forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathandroid_riltok.txt
107 lines (81 loc) · 2.78 KB
/
android_riltok.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Reference: https://securelist.com/mobile-banker-riltok/91374/
alr992.date
avito-app.pw
backfround2.pw
background1.xyz
blacksolider93.com
blass9g087.com
brekelter2.com
broplar3hf.xyz
buy-youla.ru
cd78cg210xy0.com
copsoiteess.com
farmatefc93.org
firstclinsop.com
holebrhuhh3.com
holebrhuhh45.com
karambga3j.net
le22999a.pw
leboncoin-bk.top
leboncoin-buy.pw
leboncoin-cz.info
leboncoin-f.pw
leboncoin-jp.info
leboncoin-kp.top
leboncoin-ny.info
leboncoin-ql.top
leboncoin-tr.info
myyoula.ru
sell-avito.ru
sell-youla.ru
sentel8ju67.com
subito-li.pw
subitop.pw
web-gumtree.com
whitehousejosh.com
whitekalgoy3.com
youlaprotect.ru
# Reference: https://twitter.com/benkow_/status/1151047351341072385
# Reference: https://twitter.com/benkow_/status/1151049415345524736
# Reference: https://pastebin.com/Yy4HBYaj
^[a-z]{1,3}\-leboncoin\.(com|info|me|top)$
^leboncoin\-[a-z]{1,3}\.(com|info|me|top)$
# Reference: https://twitter.com/benkow_/status/1143805261024546816
/3lfk3jGj/
# Reference: https://twitter.com/sh1shk0va/status/1196385062457085953
www-willhaben.com
# Reference: https://www.virustotal.com/gui/file/c800581436c42547b16b4792543896a27b18b21dee01dda5458486d4152b5f53/detection
analkarnavalbubenec.pw
# Reference: https://www.virustotal.com/gui/file/3ea2f45fb183c5478568dd0d87c3a943180b53d0641961b9577da0c98456a184/detection
abrakadabra.pw
# Reference: https://www.virustotal.com/gui/file/f79342ecd3c84a175af4657a6e0d64018abd3e4d4ed4e92ee373e2ec3ea71fc1/detection
abrakakj3123r.com
# Reference: https://www.virustotal.com/gui/file/54971798ee22ab8a2571b677f654859859c5559003ce33cfe6b948085745cc04/detection
abrakakjenber.com
# Reference: https://www.virustotal.com/gui/file/96b662d71d994540026ab06b9220c58df5e22f2e92bedd1463b500a440e9ce94/detection
abrakadabras.net
# Reference: https://twitter.com/malwrhunterteam/status/1394420528925061128
# Reference: https://twitter.com/bl4ckh0l3z/status/1394758637214650373
# Reference: https://www.virustotal.com/gui/file/c800581436c42547b16b4792543896a27b18b21dee01dda5458486d4152b5f53/detection
karambga3j.net
lkrishtian1.com
lkrishtifaa.com
/relise2319/bee/
# Reference: https://twitter.com/malwrhunterteam/status/1417189285619539968
# Reference: https://www.virustotal.com/gui/file/854e71657a675dcb700414ed81ed5c30e3738b0524b1d50485c3f6e14c69f400/detection
blebhebroolab.com
# Reference: https://malware.news/t/inside-view-of-brazzzersff-infrastructure/62431
tuneappservice.org
/l3k42hj56h634gkj2lk14356jk4gh23k5jl6h4/gate.php
/l3k42hj56h634gkj2lk14356jk4gh23k5jl6h4/
# Generic (heur) detection
/admindo/login.php
/relise2319/gate.php
/relise2319/gating.php
/3lfk3jGj/gate.php
/3lfk3jGj/gating.php
/3lfk3jGj/report.php
/3lfk3jGj/
/relise2319/