# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: pxa stealer

# Reference: https://x.com/s1dhy/status/1857477125718290522
# Reference: https://blog.talosintelligence.com/new-pxa-stealer/
# Reference: https://github.com/Cisco-Talos/IOCs/blob/main/2024/11/new-pxa-stealer.txt

wis.aaawholesalecompany.com

# Generic

/Adonis/AdFnis_Bot
/Adonis/Adonis_Bot
/Adonis/Adonis_Bot0
/Adonis/Adonis_XW_ENC
/PXA/PXA_BOT
/PXA/PXA_PURE_ENC
/STC/STC_BOT
/STC/STC_OTO
/STC/STC_PUP
/STC/STC_PURE.b64
/STC/STC_PURE_ENC
/STC/STC_XW_ENC
