# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: awaken, awaken botnet, nova stealer

# Reference: https://twitter.com/FalconFeedsio/status/1730894850210537615
# Reference: https://www.virustotal.com/gui/ip-address/163.5.121.98/relations

nova-sentinel.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.nova/ (# 2024-08-25)

185.196.9.97:3000
185.196.9.97:443
89.213.140.115.nerozix.ovh
89.213.140.115:443
92.249.48.64:3000
92.249.48.64:443
awaken-network.net
ieatpoop.info
nova-screen-webview.com
onsttuiona.com

# Reference: https://app.validin.com/detail?find=Welcome%20To%20Awaken%20Network&type=raw&ref_id=680bb72ecb9#tab=host_pairs_v2

http://151.80.169.179
http://5.42.104.194
http://79.137.4.100
92.249.48.68:3000
92.249.48.68:443

# Reference: https://x.com/NDA0E/status/1827810997358461006

92.249.48.63:2000
92.249.48.63:443
92.249.48.79:3000
92.249.48.79:443

# Reference: https://x.com/NDA0E/status/1828045352785838172

185.196.10.128:2000
185.196.10.128:443
185.196.10.129:3000
185.196.10.129:443

# Reference: https://x.com/NDA0E/status/1828678990233481217
# Reference: https://www.virustotal.com/gui/ip-address/185.196.10.129/relations
# Reference: https://www.virustotal.com/gui/file/1ba4ec20ab8135a867590acf31ea6dae7f89373e7fd9b570d2bc40cd311d2e35/detection

nova-nation.pro

# Reference: https://x.com/NDA0E/status/1828986289938481549
# Reference: https://x.com/NDA0E/status/1830642000539930759
# Reference: https://www.virustotal.com/gui/ip-address/185.196.10.128/relations

nova-nation.org
nova-nation.online
nova-stealer.cloud
nova-stealer.com
nova-stealer.tech
nova-stealer.xyz

# Reference: https://app.validin.com/detail?find=Hawkish&type=raw#tab=host_pairs_v2

hectorcat.online
jaimelecaca.com
