The following is all the associated ransomware themed domains known to have been associated with Iran's Afkar System Yazd Co ransomware.
Sample domains known to have been involved in the campaign include:
hxxp://newdesk.top
hxxp://onedriver-srv.ml
hxxp://symantecserver.co
hxxp://microsoft-updateserver.cf
hxxp://msupdate.us
hxxp://service-management.tk
hxxp://aptmirror.eu
hxxp://winstore.us
hxxp://my-logford.ml
hxxp://gupdate.us
hxxp://tcp443.org
Sample email address accounts known to have been involved in the campaign include:
amirbitminer[.]gmail.com
thund3rz[.]protonmail.com