nd.jcrsoft.com
eya.jcrsoft.com
wm.ibm-support.net
cc.nexoncorp.us
ftpd.9966.org
fs.nhntech.com
kr.zzsoft.info
docs.nhnclass.com
as.cjinternet.us
wi.gcgame.info
rh.jcrsoft.com
ca.zzsoft.info
tcp.nhntech.com
wm.nhntech.com
sn.jcrsoft.com
ka.jcrsoft.com
wm.myxxoo.com
lp.apanku.com
my.zzsoft.info
ka.zzsoft.info
sshd.8866.org
jp.jcrsoft.com
ad.jcrsoft.com
ftpd.6600.org
su.cjinternet.us
my.gasoft.us
tcpiah.googleclick.net
vn.gcgame.info 	
rss.6600.org
ap.nhntech.com

# Reference: https://medium.com/@Sebdraven/winnti-uses-the-rtf-exploit-8-t-too-targets-vietnam-13300d432272
# Reference: https://otx.alienvault.com/pulse/5d3754868fc025df351b747e

goog1eupdate.com

# Reference: https://twitter.com/daphiel/status/1162875379872387075

google-searching.com

# Reference: https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf
# Reference: https://otx.alienvault.com/pulse/5da4528788ac7149ce4894b7

dns1-1.7release.com
ssl.dyn-dns.co
ssl.dyn-dns.com
svn-dns.ahnlabinc.com
xp101.dyn-dns.co
xp101.dyn-dns.com
