# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: splinter

# Reference: https://github.com/BishopFox/sliver
# Reference: https://www.virustotal.com/gui/file/1c9cc7108392ca716a522ccfc93c15724fb18bafe8350301c2ced04803aa4040/detection

201.137.231.132:8888
letshack.ddns.net

# Reference: https://twitter.com/1ZRR4H/status/1450913137352392712
# Reference: https://pastebin.com/ZpsxzLZc
# Reference: https://www.malware-traffic-analysis.net/2021/10/20/index.html
# Reference: https://www.proofpoint.com/us/blog/security-briefs/ta551-uses-sliver-red-team-tool-new-activity

http://101.35.159.51
http://104.236.118.101
http://104.236.43.106
http://106.12.207.117
http://111.90.147.236
http://135.181.104.26
http://157.245.14.195
http://157.245.93.17
http://161.97.142.232
http://164.90.232.157
http://176.223.165.145
http://18.163.111.123
http://182.92.189.18
http://185.10.68.232
http://206.72.200.121
http://3.239.175.166
http://35.192.9.111
http://45.79.202.162
http://51.178.46.134
http://52.24.190.27
http://62.171.184.87
http://64.52.111.48
http://85.93.2.78
101.35.159.51:443
104.236.118.101:443
104.236.43.106:443
106.12.207.117:443
111.90.147.236:443
135.181.104.26:443
157.245.14.195:443
157.245.93.17:443
161.97.142.232:443
164.90.232.157:443
176.223.165.145:443
18.163.111.123:443
182.92.189.18:443
185.10.68.232:443
206.72.200.121:443
3.239.175.166:443
35.192.9.111:443
45.79.202.162:443
51.178.46.134:443
52.24.190.27:443
62.171.184.87:443
64.52.111.48:443
85.93.2.78:443
101.35.159.51:8080
104.236.118.101:8080
104.236.43.106:8080
106.12.207.117:8080
111.90.147.236:8080
135.181.104.26:8080
157.245.14.195:8080
157.245.93.17:8080
161.97.142.232:8080
164.90.232.157:8080
176.223.165.145:8080
18.163.111.123:8080
182.92.189.18:8080
185.10.68.232:8080
206.72.200.121:8080
3.239.175.166:8080
35.192.9.111:8080
45.79.202.162:8080
51.178.46.134:8080
52.24.190.27:8080
62.171.184.87:8080
64.52.111.48:8080
85.93.2.78:8080
ruwejo.com

# Reference: https://twitter.com/Max_Mal_/status/1500447223217278980
# Reference: https://www.virustotal.com/gui/file/7f0deab21a3773295319e7a0afca1bea792943de0041e22523eb0d61a1c155e2/detection
# Reference: https://www.virustotal.com/gui/file/d8241e046cb9efcfa7ce733249d580eacff996d8669adbe71019eedafb696a55/detection
# Reference: https://www.virustotal.com/gui/file/2190a7d8d7eafd4af56b01d9a828ab2dc553a804ccda4c291dce51ce01da81f8/detection
# Reference: https://www.virustotal.com/gui/file/1f95397c4634f3348f3001a02eab269148f4c08271c2e2461905a4359f7c4761/detection
# Reference: https://www.virustotal.com/gui/file/08137096b85a3a2611249bb57ba9ace4e8efc9ba28cfddd8557edc3e11e9690c/detection

176.113.115.107:8888
193.27.228.127:8888
