# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/James_inthe_box/status/1605596153567117312
# Reference: https://flashpoint.io/blog/risepro-stealer-and-pay-per-install-malware-privateloader/

gamefilescript.com
neo-files.com

# Reference: https://blog.sekoia.io/new-risepro-stealer-distributed-by-the-prominent-privateloader/

http://108.174.198.132
http://108.174.199.249
http://108.174.200.11
accesstostofilestorage.com
best24-files.com
boost-files.com
elite-hacks.ru
factor1right.com
filecryptobur.com
files-rate.com
files-sender.com
filesredproflex.com
filessite.com
filessoftpc.com
filesuk.com
fileswhiteprosoft.com
first-mirror.com
fixgroupfactor.com
fvp-files.com
get-24files.com
get-files24.com
gg-download.com
gg-loader.com
greatsofteasy.com
gs24softeasy.com
hero-files.com
jojo-files.com
m-rise.pro
my-rise.cc
my-rise.pro
myrise.pro
pickofiles.com
pin-files.com
pu-file.com
qd-file.com
rate-files.com
smartfilegen.com
socialfiletest.com
softs-portal.com
speedtestfile.com
teleportsoft.com
testitsoft.com
torggissoft.com
uc-files.com
uni-files.com
upxlead.com
vi-files.com
vip-space.com
webproduct25.com
xx1-files.com
api.my-rise.cc

# Reference: https://twitter.com/James_inthe_box/status/1625235716379930624
# Reference: https://app.any.run/tasks/236e360f-e88e-4d24-bca2-66431114e22a/

d-rise.cc
/MWTSL/get_marks.php

# Reference: https://tria.ge/230302-ra5vmacg9y/behavioral1

http://94.142.138.113

# Reference: https://twitter.com/Jane_0sint/status/1667565169461919746
# Reference: https://app.any.run/tasks/44c1fb6d-7771-47d0-ab9d-bb0d2fc98e82/

194.169.175.128:50500

# Reference: https://app.any.run/tasks/7fa313e3-fa28-493f-ae5a-a66525b29fd5/

194.169.175.133:50500

# Reference: https://twitter.com/powershellcode/status/1682017018562715654

194.169.175.128:8081
38.47.220.202:8081
79.110.49.141:8081

# Reference: https://app.any.run/tasks/07d48cef-8f74-4755-96c9-c793a8ede462/

http://45.15.156.229
