D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2024/08/13
※2024/08/13 更新
マルウェア感染させると考えられるURLを検知（2024/08/13）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://mlnb[.]donors[.]eucharisticjesus[.]net/orderReview
hxxps://lamaisonquilting[.]com/wp-admin/images/wfgth[.]php
hxxps://barelytherejewels[.]com/cdn-vs/original[.]js
hxxps://barelytherejewels[.]com/cdn-vs/main[.]php
hxxps://barelytherejewels[.]com/cdn-vs/download[.]php
hxxps://k1gkl25as[.]top/cdn-vs/download[.]php
hxxps://k1gkl25as[.]top/cdn-vs/original[.]js
hxxps://k1gkl25as[.]top/cdn-vs/main[.]php
hxxps://tuxwe[.]donors[.]eucharisticjesus[.]net/orderReview
hxxps://vrgj[.]donors[.]eucharisticjesus[.]net/orderReview
hxxps://pomsn[.]guide[.]borden-carleton[.]ca/orderReview
hxxps://rvn[.]living[.]miraclesofeucharisticjesus[.]org/orderReview
hxxps://jvzog[.]guide[.]borden-carleton[.]ca/orderReview
hxxps://elb[.]guide[.]borden-carleton[.]ca/orderReview
hxxps://qkz[.]guide[.]borden-carleton[.]ca/orderReview
FAKEUPDATES


URL
hxxp://104[.]248[.]205[.]66/index[.]php/wp?edit=92441867177748
hxxps://asmlholdings[.]top/mnBioUsiwqLpoD[.]exe
hxxps://asmlholdings[.]top/HIWdsakaNkispPOt[.]doc
hxxps://asmlholdings[.]top/mnBioUsiwqLpoD[.]doc
LokiBot


URL
hxxp://45[.]59[.]163[.]70/akjMWvMHPAOWbHbvg63[.]bin
hxxps://www[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin
hxxps://mail[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin
hxxps://manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin
hxxp://manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin
hxxp://mail[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin
hxxp://www[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin
hxxp://192[.]3[.]243[.]147/xampp/ks/89[.]hta
hxxps://192[.]3[.]243[.]147/xampp/ks/89[.]hta
hxxps://euro-fier-vechi[.]ro/images/cnt/AXrLSJWMEAMMF212[.]bin
hxxp://euro-fier-vechi[.]ro/images/cnt/AXrLSJWMEAMMF212[.]bin
hxxp://23[.]94[.]239[.]112/114/sahost[.]exe
hxxp://23[.]94[.]239[.]112/xampp/erg/IEnetwork[.]hta
hxxps://23[.]94[.]239[.]112/118/sahost[.]exe
hxxp://23[.]94[.]239[.]112/118/sahost[.]exe
hxxps://23[.]94[.]239[.]112/114/sahost[.]exe
hxxps://23[.]94[.]239[.]112/xampp/erg/IEnetwork[.]hta
hxxps://23[.]94[.]239[.]112/xampp/lmt/IEexplore[.]hta
hxxp://23[.]94[.]239[.]112/xampp/lmt/IEexplore[.]hta
hxxp://185[.]215[.]113[.]13/inc/Rage[.]exe
hxxp://185[.]215[.]113[.]19/inc/Rage[.]exe
hxxp://185[.]215[.]113[.]16/inc/Rage[.]exe
hxxp://welcomsplus[.]ru/wp-admin/netwrks/EqFcMNOmn138[.]bin
hxxps://welcomsplus[.]ru/wp-admin/netwrks/EqFcMNOmn138[.]bin
hxxps://www[.]ranchoboscardin[.]com[.]br/dc/hvilkes-receipt[.]zip
hxxp://www[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin
hxxp://mail[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin
hxxp://www[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin
hxxp://manjeetsteelproductions[.]com/rtGfK70[.]bin
hxxps://mail[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin
hxxps://www[.]manjeetsteelproductions[.]com/rtGfK70[.]bin
hxxp://manjeetsteelproductions[.]com/kxtQrW54[.]bin
hxxps://mail[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin
hxxps://manjeetsteelproductions[.]com/rtGfK70[.]bin
hxxps://mail[.]manjeetsteelproductions[.]com/rtGfK70[.]bin
hxxps://manjeetsteelproductions[.]com/kxtQrW54[.]bin
hxxps://www[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin
hxxps://www[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin
hxxps://manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin
hxxp://manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin
hxxp://mail[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin
hxxp://mail[.]manjeetsteelproductions[.]com/rtGfK70[.]bin
hxxp://www[.]manjeetsteelproductions[.]com/rtGfK70[.]bin
hxxp://mail[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin
hxxp://www[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin
hxxps://www[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin
hxxps://synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin
hxxp://synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin
hxxps://mail[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin
CloudEyE


URL
hxxp://147[.]45[.]44[.]104/lopsa/66adc1d3f237b_mine[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b1f63c9578f_doz[.]exe
hxxps://147[.]45[.]44[.]104/steals/main2[.]exe
hxxps://147[.]45[.]44[.]104/prog/66af531b832ee_main[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b331997e05e_main21[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66af4e35e761b_doz[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66adc1d3f237b_mine[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b1c36969eae_main[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b331997e05e_main21[.]exe
hxxp://147[.]45[.]44[.]104/steals/main2[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66b31de809837_main[.]exe
hxxp://147[.]45[.]44[.]104/lopsa/66b31de809837_main[.]exe
hxxps://147[.]45[.]44[.]104/revada/66b5ace3a06b0_dozkey[.]exe
hxxp://147[.]45[.]44[.]104/revada/66b5ace3a06b0_dozkey[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b5d9d3adbaa_defaultr[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b5d9d3adbaa_defaultr[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b11f4cc8fbf_MarriageWriters[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b11f4cc8fbf_MarriageWriters[.]exe
hxxp://185[.]215[.]113[.]13/inc/build_2024-07-24_23-16[.]exe
hxxp://147[.]45[.]44[.]104/lopsa/66b09f01e0030_dozkey[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b0ba4420669_main[.]exe
hxxp://185[.]215[.]113[.]13/inc/build_2024-07-25_20-56[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b837290469c_vidar[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b7a2aef1283_doz[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b837290469c_vidar[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b7a2aef1283_doz[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66b09f01e0030_dozkey[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b0ba4420669_main[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b7a4a075311_AsianAsp[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b7a4a075311_AsianAsp[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66b31f0061c9a_doz[.]exe
hxxp://147[.]45[.]44[.]104/lopsa/66b31f0061c9a_doz[.]exe
Vidar


URL
hxxps://spikeliftall[.]com/live/
hxxps://godfaetret[.]com/live/
Latrodectus


URL
hxxp://185[.]225[.]200[.]214/api/firepro[.]php
hxxp://185[.]225[.]200[.]214/api/twofish[.]php
hxxp://185[.]225[.]200[.]214/api/flash[.]php
hxxp://185[.]225[.]200[.]214/api/firecom[.]php
PrivateLoader


URL
hxxps://tisavoraktsstumahozexe[.]xyz/MTA2MzQzMjEyMzM3/
Coper


URL
hxxp://45[.]90[.]89[.]50/100/JNN[.]txt
hxxp://23[.]94[.]239[.]112/xampp/eso/Cama[.]txt
Remcos


URL
hxxps://agenciapantheon[.]com/1/file[.]exe
MetaStealer


URL
hxxp://193[.]187[.]173[.]86/587ec30955d49a9c[.]php
hxxp://45[.]152[.]114[.]50/587ec30955d49a9c[.]php
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/nss3[.]dll
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/mozglue[.]dll
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/softokn3[.]dll
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/vcruntime140[.]dll
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/msvcp140[.]dll
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/freebl3[.]dll
hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/sqlite3[.]dll
hxxp://147[.]45[.]47[.]59/d6f30af05ffe50bf[.]php
hxxps://147[.]45[.]44[.]104/prog/66b5b75106ac6_stealc[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b5b75106ac6_stealc[.]exe
hxxps://helleaa[.]com/temp/random[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b4f6893d3c3_shapr3D[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b4b10e9ef0b_stealc_default[.]exe
hxxp://kenesrakishevinfo[.]com/guop/66b4c268bde0c[.]exe
hxxp://109[.]107[.]187[.]5/f0e4e4e04df8be83[.]php
hxxps://147[.]45[.]44[.]104/prog/66b4b10e9ef0b_stealc_default[.]exe
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/nss3[.]dll
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/softokn3[.]dll
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/sqlite3[.]dll
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/vcruntime140[.]dll
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/msvcp140[.]dll
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/mozglue[.]dll
hxxp://109[.]107[.]187[.]5/81d86672643d3c88/freebl3[.]dll
hxxps://helleaa[.]com/temp/ama[.]exe
hxxp://185[.]215[.]113[.]100/0d60be0de163924d/sqlite3[.]dll
hxxp://185[.]215[.]113[.]13/inc/4434[.]exe
hxxp://185[.]215[.]113[.]19/num/random[.]exe
hxxp://185[.]215[.]113[.]13/num/random[.]exe
hxxp://185[.]215[.]113[.]16/num/random[.]exe
hxxp://185[.]215[.]113[.]100/e2b1563c6670f193[.]php
hxxp://185[.]215[.]113[.]100/0d60be0de163924d/nss3[.]dll
hxxp://147[.]45[.]44[.]104/prog/66b85f47d1f63_stealc[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b85f47d1f63_stealc[.]exe
hxxp://82[.]147[.]84[.]78/116b775395f6d155[.]php
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/sqlite3[.]dll
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/nss3[.]dll
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/msvcp140[.]dll
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/mozglue[.]dll
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/freebl3[.]dll
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/vcruntime140[.]dll
hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/softokn3[.]dll
hxxp://185[.]215[.]113[.]19/inc/pimer_bbbcontents7[.]exe
hxxp://185[.]215[.]113[.]16/inc/pimer_bbbcontents7[.]exe
hxxp://213[.]109[.]147[.]66/73de3362ad1122cd[.]php
hxxp://213[.]109[.]147[.]66/af82968233105576/vcruntime140[.]dll
hxxp://213[.]109[.]147[.]66/af82968233105576/softokn3[.]dll
hxxp://213[.]109[.]147[.]66/af82968233105576/sqlite3[.]dll
hxxp://213[.]109[.]147[.]66/af82968233105576/mozglue[.]dll
hxxp://213[.]109[.]147[.]66/af82968233105576/freebl3[.]dll
hxxp://213[.]109[.]147[.]66/af82968233105576/nss3[.]dll
hxxp://213[.]109[.]147[.]66/af82968233105576/msvcp140[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/nss3[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/softokn3[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/freebl3[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/mozglue[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/msvcp140[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/sqlite3[.]dll
hxxp://37[.]1[.]213[.]84/051d53e83e940e71/vcruntime140[.]dll
Stealc


