From 92f0b45e423f54d5d6caae5ea9d206ff41850a4e Mon Sep 17 00:00:00 2001
From: Scott Petty <rspetty@student.hagerstowncc.edu>
Date: Mon, 8 Jul 2024 16:39:03 -0400
Subject: [PATCH 1/2] add domains related to Godzilla Loader hosted at
 91.215.85.223 to wildcard.list

---
 source/malicious/wildcard.list | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/source/malicious/wildcard.list b/source/malicious/wildcard.list
index 750aea57e0d..4af910d1c81 100644
--- a/source/malicious/wildcard.list
+++ b/source/malicious/wildcard.list
@@ -205,6 +205,7 @@ b7sw8.top
 b9hvf.top
 ba97abc3263.duckdns.org
 baathman2121.duckdns.org
+badhabits.ug
 bagar.shop
 balances.duckdns.org
 balladobandis.shop
@@ -264,6 +265,7 @@ boxcracked.com
 br-santandernet.duckdns.org
 brainshoping3.xyz
 brandclick.com
+bratiop.ru
 brfdkk45tf.click
 bright-sdk.com
 brightdata.com
@@ -293,6 +295,7 @@ cgb.com.bd
 cgmg8.top
 chauksoa.net
 chcracked.com
+check-time.ru
 chesstop4.xyz
 childday2.xyz
 chrome-error.online
@@ -407,6 +410,7 @@ desbiens123.net
 detty.co
 dew3hy6.cfd
 dfhduh.xyz
+dgkhj.ru
 dgs90.top
 dialogfosti.click
 diligere.co.uk
@@ -672,6 +676,7 @@ hotsalad2.xyz
 housemetro3.xyz
 hsdps.cc
 huaweiclub.ru
+hubvera.ac.ug
 hue1g.top
 huhno.top
 humordog.xyz
@@ -767,6 +772,7 @@ k50c8s2p7.cfd
 k7l1y.top
 kalicrack.com
 karatoa.com.bd
+karimgouss.ug
 kaspersky-cleaner.ru
 kaspianchoob.com
 keapeiros.xyz
@@ -816,6 +822,7 @@ labsaidharm.live
 landmarkgroup.com.bd
 landscape-wallpaper.com
 lanno.co
+lastimaners.ug
 lavaalchemist.top
 layerzero.network
 ledgerlive.mobi
@@ -857,6 +864,7 @@ magnite.shop
 mahcrack.com
 main-hosting.eu
 majorinryesopert.com
+malayska.ug
 maliksofts.com
 malwarebytes.com
 malwarepatrol.net
@@ -868,6 +876,7 @@ mapcentre.ru
 mapsrch.com
 marafonec.com
 markone.com.bd
+marksidfgs.ug
 mateyhecrie.xyz
 maturerussia.com
 maxdebrid.com
@@ -916,6 +925,7 @@ mirzaenterprises.pk
 miseri.duckdns.org
 missadventuretravel.com
 missnarcisse.ru
+mistitis.ug
 mixer-novostei.ru
 mjiu876tyh.pro
 mlusae.xyz
@@ -1512,6 +1522,7 @@ niceanimegames.com
 nicetab.live
 nicolasartori.it
 nicolasi.com
+nicoslag.ru
 nicsorts-accarade.com
 nifera.ru
 nificincreasi.club
@@ -1645,7 +1656,9 @@ onrunningshop.com
 opc0r.top
 openfiletab.live
 opensurge2d.org
+opesjk.ug
 opmnstr.com
+opsdjs.ug
 optimisim.io
 optinmonster.com
 optmnstr.com
@@ -1678,6 +1691,7 @@ p5kahbsjdasd5p.monster
 p5tvhrlw30h.click
 packagetracker.pro
 pacosystem.es
+paipaisdvzxc.ru
 panyinadiingsinspi.com
 paralleleventsm10.ru
 parkcandy3.xyz
@@ -1685,6 +1699,8 @@ parklaneupholstemk.com
 parknepal3.xyz
 parkquestions3.xyz
 parlajn-sberbank.ru
+partaususd.ru
+pastratas.ac.ug
 patchcracks.com
 patientsale4.xyz
 patodns2018.duckdns.org
@@ -1713,6 +1729,7 @@ pirate-bay-proxy.org
 piratpc.com
 pizzaday2.xyz
 playoflight.ru
+playwell.ug
 pmpackaging.ru
 poderxtremo.duckdns.org
 podmikroskopom.ru
@@ -1762,6 +1779,7 @@ pufhk.top
 punks-2023.com
 purgeblood.duckdns.org
 q18px.top
+qd34gf23ewrfsd1233.ru
 qr-captcha.com
 qse7e.top
 quasir.info
@@ -1773,6 +1791,8 @@ quickspeedtest.net
 quickspeedtest.org
 qusi.duckdns.org
 qusi007.duckdns.org
+qwertasd.ru
+qwerty12346.ru
 qweruiop.duckdns.org
 qyt8i.top
 r1i6t.top
@@ -1991,6 +2011,9 @@ thetrafficstat.net
 thewinjackpot.life
 thiscrack.com
 tic.com.ua
+timebound.ug
+timecheck.ug
+timekeeper.ug
 timekids-gps.ru
 tipslife.ru
 tk164.top
@@ -2028,6 +2051,7 @@ transport-trust.ru
 travelday2.xyz
 trendingentertainers.com
 trest777.ru
+triathlethe.ug
 trk-amropode.com
 trk-bistiona.com
 trk-essursta.com
@@ -2040,6 +2064,7 @@ ts906.top
 tscl.com.bd
 ttaum.top
 tubeflix.site
+tuskslacx.ug
 turkeybazar.com.bd
 turmouse.ru
 turok.ru
@@ -2136,6 +2161,7 @@ wdmtg.top
 webrecepty.info
 websearchextension.info
 webwidgetz.duckdns.org
+wellplayed.ug
 welovetop4.xyz
 westlandstorage2018.xyz
 wgiauto.com
@@ -2255,3 +2281,4 @@ zqf9x95n.cfd
 zscracked.com
 zslicencekey.com
 zulmaran.shop
+zxvbcrt.ug

