# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.trendmicro.com/en_us/research/22/e/examining-the-black-basta-ransomwares-infection-routine.html
# Reference: https://otx.alienvault.com/pulse/627b9512a86a3f40b4981328

aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion

# Reference: https://quadrantsec.com/resource/technical-analysis/black-basta-malware-overview
# Reference: https://otx.alienvault.com/pulse/63dd5bec114b33d472f59ea8

danimos.com
gerhiles.com
zedorocop.com

# Reference: https://twitter.com/ian_kenefick/status/1722771468822434056

blockcentersys.net
buyadvisershop.net
gift4animals.com
neobeelab.net
prettyanimals.net
startuptechnologyw.net
stockinvestlab.net

# Reference: https://twitter.com/ian_kenefick/status/1734745719016136986

allcompanycenter.com
getfnewssolutions.com

# Reference: https://twitter.com/RakeshKrish12/status/1767807831309259148

databasebb.top

# Reference: https://x.com/RakeshKrish12/status/1793169588219486469

onlylegalstuff.top

# Reference: https://x.com/Threatlabz/status/1799108556698120648
# Reference: https://github.com/threatlabz/ransomware_notes/blob/main/blackbasta/instructions_read_me.txt

bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion

# Reference: https://x.com/RakeshKrish12/status/1806216139581669867
# Reference: https://justpaste.it/943vz
# Reference: https://www.virustotal.com/gui/ip-address/185.68.93.185/relations
# Reference: https://www.virustotal.com/gui/ip-address/185.68.93.191/relations

6y2qjrzzt4inluxzygdfxccym5qjy2ltyae7vnxtoyeotfg3ljwqtaid.onion
onlylegalstuff3.top
stuffstevenpeters2.top