URL
hxxp://l0h5[.]shop/CM341/index[.]php
Azorult


URL
hxxps://bazarganadero[.]com/file[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b4af430a0a1_files[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b4af430a0a1_files[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b623c3b1dcb_Mowdiewart[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b623c3b1dcb_Mowdiewart[.]exe
hxxp://185[.]215[.]113[.]16/inc/Operation6572[.]exe
hxxp://185[.]215[.]113[.]19/inc/Operation6572[.]exe
hxxp://185[.]215[.]113[.]13/inc/Operation6572[.]exe
hxxps://147[.]45[.]44[.]104/revada/66b74da9b163e_1234[.]exe
hxxp://147[.]45[.]44[.]104/revada/66b74da9b163e_1234[.]exe
hxxp://185[.]215[.]113[.]19/inc/06082025[.]exe
hxxp://185[.]215[.]113[.]16/inc/06082025[.]exe
hxxps://176[.]111[.]174[.]140/uiztaux[.]exe
hxxp://47[.]104[.]173[.]216:9876/sthealthclient[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b38b9ae0da3_palnet_new[.]exe
hxxp://147[.]45[.]44[.]104/revada/66b286b03f960_hp-scanner[.]exe
hxxp://185[.]215[.]113[.]13/inc/06082025[.]exe
hxxp://185[.]215[.]113[.]13/inc/systems[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b38b9ae0da3_palnet_new[.]exe
hxxps://147[.]45[.]44[.]104/revada/66b286b03f960_hp-scanner[.]exe
hxxps://147[.]45[.]44[.]104/revada/66b7d3a2e7a4d_deepweb[.]exe
hxxp://147[.]45[.]44[.]104/revada/66b7d3a2e7a4d_deepweb[.]exe
hxxp://185[.]215[.]113[.]16/inc/request[.]exe
hxxp://147[.]45[.]44[.]131/files/U[.]exe
hxxps://transfer[.]adttemp[.]com[.]br/get/yLwCe/crypted[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b0ee142cf8f_PhotosExifEditor[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b0ee142cf8f_PhotosExifEditor[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b38609432fa_sosusion[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66b7d12b3a8ea_5k[.]exe
hxxp://147[.]45[.]44[.]104/lopsa/66b7d12b3a8ea_5k[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b38609432fa_sosusion[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66afa0d3934d8_ultfix[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b28454586cd_monogamer[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66afa0d3934d8_ultfix[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b28454586cd_monogamer[.]exe
hxxps://147[.]45[.]44[.]104/lopsa/66b4b5e40dbf6_template832components[.]exe
hxxp://147[.]45[.]44[.]104/lopsa/66b4b5e40dbf6_template832components[.]exe
hxxp://185[.]215[.]113[.]16/inc/cookie250[.]exe
RedLine Stealer


URL
hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/cred[.]dll
hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/cred64[.]dll
hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/clip64[.]dll
hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/clip[.]dll
hxxp://185[.]215[.]113[.]19/games/nino[.]exe
hxxp://185[.]215[.]113[.]16/games/nino[.]exe
hxxp://api[.]garageserviceoperation[.]com/CoreOPT/index[.]php
hxxps://ama[.]creativenotes[.]cloud/webdav/shfiles/am[.]exe
hxxps://ama[.]diningupdates[.]site/webdav/shfiles/am[.]exe
hxxps://ama[.]industrystats[.]store/webdav/shfiles/am[.]exe
hxxps://ama[.]resourcegate[.]xyz/webdav/shfiles/am[.]exe
hxxps://ama[.]foodiecorner[.]rest/webdav/shfiles/am[.]exe
hxxps://clp[.]itresources[.]lol/webdav/shfiles/am[.]exe
hxxps://updateloop[.]xyz/webdav/shfiles/am[.]exe
hxxps://ama[.]fastupdate[.]pro/webdav/shfiles/am[.]exe
hxxps://ama[.]itresources[.]lol/webdav/shfiles/am[.]exe
hxxps://bienupdate[.]xyz/webdav/shfiles/am[.]exe
hxxps://clp[.]eateryhub[.]xyz/webdav/shfiles/am[.]exe
hxxps://ama[.]eateryhub[.]xyz/webdav/shfiles/am[.]exe
hxxps://pwarticles[.]xyz/webdav/shfiles/am[.]exe
hxxps://creativenotes[.]cloud/webdav/shfiles/am[.]exe
hxxps://clp[.]creativenotes[.]cloud/webdav/shfiles/am[.]exe
hxxps://clp[.]industrystats[.]store/webdav/shfiles/am[.]exe
hxxps://clp[.]diningupdates[.]site/webdav/shfiles/am[.]exe
hxxps://ghost[.]diningupdates[.]site/webdav/shfiles/am[.]exe
hxxps://clp[.]resourcegate[.]xyz/webdav/shfiles/am[.]exe
hxxps://ghost[.]foodiecorner[.]rest/webdav/shfiles/am[.]exe
hxxps://clp[.]foodiecorner[.]rest/webdav/shfiles/am[.]exe
hxxp://185[.]215[.]113[.]13/inc/kitty[.]exe
hxxp://185[.]215[.]113[.]19/inc/kitty[.]exe
hxxp://185[.]215[.]113[.]16/inc/kitty[.]exe
hxxp://80[.]66[.]75[.]214/g8djmsaxA/Plugins/clip[.]dll
hxxp://80[.]66[.]75[.]214/g8djmsaxA/Plugins/cred[.]dll
hxxps://helleaa[.]com/temp/runtime[.]exe
hxxps://www[.]filecentral-tips3[.]com/h9fmdW5/Login[.]php
hxxps://www[.]filecentral-tips2[.]com/h9fmdW5/Login[.]php
hxxps://www[.]filecentral-tips[.]com/h9fmdW5/Login[.]php
hxxps://www[.]brasseriehub3[.]com/h9fmdW5/Login[.]php
hxxps://www[.]brasseriehub2[.]com/h9fmdW5/Login[.]php
hxxp://94[.]103[.]183[.]51/h9fmdW5/Login[.]php
hxxp://ruspyc[.]top/h9k4kfklCdszZ3/Login[.]php
hxxp://api[.]garageserviceoperation[.]com/CoreOPT/Login[.]php
hxxp://actualisation-service[.]com/CoreOPT/Login[.]php
hxxp://185[.]215[.]113[.]19/Vi9leo/Login[.]php
hxxp://185[.]215[.]113[.]16/Vi9leo/Login[.]php
hxxp://185[.]215[.]113[.]13/Vi9leo/Login[.]php
hxxp://185[.]215[.]113[.]101/g99kdj4vsA/Login[.]php
hxxp://185[.]208[.]158[.]116/hb9IvshS01/Login[.]php
hxxp://185[.]208[.]158[.]115/CoreOPT/Login[.]php
hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Login[.]php
hxxps://clp[.]businesshub[.]pics/webdav/shfiles/am[.]exe
hxxps://ama[.]newtech[.]lol/webdav/shfiles/am[.]exe
hxxps://clp[.]cuisineupdates[.]online/webdav/shfiles/am[.]exe
hxxps://clp[.]resourcegate[.]lol/webdav/shfiles/am[.]exe
hxxps://ama[.]businesshub[.]pics/webdav/shfiles/am[.]exe
hxxps://clp[.]newtech[.]lol/webdav/shfiles/am[.]exe
hxxps://ama[.]resourcegate[.]lol/webdav/shfiles/am[.]exe
hxxps://ama[.]cuisineupdates[.]online/webdav/shfiles/am[.]exe
hxxp://185[.]215[.]113[.]13/lava/ramos[.]exe
hxxp://185[.]215[.]113[.]19/lava/ramos[.]exe
hxxp://185[.]215[.]113[.]16/lava/ramos[.]exe
hxxp://185[.]215[.]113[.]101/file/amad[.]exe
Amadey


URL
hxxp://147[.]45[.]44[.]104/prog/66b45c742e0a1_123p[.]exe
hxxps://147[.]45[.]44[.]104/prog/66af31c75d213_123p[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b45c742e0a1_123p[.]exe
hxxp://ms[.]msboost[.]ro/xmrig[.]exe
hxxp://ms[.]msboost[.]ro/WinRing0x64[.]sys
hxxp://45[.]123[.]40[.]108/xmrig[.]exe
hxxp://45[.]123[.]40[.]108/WinRing0x64[.]sys
hxxp://94[.]156[.]66[.]100:8888/WinRing0x64[.]sys
hxxp://45[.]144[.]3[.]216/starrail/cbt2zip/setup[.]exe
hxxp://45[.]144[.]3[.]216:10000/starrail/config/config[.]json
hxxp://45[.]144[.]3[.]216/starrail/config/v2[.]json
hxxp://mussangroup[.]com/wp-content/images/pic6[.]jpg
hxxps://147[.]45[.]44[.]104/prog/66b331646d2cd_123p[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b331646d2cd_123p[.]exe
hxxps://47[.]236[.]23[.]121/fms/Photo[.]scr
hxxps://47[.]236[.]23[.]121/fms/Video[.]scr
hxxps://47[.]236[.]23[.]121/docker-compose/Video[.]scr
hxxps://47[.]236[.]23[.]121/docker-compose/Photo[.]scr
hxxps://47[.]236[.]23[.]121/docker-compose/AV[.]scr
hxxps://47[.]236[.]23[.]121/fms/AV[.]scr
hxxps://47[.]236[.]23[.]121/docker-compose/Video[.]lnk
hxxps://47[.]236[.]23[.]121/fms/AV[.]lnk
hxxps://47[.]236[.]23[.]121/fms/Video[.]lnk
hxxps://139[.]167[.]198[.]110/2019/bkbvideos/Photo[.]lnk
hxxps://47[.]236[.]23[.]121/fms/Photo[.]lnk
hxxps://47[.]236[.]23[.]121/docker-compose/AV[.]lnk
hxxps://47[.]236[.]23[.]121/docker-compose/Photo[.]lnk
hxxps://139[.]167[.]198[.]110/2019/bkbvideos/AV[.]lnk
hxxps://139[.]167[.]198[.]110/2019/bkbvideos/Video[.]lnk
hxxps://139[.]167[.]198[.]110/AV[.]lnk
hxxps://139[.]167[.]198[.]110/Photo[.]lnk
hxxps://139[.]167[.]198[.]110/Video[.]lnk
hxxp://183[.]30[.]202[.]10:82/info[.]zip
hxxp://183[.]30[.]202[.]10:82/Photo[.]scr
hxxp://183[.]30[.]202[.]10:82/Video[.]scr
hxxp://183[.]30[.]202[.]10:82/AV[.]scr
hxxp://183[.]30[.]202[.]10:82/Photo[.]lnk
hxxp://183[.]30[.]202[.]10:82/AV[.]lnk
hxxp://183[.]30[.]202[.]10:82/Video[.]lnk
hxxp://175[.]203[.]21[.]2/info[.]zip
hxxp://103[.]92[.]101[.]54/info[.]zip
hxxp://165[.]132[.]228[.]67/info[.]zip
hxxp://139[.]167[.]198[.]110/Photo[.]lnk
hxxp://139[.]167[.]198[.]110/Video[.]lnk
hxxp://139[.]167[.]198[.]110/AV[.]lnk
hxxp://37[.]84[.]8[.]185/Photo[.]scr
hxxp://37[.]82[.]137[.]164/Photo[.]scr
hxxp://194[.]122[.]165[.]149/Photo[.]scr
hxxp://192[.]248[.]13[.]186/Photo[.]scr
hxxp://37[.]80[.]212[.]218/Photo[.]scr
hxxp://194[.]122[.]165[.]159/Photo[.]scr
hxxp://71[.]50[.]219[.]83/Photo[.]scr
hxxp://138[.]188[.]39[.]94/Photo[.]scr
hxxp://165[.]220[.]134[.]146/Photo[.]scr
hxxp://94[.]64[.]38[.]25/Photo[.]scr
hxxp://166[.]150[.]43[.]236/Photo[.]scr
hxxp://37[.]80[.]185[.]196/Photo[.]scr
hxxp://193[.]248[.]234[.]149/Photo[.]scr
hxxp://194[.]122[.]165[.]156/Photo[.]scr
hxxp://24[.]222[.]241[.]90/Photo[.]scr
hxxp://201[.]68[.]224[.]155/Photo[.]scr
hxxp://124[.]198[.]13[.]138/Photo[.]scr
hxxp://213[.]118[.]248[.]162/Photo[.]scr
hxxp://220[.]134[.]136[.]14/Photo[.]scr
hxxp://185[.]221[.]237[.]201/Photo[.]scr
hxxp://119[.]237[.]115[.]192/Photo[.]scr
hxxp://190[.]28[.]12[.]199/Photo[.]scr
hxxp://61[.]222[.]220[.]208/Photo[.]scr
hxxp://194[.]122[.]165[.]170/Photo[.]scr
hxxp://64[.]234[.]95[.]70/Photo[.]scr
hxxp://170[.]55[.]7[.]234/Photo[.]scr
hxxp://75[.]8[.]215[.]99/Photo[.]scr
hxxp://111[.]217[.]175[.]54/Photo[.]scr
hxxp://42[.]115[.]253[.]75/Photo[.]scr
hxxp://62[.]216[.]194[.]57/Photo[.]scr
hxxp://51[.]148[.]140[.]59/Photo[.]scr
hxxp://37[.]84[.]193[.]93/Photo[.]scr
hxxp://203[.]69[.]238[.]30/Photo[.]scr
hxxp://211[.]193[.]41[.]20/Photo[.]scr
hxxp://94[.]255[.]218[.]185/Photo[.]scr
hxxp://187[.]225[.]246[.]217/Photo[.]scr
hxxp://80[.]233[.]126[.]164/Photo[.]scr
hxxp://187[.]247[.]242[.]34/Photo[.]scr
hxxp://187[.]115[.]56[.]93/Photo[.]scr
hxxp://51[.]155[.]133[.]244/Photo[.]scr
hxxp://187[.]213[.]177[.]110/Photo[.]scr
hxxp://82[.]157[.]58[.]159/Photo[.]scr
hxxp://188[.]84[.]133[.]243/Photo[.]scr
hxxp://37[.]84[.]235[.]18/Photo[.]scr
hxxp://174[.]92[.]69[.]163/Photo[.]scr
hxxp://76[.]68[.]62[.]24/Photo[.]scr
hxxp://23[.]241[.]17[.]95/Photo[.]scr
hxxp://81[.]10[.]240[.]105/Photo[.]scr
hxxp://85[.]230[.]143[.]101/Photo[.]scr
hxxp://151[.]63[.]42[.]121/Photo[.]scr
hxxp://31[.]168[.]72[.]213/Photo[.]scr
hxxp://93[.]104[.]188[.]236/Photo[.]scr
hxxp://37[.]1[.]217[.]73/Photo[.]scr
Coinminer


