From 7fa33da7a501c318eab24f3d6968b0be0e051937 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Tue, 27 Sep 2016 15:28:44 +0200
Subject: [PATCH] Adding new static (malware) trails

---
 core/settings.py                        |  2 +-
 trails/static/malware/almalocker.txt    |  6 ++++++
 trails/static/malware/cryptinfinite.txt |  6 ++++++
 trails/static/malware/hinired.txt       |  6 ++++++
 trails/static/malware/misogow.txt       |  6 ++++++
 trails/static/malware/odcodc.txt        |  6 ++++++
 trails/static/malware/osx_keydnap.txt   |  6 ++++++
 trails/static/malware/phytob.txt        | 10 ++++++++++
 trails/static/malware/picgoo.txt        |  6 ++++++
 trails/static/malware/satana.txt        |  6 ++++++
 trails/static/malware/scarcruft.txt     |  7 +++++++
 trails/static/malware/troldesh.txt      |  6 ++++++
 trails/static/malware/zcrypt.txt        |  6 ++++++
 trails/static/malware/zombrari.txt      |  6 ++++++
 14 files changed, 84 insertions(+), 1 deletion(-)
 create mode 100644 trails/static/malware/almalocker.txt
 create mode 100644 trails/static/malware/cryptinfinite.txt
 create mode 100644 trails/static/malware/hinired.txt
 create mode 100644 trails/static/malware/misogow.txt
 create mode 100644 trails/static/malware/odcodc.txt
 create mode 100644 trails/static/malware/osx_keydnap.txt
 create mode 100644 trails/static/malware/phytob.txt
 create mode 100644 trails/static/malware/picgoo.txt
 create mode 100644 trails/static/malware/satana.txt
 create mode 100644 trails/static/malware/scarcruft.txt
 create mode 100644 trails/static/malware/troldesh.txt
 create mode 100644 trails/static/malware/zcrypt.txt
 create mode 100644 trails/static/malware/zombrari.txt

diff --git a/core/settings.py b/core/settings.py
index d31c03595726..2859375d424d 100644
--- a/core/settings.py
+++ b/core/settings.py
@@ -24,7 +24,7 @@
 trails = TrailsDict()
 
 NAME = "Maltrail"
-VERSION = "0.10.135"
+VERSION = "0.10.136"
 SERVER_HEADER = "%s/%s" % (NAME, VERSION)
 DATE_FORMAT = "%Y-%m-%d"
 ROTATING_CHARS = ('\\', '|', '|', '/', '-')
diff --git a/trails/static/malware/almalocker.txt b/trails/static/malware/almalocker.txt
new file mode 100644
index 000000000000..388d45e973cf
--- /dev/null
+++ b/trails/static/malware/almalocker.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-082311-3451-99&tabid=2
+
+jjuwnj2ejjmafg74.onion.link
\ No newline at end of file
diff --git a/trails/static/malware/cryptinfinite.txt b/trails/static/malware/cryptinfinite.txt
new file mode 100644
index 000000000000..0ea74a3a5ef7
--- /dev/null
+++ b/trails/static/malware/cryptinfinite.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2015-112307-3527-99&tabid=2
+
+qbstdn6k7iivyki2.onion.direct
\ No newline at end of file
diff --git a/trails/static/malware/hinired.txt b/trails/static/malware/hinired.txt
new file mode 100644
index 000000000000..d6200fa7baed
--- /dev/null
+++ b/trails/static/malware/hinired.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-071103-2254-99&tabid=2
+
+ritratrecre.com
\ No newline at end of file
diff --git a/trails/static/malware/misogow.txt b/trails/static/malware/misogow.txt
new file mode 100644
index 000000000000..928d57f0cf38
--- /dev/null
+++ b/trails/static/malware/misogow.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-080909-0507-99&tabid=2
+
+msdtsgo.news-pv.com
\ No newline at end of file
diff --git a/trails/static/malware/odcodc.txt b/trails/static/malware/odcodc.txt
new file mode 100644
index 000000000000..7884f6e6831c
--- /dev/null
+++ b/trails/static/malware/odcodc.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-060612-3959-99&tabid=2
+
+inststats.com
\ No newline at end of file
diff --git a/trails/static/malware/osx_keydnap.txt b/trails/static/malware/osx_keydnap.txt
new file mode 100644
index 000000000000..5fb0f5f87840
--- /dev/null
+++ b/trails/static/malware/osx_keydnap.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-070706-5326-99&tabid=2
+
+g5wcesdfjzne7255.onion.to
\ No newline at end of file
diff --git a/trails/static/malware/phytob.txt b/trails/static/malware/phytob.txt
new file mode 100644
index 000000000000..96321a5b41de
--- /dev/null
+++ b/trails/static/malware/phytob.txt
@@ -0,0 +1,10 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-042121-3315-99&tabid=2
+
+q3etw3zghw5rxy4w.onion
+ozqlf5axsagtaa63.onion
+dg5gw4nbnh4uo7rd.onion
+t4zuoxiiltbyhoss.onion
+hsykss52ymubdlog.onion
\ No newline at end of file
diff --git a/trails/static/malware/picgoo.txt b/trails/static/malware/picgoo.txt
new file mode 100644
index 000000000000..4efdf37d8a0b
--- /dev/null
+++ b/trails/static/malware/picgoo.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-062921-0532-99&tabid=2
+
+exodus99.ru
\ No newline at end of file
diff --git a/trails/static/malware/satana.txt b/trails/static/malware/satana.txt
new file mode 100644
index 000000000000..954e63f5ba70
--- /dev/null
+++ b/trails/static/malware/satana.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-063002-4327-99&tabid=2
+
+185.127.26.186/add.php
\ No newline at end of file
diff --git a/trails/static/malware/scarcruft.txt b/trails/static/malware/scarcruft.txt
new file mode 100644
index 000000000000..d64601a29ec5
--- /dev/null
+++ b/trails/static/malware/scarcruft.txt
@@ -0,0 +1,7 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-063014-0934-99&tabid=2
+
+sync.appchecks.rr.nu
+/checksync/v2/
\ No newline at end of file
diff --git a/trails/static/malware/troldesh.txt b/trails/static/malware/troldesh.txt
new file mode 100644
index 000000000000..858d5100a3af
--- /dev/null
+++ b/trails/static/malware/troldesh.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2015-060408-1522-99&tabid=2
+
+gxyvmhc55s4fss2q.onion
\ No newline at end of file
diff --git a/trails/static/malware/zcrypt.txt b/trails/static/malware/zcrypt.txt
new file mode 100644
index 000000000000..1efe680bb7c7
--- /dev/null
+++ b/trails/static/malware/zcrypt.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-052722-4205-99&tabid=2
+
+poiuytrewq.ml
\ No newline at end of file
diff --git a/trails/static/malware/zombrari.txt b/trails/static/malware/zombrari.txt
new file mode 100644
index 000000000000..066d4b5fe2d6
--- /dev/null
+++ b/trails/static/malware/zombrari.txt
@@ -0,0 +1,6 @@
+# Copyright (c) 2014-2016 Miroslav Stampar (@stamparm)
+# See the file 'LICENSE' for copying permission
+
+# Reference: https://www.symantec.com/security_response/writeup.jsp?docid=2016-081512-0530-99&tabid=2
+
+z8606.com
\ No newline at end of file