# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: meta stealer

# Reference: https://isc.sans.edu/diary/28522

193.106.191.162:1775

# Reference: https://twitter.com/r3dbU7z/status/1598702463158288384
# Reference: https://twitter.com/SinghSoodeep/status/1600821439766351872
# Reference: https://www.virustotal.com/gui/file/bde1d3e5fe7ae826dd534da40a93cb65ec35bf4e9441da62817effd10800b0ae/detection
# Reference: https://www.virustotal.com/gui/file/76c73380cc4deb30cbfbe8a7fd551da5aba1150505fb5b0b66599e4ba491848b/detection
# Reference: https://www.virustotal.com/gui/file/992c8f9fa72867910066a93163572a6feda8a9c4c6283da1042b2ba9117229c5/detection

185.200.190.185:1775
fled.store
gyaiaouyuakaeqgu.xyz
uosqysascuwmqgyk.xyz

# Reference: https://twitter.com/abuse_ch/status/1620450108134535169
# Reference: https://www.virustotal.com/gui/ip-address/185.206.145.96/relations
# Reference: https://www.virustotal.com/gui/file/58d74cb162b4d75b8857642c6ee0ff4107de8670f7b50b3c2e98c715c1555de5/detection

185.206.145.96:1775
gimptop.life
tor-brows.store
uiouaqcqqcgueweg.xyz

# Reference: https://twitter.com/AuCyble/status/1629111337203924992
# Reference: https://www.virustotal.com/gui/file/65c2dbec05a4949cc40e6817b66c3a2a3a99e73f6c500070b721107b2b09bc74/detection

45.138.74.170:12345
metamsoft.tech

# Generic

/tasks/get_worker