URL
hxxps://ranchoboscardin[.]com[.]br/dc/hmay[.]txt
hxxps://www[.]ranchoboscardin[.]com[.]br/dc/hmay[.]txt
hxxp://185[.]215[.]113[.]19/inc/3544436[.]exe
hxxp://147[.]45[.]44[.]104/prog/66af45d13a3cb_xincz[.]exe
hxxps://funcaptcha[.]ru/hvnc[.]exe
hxxp://188[.]40[.]78[.]204/mtx111[.]exe
hxxp://5[.]101[.]179[.]214/mtx111[.]exe
hxxp://45[.]131[.]66[.]20/mtx111[.]exe
hxxp://45[.]131[.]66[.]65/mtx111[.]exe
hxxp://91[.]200[.]100[.]86/mtx111[.]exe
hxxp://45[.]89[.]127[.]155/mtx111[.]exe
hxxp://5[.]182[.]207[.]10/mtx111[.]exe
hxxp://185[.]215[.]113[.]16/inc/3544436[.]exe
hxxp://185[.]215[.]113[.]13/inc/DecryptJohn[.]exe
hxxp://185[.]215[.]113[.]13/inc/dccrypt[.]exe
hxxp://193[.]233[.]203[.]218/creative/shotmaintain[.]exe
hxxp://193[.]233[.]203[.]218/creative/ua[.]exe
hxxp://193[.]233[.]203[.]218/best/beyondtransfer[.]exe
hxxp://185[.]215[.]113[.]19/inc/DecryptJohn[.]exe
hxxp://185[.]215[.]113[.]19/inc/dccrypt[.]exe
hxxp://185[.]215[.]113[.]16/inc/dccrypt[.]exe
hxxp://185[.]215[.]113[.]16/inc/DecryptJohn[.]exe
hxxp://185[.]196[.]9[.]251/HWID-Spoofer/CyptpaSPOOFER-3[.]exe
hxxp://185[.]196[.]10[.]57/selectex-file-host/Files[.]exe
hxxps://193[.]31[.]116[.]186/Employee[.]exe
hxxps://www[.]onlinesupportforroad[.]com/Employee[.]exe
hxxp://193[.]31[.]116[.]186/psi[.]ps1
hxxps://193[.]31[.]116[.]186/psi[.]ps1
hxxp://www[.]onlinesupportforroad[.]com/psi[.]ps1
hxxps://www[.]onlinesupportforroad[.]com/psi[.]ps1
hxxp://www[.]onlinesupportforroad[.]com/Employee[.]exe
hxxp://193[.]31[.]116[.]186/Employee[.]exe
hxxp://45[.]66[.]231[.]44/kvro/Alingme[.]exe
hxxp://45[.]66[.]231[.]44/kvro/Dlbzqv[.]exe
hxxp://45[.]66[.]231[.]44/kvro/Dadmut[.]exe
hxxp://45[.]66[.]231[.]44/kvro/Stien[.]exe
hxxp://45[.]66[.]231[.]44/rkei/Xwemz[.]exe
hxxp://45[.]66[.]231[.]44/rkei/Stien[.]exe
hxxp://45[.]66[.]231[.]44/kvro/venture45[.]png
hxxp://79[.]137[.]192[.]13/prog/6696621cecc83_crypted[.]exe
hxxp://83[.]147[.]55[.]28/pqjvyogm[.]exe
hxxp://45[.]88[.]91[.]107/output[.]exe
hxxp://45[.]88[.]91[.]107/LgGFdDAm2/AntiVirus2[.]exe
hxxp://45[.]88[.]91[.]107/me/sch[.]exe
hxxp://45[.]88[.]91[.]107/running/LgGFdDAm/AntiVirus2[.]exe
hxxp://45[.]88[.]91[.]107/me/3[.]exe
hxxp://45[.]88[.]91[.]107/tbsh/Chrome[.]exe
hxxp://45[.]88[.]91[.]107/me/1[.]exe
hxxp://45[.]88[.]91[.]107/me/2[.]exe
hxxp://45[.]88[.]91[.]107/tbsh/Chr0me[.]exe
hxxp://176[.]123[.]2[.]229/empty/availableresearchpro[.]zip
hxxp://176[.]123[.]2[.]229/empty/availableresearchpro[.]exe
hxxp://176[.]123[.]2[.]229/empty/fatherscientificpro[.]zip
hxxps://147[.]45[.]44[.]104/prog/66af45d13a3cb_xincz[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b62381ef649_crypted[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b62381ef649_crypted[.]exe
hxxp://147[.]45[.]44[.]131/files/files1[.]exe
hxxp://185[.]215[.]113[.]13/inc/3544436[.]exe
hxxps://serenderevler[.]com/file[.]exe
PureLogs Stealer


URL
hxxps://writerospzm[.]shop/api
hxxps://mennyudosirso[.]shop/api
hxxps://quialitsuzoxm[.]shop/api
hxxps://languagedscie[.]shop/api
hxxps://deallerospfosu[.]shop/api
hxxps://complaintsipzzx[.]shop/api
hxxps://celebratioopz[.]shop/api
hxxps://bassizcellskz[.]shop/api
hxxps://enfixxysdjsip[.]shop/api
hxxps://clearrypalsidn[.]shop/api
hxxps://berserkydosom[.]shop/api
hxxps://147[.]45[.]44[.]104/yuop/66b274e0e1b95_shapr3D[.]exe
hxxp://147[.]45[.]44[.]131/files/CW[.]exe
hxxp://147[.]45[.]44[.]131/files/TY[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b5ac957cc65_crypta[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b5ac1092454_otraba[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b5ac1092454_otraba[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b5ac957cc65_crypta[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b4f6893d3c3_shapr3D[.]exe
hxxp://147[.]45[.]44[.]131/files/P[.]exe
hxxp://147[.]45[.]44[.]131/files/Alg[.]exe
hxxps://elephanntys[.]shop/api
hxxps://outfittisozm[.]shop/api
hxxps://unnaniomsuado[.]shop/api
hxxps://transformatiwosp[.]shop/api
hxxps://rightruesx[.]shop/api
hxxps://erdefendkzov[.]shop/api
hxxps://accessibledpzp[.]shop/api
hxxps://solutionpxmuzo[.]shop/api
hxxps://dirtdrawingjsi[.]shop/api
hxxps://147[.]45[.]44[.]104/prog/66b72acef0ad2_7ainstall[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b72acef0ad2_7ainstall[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66b1b02a20b5a_cry[.]exe
hxxps://divorcelawyeroxnard[.]com/rtr/ghgadadas
hxxps://divorcelawyeroxnard[.]com/rtr/Factura%20Pro-forma%20-%20S08369[.]pdf
hxxp://147[.]45[.]44[.]104/yuop/66b74f08ada90_shapr3D[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b74f08ada90_shapr3D[.]exe
hxxp://212[.]18[.]104[.]197/TopNotchSetupPacket[.]pdf
hxxps://paperryszjxuo[.]shop/api
hxxp://147[.]45[.]44[.]104/revada/66b211924622f_LummaC2[.]exe
hxxps://147[.]45[.]44[.]104/yuop/66b1b02a20b5a_cry[.]exe
hxxps://147[.]45[.]44[.]104/revada/66b211924622f_lummac2[.]exe
hxxps://b2b[.]dev[.]odse[.]it/temp/DailyUc[.]exe
hxxp://b2b[.]dev[.]odse[.]it/temp/DailyUc[.]exe
hxxp://dev[.]odse[.]it/temp/DailyUc[.]exe
hxxps://dev[.]odse[.]it/temp/DailyUc[.]exe
hxxps://enthusiandsi[.]shop/api
hxxps://unenviousdxep[.]shop/api
hxxps://incentiospzxm[.]shop/api
Lumma Stealer


URL
hxxp://207[.]148[.]118[.]246/test[.]exe
hxxp://89[.]197[.]154[.]116/Mailer[.]exe
Meterpreter


URL
hxxp://geradcontsad[.]pro/w/c1/
hxxp://contpt[.]top/w/c1/
hxxp://contadcom[.]pro/w/c1/
hxxp://91[.]92[.]254[.]149/w/c1/
hxxp://a[.]parcel[.]beauty/w/c1/
hxxp://91[.]92[.]245[.]87/w/c1/
hxxp://91[.]92[.]245[.]29/w/c1/
hxxp://91[.]92[.]245[.]68/w/c1/
hxxp://91[.]92[.]244[.]206/w/c1/
hxxp://91[.]92[.]244[.]191/w/c1/
hxxp://64[.]95[.]11[.]41/w/c1/
hxxp://208[.]109[.]233[.]212/w/c1/
Mispadu


