# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: purelogs stealer

# Reference: https://twitter.com/malwrhunterteam/status/1596269879824465922
# Reference: https://twitter.com/JAMESWT_MHT/status/1596438280903557141
# Reference: https://www.virustotal.com/gui/file/c620ce8ecbaa3ee3b92126091c7686e3bdfa23e188914f072ba2d90f05d18f9d/detection

http://195.201.23.210
download-files-pdf.de
sicherer-download-pdf.de
srv-fattureincloud.de
/ld9sja87s/dialogue/book
/ld9sja87s/dialogue/start
/ld9sja87s/dialogue/
/ld9sja87s/

# Reference: https://twitter.com/VirITeXplorer/status/1603321790490714113
# Reference: https://twitter.com/VirITeXplorer/status/1603322834046033923
# Reference: https://twitter.com/Gi7w0rm/status/1603381798343528450

195.201.23.210:5699
337727.seu2.cleverreach.com
downloadpdf-fattura.de

# Reference: https://blog.cluster25.duskrise.com/2022/12/22/an-infostealer-comes-to-town
# Reference: https://otx.alienvault.com/pulse/63a5b068e163450bbea073da
# Reference: https://www.virustotal.com/gui/file/d3aa8fca03e9eb9911bbb51302d703afa9c04ce94d94ce6c3cd5086999e49471/detection

http://116.203.19.97
service-fatturecloud.de
utente.service-fatturecloud.de

# Reference: https://twitter.com/VirITeXplorer/status/1612840654563860482
# Reference: https://twitter.com/VirITeXplorer/status/1612841897055195142

195.201.23.210:5200
lkvbb-lkvbb.de

# Reference: https://www.virustotal.com/gui/file/9bbd2fc484077da329ae3658122614fa1f9f9dfe9e3ebfb982a69d32fc55a66b/detection

chaifoomasho.foundation
eiseesaeheeg.fun

# Reference: https://www.virustotal.com/gui/file/38c45f56be6ea967ae74559abbc0eace9f0bd9d304b2cf918229366f2feb11fb/detection

puredating.top
