# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.f-secure.com/weblog/archives/00002793.html

angryflo.ru
reggpower.su

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Fareit-CAD/detailed-analysis.aspx

dhfgfgshds.top

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Fareit-AAJ/detailed-analysis.aspx

sandrethe.ru

# Reference: https://blog.talosintelligence.com/2018/09/threat-roundup-0914-0921.html (Win.Dropper.Fareit-6688124-0)

aerolitigate.com
anotherlscreation.com
businessintuitive.expert
instrovate.com
maisonlecallennec.com
meesebyte.com
mufflerbrothersbellbrook.net
mxauny.men
weltho.com
ybnonline.com
weltho.com

# Reference: https://twitter.com/JAMESWT_MHT/status/1050332889844465664

spimports.com.br/age/panel/gate.php

# Reference: https://www.cyren.com/blog/articles/iceland-police-phishing-attack-targets-bank-credentials
# Reference: https://www.virustotal.com/#/file/53cf32ce0c34df94422c43e295e928c69c7b1b2090cf6943000470f7e0128d67/relations

iam.shadesoul.online
heis.shadesoul.online
the.shadesoul.online

# Reference: https://blog.talosintelligence.com/2019/05/threat-roundup-0426-to-0503.html (# Win.Malware.Fareit-6958493-0)

snooper112.ddns.net
harryng.ddns.net
icabodgroup.hopto.org
popen.ru
hfgdhgjkgf.ru
rtyrtygjgf.ru
