# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: observer stealer

# Reference: https://twitter.com/GroupIB_TI/status/1662098952852852737

5.42.64.41:1234
77.73.134.51:1234

# Reference: https://twitter.com/0xrb/status/1665592247881203713

91.215.85.38:1234

# Reference: https://twitter.com/Jane_0sint/status/1666019485583659008
# Reference: https://app.any.run/tasks/5728c30e-00c1-4f87-9522-ff8b9e08fa32/

5.42.64.41:1337

# Reference: https://twitter.com/0xrb/status/1669273033285197825

179.43.155.205:81

# Reference: https://twitter.com/g0njxa/status/1672208795680882688
# Reference: https://twitter.com/Jane_0sint/status/1673575414290350080
# Reference: https://app.any.run/tasks/8e7b5441-9ed1-4c65-8f0c-a76d3a1627fe/
# Reference: https://app.any.run/tasks/b366feb6-0b12-4ab7-a1d6-785f50a2b5fe/

91.103.252.16:2425

# Reference: https://twitter.com/0xrb/status/1674665596322209793

91.103.252.16:2424

# Reference: https://twitter.com/ViriBack/status/1751711679979696598
# Reference: https://app.any.run/tasks/7a36fb55-3738-4f40-b760-b443689c9edd/
# Reference: https://www.virustotal.com/gui/file/5b2b8a4d5b8375a3ac2ce68b93cdbfdc8fd13d1cf4ea1a6a61bd784aa495dbfb/detection
# Reference: https://www.virustotal.com/gui/file/bb17d47f10fefcee4c883f93f2989e753b969298dd70262ae00696dd482dc9b4/detection

5.42.66.25:3000