URL
hxxp://91[.]92[.]242[.]124/bins/bin[.]ppc
hxxp://91[.]92[.]242[.]124/bins/bin[.]mpsl
hxxp://91[.]92[.]242[.]124/bins/bin[.]arm7
hxxp://91[.]92[.]242[.]124/bins/bin[.]x86
hxxp://91[.]92[.]242[.]124/bins/bin[.]arm5
hxxp://91[.]92[.]242[.]124/bins/bin[.]mips
hxxp://91[.]92[.]242[.]124/bins/bin[.]arm4
hxxp://91[.]92[.]242[.]124/bins/bin[.]arm
hxxp://91[.]92[.]242[.]124/dvr[.]sh
hxxp://91[.]92[.]242[.]124/bin[.]ppc
hxxp://91[.]92[.]242[.]124/bin[.]mpsl
hxxp://91[.]92[.]242[.]124/bin[.]arm5
hxxp://91[.]92[.]242[.]124/bin[.]mips
hxxp://91[.]92[.]242[.]124/bin[.]arm4
hxxp://91[.]92[.]242[.]124/bin[.]x86
hxxp://91[.]92[.]242[.]124/bin[.]arm7
hxxp://91[.]92[.]242[.]124/bin[.]arm
More_eggs


URL
hxxp://812375cm[.]nyashkoon[.]top/nyashsupport[.]php
hxxp://5[.]182[.]37[.]131/win32[.]exe
hxxp://782652cm[.]n9sh[.]top/providerImageProcessorGeneratorwp[.]php
hxxp://149387cm[.]n9sh[.]top/Authuniversaltrackpublic[.]php
hxxp://764337cm[.]nyashsens[.]top/externalVideojavascript_PollLongpollserversqllinuxtemporary[.]php
hxxp://613761cm[.]n9shteam1[.]top/nyashsupport[.]php
hxxp://376294cm[.]n9sh[.]top/JavascriptprocessorAuth[.]php
DCRat


URL
hxxp://fussballclub-24[.]de/reverse_shell[.]exe
hxxp://217[.]160[.]192[.]139/reverse_shell[.]exe
Metasploit


URL
hxxp://185[.]163[.]45[.]5/l[.]exe
LaZagne


URL
hxxps://www[.]sumiyuki[.]co[.]jp/js/test[.]exe
Gandcrab


URL
hxxp://91[.]92[.]246[.]18/upl/t2[.]exe
hxxp://91[.]92[.]246[.]18/upl/t1[.]exe
hxxps://176[.]111[.]174[.]140/event[.]php
hxxps://176[.]111[.]174[.]140/nmi[.]exe
hxxps://176[.]111[.]174[.]140/ppgcgnyw[.]exe
hxxp://185[.]215[.]113[.]19/inc/client[.]exe
hxxp://185[.]215[.]113[.]16/inc/client[.]exe
hxxp://185[.]215[.]113[.]13/inc/client[.]exe
hxxp://185[.]215[.]113[.]13/inc/cudo[.]exe
hxxp://185[.]215[.]113[.]19/inc/cudo[.]exe
hxxp://185[.]215[.]113[.]16/inc/cudo[.]exe
hxxp://94[.]156[.]68[.]128/dc[.]exe
hxxp://kambeftojerdy[.]pro/dc[.]exe
hxxp://oporevittosa[.]us/dc[.]exe
hxxp://lexbendafrog[.]info/dc[.]exe
hxxp://pemefloderstan[.]pro/dc[.]exe
hxxp://pemefloderstan[.]info/dc[.]exe
hxxp://mallyoberdac[.]top/dc[.]exe
hxxp://94[.]156[.]68[.]112/dc[.]exe
AsyncRAT


URL
hxxp://106[.]15[.]184[.]255/tools[.]exe
hxxp://106[.]15[.]184[.]255:8001/ga[.]js
hxxp://103[.]143[.]248[.]179:9000/svch0st[.]exe
hxxp://146[.]190[.]72[.]88:8080/beacon[.]ps1
hxxp://146[.]190[.]72[.]88:8080/beacon_x64[.]ps1
hxxp://185[.]215[.]113[.]13/inc/ConsiderableWinners[.]exe
hxxp://185[.]215[.]113[.]19/inc/ConsiderableWinners[.]exe
hxxp://185[.]215[.]113[.]16/inc/ConsiderableWinners[.]exe
hxxp://123[.]161[.]58[.]100/api/postit
hxxps://123[.]161[.]58[.]100/api/postit
Cobalt Strike


URL
hxxps://hopy[.]pinefootsteps[.]com/ssl/crt[.]exe
hxxps://stan[.]pinefootsteps[.]com/ssl/crt[.]exe
Socks5 Systemz


URL
hxxp://115[.]55[.]164[.]6:44677/Mozi[.]m
hxxp://222[.]142[.]242[.]174:56906/Mozi[.]m
hxxp://175[.]107[.]1[.]61:40462/Mozi[.]m
hxxp://115[.]55[.]244[.]221:41900/Mozi[.]m
Mozi


URL
hxxp://147[.]45[.]44[.]131/files/Installer[.]exe
hxxp://147[.]45[.]44[.]131/files/WC[.]exe
hxxp://45[.]66[.]231[.]135/NamzScript[.]exe
Quasar RAT


URL
hxxp://192[.]3[.]176[.]138/107/sahost[.]exe
hxxp://192[.]3[.]176[.]138/xampp/zoom/107[.]hta
hxxps://192[.]3[.]176[.]138/107/sahost[.]exe
hxxps://uptodownload[.]shop/d/f-c[.]txt
hxxps://uptodownload[.]shop/d/s44
hxxps://uptodownload[.]shop/d/r44
hxxps://uptodownload[.]shop/d/paste[.]txt
hxxps://uptodownload[.]shop/d/tqMByGSHc3djB17H4l4g[.]txt
Snake Keylogger


URL
hxxp://45[.]14[.]226[.]13/arm7
hxxp://45[.]14[.]226[.]13/x86_64
hxxp://45[.]14[.]226[.]13/aarch64
hxxp://45[.]14[.]226[.]13/i686
RedTail


URL
hxxps://apocalypsecheats[.]xyz/app/Apocalyps%D0%B5[.]zip
Apocalypse


URL
hxxps://147[.]45[.]44[.]104/prog/66b6233d1594d_output_32[.]exe
hxxp://147[.]45[.]44[.]104/prog/66b6233d1594d_output_32[.]exe
Ghost RAT


URL
hxxps://147[.]45[.]44[.]104/prog/66ae9cc050ded_file0308[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ae9cc050ded_file0308[.]exe
STOP


URL
hxxp://bigormisfromnep[.]ru/download/svc[.]exe
SmokeLoader


URL
hxxp://192[.]3[.]216[.]142/equitosssfridayMPDW-constraints[.]vbs
hxxp://192[.]3[.]216[.]142/controlrireeeMPDW-constraints[.]vbs
hxxp://192[.]3[.]216[.]142/equitopxMPDW-constraints[.]vbs
hxxp://192[.]3[.]216[.]142/controlfirebase6444[.]txt
hxxp://192[.]3[.]216[.]142/equitosssmanagerupdatedMPDW-constraints[.]vbs
hxxp://192[.]3[.]216[.]142/equitosbasewebbbbbbase644[.]txt
hxxp://185[.]215[.]113[.]13/inc/clsid[.]exe
hxxps://synergyinnovationsgroup[.]com/ohhzRs20[.]bin
hxxp://mail[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin
hxxps://mail[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin
hxxp://synergyinnovationsgroup[.]com/ohhzRs20[.]bin
hxxps://www[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin
hxxp://www[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin
hxxps://107[.]172[.]31[.]124/xampp/ubb/IEnetcats[.]hta
hxxps://107[.]172[.]31[.]124/98/sahost[.]exe
hxxp://107[.]172[.]31[.]124/98/sahost[.]exe
hxxp://107[.]172[.]31[.]124/xampp/ubb/IEnetcats[.]hta
Agent Tesla


URL
hxxp://139[.]180[.]169[.]173/bsc[.]exe
hxxp://89[.]197[.]154[.]116/mimikatz_trunk[.]zip
MimiKatz


URL
hxxps://176[.]111[.]174[.]140/nikzbi[.]exe
Luca Stealer


URL
hxxps://176[.]111[.]174[.]140/PwHnaA[.]exe
StormKitty


URL
hxxp://185[.]215[.]113[.]19/inc/AnneSalt[.]exe
hxxp://185[.]215[.]113[.]16/inc/AnneSalt[.]exe
hxxp://185[.]215[.]113[.]13/inc/AnneSalt[.]exe
Venom RAT


URL
hxxp://147[.]45[.]44[.]104/prog/66b4ed2ceb0d7_stealc[.]exe
hxxps://147[.]45[.]44[.]104/prog/66b4ed2ceb0d7_stealc[.]exe
Mars Stealer


URL
hxxp://exonic-hacks[.]com/freedom[.]exe
hxxp://warzone-meta[.]net/freedom[.]exe
hxxp://185[.]216[.]214[.]225/freedom[.]exe
Formbook


URL
hxxp://185[.]215[.]113[.]13/inc/jsawdtyjde[.]exe
hxxp://185[.]215[.]113[.]13/inc/Opdxdyeul[.]exe
hxxp://185[.]215[.]113[.]19/inc/Opdxdyeul[.]exe
hxxp://185[.]215[.]113[.]16/inc/Opdxdyeul[.]exe
SystemBC


URL
hxxp://185[.]215[.]113[.]101/file/380g[.]exe
BlackMatter


URL
hxxp://k1gkl25as[.]top/cdn-vs/data[.]php
hxxps://k1gkl25as[.]top/cdn-vs/data[.]php
NetSupportManager RAT


URL
hxxps://176[.]111[.]174[.]140/Setup[.]exe
hxxp://176[.]111[.]174[.]140/Setup[.]exe
LockBit


URL
hxxp://185[.]7[.]214[.]148/p2p
Poseidon Stealer


URL
hxxp://adadcdad[.]abcproxy[.]click/xd_/cyber-x86
hxxp://45[.]66[.]231[.]16/xd_/cyber-x86
Bashlite


URL
hxxp://vigtas[.]info/manager/microsoft[.]exe
hxxp://185[.]215[.]113[.]16/inc/nano[.]exe
hxxp://185[.]215[.]113[.]19/inc/nano[.]exe
Nanocore RAT


URL
hxxp://185[.]215[.]113[.]19/inc/1111[.]exe
hxxp://185[.]215[.]113[.]16/inc/1111[.]exe
CryptBot


URL
hxxp://38[.]242[.]151[.]108/manager/KB5040434[.]exe
hxxp://vigtas[.]info/manager/KB5040434[.]exe
XenoRAT


URL
hxxp://154[.]12[.]26[.]225:8888/Z1[.]dll
hxxp://154[.]12[.]26[.]225:8888/Z2[.]dll
hxxp://154[.]12[.]26[.]225:8888/Z5[.]dll
hxxp://154[.]12[.]26[.]225:8888/Z3[.]dll
hxxp://154[.]12[.]26[.]225:8888/Z4[.]dll
KrBanker




