# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://research.checkpoint.com/2022/cloudguard-spectral-detects-several-malicious-packages-on-pypi-the-official-software-repository-for-python-developers/
# Reference: https://securelist.com/two-more-malicious-python-packages-in-the-pypi/107218/

65.1.221.11:1337
utilities.tk
zerotwo-best-waifu.online

# Reference: https://www.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk

http://54.254.189.27
54.254.189.27:443

# Reference: https://blog.cyble.com/2023/05/03/new-kekw-malware-variant-identified-in-pypi-package-distribution/

blackcap.ru
kekwltd.ru

# Reference: https://www.reversinglabs.com/blog/vmconnect-malicious-pypi-packages-imitate-popular-open-source-modules
# Reference: https://otx.alienvault.com/pulse/64d26652e33287d2d5ca7fe7

deliworkshopexpress.xyz
ethertestnet.pro

# Generic

/dsc_injection
/wap/dsc_injection
/wap/enner/injector
/wap/shatlegay/stealer
/wap/shatlegay/stealer123365
/shatlegay/stealer
/shatlegay/stealer123365