From c72b12aa40a5f608ce089380bed2aae469b672ef Mon Sep 17 00:00:00 2001
From: Scott Petty <rspetty@student.hagerstowncc.edu>
Date: Mon, 8 Jul 2024 16:41:18 -0400
Subject: [PATCH 2/2] add-91.215.85.223-and-related-domains-to-malicious-lists
 40bc37a11d4] add 91.215.85.223, the IP that is hosting Godzilla Loader, to
 rpz-ip; add bratiop.ru, check-time.ru, dgkhj.ru, nicoslag.ru,
 paipaisdvzxc.ru, partaususd.ru, qd34gf23ewrfsd1233.ru, qwertasd.ru,
 qwerty12346.ru, hubvera.ac.ug, pastratas.ac.ug, badhabits.ug, karimgouss.ug,
 lastimaners.ug, malayska.ug, marksidfgs.ug, mistitis.ug, opesjk.ug,
 opsdjs.ug, playwell.ug, timebound.ug, timecheck.ug, timekeeper.ug,
 triathlethe.ug, tuskslacx.ug, wellplayed.ug, and zxvbcrt.ug to
 add-wildcard-domain

---
 source/malicious/rpz-ip | 1 +
 1 file changed, 1 insertion(+)

diff --git a/source/malicious/rpz-ip b/source/malicious/rpz-ip
index 282898744b5..9d3118835fc 100644
--- a/source/malicious/rpz-ip
+++ b/source/malicious/rpz-ip
@@ -3,6 +3,7 @@
 32.154.197.137.79
 32.190.115.122
 32.203.218.244.35
+32.223.85.215.91
 32.252.120.219.3
 32.28.115.81.185
 32.36.105.208.18