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://mlnb[.]donors[.]eucharisticjesus[.]net/orderReview hxxps://lamaisonquilting[.]com/wp-admin/images/wfgth[.]php hxxps://barelytherejewels[.]com/cdn-vs/original[.]js hxxps://barelytherejewels[.]com/cdn-vs/main[.]php hxxps://barelytherejewels[.]com/cdn-vs/download[.]php hxxps://k1gkl25as[.]top/cdn-vs/download[.]php hxxps://k1gkl25as[.]top/cdn-vs/original[.]js hxxps://k1gkl25as[.]top/cdn-vs/main[.]php hxxps://tuxwe[.]donors[.]eucharisticjesus[.]net/orderReview hxxps://vrgj[.]donors[.]eucharisticjesus[.]net/orderReview hxxps://pomsn[.]guide[.]borden-carleton[.]ca/orderReview hxxps://rvn[.]living[.]miraclesofeucharisticjesus[.]org/orderReview hxxps://jvzog[.]guide[.]borden-carleton[.]ca/orderReview hxxps://elb[.]guide[.]borden-carleton[.]ca/orderReview hxxps://qkz[.]guide[.]borden-carleton[.]ca/orderReview	FAKEUPDATES
URL	hxxp://104[.]248[.]205[.]66/index[.]php/wp?edit=92441867177748 hxxps://asmlholdings[.]top/mnBioUsiwqLpoD[.]exe hxxps://asmlholdings[.]top/HIWdsakaNkispPOt[.]doc hxxps://asmlholdings[.]top/mnBioUsiwqLpoD[.]doc	LokiBot
URL	hxxp://45[.]59[.]163[.]70/akjMWvMHPAOWbHbvg63[.]bin hxxps://www[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin hxxps://mail[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin hxxps://manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin hxxp://manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin hxxp://mail[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin hxxp://www[.]manjeetsteelproductions[.]com/ABSjYmGwOnBfTdiowsCIXf71[.]bin hxxp://192[.]3[.]243[.]147/xampp/ks/89[.]hta hxxps://192[.]3[.]243[.]147/xampp/ks/89[.]hta hxxps://euro-fier-vechi[.]ro/images/cnt/AXrLSJWMEAMMF212[.]bin hxxp://euro-fier-vechi[.]ro/images/cnt/AXrLSJWMEAMMF212[.]bin hxxp://23[.]94[.]239[.]112/114/sahost[.]exe hxxp://23[.]94[.]239[.]112/xampp/erg/IEnetwork[.]hta hxxps://23[.]94[.]239[.]112/118/sahost[.]exe hxxp://23[.]94[.]239[.]112/118/sahost[.]exe hxxps://23[.]94[.]239[.]112/114/sahost[.]exe hxxps://23[.]94[.]239[.]112/xampp/erg/IEnetwork[.]hta hxxps://23[.]94[.]239[.]112/xampp/lmt/IEexplore[.]hta hxxp://23[.]94[.]239[.]112/xampp/lmt/IEexplore[.]hta hxxp://185[.]215[.]113[.]13/inc/Rage[.]exe hxxp://185[.]215[.]113[.]19/inc/Rage[.]exe hxxp://185[.]215[.]113[.]16/inc/Rage[.]exe hxxp://welcomsplus[.]ru/wp-admin/netwrks/EqFcMNOmn138[.]bin hxxps://welcomsplus[.]ru/wp-admin/netwrks/EqFcMNOmn138[.]bin hxxps://www[.]ranchoboscardin[.]com[.]br/dc/hvilkes-receipt[.]zip hxxp://www[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin hxxp://mail[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin hxxp://www[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin hxxp://manjeetsteelproductions[.]com/rtGfK70[.]bin hxxps://mail[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin hxxps://www[.]manjeetsteelproductions[.]com/rtGfK70[.]bin hxxp://manjeetsteelproductions[.]com/kxtQrW54[.]bin hxxps://mail[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin hxxps://manjeetsteelproductions[.]com/rtGfK70[.]bin hxxps://mail[.]manjeetsteelproductions[.]com/rtGfK70[.]bin hxxps://manjeetsteelproductions[.]com/kxtQrW54[.]bin hxxps://www[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin hxxps://www[.]manjeetsteelproductions[.]com/kxtQrW54[.]bin hxxps://manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin hxxp://manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin hxxp://mail[.]manjeetsteelproductions[.]com/sGCxXtZwz48[.]bin hxxp://mail[.]manjeetsteelproductions[.]com/rtGfK70[.]bin hxxp://www[.]manjeetsteelproductions[.]com/rtGfK70[.]bin hxxp://mail[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin hxxp://www[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin hxxps://www[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin hxxps://synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin hxxp://synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin hxxps://mail[.]synergyinnovationsgroup[.]com/WJIlwQHyz37[.]bin	CloudEyE
URL	hxxp://147[.]45[.]44[.]104/lopsa/66adc1d3f237b_mine[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b1f63c9578f_doz[.]exe hxxps://147[.]45[.]44[.]104/steals/main2[.]exe hxxps://147[.]45[.]44[.]104/prog/66af531b832ee_main[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b331997e05e_main21[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66af4e35e761b_doz[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66adc1d3f237b_mine[.]exe hxxps://147[.]45[.]44[.]104/prog/66b1c36969eae_main[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b331997e05e_main21[.]exe hxxp://147[.]45[.]44[.]104/steals/main2[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66b31de809837_main[.]exe hxxp://147[.]45[.]44[.]104/lopsa/66b31de809837_main[.]exe hxxps://147[.]45[.]44[.]104/revada/66b5ace3a06b0_dozkey[.]exe hxxp://147[.]45[.]44[.]104/revada/66b5ace3a06b0_dozkey[.]exe hxxps://147[.]45[.]44[.]104/prog/66b5d9d3adbaa_defaultr[.]exe hxxp://147[.]45[.]44[.]104/prog/66b5d9d3adbaa_defaultr[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b11f4cc8fbf_MarriageWriters[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b11f4cc8fbf_MarriageWriters[.]exe hxxp://185[.]215[.]113[.]13/inc/build_2024-07-24_23-16[.]exe hxxp://147[.]45[.]44[.]104/lopsa/66b09f01e0030_dozkey[.]exe hxxp://147[.]45[.]44[.]104/prog/66b0ba4420669_main[.]exe hxxp://185[.]215[.]113[.]13/inc/build_2024-07-25_20-56[.]exe hxxp://147[.]45[.]44[.]104/prog/66b837290469c_vidar[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b7a2aef1283_doz[.]exe hxxps://147[.]45[.]44[.]104/prog/66b837290469c_vidar[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b7a2aef1283_doz[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66b09f01e0030_dozkey[.]exe hxxps://147[.]45[.]44[.]104/prog/66b0ba4420669_main[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b7a4a075311_AsianAsp[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b7a4a075311_AsianAsp[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66b31f0061c9a_doz[.]exe hxxp://147[.]45[.]44[.]104/lopsa/66b31f0061c9a_doz[.]exe	Vidar
URL	hxxps://spikeliftall[.]com/live/ hxxps://godfaetret[.]com/live/	Latrodectus
URL	hxxp://185[.]225[.]200[.]214/api/firepro[.]php hxxp://185[.]225[.]200[.]214/api/twofish[.]php hxxp://185[.]225[.]200[.]214/api/flash[.]php hxxp://185[.]225[.]200[.]214/api/firecom[.]php	PrivateLoader
URL	hxxps://tisavoraktsstumahozexe[.]xyz/MTA2MzQzMjEyMzM3/	Coper
URL	hxxp://45[.]90[.]89[.]50/100/JNN[.]txt hxxp://23[.]94[.]239[.]112/xampp/eso/Cama[.]txt	Remcos
URL	hxxps://agenciapantheon[.]com/1/file[.]exe	MetaStealer
URL	hxxp://193[.]187[.]173[.]86/587ec30955d49a9c[.]php hxxp://45[.]152[.]114[.]50/587ec30955d49a9c[.]php hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/nss3[.]dll hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/mozglue[.]dll hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/softokn3[.]dll hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/vcruntime140[.]dll hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/msvcp140[.]dll hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/freebl3[.]dll hxxp://147[.]45[.]47[.]59/04e11569f3f575cf/sqlite3[.]dll hxxp://147[.]45[.]47[.]59/d6f30af05ffe50bf[.]php hxxps://147[.]45[.]44[.]104/prog/66b5b75106ac6_stealc[.]exe hxxp://147[.]45[.]44[.]104/prog/66b5b75106ac6_stealc[.]exe hxxps://helleaa[.]com/temp/random[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b4f6893d3c3_shapr3D[.]exe hxxp://147[.]45[.]44[.]104/prog/66b4b10e9ef0b_stealc_default[.]exe hxxp://kenesrakishevinfo[.]com/guop/66b4c268bde0c[.]exe hxxp://109[.]107[.]187[.]5/f0e4e4e04df8be83[.]php hxxps://147[.]45[.]44[.]104/prog/66b4b10e9ef0b_stealc_default[.]exe hxxp://109[.]107[.]187[.]5/81d86672643d3c88/nss3[.]dll hxxp://109[.]107[.]187[.]5/81d86672643d3c88/softokn3[.]dll hxxp://109[.]107[.]187[.]5/81d86672643d3c88/sqlite3[.]dll hxxp://109[.]107[.]187[.]5/81d86672643d3c88/vcruntime140[.]dll hxxp://109[.]107[.]187[.]5/81d86672643d3c88/msvcp140[.]dll hxxp://109[.]107[.]187[.]5/81d86672643d3c88/mozglue[.]dll hxxp://109[.]107[.]187[.]5/81d86672643d3c88/freebl3[.]dll hxxps://helleaa[.]com/temp/ama[.]exe