apt_xdspy.txt

# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.zdnet.com/article/eset-discovers-a-rare-apt-that-stayed-undetected-for-nine-years/
# Reference: https://www.welivesecurity.com/2020/10/02/xdspy-stealing-government-secrets-since-2011/
# Reference: https://github.com/eset/malware-ioc/tree/master/xdspy/
# Reference: https://vblocalhost.com/uploads/VB2020-Faou-Labelle.pdf
# Reference: https://otx.alienvault.com/pulse/5f7b6dec91a6842be8aa386c
# Reference: https://cert.by/?p=1458 (Russian)

365downloading.com
boborux.com
chtcc.net
cracratutu.com
daftsync.com
documentsklad.com
download-365.com
downloadsprimary.com
dropsklad.com
easytosay.org
ferrariframework.com
file-download.org
filedownload.email
getthatupdate.com
jerseygameengine.com
maiwegwurst.com
migration-info.com
minisnowhair.com
nomatterwhat.info
officeupdtcentr.com
seatwowave.com
theslideshare.com
wildboarcontest.com

# Reference: https://twitter.com/t3ft3lb/status/1578448091476131841
# Reference: https://www.virustotal.com/gui/file/6d975d2b3557bc3eebc8b24fdafca6244c9a0f485a0a6406c0fe12f41f6ae5d0/detection

best-downloader.com
download24center.com
global-downloader.com
my1businessconnection.com

# Reference: https://twitter.com/t3ft3lb/status/1640373954018770945
# Reference: https://www.virustotal.com/gui/file/60f2a6de283d37aba090db3be84a2da761717f20d6cfed002d4d0ef3a139f626/detection

just-downloads.com

# Reference: https://x.com/malwrhunterteam/status/1816855989859106913
# Reference: https://x.com/t3ft3lb/status/1817943106181861704
# Reference: https://www.virustotal.com/gui/file/a08029b0a01228a2a4904da723862dcd0e7b8de2b825bb6a70ec5148737cc5de/detection

sbordokumentov.com