# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.reversinglabs.com/blog/operation-brainleeches-malicious-npm-packages-fuel-supply-chain-and-phishing-attacks

http://137.184.153.238
137.184.153.238:443
brainleeches.xyz
ourwhite.brainleeches.xyz

# Reference: https://blog.sonatype.com/npm-packages-caught-exfiltrating-kubernetes-config-ssh-keys
# Reference: https://blog.phylum.io/sensitive-data-exfiltration-campaign-targets-npm-and-pypi/

threatest.com
app.threatest.com
down.threatest.com
cjq18vv2vtc0000pszdggkb7ssayyyyyd.oast.fun

# Reference: https://blog.phylum.io/persistent-npm-campaign-shipping-trojanized-jquery/

addpack.newrxl.online
ajax.failexpect.biz.id
anti-spam.truex.biz.id
api-bo.my.id
api-system.engineer
api-web-vrip.hanznesia.my.id
api.codatuys.biz.id
api.iimg.my.id
api.jstyy.xyz
api.newrxl.online
apii-pandawara.ganznesia.my.id
apii.codatuys.cab
apii.fukaes.ninja
apiiiwebterbaru2024.duckdns.org
apiweb.eventtss.my.id
codatuys.cab
cssimage.dimashost.xyz
dana-dompet-digital.qxue.biz.id
danu.eventtss.my.id
denii.biz.id
dimashost.xyz
ditzzultimate.xyz
dmdpanel.my.id
eventtss.my.id
failexpect.biz.id
fukaes.ninja
ganznesia.my.id
icikipoxx.pw
iimg.my.id
irisainginbos.icikipoxx.pw
jqbzu-18.cfd
jstyy.xyz
klikmelanjutkan-klik.sahdk.my.id
lngss.my.id
lnpss.my.id
log.api-system.engineer
log.systems-alexhost.xyz
nd.api-system.engineer
newrxl.online
newww.my.id
ns.api-system.engineer
panel-host.clannesia.com
panel-host.dmdpanel.my.id
panel.api-bo.my.id
paneljs.dimashost.xyz
paneljs.hanznesia.my.id
patipride.icikipoxx.pw
pokemon.denii.biz.id
project.systemgoods.me
pukil.dannew.biz.id
qxue.biz.id
sahdk.my.id
saystem.ditzzultimate.xyz
system-alexhosting.biz.id
systemgoods.me
systemport.duckdns.org
systems-alexhost.xyz
terbarucuy.terbaruxx.my.id
terbaruxx.biz.id
terbaruxx.cafegt.my.id
terbaruxx.hydickyy.my.id
terbaruxx.iwvx77.cfd
terbaruxx.jqbzu-18.cfd
terbaruxx.lngss.my.id
terbaruxx.lnpss.my.id
terbaruxx.my.id
terbaruxx.newww.my.id
terbaruxx.newxxx.online
terbaruxx.x-vip.my.id
truex.biz.id