hxxp://185[.]215[.]113[.]100/0d60be0de163924d/sqlite3[.]dll hxxp://185[.]215[.]113[.]13/inc/4434[.]exe hxxp://185[.]215[.]113[.]19/num/random[.]exe hxxp://185[.]215[.]113[.]13/num/random[.]exe hxxp://185[.]215[.]113[.]16/num/random[.]exe hxxp://185[.]215[.]113[.]100/e2b1563c6670f193[.]php hxxp://185[.]215[.]113[.]100/0d60be0de163924d/nss3[.]dll hxxp://147[.]45[.]44[.]104/prog/66b85f47d1f63_stealc[.]exe hxxps://147[.]45[.]44[.]104/prog/66b85f47d1f63_stealc[.]exe hxxp://82[.]147[.]84[.]78/116b775395f6d155[.]php hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/sqlite3[.]dll hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/nss3[.]dll hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/msvcp140[.]dll hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/mozglue[.]dll hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/freebl3[.]dll hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/vcruntime140[.]dll hxxp://82[.]147[.]84[.]78/b80de9e5e9abe988/softokn3[.]dll hxxp://185[.]215[.]113[.]19/inc/pimer_bbbcontents7[.]exe hxxp://185[.]215[.]113[.]16/inc/pimer_bbbcontents7[.]exe hxxp://213[.]109[.]147[.]66/73de3362ad1122cd[.]php hxxp://213[.]109[.]147[.]66/af82968233105576/vcruntime140[.]dll hxxp://213[.]109[.]147[.]66/af82968233105576/softokn3[.]dll hxxp://213[.]109[.]147[.]66/af82968233105576/sqlite3[.]dll hxxp://213[.]109[.]147[.]66/af82968233105576/mozglue[.]dll hxxp://213[.]109[.]147[.]66/af82968233105576/freebl3[.]dll hxxp://213[.]109[.]147[.]66/af82968233105576/nss3[.]dll hxxp://213[.]109[.]147[.]66/af82968233105576/msvcp140[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/nss3[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/softokn3[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/freebl3[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/mozglue[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/msvcp140[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/sqlite3[.]dll hxxp://37[.]1[.]213[.]84/051d53e83e940e71/vcruntime140[.]dll	Stealc
URL	hxxp://l0h5[.]shop/CM341/index[.]php	Azorult
URL	hxxps://bazarganadero[.]com/file[.]exe hxxps://147[.]45[.]44[.]104/prog/66b4af430a0a1_files[.]exe hxxp://147[.]45[.]44[.]104/prog/66b4af430a0a1_files[.]exe hxxps://147[.]45[.]44[.]104/prog/66b623c3b1dcb_Mowdiewart[.]exe hxxp://147[.]45[.]44[.]104/prog/66b623c3b1dcb_Mowdiewart[.]exe hxxp://185[.]215[.]113[.]16/inc/Operation6572[.]exe hxxp://185[.]215[.]113[.]19/inc/Operation6572[.]exe hxxp://185[.]215[.]113[.]13/inc/Operation6572[.]exe hxxps://147[.]45[.]44[.]104/revada/66b74da9b163e_1234[.]exe hxxp://147[.]45[.]44[.]104/revada/66b74da9b163e_1234[.]exe hxxp://185[.]215[.]113[.]19/inc/06082025[.]exe hxxp://185[.]215[.]113[.]16/inc/06082025[.]exe hxxps://176[.]111[.]174[.]140/uiztaux[.]exe hxxp://47[.]104[.]173[.]216:9876/sthealthclient[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b38b9ae0da3_palnet_new[.]exe hxxp://147[.]45[.]44[.]104/revada/66b286b03f960_hp-scanner[.]exe hxxp://185[.]215[.]113[.]13/inc/06082025[.]exe hxxp://185[.]215[.]113[.]13/inc/systems[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b38b9ae0da3_palnet_new[.]exe hxxps://147[.]45[.]44[.]104/revada/66b286b03f960_hp-scanner[.]exe hxxps://147[.]45[.]44[.]104/revada/66b7d3a2e7a4d_deepweb[.]exe hxxp://147[.]45[.]44[.]104/revada/66b7d3a2e7a4d_deepweb[.]exe hxxp://185[.]215[.]113[.]16/inc/request[.]exe hxxp://147[.]45[.]44[.]131/files/U[.]exe hxxps://transfer[.]adttemp[.]com[.]br/get/yLwCe/crypted[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b0ee142cf8f_PhotosExifEditor[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b0ee142cf8f_PhotosExifEditor[.]exe hxxps://147[.]45[.]44[.]104/prog/66b38609432fa_sosusion[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66b7d12b3a8ea_5k[.]exe hxxp://147[.]45[.]44[.]104/lopsa/66b7d12b3a8ea_5k[.]exe hxxp://147[.]45[.]44[.]104/prog/66b38609432fa_sosusion[.]exe hxxps://147[.]45[.]44[.]104/yuop/66afa0d3934d8_ultfix[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b28454586cd_monogamer[.]exe hxxp://147[.]45[.]44[.]104/yuop/66afa0d3934d8_ultfix[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b28454586cd_monogamer[.]exe hxxps://147[.]45[.]44[.]104/lopsa/66b4b5e40dbf6_template832components[.]exe hxxp://147[.]45[.]44[.]104/lopsa/66b4b5e40dbf6_template832components[.]exe hxxp://185[.]215[.]113[.]16/inc/cookie250[.]exe	RedLine Stealer
URL	hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/cred[.]dll hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/cred64[.]dll hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/clip64[.]dll hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Plugins/clip[.]dll hxxp://185[.]215[.]113[.]19/games/nino[.]exe hxxp://185[.]215[.]113[.]16/games/nino[.]exe hxxp://api[.]garageserviceoperation[.]com/CoreOPT/index[.]php hxxps://ama[.]creativenotes[.]cloud/webdav/shfiles/am[.]exe hxxps://ama[.]diningupdates[.]site/webdav/shfiles/am[.]exe hxxps://ama[.]industrystats[.]store/webdav/shfiles/am[.]exe hxxps://ama[.]resourcegate[.]xyz/webdav/shfiles/am[.]exe hxxps://ama[.]foodiecorner[.]rest/webdav/shfiles/am[.]exe hxxps://clp[.]itresources[.]lol/webdav/shfiles/am[.]exe hxxps://updateloop[.]xyz/webdav/shfiles/am[.]exe hxxps://ama[.]fastupdate[.]pro/webdav/shfiles/am[.]exe hxxps://ama[.]itresources[.]lol/webdav/shfiles/am[.]exe hxxps://bienupdate[.]xyz/webdav/shfiles/am[.]exe hxxps://clp[.]eateryhub[.]xyz/webdav/shfiles/am[.]exe hxxps://ama[.]eateryhub[.]xyz/webdav/shfiles/am[.]exe hxxps://pwarticles[.]xyz/webdav/shfiles/am[.]exe hxxps://creativenotes[.]cloud/webdav/shfiles/am[.]exe hxxps://clp[.]creativenotes[.]cloud/webdav/shfiles/am[.]exe hxxps://clp[.]industrystats[.]store/webdav/shfiles/am[.]exe hxxps://clp[.]diningupdates[.]site/webdav/shfiles/am[.]exe hxxps://ghost[.]diningupdates[.]site/webdav/shfiles/am[.]exe hxxps://clp[.]resourcegate[.]xyz/webdav/shfiles/am[.]exe hxxps://ghost[.]foodiecorner[.]rest/webdav/shfiles/am[.]exe hxxps://clp[.]foodiecorner[.]rest/webdav/shfiles/am[.]exe hxxp://185[.]215[.]113[.]13/inc/kitty[.]exe hxxp://185[.]215[.]113[.]19/inc/kitty[.]exe hxxp://185[.]215[.]113[.]16/inc/kitty[.]exe hxxp://80[.]66[.]75[.]214/g8djmsaxA/Plugins/clip[.]dll hxxp://80[.]66[.]75[.]214/g8djmsaxA/Plugins/cred[.]dll hxxps://helleaa[.]com/temp/runtime[.]exe hxxps://www[.]filecentral-tips3[.]com/h9fmdW5/Login[.]php hxxps://www[.]filecentral-tips2[.]com/h9fmdW5/Login[.]php hxxps://www[.]filecentral-tips[.]com/h9fmdW5/Login[.]php hxxps://www[.]brasseriehub3[.]com/h9fmdW5/Login[.]php hxxps://www[.]brasseriehub2[.]com/h9fmdW5/Login[.]php hxxp://94[.]103[.]183[.]51/h9fmdW5/Login[.]php hxxp://ruspyc[.]top/h9k4kfklCdszZ3/Login[.]php hxxp://api[.]garageserviceoperation[.]com/CoreOPT/Login[.]php hxxp://actualisation-service[.]com/CoreOPT/Login[.]php hxxp://185[.]215[.]113[.]19/Vi9leo/Login[.]php hxxp://185[.]215[.]113[.]16/Vi9leo/Login[.]php hxxp://185[.]215[.]113[.]13/Vi9leo/Login[.]php hxxp://185[.]215[.]113[.]101/g99kdj4vsA/Login[.]php hxxp://185[.]208[.]158[.]116/hb9IvshS01/Login[.]php hxxp://185[.]208[.]158[.]115/CoreOPT/Login[.]php hxxp://154[.]216[.]18[.]105/h9k4kfklCdszZ3/Login[.]php hxxps://clp[.]businesshub[.]pics/webdav/shfiles/am[.]exe hxxps://ama[.]newtech[.]lol/webdav/shfiles/am[.]exe hxxps://clp[.]cuisineupdates[.]online/webdav/shfiles/am[.]exe hxxps://clp[.]resourcegate[.]lol/webdav/shfiles/am[.]exe hxxps://ama[.]businesshub[.]pics/webdav/shfiles/am[.]exe hxxps://clp[.]newtech[.]lol/webdav/shfiles/am[.]exe hxxps://ama[.]resourcegate[.]lol/webdav/shfiles/am[.]exe hxxps://ama[.]cuisineupdates[.]online/webdav/shfiles/am[.]exe hxxp://185[.]215[.]113[.]13/lava/ramos[.]exe hxxp://185[.]215[.]113[.]19/lava/ramos[.]exe hxxp://185[.]215[.]113[.]16/lava/ramos[.]exe hxxp://185[.]215[.]113[.]101/file/amad[.]exe	Amadey
URL	hxxp://147[.]45[.]44[.]104/prog/66b45c742e0a1_123p[.]exe hxxps://147[.]45[.]44[.]104/prog/66af31c75d213_123p[.]exe hxxps://147[.]45[.]44[.]104/prog/66b45c742e0a1_123p[.]exe hxxp://ms[.]msboost[.]ro/xmrig[.]exe hxxp://ms[.]msboost[.]ro/WinRing0x64[.]sys hxxp://45[.]123[.]40[.]108/xmrig[.]exe hxxp://45[.]123[.]40[.]108/WinRing0x64[.]sys hxxp://94[.]156[.]66[.]100:8888/WinRing0x64[.]sys hxxp://45[.]144[.]3[.]216/starrail/cbt2zip/setup[.]exe hxxp://45[.]144[.]3[.]216:10000/starrail/config/config[.]json hxxp://45[.]144[.]3[.]216/starrail/config/v2[.]json hxxp://mussangroup[.]com/wp-content/images/pic6[.]jpg hxxps://147[.]45[.]44[.]104/prog/66b331646d2cd_123p[.]exe hxxp://147[.]45[.]44[.]104/prog/66b331646d2cd_123p[.]exe hxxps://47[.]236[.]23[.]121/fms/Photo[.]scr hxxps://47[.]236[.]23[.]121/fms/Video[.]scr hxxps://47[.]236[.]23[.]121/docker-compose/Video[.]scr hxxps://47[.]236[.]23[.]121/docker-compose/Photo[.]scr hxxps://47[.]236[.]23[.]121/docker-compose/AV[.]scr hxxps://47[.]236[.]23[.]121/fms/AV[.]scr hxxps://47[.]236[.]23[.]121/docker-compose/Video[.]lnk hxxps://47[.]236[.]23[.]121/fms/AV[.]lnk hxxps://47[.]236[.]23[.]121/fms/Video[.]lnk hxxps://139[.]167[.]198[.]110/2019/bkbvideos/Photo[.]lnk hxxps://47[.]236[.]23[.]121/fms/Photo[.]lnk hxxps://47[.]236[.]23[.]121/docker-compose/AV[.]lnk hxxps://47[.]236[.]23[.]121/docker-compose/Photo[.]lnk hxxps://139[.]167[.]198[.]110/2019/bkbvideos/AV[.]lnk hxxps://139[.]167[.]198[.]110/2019/bkbvideos/Video[.]lnk hxxps://139[.]167[.]198[.]110/AV[.]lnk hxxps://139[.]167[.]198[.]110/Photo[.]lnk hxxps://139[.]167[.]198[.]110/Video[.]lnk hxxp://183[.]30[.]202[.]10:82/info[.]zip hxxp://183[.]30[.]202[.]10:82/Photo[.]scr hxxp://183[.]30[.]202[.]10:82/Video[.]scr hxxp://183[.]30[.]202[.]10:82/AV[.]scr hxxp://183[.]30[.]202[.]10:82/Photo[.]lnk hxxp://183[.]30[.]202[.]10:82/AV[.]lnk hxxp://183[.]30[.]202[.]10:82/Video[.]lnk hxxp://175[.]203[.]21[.]2/info[.]zip hxxp://103[.]92[.]101[.]54/info[.]zip hxxp://165[.]132[.]228[.]67/info[.]zip hxxp://139[.]167[.]198[.]110/Photo[.]lnk hxxp://139[.]167[.]198[.]110/Video[.]lnk hxxp://139[.]167[.]198[.]110/AV[.]lnk hxxp://37[.]84[.]8[.]185/Photo[.]scr hxxp://37[.]82[.]137[.]164/Photo[.]scr hxxp://194[.]122[.]165[.]149/Photo[.]scr hxxp://192[.]248[.]13[.]186/Photo[.]scr hxxp://37[.]80[.]212[.]218/Photo[.]scr hxxp://194[.]122[.]165[.]159/Photo[.]scr hxxp://71[.]50[.]219[.]83/Photo[.]scr hxxp://138[.]188[.]39[.]94/Photo[.]scr hxxp://165[.]220[.]134[.]146/Photo[.]scr hxxp://94[.]64[.]38[.]25/Photo[.]scr hxxp://166[.]150[.]43[.]236/Photo[.]scr hxxp://37[.]80[.]185[.]196/Photo[.]scr hxxp://193[.]248[.]234[.]149/Photo[.]scr hxxp://194[.]122[.]165[.]156/Photo[.]scr hxxp://24[.]222[.]241[.]90/Photo[.]scr hxxp://201[.]68[.]224[.]155/Photo[.]scr hxxp://124[.]198[.]13[.]138/Photo[.]scr hxxp://213[.]118[.]248[.]162/Photo[.]scr hxxp://220[.]134[.]136[.]14/Photo[.]scr hxxp://185[.]221[.]237[.]201/Photo[.]scr hxxp://119[.]237[.]115[.]192/Photo[.]scr hxxp://190[.]28[.]12[.]199/Photo[.]scr hxxp://61[.]222[.]220[.]208/Photo[.]scr hxxp://194[.]122[.]165[.]170/Photo[.]scr hxxp://64[.]234[.]95[.]70/Photo[.]scr hxxp://170[.]55[.]7[.]234/Photo[.]scr hxxp://75[.]8[.]215[.]99/Photo[.]scr hxxp://111[.]217[.]175[.]54/Photo[.]scr hxxp://42[.]115[.]253[.]75/Photo[.]scr hxxp://62[.]216[.]194[.]57/Photo[.]scr hxxp://51[.]148[.]140[.]59/Photo[.]scr hxxp://37[.]84[.]193[.]93/Photo[.]scr hxxp://203[.]69[.]238[.]30/Photo[.]scr hxxp://211[.]193[.]41[.]20/Photo[.]scr hxxp://94[.]255[.]218[.]185/Photo[.]scr hxxp://187[.]225[.]246[.]217/Photo[.]scr hxxp://80[.]233[.]126[.]164/Photo[.]scr hxxp://187[.]247[.]242[.]34/Photo[.]scr hxxp://187[.]115[.]56[.]93/Photo[.]scr hxxp://51[.]155[.]133[.]244/Photo[.]scr hxxp://187[.]213[.]177[.]110/Photo[.]scr hxxp://82[.]157[.]58[.]159/Photo[.]scr hxxp://188[.]84[.]133[.]243/Photo[.]scr hxxp://37[.]84[.]235[.]18/Photo[.]scr hxxp://174[.]92[.]69[.]163/Photo[.]scr hxxp://76[.]68[.]62[.]24/Photo[.]scr hxxp://23[.]241[.]17[.]95/Photo[.]scr hxxp://81[.]10[.]240[.]105/Photo[.]scr hxxp://85[.]230[.]143[.]101/Photo[.]scr hxxp://151[.]63[.]42[.]121/Photo[.]scr hxxp://31[.]168[.]72[.]213/Photo[.]scr hxxp://93[.]104[.]188[.]236/Photo[.]scr hxxp://37[.]1[.]217[.]73/Photo[.]scr	Coinminer
URL	hxxps://ranchoboscardin[.]com[.]br/dc/hmay[.]txt hxxps://www[.]ranchoboscardin[.]com[.]br/dc/hmay[.]txt hxxp://185[.]215[.]113[.]19/inc/3544436[.]exe hxxp://147[.]45[.]44[.]104/prog/66af45d13a3cb_xincz[.]exe hxxps://funcaptcha[.]ru/hvnc[.]exe hxxp://188[.]40[.]78[.]204/mtx111[.]exe hxxp://5[.]101[.]179[.]214/mtx111[.]exe hxxp://45[.]131[.]66[.]20/mtx111[.]exe hxxp://45[.]131[.]66[.]65/mtx111[.]exe hxxp://91[.]200[.]100[.]86/mtx111[.]exe hxxp://45[.]89[.]127[.]155/mtx111[.]exe hxxp://5[.]182[.]207[.]10/mtx111[.]exe hxxp://185[.]215[.]113[.]16/inc/3544436[.]exe hxxp://185[.]215[.]113[.]13/inc/DecryptJohn[.]exe hxxp://185[.]215[.]113[.]13/inc/dccrypt[.]exe hxxp://193[.]233[.]203[.]218/creative/shotmaintain[.]exe hxxp://193[.]233[.]203[.]218/creative/ua[.]exe hxxp://193[.]233[.]203[.]218/best/beyondtransfer[.]exe hxxp://185[.]215[.]113[.]19/inc/DecryptJohn[.]exe hxxp://185[.]215[.]113[.]19/inc/dccrypt[.]exe hxxp://185[.]215[.]113[.]16/inc/dccrypt[.]exe hxxp://185[.]215[.]113[.]16/inc/DecryptJohn[.]exe hxxp://185[.]196[.]9[.]251/HWID-Spoofer/CyptpaSPOOFER-3[.]exe hxxp://185[.]196[.]10[.]57/selectex-file-host/Files[.]exe hxxps://193[.]31[.]116[.]186/Employee[.]exe hxxps://www[.]onlinesupportforroad[.]com/Employee[.]exe hxxp://193[.]31[.]116[.]186/psi[.]ps1 hxxps://193[.]31[.]116[.]186/psi[.]ps1 hxxp://www[.]onlinesupportforroad[.]com/psi[.]ps1 hxxps://www[.]onlinesupportforroad[.]com/psi[.]ps1 hxxp://www[.]onlinesupportforroad[.]com/Employee[.]exe hxxp://193[.]31[.]116[.]186/Employee[.]exe hxxp://45[.]66[.]231[.]44/kvro/Alingme[.]exe hxxp://45[.]66[.]231[.]44/kvro/Dlbzqv[.]exe hxxp://45[.]66[.]231[.]44/kvro/Dadmut[.]exe hxxp://45[.]66[.]231[.]44/kvro/Stien[.]exe hxxp://45[.]66[.]231[.]44/rkei/Xwemz[.]exe hxxp://45[.]66[.]231[.]44/rkei/Stien[.]exe hxxp://45[.]66[.]231[.]44/kvro/venture45[.]png hxxp://79[.]137[.]192[.]13/prog/6696621cecc83_crypted[.]exe hxxp://83[.]147[.]55[.]28/pqjvyogm[.]exe hxxp://45[.]88[.]91[.]107/output[.]exe hxxp://45[.]88[.]91[.]107/LgGFdDAm2/AntiVirus2[.]exe hxxp://45[.]88[.]91[.]107/me/sch[.]exe hxxp://45[.]88[.]91[.]107/running/LgGFdDAm/AntiVirus2[.]exe hxxp://45[.]88[.]91[.]107/me/3[.]exe hxxp://45[.]88[.]91[.]107/tbsh/Chrome[.]exe hxxp://45[.]88[.]91[.]107/me/1[.]exe hxxp://45[.]88[.]91[.]107/me/2[.]exe hxxp://45[.]88[.]91[.]107/tbsh/Chr0me[.]exe hxxp://176[.]123[.]2[.]229/empty/availableresearchpro[.]zip hxxp://176[.]123[.]2[.]229/empty/availableresearchpro[.]exe hxxp://176[.]123[.]2[.]229/empty/fatherscientificpro[.]zip hxxps://147[.]45[.]44[.]104/prog/66af45d13a3cb_xincz[.]exe hxxps://147[.]45[.]44[.]104/prog/66b62381ef649_crypted[.]exe hxxp://147[.]45[.]44[.]104/prog/66b62381ef649_crypted[.]exe hxxp://147[.]45[.]44[.]131/files/files1[.]exe hxxp://185[.]215[.]113[.]13/inc/3544436[.]exe hxxps://serenderevler[.]com/file[.]exe	PureLogs Stealer
URL	hxxps://writerospzm[.]shop/api hxxps://mennyudosirso[.]shop/api hxxps://quialitsuzoxm[.]shop/api hxxps://languagedscie[.]shop/api hxxps://deallerospfosu[.]shop/api hxxps://complaintsipzzx[.]shop/api hxxps://celebratioopz[.]shop/api hxxps://bassizcellskz[.]shop/api hxxps://enfixxysdjsip[.]shop/api hxxps://clearrypalsidn[.]shop/api hxxps://berserkydosom[.]shop/api hxxps://147[.]45[.]44[.]104/yuop/66b274e0e1b95_shapr3D[.]exe hxxp://147[.]45[.]44[.]131/files/CW[.]exe hxxp://147[.]45[.]44[.]131/files/TY[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b5ac957cc65_crypta[.]exe hxxps://147[.]45[.]44[.]104/prog/66b5ac1092454_otraba[.]exe hxxp://147[.]45[.]44[.]104/prog/66b5ac1092454_otraba[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b5ac957cc65_crypta[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b4f6893d3c3_shapr3D[.]exe hxxp://147[.]45[.]44[.]131/files/P[.]exe hxxp://147[.]45[.]44[.]131/files/Alg[.]exe hxxps://elephanntys[.]shop/api hxxps://outfittisozm[.]shop/api hxxps://unnaniomsuado[.]shop/api hxxps://transformatiwosp[.]shop/api hxxps://rightruesx[.]shop/api hxxps://erdefendkzov[.]shop/api hxxps://accessibledpzp[.]shop/api hxxps://solutionpxmuzo[.]shop/api hxxps://dirtdrawingjsi[.]shop/api hxxps://147[.]45[.]44[.]104/prog/66b72acef0ad2_7ainstall[.]exe hxxp://147[.]45[.]44[.]104/prog/66b72acef0ad2_7ainstall[.]exe hxxp://147[.]45[.]44[.]104/yuop/66b1b02a20b5a_cry[.]exe hxxps://divorcelawyeroxnard[.]com/rtr/ghgadadas hxxps://divorcelawyeroxnard[.]com/rtr/Factura%20Pro-forma%20-%20S08369[.]pdf hxxp://147[.]45[.]44[.]104/yuop/66b74f08ada90_shapr3D[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b74f08ada90_shapr3D[.]exe hxxp://212[.]18[.]104[.]197/TopNotchSetupPacket[.]pdf hxxps://paperryszjxuo[.]shop/api hxxp://147[.]45[.]44[.]104/revada/66b211924622f_LummaC2[.]exe hxxps://147[.]45[.]44[.]104/yuop/66b1b02a20b5a_cry[.]exe hxxps://147[.]45[.]44[.]104/revada/66b211924622f_lummac2[.]exe hxxps://b2b[.]dev[.]odse[.]it/temp/DailyUc[.]exe hxxp://b2b[.]dev[.]odse[.]it/temp/DailyUc[.]exe hxxp://dev[.]odse[.]it/temp/DailyUc[.]exe hxxps://dev[.]odse[.]it/temp/DailyUc[.]exe hxxps://enthusiandsi[.]shop/api hxxps://unenviousdxep[.]shop/api hxxps://incentiospzxm[.]shop/api	Lumma Stealer
URL	hxxp://207[.]148[.]118[.]246/test[.]exe hxxp://89[.]197[.]154[.]116/Mailer[.]exe	Meterpreter
URL	hxxp://geradcontsad[.]pro/w/c1/ hxxp://contpt[.]top/w/c1/ hxxp://contadcom[.]pro/w/c1/ hxxp://91[.]92[.]254[.]149/w/c1/ hxxp://a[.]parcel[.]beauty/w/c1/ hxxp://91[.]92[.]245[.]87/w/c1/ hxxp://91[.]92[.]245[.]29/w/c1/ hxxp://91[.]92[.]245[.]68/w/c1/ hxxp://91[.]92[.]244[.]206/w/c1/ hxxp://91[.]92[.]244[.]191/w/c1/ hxxp://64[.]95[.]11[.]41/w/c1/ hxxp://208[.]109[.]233[.]212/w/c1/	Mispadu
URL	hxxp://91[.]92[.]242[.]124/bins/bin[.]ppc hxxp://91[.]92[.]242[.]124/bins/bin[.]mpsl hxxp://91[.]92[.]242[.]124/bins/bin[.]arm7 hxxp://91[.]92[.]242[.]124/bins/bin[.]x86 hxxp://91[.]92[.]242[.]124/bins/bin[.]arm5 hxxp://91[.]92[.]242[.]124/bins/bin[.]mips hxxp://91[.]92[.]242[.]124/bins/bin[.]arm4 hxxp://91[.]92[.]242[.]124/bins/bin[.]arm hxxp://91[.]92[.]242[.]124/dvr[.]sh hxxp://91[.]92[.]242[.]124/bin[.]ppc hxxp://91[.]92[.]242[.]124/bin[.]mpsl hxxp://91[.]92[.]242[.]124/bin[.]arm5 hxxp://91[.]92[.]242[.]124/bin[.]mips hxxp://91[.]92[.]242[.]124/bin[.]arm4 hxxp://91[.]92[.]242[.]124/bin[.]x86 hxxp://91[.]92[.]242[.]124/bin[.]arm7 hxxp://91[.]92[.]242[.]124/bin[.]arm	More_eggs
URL	hxxp://812375cm[.]nyashkoon[.]top/nyashsupport[.]php hxxp://5[.]182[.]37[.]131/win32[.]exe hxxp://782652cm[.]n9sh[.]top/providerImageProcessorGeneratorwp[.]php hxxp://149387cm[.]n9sh[.]top/Authuniversaltrackpublic[.]php hxxp://764337cm[.]nyashsens[.]top/externalVideojavascript_PollLongpollserversqllinuxtemporary[.]php hxxp://613761cm[.]n9shteam1[.]top/nyashsupport[.]php hxxp://376294cm[.]n9sh[.]top/JavascriptprocessorAuth[.]php	DCRat
URL	hxxp://fussballclub-24[.]de/reverse_shell[.]exe hxxp://217[.]160[.]192[.]139/reverse_shell[.]exe	Metasploit
URL	hxxp://185[.]163[.]45[.]5/l[.]exe	LaZagne
URL	hxxps://www[.]sumiyuki[.]co[.]jp/js/test[.]exe	Gandcrab
URL	hxxp://91[.]92[.]246[.]18/upl/t2[.]exe hxxp://91[.]92[.]246[.]18/upl/t1[.]exe hxxps://176[.]111[.]174[.]140/event[.]php hxxps://176[.]111[.]174[.]140/nmi[.]exe hxxps://176[.]111[.]174[.]140/ppgcgnyw[.]exe hxxp://185[.]215[.]113[.]19/inc/client[.]exe hxxp://185[.]215[.]113[.]16/inc/client[.]exe hxxp://185[.]215[.]113[.]13/inc/client[.]exe hxxp://185[.]215[.]113[.]13/inc/cudo[.]exe hxxp://185[.]215[.]113[.]19/inc/cudo[.]exe hxxp://185[.]215[.]113[.]16/inc/cudo[.]exe hxxp://94[.]156[.]68[.]128/dc[.]exe hxxp://kambeftojerdy[.]pro/dc[.]exe hxxp://oporevittosa[.]us/dc[.]exe hxxp://lexbendafrog[.]info/dc[.]exe hxxp://pemefloderstan[.]pro/dc[.]exe hxxp://pemefloderstan[.]info/dc[.]exe hxxp://mallyoberdac[.]top/dc[.]exe hxxp://94[.]156[.]68[.]112/dc[.]exe	AsyncRAT
URL	hxxp://106[.]15[.]184[.]255/tools[.]exe hxxp://106[.]15[.]184[.]255:8001/ga[.]js hxxp://103[.]143[.]248[.]179:9000/svch0st[.]exe hxxp://146[.]190[.]72[.]88:8080/beacon[.]ps1 hxxp://146[.]190[.]72[.]88:8080/beacon_x64[.]ps1 hxxp://185[.]215[.]113[.]13/inc/ConsiderableWinners[.]exe hxxp://185[.]215[.]113[.]19/inc/ConsiderableWinners[.]exe hxxp://185[.]215[.]113[.]16/inc/ConsiderableWinners[.]exe hxxp://123[.]161[.]58[.]100/api/postit hxxps://123[.]161[.]58[.]100/api/postit	Cobalt Strike
URL	hxxps://hopy[.]pinefootsteps[.]com/ssl/crt[.]exe hxxps://stan[.]pinefootsteps[.]com/ssl/crt[.]exe	Socks5 Systemz
URL	hxxp://115[.]55[.]164[.]6:44677/Mozi[.]m hxxp://222[.]142[.]242[.]174:56906/Mozi[.]m hxxp://175[.]107[.]1[.]61:40462/Mozi[.]m hxxp://115[.]55[.]244[.]221:41900/Mozi[.]m	Mozi
URL	hxxp://147[.]45[.]44[.]131/files/Installer[.]exe hxxp://147[.]45[.]44[.]131/files/WC[.]exe hxxp://45[.]66[.]231[.]135/NamzScript[.]exe	Quasar RAT
URL	hxxp://192[.]3[.]176[.]138/107/sahost[.]exe hxxp://192[.]3[.]176[.]138/xampp/zoom/107[.]hta hxxps://192[.]3[.]176[.]138/107/sahost[.]exe hxxps://uptodownload[.]shop/d/f-c[.]txt hxxps://uptodownload[.]shop/d/s44 hxxps://uptodownload[.]shop/d/r44 hxxps://uptodownload[.]shop/d/paste[.]txt hxxps://uptodownload[.]shop/d/tqMByGSHc3djB17H4l4g[.]txt	Snake Keylogger
URL	hxxp://45[.]14[.]226[.]13/arm7 hxxp://45[.]14[.]226[.]13/x86_64 hxxp://45[.]14[.]226[.]13/aarch64 hxxp://45[.]14[.]226[.]13/i686	RedTail
URL	hxxps://apocalypsecheats[.]xyz/app/Apocalyps%D0%B5[.]zip	Apocalypse
URL	hxxps://147[.]45[.]44[.]104/prog/66b6233d1594d_output_32[.]exe hxxp://147[.]45[.]44[.]104/prog/66b6233d1594d_output_32[.]exe	Ghost RAT
URL	hxxps://147[.]45[.]44[.]104/prog/66ae9cc050ded_file0308[.]exe hxxp://147[.]45[.]44[.]104/prog/66ae9cc050ded_file0308[.]exe	STOP
URL	hxxp://bigormisfromnep[.]ru/download/svc[.]exe	SmokeLoader
URL	hxxp://192[.]3[.]216[.]142/equitosssfridayMPDW-constraints[.]vbs hxxp://192[.]3[.]216[.]142/controlrireeeMPDW-constraints[.]vbs hxxp://192[.]3[.]216[.]142/equitopxMPDW-constraints[.]vbs hxxp://192[.]3[.]216[.]142/controlfirebase6444[.]txt hxxp://192[.]3[.]216[.]142/equitosssmanagerupdatedMPDW-constraints[.]vbs hxxp://192[.]3[.]216[.]142/equitosbasewebbbbbbase644[.]txt hxxp://185[.]215[.]113[.]13/inc/clsid[.]exe hxxps://synergyinnovationsgroup[.]com/ohhzRs20[.]bin hxxp://mail[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin hxxps://mail[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin hxxp://synergyinnovationsgroup[.]com/ohhzRs20[.]bin hxxps://www[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin hxxp://www[.]synergyinnovationsgroup[.]com/ohhzRs20[.]bin hxxps://107[.]172[.]31[.]124/xampp/ubb/IEnetcats[.]hta hxxps://107[.]172[.]31[.]124/98/sahost[.]exe hxxp://107[.]172[.]31[.]124/98/sahost[.]exe hxxp://107[.]172[.]31[.]124/xampp/ubb/IEnetcats[.]hta	Agent Tesla
URL	hxxp://139[.]180[.]169[.]173/bsc[.]exe hxxp://89[.]197[.]154[.]116/mimikatz_trunk[.]zip	MimiKatz
URL	hxxps://176[.]111[.]174[.]140/nikzbi[.]exe	Luca Stealer
URL	hxxps://176[.]111[.]174[.]140/PwHnaA[.]exe	StormKitty
URL	hxxp://185[.]215[.]113[.]19/inc/AnneSalt[.]exe hxxp://185[.]215[.]113[.]16/inc/AnneSalt[.]exe hxxp://185[.]215[.]113[.]13/inc/AnneSalt[.]exe	Venom RAT
URL	hxxp://147[.]45[.]44[.]104/prog/66b4ed2ceb0d7_stealc[.]exe hxxps://147[.]45[.]44[.]104/prog/66b4ed2ceb0d7_stealc[.]exe	Mars Stealer
URL	hxxp://exonic-hacks[.]com/freedom[.]exe hxxp://warzone-meta[.]net/freedom[.]exe hxxp://185[.]216[.]214[.]225/freedom[.]exe	Formbook
URL	hxxp://185[.]215[.]113[.]13/inc/jsawdtyjde[.]exe hxxp://185[.]215[.]113[.]13/inc/Opdxdyeul[.]exe hxxp://185[.]215[.]113[.]19/inc/Opdxdyeul[.]exe hxxp://185[.]215[.]113[.]16/inc/Opdxdyeul[.]exe	SystemBC
URL	hxxp://185[.]215[.]113[.]101/file/380g[.]exe	BlackMatter
URL	hxxp://k1gkl25as[.]top/cdn-vs/data[.]php hxxps://k1gkl25as[.]top/cdn-vs/data[.]php	NetSupportManager RAT
URL	hxxps://176[.]111[.]174[.]140/Setup[.]exe hxxp://176[.]111[.]174[.]140/Setup[.]exe	LockBit
URL	hxxp://185[.]7[.]214[.]148/p2p	Poseidon Stealer
URL	hxxp://adadcdad[.]abcproxy[.]click/xd_/cyber-x86 hxxp://45[.]66[.]231[.]16/xd_/cyber-x86	Bashlite
URL	hxxp://vigtas[.]info/manager/microsoft[.]exe hxxp://185[.]215[.]113[.]16/inc/nano[.]exe hxxp://185[.]215[.]113[.]19/inc/nano[.]exe	Nanocore RAT
URL	hxxp://185[.]215[.]113[.]19/inc/1111[.]exe hxxp://185[.]215[.]113[.]16/inc/1111[.]exe	CryptBot
URL	hxxp://38[.]242[.]151[.]108/manager/KB5040434[.]exe hxxp://vigtas[.]info/manager/KB5040434[.]exe	XenoRAT
URL	hxxp://154[.]12[.]26[.]225:8888/Z1[.]dll hxxp://154[.]12[.]26[.]225:8888/Z2[.]dll hxxp://154[.]12[.]26[.]225:8888/Z5[.]dll hxxp://154[.]12[.]26[.]225:8888/Z3[.]dll hxxp://154[.]12[.]26[.]225:8888/Z4[.]dll	KrBanker

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております