D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様46社: 2024/09/24
※2024/09/24 更新
マルウェア感染させると考えられるURLを検知（2024/09/24）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://github-scanner[.]shop/download[.]txt
hxxp://147[.]45[.]44[.]104/lopsa/66eaf17e9bd9e_Softwarepaxck[.]exe
hxxp://147[.]45[.]44[.]104/revada/66eb0d09c9f08_Gads[.]exe
hxxp://185[.]215[.]113[.]19/inc/Amadeus[.]exe
hxxp://185[.]215[.]113[.]117/inc/Amadeus[.]exe
hxxp://185[.]215[.]113[.]117/inc/broadcom5[.]exe
hxxp://147[.]45[.]44[.]131/files/jrj6[.]exe
hxxp://147[.]45[.]44[.]131/files/Sus[.]exe
hxxp://147[.]45[.]44[.]131/files/gf9[.]exe
hxxps://steppyplantnw[.]shop/api
hxxps://contractowno[.]shop/api
hxxps://tendencerangej[.]shop/api
hxxps://surveriysiop[.]shop/api
hxxps://tearrybyiwo[.]shop/api
hxxps://strappystyio[.]shop/api
hxxps://fossillargeiw[.]shop/api
hxxps://coursedonnyre[.]shop/api
hxxps://captainynfanw[.]shop/api
hxxps://appleboltelwk[.]shop/api
hxxps://trolleyrreiwn[.]shop/api
hxxps://bearrytankkewo[.]shop/api
hxxps://intoductionweoa[.]shop/api
hxxps://presennttykwo[.]shop/api
hxxps://innovaxingenieros[.]com/lnfsda[.]exe
hxxps://github-scanner[.]com//l6E[.]exe
hxxp://185[.]215[.]113[.]19/inc/Firefox[.]exe
hxxp://185[.]215[.]113[.]16/inc/Firefox[.]exe
hxxp://185[.]215[.]113[.]117/inc/Firefox[.]exe
hxxp://147[.]45[.]44[.]131/files/Susel1[.]exe
hxxp://147[.]45[.]44[.]131/files/Traxx1[.]exe
hxxp://147[.]45[.]44[.]131/files/pqo7[.]exe
hxxp://147[.]45[.]44[.]131/files/CodeSpaces[.]exe
hxxps://universittsyos[.]shop/api
hxxps://uniqueadowpqm[.]shop/api
hxxps://thanngkwwqlm[.]shop/api
hxxps://tellyqperoiqo[.]shop/api
hxxps://talktaitoovee[.]shop/api
hxxps://suntanynwowqm[.]shop/api
hxxps://stretchedsqosqp[.]shop/api
hxxps://sopranntkwow[.]shop/api
hxxps://soliddywdwu[.]shop/api
hxxps://shareehodwnqm[.]shop/api
hxxps://samledwwekspzxp[.]shop/api
hxxps://s3api[.]shop/api/
hxxps://runngerrybiwo[.]shop/api
hxxps://resindecdesjai[.]shop/api
hxxps://refrencireoi[.]shop/api
hxxps://provicnwiqmp[.]shop/api
hxxps://optinewlip[.]shop/api
hxxps://ohhyhousedmxznw[.]shop/api
hxxps://obstacleosdsapq[.]shop/api
hxxps://nationattwllwqm[.]shop/api
hxxps://muuudsaowis[.]shop/api
hxxps://muggudrowiwm[.]shop/api
hxxps://managgerowkso[.]shop/api
hxxps://liversymbwqp[.]shop/api
hxxps://lisstyassicrown[.]shop/api
hxxps://joystickkyjwq[.]shop/api
hxxps://integratedmwqo[.]shop/api
hxxps://insistytriro[.]shop/api
hxxps://hardshippdiv[.]shop/api
hxxps://harassuwqom[.]shop/api
hxxps://haltconcrenrsi[.]shop/api
hxxps://forymsweeelsm[.]shop/api
hxxps://discoveriwm[.]shop/api
hxxps://diamonykeqpwm[.]shop/api
hxxps://deteriotraiwo[.]shop/api
hxxps://depsairryosp[.]shop/api
hxxps://deliveerkoqwmn[.]shop/api
hxxps://damagedowqm[.]shop/api
hxxps://conservaitiwo[.]shop/api
hxxps://compunnnyyioq[.]shop/api
hxxps://chammypaswiqo[.]shop/api
hxxps://candidaiteopwm[.]shop/api
hxxps://bananadwidndewo[.]shop/api
hxxps://assignmentygassdyw[.]shop/api
hxxps://approoverowps[.]shop/api
hxxps://analystuysowp[.]shop/api
hxxps://addicitedoqowm[.]shop/api
hxxps://abledzovmposia[.]shop/api
hxxps://lootebarrkeyn[.]shop/api
hxxp://147[.]45[.]44[.]104/yuop/66eff9f890580_appSetup[.]exe
hxxp://194[.]116[.]215[.]195/File[.]exe
hxxp://147[.]45[.]44[.]104/prog/66f063cce5470_crypted[.]exe
hxxp://147[.]45[.]44[.]104/revada/66f01072d72ba_appSetup[.]exe
hxxps://oneip[.]com[.]my/wp-content/images/pic3[.]jpg
hxxps://oneip[.]com[.]my/wp-content/images/pic2[.]jpg
hxxps://illuminazioneproduzione[.]it/lgnasdfnds[.]exe
hxxp://185[.]215[.]113[.]16/inc/blackload[.]exe
hxxps://covvercilverow[.]shop/api
hxxps://surroundeocw[.]shop/api
hxxps://abortinoiwiam[.]shop/api
hxxps://pumpkinkwquo[.]shop/api
hxxps://priooozekw[.]shop/api
hxxps://deallyharvenw[.]shop/api
hxxps://defenddsouneuw[.]shop/api
hxxps://racedsuitreow[.]shop/api
hxxps://liedshorqwi[.]shop/api
hxxps://bommotmynwjq[.]shop/api
hxxps://swinngydisaosp[.]shop/api
hxxps://stoolybootwmwn[.]shop/api
hxxps://fannydayywjwo[.]shop/api
hxxps://trolleyrreiwn[.]shop/api/
hxxps://fossillargeiw[.]shop/api/
hxxp://steppyplantnw[.]shop/api
hxxps://steppyplantnw[.]shop/api/
hxxps://surveriysiop[.]shop/api/
hxxps://captainynfanw[.]shop/api/
hxxps://tendencerangej[.]shop/api/
hxxp://tendencerangej[.]shop/api
hxxps://appleboltelwk[.]shop/api/
hxxp://intoductionweoa[.]shop/api
hxxps://conctrajwi[.]shop/api
hxxps://pilotyiess[.]shop/api
hxxps://statuesquesiqow[.]shop/api
hxxps://videobenefdii[.]shop/api
hxxps://cittypillyekwo[.]shop/api
hxxps://siegednwqu[.]shop/api
hxxps://dosedcastrerwns[.]shop/api
hxxps://teenaggerwwysm[.]shop/api
hxxps://presennttykwo[.]shop/api/
hxxps://fastidioudqmwo[.]shop/api
hxxps://wrisstytenewj[.]shop/api
hxxps://pianoswimen[.]shop/api
hxxps://roaddrermncomplai[.]shop/api
hxxps://invitedmwdnqi[.]shop/api
hxxp://147[.]45[.]44[.]104/prog/66f16f7e683b4_Trippers[.]exe
hxxp://103[.]130[.]147[.]211/Files/CheckTool[.]exe
hxxps://mizzerablekmo[.]shop/api
hxxp://147[.]45[.]44[.]104/revada/66f18402cdd5c_crypted[.]exe
hxxps://candleduseiwo[.]shop/api
hxxp://147[.]45[.]44[.]104/revada/66f1aed72de87_crypted[.]exe
hxxp://147[.]45[.]44[.]104/lopsa/66f19a8fe6780_coreUniver_consalting[.]exe
hxxp://185[.]215[.]113[.]19/inc/LummaC222222[.]exe
hxxp://185[.]215[.]113[.]16/inc/LummaC222222[.]exe
hxxp://185[.]215[.]113[.]117/inc/LummaC222222[.]exe
hxxp://147[.]45[.]44[.]131/files/otqp9[.]exe
hxxp://147[.]45[.]44[.]131/files/ypqhgl[.]exe
Lumma Stealer


URL
hxxp://108[.]181[.]157[.]69:88/360[.]exe
YoungLotus


URL
hxxp://45[.]202[.]35[.]101/pLQvfD4d/index[.]php
hxxp://147[.]45[.]44[.]104/lopsa/66ebb3bf78bd6_Send[.]exe
hxxp://185[.]215[.]113[.]103/mine/random[.]exe
hxxp://185[.]215[.]113[.]37/mine/random[.]exe
hxxp://185[.]215[.]113[.]117/dobre/splwow64[.]exe
hxxp://185[.]215[.]113[.]117/ProlongedPortable[.]dll
hxxp://185[.]215[.]113[.]100/mine/random[.]exe
hxxp://147[.]45[.]44[.]104/malesa/66ea90ff1fefe_15[.]exe
hxxp://185[.]215[.]113[.]43/Zu7JuNko/index[.]php
Amadey


URL
hxxp://468198cl[.]nyashtop[.]top/video_HttpCpuDefaultsqlUniversalprivatetempcdn[.]php
hxxp://45[.]154[.]99[.]246/CpubaseHttpcpu/3LongpollWp/Dump/PrivateRequestmultiLow/Trackprotondumpexternal/privateLine/jsServer[.]php
hxxp://147[.]45[.]44[.]131/files/ponos[.]exe
hxxp://297701cm[.]n9shka[.]top/longpollmulti[.]php
hxxp://45[.]145[.]228[.]132/57_11[.]bin
hxxp://89[.]23[.]97[.]130/processor7better/TempDbLongpollProvider/5TemporaryAuthphp/javascript/FlowerPythonLocal/7protectExternal/5universal7Wordpress/wpAsyncPollProcessor/Dump_auth/MultiMultiBase/ExternalJavascriptJs/6/Wordpress/externaltopython_RequestlowMultidefaultpubliccentral[.]php
hxxp://316897cm[.]newnyash[.]top/pollpacketgeoMultiLocal[.]php
DCRat


URL
hxxp://147[.]45[.]44[.]104/revada/66ed0c1bc99a0_setup333[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66ec71a8dd7f7_setup33[.]exe
hxxp://147[.]45[.]44[.]104/malesa/66ec0e61998bf_setup30[.]exe
hxxp://147[.]45[.]44[.]104/malesa/66eaee5323f5d_setup3[.]exe
hxxp://147[.]45[.]44[.]104/revada/66edcd212760d_set3[.]exe
hxxp://147[.]45[.]44[.]104/revada/66ed9f86292a3_setup3333[.]exe
hxxp://192[.]3[.]223[.]30/200/LODCE[.]txt
hxxp://147[.]45[.]44[.]104/yuop/66ef3064a18c2_setup3[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66ee79315857f_setup33333[.]exe
hxxp://147[.]45[.]44[.]104/revada/66efcc2ab2731_setup3[.]exe
hxxp://nwgrus[.]ru/tmp/index[.]php
hxxp://147[.]45[.]44[.]104/lopsa/66f064675abb3_lyla3[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66f1b3d23ffe5_lyla1[.]exe
SmokeLoader


URL
hxxp://93[.]123[.]85[.]163/ppc
hxxp://45[.]89[.]247[.]122/hidakibest[.]sh
hxxp://52[.]169[.]233[.]237/bins[.]sh
hxxp://52[.]169[.]233[.]237/yakuza[.]sh4
hxxp://209[.]105[.]242[.]216/Demon[.]arm6
hxxp://209[.]105[.]242[.]216/Demon[.]arm7
hxxp://45[.]89[.]247[.]122/hidakibest[.]mpsl
hxxp://45[.]89[.]247[.]122/hidakibest[.]x86
hxxp://45[.]89[.]247[.]122/hidakibest[.]mips
hxxp://45[.]89[.]247[.]122/hidakibest[.]sparc
hxxp://45[.]89[.]247[.]122/hidakibest[.]arm6
hxxp://45[.]89[.]247[.]122/hidakibest[.]ppc
hxxp://45[.]89[.]247[.]122/hidakibest[.]arm5
hxxp://45[.]89[.]247[.]122/hidakibest[.]arm4
hxxp://109[.]248[.]207[.]168/arm61
hxxp://5[.]253[.]246[.]137/roze[.]sparc
hxxp://5[.]253[.]246[.]137/roze[.]m68k
hxxp://5[.]253[.]246[.]137/roze[.]i586
hxxp://5[.]253[.]246[.]137/roze[.]sh4
hxxp://5[.]253[.]246[.]137/roze[.]i686
hxxp://5[.]253[.]246[.]137/roze[.]ppc
hxxp://5[.]253[.]246[.]137/roze[.]x86
hxxp://5[.]253[.]246[.]137/roze[.]mips
hxxp://5[.]253[.]246[.]137/roze[.]mipsel
hxxp://5[.]253[.]246[.]137/roze[.]armv6
hxxp://5[.]253[.]246[.]137/roze[.]armv4
hxxp://5[.]253[.]246[.]137/roze[.]armv5
hxxp://178[.]215[.]238[.]7/hidakibest[.]arm7
hxxp://185[.]157[.]247[.]125/0daympsl
hxxp://thvip-bm[.]tokenv1[.]cloud/rebirth[.]mpsl
hxxp://thvip-bm[.]tokenv1[.]cloud/bins[.]sh
hxxp://178[.]215[.]238[.]7/hidakibest[.]ppc
hxxp://178[.]215[.]238[.]7/hidakibest[.]x86
hxxp://178[.]215[.]238[.]7/hidakibest[.]mips
hxxp://178[.]215[.]238[.]7/hidakibest[.]mpsl
hxxp://178[.]215[.]238[.]7/hidakibest[.]arm4
hxxp://178[.]215[.]238[.]7/hidakibest[.]arm6
hxxp://178[.]215[.]238[.]7/hidakibest[.]arm5
hxxp://178[.]215[.]238[.]7/hidakibest[.]sparc
Bashlite


URL
hxxp://185[.]215[.]113[.]100/doun/game[.]exe
hxxp://185[.]215[.]113[.]103/steam/random[.]exe
hxxp://185[.]215[.]113[.]103/doun/game[.]exe
hxxps://nerv[.]com[.]pe/sdhsfd[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ecb452ba19c_sfbdsgfd[.]exe
hxxp://185[.]215[.]113[.]37/steam/random[.]exe
hxxp://185[.]215[.]113[.]100/test/random[.]exe
hxxp://185[.]215[.]113[.]37/test/random[.]exe
hxxp://185[.]215[.]113[.]103/test/random[.]exe
hxxps://nasionaltv[.]com/shhds[.]exe
hxxp://147[.]45[.]45[.]69/sfddsghd[.]exe
Mars Stealer


URL
hxxp://147[.]45[.]44[.]104/lopsa/66ea645129e6a_jacobs[.]exe
hxxp://154[.]216[.]19[.]60/arm7
hxxp://154[.]216[.]19[.]56/nvidia/system
hxxp://154[.]216[.]19[.]56/cpu/cpu[.]sh
hxxp://154[.]216[.]19[.]56/cpu[.]jpg
hxxp://154[.]216[.]19[.]56/cpu/nanominer-linux-3[.]7[.]7[.]tar[.]gz
hxxp://154[.]216[.]19[.]56/dev[.]jpg
hxxp://206[.]206[.]76[.]183/wconfig[.]json
hxxp://206[.]206[.]76[.]183/xmrig[.]exe
Coinminer


URL
hxxp://175[.]148[.]254[.]146:33892/Mozi[.]m
hxxp://222[.]138[.]117[.]244:34949/Mozi[.]m
hxxp://120[.]61[.]3[.]168:46598/Mozi[.]m
hxxp://176[.]74[.]118[.]170:49866/Mozi[.]m
hxxp://61[.]0[.]176[.]62:54862/Mozi[.]m
hxxp://59[.]88[.]12[.]221:56283/Mozi[.]m
Mozi


URL
hxxp://154[.]216[.]19[.]60/aarch64
hxxp://154[.]216[.]19[.]60/clean
hxxp://154[.]216[.]19[.]60/sh
hxxp://154[.]216[.]19[.]60/i686
hxxp://154[.]216[.]19[.]60/x86_64
RedTail


URL
hxxp://89[.]197[.]154[.]116:7810/4_C7W2cwSJ5TNFI1NdglBwJJjpY9c-aimhKxyeadkNusu01pd1-jlYLOLzdP_4xfXF1LYV5jqBl8nywIpe7ggb_u3A36_19q36EdsOuFfYGTEFXg0fy341ZneWstwyacOHgRBAiMg2K53j4E5Cf8uImhogXemNhJLbHgB
hxxp://89[.]197[.]154[.]116:7810/dDmZLRctSF-O2Y_Y6DNv7gGR1g00Lo-DSbAP10Qhyakl6e3RBIKZx4eGRNsN-6iE5mPtUWD3pQadMjciytVqzPL
hxxp://89[.]197[.]154[.]116:7810/huGC1aTx6yf7CvoLneazWgnuOQe879sh
hxxp://193[.]117[.]208[.]101//TripVPN[.]zip
hxxp://193[.]117[.]208[.]101//Cloudshare[.]vbs
hxxp://193[.]117[.]208[.]101//TripVPN[.]txt[.]lnk
hxxp://193[.]117[.]208[.]101//Cloudshare[.]zip
hxxp://193[.]117[.]208[.]101//Windows11[.]zip
hxxp://193[.]117[.]208[.]101//sample[.]zip
hxxp://193[.]117[.]208[.]101//sample[.]exe
hxxp://193[.]117[.]208[.]101//CovidPass[.]exe
hxxp://193[.]117[.]208[.]101//TripVPN[.]exe
hxxp://89[.]197[.]154[.]116//Organiser2[.]zip
hxxp://89[.]197[.]154[.]116//Prototype2[.]zip
hxxp://89[.]197[.]154[.]116//Tracker[.]zip
hxxp://89[.]197[.]154[.]116//Extension2[.]zip
hxxp://89[.]197[.]154[.]116//Organiser3[.]zip
hxxp://89[.]197[.]154[.]116//Setup[.]zip
Metasploit


URL
hxxps://pelentions[.]com/MlCs/caldo[.]png
JanelaRAT


URL
hxxps://virtual[.]urban-orthodontics[.]com/feFHRgbDJC8Zw310StlrZA/DfWQemT88BZkiMhOIPj8fij0wCZE2ZAA=
hxxps://mtpolice2030[.]com/cdn-vs/original[.]js
hxxps://mtpolice2030[.]com/cdn-vs/index[.]php
hxxps://mtpolice2030[.]com/cdn-vs/fix[.]php
hxxps://mtpolice2030[.]com/cdn-vs/data[.]php
hxxps://myugu[.]therapy[.]emergencepsychservices[.]com/orderReview
hxxps://lhc[.]therapy[.]emergencepsychservices[.]com/orderReview
hxxps://mkwk[.]therapy[.]emergencepsychservices[.]com/orderReview
hxxps://virtana-tech[.]com/trade/fix[.]php
hxxps://virtana-tech[.]com/trade/original[.]js
hxxps://virtana-tech[.]com/trade/index[.]php
hxxps://virtana-tech[.]com/trade/d[.]php
hxxps://qqmb[.]free[.]thebitmeister[.]com/orderReview
hxxps://lpgv[.]free[.]thebitmeister[.]com/orderReview
FAKEUPDATES


URL
hxxp://154[.]216[.]17[.]169/t
hxxp://121[.]127[.]34[.]110/fuckjewishpeople[.]arm4
Mirai


URL
hxxp://176[.]113[.]115[.]33/thebig/noode[.]exe
hxxp://193[.]187[.]174[.]58/thebig/getlab[.]exe
Socks5 Systemz


URL
hxxp://147[.]45[.]44[.]104/prog/66ed33717e4c1_vfdshfdag15[.]exe
hxxps://nerv[.]com[.]pe/vfsdgdf[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ed5659d6ee7_vcxhsdf12[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ed33772bbe7_vdfhsjf16[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ed336eac985_vdfhssfdg12[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ecb4509c214_vbfdsg12[.]exe
hxxps://nasionaltv[.]com/vejsfs16[.]exe
hxxps://nerv[.]com[.]pe/vsfdhgg15[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66ed8059174df_ConsiderMilfs[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ed337476b90_vfdshd[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ecb44e7f1ca_vdfshd15[.]exe
hxxps://nerv[.]com[.]pe/vdshgdf16[.]exe
hxxp://147[.]45[.]44[.]104/prog/66eef0d27af21_vfdsgfd[.]exe
hxxps://brightorbitconsultancy[.]com/vfdsgfd[.]exe
hxxps://innovaxingenieros[.]com/vkfsags12[.]exe
hxxps://innovaxingenieros[.]com/vsfdajg16[.]exe
hxxp://147[.]45[.]44[.]104/revada/66f00ee5b1ba6_cry[.]exe
hxxp://147[.]45[.]44[.]104/prog/66eef0d509347_vfdshg16[.]exe
hxxp://147[.]45[.]44[.]104/prog/66eef0cfe6c57_vdcsdgf15[.]exe
hxxp://147[.]45[.]44[.]104/prog/66eef0d7ec94e_vrewgh12[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66f00f515201d_otr[.]exe
hxxps://dfgdfgfhgjfggedfgdfhvh[.]xyz/server/new/cry[.]exe
hxxps://dfgdfgfhgjfggedfgdfhvh[.]xyz/server/new/otr[.]exe
hxxps://tirrex[.]cl/folder/otra[.]exe
hxxp://147[.]45[.]44[.]104/prog/66ecb44c35444_vfdhsgdf[.]exe
hxxps://trasporteymensajeriacyj[.]com/assets/c1[.]exe
hxxps://nasionaltv[.]com/vfdshf[.]exe
hxxps://nasionaltv[.]com/vdfsh12[.]exe
hxxp://147[.]45[.]44[.]104/revada/66f148e50e8e1_goodJob[.]exe
hxxp://147[.]45[.]45[.]69/vdshdf[.]exe
hxxps://nasionaltv[.]com/vsg15[.]exe
hxxp://147[.]45[.]45[.]69/vfdsfh12[.]exe
hxxp://147[.]45[.]45[.]69/vfsdhfsd16[.]exe
hxxp://147[.]45[.]45[.]69/vfdgfd15[.]exe
hxxp://147[.]45[.]44[.]104/revada/66f19da1b85de_cryotr[.]exe
Vidar


URL
hxxp://147[.]45[.]44[.]104/yuop/66ec3528901bb_winupdate11[.]exe
hxxp://66[.]63[.]187[.]123/txt/73EtsZxIoDetWTu[.]exe
hxxp://109[.]248[.]150[.]159/tMBNNydkDMqAIHr158[.]bin
hxxps://api[.]telegram[.]org/bot6852245174:AAHgk_9s-tH6YNacTaCnQz56uJMggI0fZDw/
hxxp://papeleriaveneplast[.]com/nigx/notebyx[.]exe
hxxp://papeleriaveneplast[.]com/sWgiokoty/wcxoplwq[.]exe
hxxps://mohawatradingco[.]com/DHL-Receipt[.]js
Agent Tesla


URL
hxxp://52[.]169[.]233[.]237/yakuza[.]mpsl
hxxp://52[.]169[.]233[.]237/yakuza[.]ppc
hxxp://52[.]169[.]233[.]237/yakuza[.]x86
hxxp://52[.]169[.]233[.]237/yakuza[.]arm4
hxxp://52[.]169[.]233[.]237/yakuza[.]arm5
hxxp://52[.]169[.]233[.]237/yakuza[.]m68k
hxxp://52[.]169[.]233[.]237/yakuza[.]arm6
hxxp://52[.]169[.]233[.]237/yakuza[.]mips
hxxp://52[.]169[.]233[.]237/yakuza[.]x32
hxxp://52[.]169[.]233[.]237/yakuza[.]i586
Yakuza


URL
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/nss3[.]dll
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/sqlite3[.]dll
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/freebl3[.]dll
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/mozglue[.]dll
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/softokn3[.]dll
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/msvcp140[.]dll
hxxp://185[.]215[.]113[.]37/0d60be0de163924d/vcruntime140[.]dll
hxxp://185[.]215[.]113[.]37/doun/game[.]exe
hxxp://154[.]216[.]18[.]13/1a6bc231b835769a[.]php
hxxp://185[.]215[.]113[.]16/inc/needmoney[.]exe
hxxp://185[.]215[.]113[.]19/inc/needmoney[.]exe
hxxp://185[.]215[.]113[.]117/reno/zuda[.]exe
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/msvcp140[.]dll
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/softokn3[.]dll
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/mozglue[.]dll
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/freebl3[.]dll
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/nss3[.]dll
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/sqlite3[.]dll
hxxp://212[.]34[.]148[.]47/f3920c55236c2636/vcruntime140[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/freebl3[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/nss3[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/sqlite3[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/msvcp140[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/vcruntime140[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/mozglue[.]dll
hxxp://154[.]216[.]18[.]13/f3920c55236c2636/softokn3[.]dll
hxxp://185[.]215[.]113[.]100/vera/nate[.]exe
hxxp://185[.]215[.]113[.]37/vera/nate[.]exe
hxxp://185[.]215[.]113[.]103/vera/nate[.]exe
hxxps://innovaxingenieros[.]com/smdsg[.]exe
hxxps://innovaxingenieros[.]com/vlsadg[.]exe
hxxp://147[.]45[.]44[.]104/prog/66eef0cc8034a_sdgdfs[.]exe
hxxps://brightorbitconsultancy[.]com/sdgdfs[.]exe
hxxp://45[.]200[.]149[.]45/909443e03ce77329[.]php
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/mozglue[.]dll
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/msvcp140[.]dll
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/nss3[.]dll
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/sqlite3[.]dll
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/freebl3[.]dll
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/softokn3[.]dll
hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/vcruntime140[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/nss3[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/msvcp140[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/vcruntime140[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/mozglue[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/freebl3[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/sqlite3[.]dll
hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/softokn3[.]dll
hxxp://45[.]200[.]149[.]47/909443e03ce77329[.]php
Stealc


URL
hxxp://www[.]plantytime[.]com/CITROEN[.]msi
hxxp://plantytime[.]com/CITROEN[.]msi
hxxp://188[.]119[.]113[.]152/CITROEN[.]msi
hxxps://greshunka[.]com:8041/bazar[.]php
hxxps://92[.]118[.]112[.]130:8041/bazar[.]php
hxxp://gertioma[.]top/o[.]jpg
BazarBackdoor


URL
hxxp://147[.]45[.]44[.]104/yuop/66ec34ea3a1b3_app3454636138226159146[.]exe
hxxp://147[.]45[.]44[.]104/revada/66ebe621bc80b_ffile[.]exe
hxxp://185[.]215[.]113[.]117/inc/GIFT-INFO[.]lMG[.]exe
hxxp://185[.]215[.]113[.]117/inc/resex[.]exe
hxxp://185[.]215[.]113[.]117/inc/whiteheroin[.]exe
hxxp://185[.]215[.]113[.]117/inc/penis[.]exe
hxxp://185[.]215[.]113[.]117/inc/morphic[.]exe
hxxp://185[.]215[.]113[.]117/inc/bundle[.]exe
hxxp://185[.]215[.]113[.]117/inc/vlst[.]exe
hxxp://176[.]111[.]174[.]140/psfod[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66efe93a74999_crypted[.]exe
hxxp://147[.]45[.]44[.]104/revada/66ef2d38305f6_crypted[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66eea6336b153_app16540406983468141987[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66f011901da27_crypted[.]exe
hxxp://147[.]45[.]44[.]104/revada/66f0115e28dc4_crypted[.]exe
hxxp://147[.]45[.]44[.]104/revada/66eeefee8eaa2_crypted[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66ed7ef071886_crypted[.]exe
hxxp://147[.]45[.]44[.]104/revada/66f01434b5b1a_crypted[.]exe
hxxp://147[.]45[.]44[.]104/yuop/66edb89bc4073_crypted[.]exe
hxxp://185[.]215[.]113[.]117/inc/kiyan[.]exe
RedLine Stealer


URL
hxxp://104[.]128[.]56[.]140/JavaX-Helper[.]exe
hxxp://69[.]10[.]45[.]181/exe/svchost[.]exe
XWorm


URL
hxxps://sdm-sitmc[.]com/wp-content/plugins/z-downloads/
hxxps://vaultreach[.]com/wp-content/plugins/z-downloads/
hxxps://www[.]erpquipu[.]com/wp-content/plugins/z-downloads/
hxxps://www[.]defrasystem[.]it/wp-content/plugins/z-downloads/
hxxps://swagdetailing[.]vn/wp-content/plugins/z-downloads/
hxxps://str-travaux[.]com/wp-content/plugins/z-downloads/
hxxps://www[.]envioacanaria[.]es/wp-content/plugins/z-downloads/
hxxps://www[.]racarteles[.]com[.]ar/wp-content/plugins/z-downloads/
hxxps://theitalianplaceprovidore[.]com[.]au/wp-content/plugins/z-downloads/
hxxps://trinitetech[.]com/wp-content/plugins/z-downloads/
hxxps://themufti[.]com/wp-content/plugins/z-downloads/
hxxps://teeoi2024[.]teeoi[.]com/wp-content/plugins/z-downloads/
hxxps://www[.]ristoranteamicimiei[.]it/wp-content/plugins/z-downloads/
hxxps://restasfunerals[.]gr/wp-content/plugins/z-downloads/
hxxps://veraflorindo[.]adv[.]br/wp-content/plugins/z-downloads/
hxxps://usatimenetwork[.]com/wp-content/plugins/z-downloads/
hxxps://rebabeachresort[.]in/wp-content/plugins/z-downloads/
hxxps://zazipoa[.]co[.]ke/wp-content/plugins/z-downloads/
hxxps://www[.]carpetparadise[.]com[.]au/wp-content/plugins/z-downloads/
hxxps://serbacetak[.]com/wp-content/plugins/z-downloads/
hxxps://sikkacrownofnoida[.]com/wp-content/plugins/z-downloads/
hxxps://tehran-ballbearings[.]ir/wp-content/plugins/z-downloads/
hxxps://www[.]urnammu[.]org/wp-content/plugins/z-downloads/
hxxps://sema-sa[.]com/wp-content/plugins/z-downloads/
hxxps://seawave[.]online/wp-content/plugins/z-downloads/
hxxps://www[.]jejouedelamusique[.]com/wp-content/plugins/z-downloads/
hxxps://smartnepali[.]com/wp-content/plugins/z-downloads/
hxxps://primo-investment[.]com/wp-content/plugins/z-downloads/
hxxps://ortekinsaat[.]com/wp-content/plugins/z-downloads/
hxxps://lesyogaphiles[.]com/wp-content/plugins/z-downloads/
hxxps://luxuryumrahcars[.]com/wp-content/plugins/z-downloads/
hxxps://plusaccountingservices[.]com/wp-content/plugins/z-downloads/
hxxps://newcms-fuv[.]toponseek[.]com/wp-content/plugins/z-downloads/
hxxps://pixocad[.]com/wp-content/plugins/z-downloads/
hxxps://lgservice[.]smithup[.]site/wp-content/plugins/z-downloads/
hxxps://menuuo[.]com/wp-content/plugins/z-downloads/
hxxps://ogslnolly[.]com/wp-content/plugins/z-downloads/
hxxps://myanetwork[.]org/wp-content/plugins/z-downloads/
hxxps://onlineshoppingmantra[.]com/wp-content/plugins/z-downloads/
hxxps://medsourceglobal[.]com/wp-content/plugins/z-downloads/
hxxps://nahcamargo[.]com[.]br/wp-content/plugins/z-downloads/
hxxps://mybackofficesolutions[.]us/wp-content/plugins/z-downloads/
hxxps://pakistanchurchplanting[.]com/wp-content/plugins/z-downloads/
hxxps://lyne-melis[.]fr/wp-content/plugins/z-downloads/
hxxps://manitpoint[.]com/wp-content/plugins/z-downloads/
hxxps://parasseasonss[.]com/wp-content/plugins/z-downloads/
hxxps://packtechperu[.]com/wp-content/plugins/z-downloads/
hxxps://oxnardappliancerepairmasters[.]com/wp-content/plugins/z-downloads/
hxxps://garudahospital[.]in/wp-content/plugins/z-downloads/
hxxps://ignetwork[.]us/wp-content/plugins/z-downloads/
hxxps://gaticosymonetes[.]com/wp-content/plugins/z-downloads/
hxxps://ims[.]25pockets[.]com/wp-content/plugins/z-downloads/
hxxps://inkpulsive[.]com/wp-content/plugins/z-downloads/
hxxps://guillermoopticos[.]com/wp-content/plugins/z-downloads/
hxxps://itstime[.]love/wp-content/plugins/z-downloads/
hxxps://homes121s[.]in/wp-content/plugins/z-downloads/
hxxps://impressionblog[.]co[.]uk/wp-content/plugins/z-downloads/
hxxps://intermittentliving[.]houbenfysiotherapie[.]nl/wp-content/plugins/z-downloads/
hxxps://ethadalkhayr[.]com/wp-content/plugins/z-downloads/
hxxps://foundehd[.]org/wp-content/plugins/z-downloads/
hxxps://brickkiln[.]org/wp-content/plugins/z-downloads/
hxxps://epicradio[.]com[.]ar/wp-content/plugins/z-downloads/
hxxps://ambiencetivertonn[.]com/wp-content/plugins/z-downloads/
hxxps://brunafarinonpediatra[.]com[.]br/wp-content/plugins/z-downloads/
hxxps://blogdokter[.]online/wp-content/plugins/z-downloads/
hxxps://dnarchitetti[.]com/wp-content/plugins/z-downloads/
hxxps://davincibellasartes[.]es/wp-content/plugins/z-downloads/
hxxps://fchaneliere[.]com/wp-content/plugins/z-downloads/
hxxps://amrapaliheartbeatcity[.]com/wp-content/plugins/z-downloads/
hxxps://daretodream[.]cloud/wp-content/plugins/z-downloads/
hxxps://belapornatureza[.]com[.]br/wp-content/plugins/z-downloads/
hxxps://acknowledgementforproject[.]com/wp-content/plugins/z-downloads/
hxxps://arctus[.]ca/wp-content/plugins/z-downloads/
hxxps://atsknightsbridge[.]in/wp-content/plugins/z-downloads/
hxxps://finbloggy[.]com/wp-content/plugins/z-downloads/
hxxps://amjadexport[.]com/wp-content/plugins/z-downloads/
Brute Ratel C4


URL
hxxp://185[.]215[.]113[.]117/inc/S%D0%B5tup[.]exe
hxxp://185[.]215[.]113[.]117/dobre/acentric[.]exe
hxxp://fivevf5pt[.]top/v1/upload[.]php
hxxp://twelvevd12vs[.]top/v1/upload[.]php
hxxp://tventyvf20pt[.]top/v1/upload[.]php
CryptBot


URL
hxxp://185[.]215[.]113[.]117/inc/Client_protected[.]exe
hxxps://www[.]informacionoportuna[.]com/wp-content/uploads/2024/09/7777[.]txt
hxxps://www[.]informacionoportuna[.]com/wp-content/uploads/2024/09/66azul[.]txt
NjRAT


URL
hxxp://185[.]215[.]113[.]117/inc/Pichon[.]exe
hxxp://185[.]215[.]113[.]117/inc/cclent[.]exe
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SGRH/K1R[.]txt
Quasar RAT


URL
hxxp://185[.]215[.]113[.]117/inc/5KNCHALAH[.]exe
hxxp://185[.]215[.]113[.]117/inc/HVNC1[.]exe
hxxps://tmpfiles[.]org/dl/13064919/rcqirfnqr[.]exe
PureCrypter


URL
hxxp://185[.]215[.]113[.]117/inc/XClient_protected[.]exe
Venom RAT


URL
hxxp://185[.]215[.]113[.]117/inc/freedom[.]exe
hxxp://104[.]243[.]38[.]54/600/audiodg[.]exe
hxxp://104[.]243[.]38[.]54/xampp/hu/wecreatednewthingsinthisworldtogetmebackwithnewthingstounderstandverywellthenicepersonevermadewithmeshecutebabygirl_____lovetoseeyou[.]doc
hxxp://104[.]243[.]38[.]54/600/audiodii[.]exe
hxxp://103[.]131[.]130[.]154/144/audiodg[.]exe
hxxp://103[.]131[.]130[.]154/xampp/eso/IEnetworkcookie[.]hta
Formbook


URL
hxxp://147[.]45[.]44[.]104/yuop/66e571613a5a3_Server[.]exe
KrBanker


URL
hxxp://82[.]147[.]85[.]52/Loader[.]exe
RansomHub


URL
hxxps://update-ledger[.]net/info3[.]php
hxxps://update-ledger[.]net/info2[.]php
hxxps://update-ledger[.]net/ns/nsm_vpro[.]ini
hxxps://update-ledger[.]net/ns/PCICL32[.]DLL
hxxps://update-ledger[.]net/ns/HTCTL32[.]DLL
hxxps://update-ledger[.]net/ns/msvcr100[.]dll
hxxps://update-ledger[.]net/ns/nskbfltr[.]inf
hxxps://update-ledger[.]net/ns/client32[.]exe
hxxps://update-ledger[.]net/ns/PCICHEK[.]DLL
hxxps://update-ledger[.]net/ns/pcicapi[.]dll
hxxps://update-ledger[.]net/ns/TCCTL32[.]DLL
hxxps://update-ledger[.]net/ns/remcmdstub[.]exe
hxxps://update-ledger[.]net/ns/NSM[.]ini
hxxps://update-ledger[.]net/ns/client32[.]ini
hxxps://update-ledger[.]net/ns/NSM[.]LIC
hxxps://update-ledger[.]net/ns/AudioCapture[.]dll
hxxps://mlm-cdn[.]com/ssd/sdn1[.]zip
hxxps://mlm-cdn[.]com/ssd/sdn4[.]zip
hxxps://mlm-cdn[.]com/ssd/sdn3[.]zip
hxxps://mlm-cdn[.]com/ssd/sdn2[.]zip
hxxp://147[.]45[.]44[.]131/files/990[.]exe
hxxps://www[.]chefspavilion[.]com/cdn-vs/data[.]php
hxxps://185[.]33[.]85[.]42/cdn-vs/data[.]php
hxxps://ncf[.]ceprone[.]com/data[.]php
hxxps://www[.]jmconsultores[.]ceprone[.]com/data[.]php
hxxps://www[.]butikhotel[.]ceprone[.]com/data[.]php
hxxps://apf[.]ceprone[.]com/data[.]php
hxxps://webdisk[.]uataf[.]ceprone[.]com/data[.]php
hxxps://www[.]tomascastelo[.]ceprone[.]com/data[.]php
hxxps://www[.]afdc[.]ceprone[.]com/data[.]php
hxxps://www[.]televisaogemeas[.]ceprone[.]com/data[.]php
hxxps://www[.]ceprone[.]com/data[.]php
hxxps://www[.]test[.]exameja[.]ceprone[.]com/data[.]php
hxxps://loja[.]ceprone[.]com/data[.]php
hxxps://www[.]stellamaris[.]ceprone[.]com/data[.]php
hxxps://www[.]michely[.]ceprone[.]com/data[.]php
hxxps://www[.]rainha[.]ceprone[.]com/data[.]php
hxxps://stellamaris[.]ceprone[.]com/data[.]php
hxxps://www[.]demo-zilka[.]ceprone[.]com/data[.]php
hxxps://www[.]arbet[.]ceprone[.]com/data[.]php
hxxps://amiguinhos[.]ceprone[.]com/data[.]php
hxxps://test[.]exameja[.]ceprone[.]com/data[.]php
hxxps://www[.]orphad[.]ceprone[.]com/data[.]php
hxxps://ciwa[.]ceprone[.]com/data[.]php
hxxps://examego[.]ceprone[.]com/data[.]php
hxxps://www[.]exameja[.]ceprone[.]com/data[.]php
hxxps://www[.]ncf[.]ceprone[.]com/data[.]php
hxxps://www[.]loja[.]ceprone[.]com/data[.]php
hxxps://checkout[.]ceprone[.]com/data[.]php
hxxps://absa[.]ceprone[.]com/data[.]php
hxxps://www[.]genafricana[.]ceprone[.]com/data[.]php
hxxps://www[.]sheltongotine[.]ceprone[.]com/data[.]php
hxxps://whm[.]waresta[.]ceprone[.]com/data[.]php
hxxps://www[.]zilka[.]ceprone[.]com/data[.]php
hxxps://www[.]wooneya[.]ceprone[.]com/data[.]php
hxxps://demo-zilka[.]ceprone[.]com/data[.]php
hxxps://ajp[.]ceprone[.]com/data[.]php
hxxps://www[.]demo-zilk[.]ceprone[.]com/data[.]php
hxxps://www[.]examego[.]ceprone[.]com/data[.]php
hxxps://www[.]sernorte[.]ceprone[.]com/data[.]php
hxxps://artmarcas[.]ceprone[.]com/data[.]php
hxxps://79[.]141[.]161[.]172/data[.]php
hxxps://ceprone[.]com/data[.]php
hxxp://147[.]45[.]44[.]131/files/Name[.]exe
NetSupportManager RAT


URL
hxxps://tmpfiles[.]org/dl/13121783/inst_4wky_x[.]exe
hxxp://176[.]111[.]174[.]140/tyh[.]exe
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/ENVS/DS1[.]txt
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/J1[.]txt
hxxp://103[.]130[.]147[.]211/Files/inst_4WKY_x[.]exe
hxxp://165[.]227[.]81[.]186/payroll[.]php
hxxp://185[.]174[.]101[.]88:777/gno[.]jpg
hxxps://185[.]174[.]101[.]88/gno[.]jpg
hxxps://jumboplastsrl[.]com[.]ar/rr/nsmoney[.]jpg
hxxp://104[.]243[.]37[.]177:888/npa[.]vbs
hxxps://104[.]243[.]37[.]177/npa[.]vbs
hxxps://104[.]243[.]37[.]177/to[.]txt
hxxp://104[.]243[.]37[.]177:888/to[.]txt
AsyncRAT


URL
hxxp://198[.]46[.]178[.]181/755/unb/seewhatthebuttersmooththingsgetmebackwithentirechocolatebuttersmoothbiscoutweneedtruebuttersmoothchocolatevaanilla_______seethebuttersmooth[.]doc
hxxp://103[.]182[.]19[.]148/10200/lionskingcobraimageshighqaulitybmp[.]bmp
hxxp://192[.]3[.]193[.]155/xampp/boz/bz/IEnetworkroundthings[.]hta
hxxp://192[.]3[.]193[.]155/xampp/mesz/mz/IEnetupdationprocess[.]hta
hxxp://198[.]46[.]178[.]137/136/RNR[.]txt
hxxp://52[.]195[.]219[.]214/xampp/de/IEnetshowwork[.]hta
hxxp://99[.]79[.]191[.]228/450/MeMpEng[.]exe
hxxp://52[.]195[.]219[.]214/56/MeMpEng[.]exe
hxxp://192[.]3[.]193[.]155/xampp/mesz/wethinkchocolatebuttersmoothbunhave[.]tIF
hxxp://192[.]227[.]225[.]173/xampp/hbu/IEnetshoot[.]hta
hxxp://192[.]227[.]225[.]173/M0209T/csrss[.]exe
hxxp://192[.]3[.]243[.]166/xampp/sw/enghss[.]hta
hxxp://192[.]3[.]243[.]166/118/MeMpEng[.]exe
hxxp://192[.]3[.]193[.]155/xampp/boz/wecreatedbuttersmoothbutterthings[.]tIF
hxxp://103[.]182[.]19[.]148/10200/BRB[.]txt
hxxp://99[.]79[.]191[.]228/xampp/wfg/IEnetCatUpdate[.]hta
hxxp://23[.]95[.]235[.]112/122/MKCV[.]txt
hxxp://198[.]46[.]178[.]154/100500/HWE[.]txt
hxxp://172[.]232[.]4[.]203/300400/SVSS[.]txt
hxxp://198[.]46[.]178[.]154/100500/vff/lioniskingandtigerisalsotryingforkingbutdifferentistheattitudeofthistwoanimalaredifferentlionsisalwaysalionitsucantcomparewith__anyotherbecauselionbeauties[.]doc
hxxp://198[.]46[.]178[.]154/400500/gbv/lionsaregetbacktothejungleforentirethingstochangewearelionkingofthejungletigersaregreatthingstounderstandjunglelionskingofjungletigers___stillalsolionsarekingof[.]doc
hxxp://172[.]232[.]4[.]203/300400/svcc/lionsarekingofthejungletigersarebornintheearthforbeahavinggreatandtheyareverydangrouslionsarelawayskingbeause__beautifullionsandkingaregreat[.]doc
hxxp://172[.]232[.]4[.]203/300400/lionandtigerfemalesarelooklikeverynice[.]bmp
hxxp://198[.]12[.]107[.]122/400400/PHGT[.]txt
hxxp://198[.]46[.]178[.]154/100500/lionsandtigerbeautifulpicture[.]bmp
hxxp://198[.]46[.]178[.]154/400500/lionsarekingofjungleimagesamazing[.]bmp
hxxp://198[.]12[.]81[.]228/600/RGGV[.]txt
hxxp://198[.]46[.]178[.]154/400500/WDC[.]txt
hxxp://23[.]94[.]148[.]16/70/kmb/weneednewthingstogetmebackwithentirethingstogetbackwtihnewprofilepicturewithnewfashionwhichmakefeelrichwithme______bestchoclatefilledruffel[.]doc
hxxp://23[.]94[.]148[.]16/60/cbf[.]txt
hxxp://198[.]46[.]177[.]156/100200/MCCA[.]txt
hxxp://198[.]46[.]177[.]156/xampp/mcc/lionsaregreatinthevaluewholookingfornatureofthejngletoundertandlionskingisgreatinthejungletogetitbacktoundeerstandlionskingofjungle___alwaysgreatlionsjungle[.]doc
hxxp://192[.]227[.]173[.]64/7090/LOCC[.]txt
hxxp://198[.]46[.]177[.]156/100200/lionsandtigersarekingofjungleimageshere[.]bmp
hxxp://192[.]227[.]173[.]64/xampp/kobo/uhg[.]txt
hxxp://23[.]94[.]148[.]16/60/bnc/seethebestwayforunderstandthegreatthingstogetmebackwithnicethingsunderstandbutterscoochwithnicemilkwhichaddedoneinthecake________sheisveryhostgirl[.]doc
hxxp://23[.]94[.]148[.]16/90/WEFV[.]txt
hxxp://23[.]94[.]148[.]16/70/LDRC[.]txt
hxxp://23[.]94[.]148[.]16/70/weneedgreatchocolatecakeneed[.]tIF
hxxp://198[.]23[.]188[.]147/90/LVCR[.]txt
hxxp://198[.]23[.]188[.]147/90/iamthereatwarriorforgirlspicute[.]tIF
hxxp://198[.]23[.]188[.]147/140/noc/IEnetworking[.]hta
hxxp://198[.]23[.]188[.]147/72/hon/mepictureeverythingonherewithuverywellwithouthavingsuchanicenewswhichneedtohappenedeverywheresheisreallynicegirlalwaystogetme____sheisverynicegirl[.]doc
hxxp://198[.]23[.]188[.]147/150/NOCMG[.]txt
hxxp://198[.]23[.]188[.]147/90/we/IEnetworkgetme[.]hta
hxxp://198[.]23[.]188[.]147/150/ceo/IEnetworkcreatedudpate[.]hta
hxxp://198[.]23[.]188[.]147/72/mypicturenotwithmeonherenothave[.]tIF
hxxp://198[.]23[.]188[.]147/140/SRFVC[.]txt
hxxp://198[.]23[.]188[.]147/140/picturegetmebackwithnewthingshere[.]tIF
hxxp://198[.]23[.]188[.]147/72/WERFF[.]txt
hxxp://198[.]23[.]188[.]147/150/geewithicreamsandwitchtatstyiloveit[.]tIF
hxxp://23[.]94[.]148[.]16/60/seethebutterscoochmilkwithsweet[.]tIF
hxxp://172[.]232[.]189[.]85/2414/RNCFF[.]txt
hxxp://172[.]236[.]19[.]62/340/NINEO[.]txt
hxxp://172[.]236[.]19[.]62/293/RWERR[.]txt
hxxp://198[.]12[.]81[.]171/83/RNCFC[.]txt
hxxp://107[.]172[.]148[.]248/82/awss[.]txt
hxxp://107[.]172[.]148[.]248/130/RMOTH[.]txt
hxxp://45[.]90[.]89[.]123/2117/RMCCF[.]txt
hxxp://107[.]175[.]243[.]142/254/audiodg[.]exe
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RS[.]txt
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RF[.]txt
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RTJ[.]txt
hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RRTT[.]txt
hxxp://172[.]236[.]19[.]62/293/min/seethepicturetogetmebacktheupdateionprocesswhichreallyfineforgetmebackwithentireprocessgoodandgreatforsuccessfulthings_______veryfineexpeince[.]doc
hxxp://45[.]90[.]89[.]123/2117/sk/weskineverythingtobeperfectwithentirethingstodropdownwitheverythinginactiontodoentireprojectreadyforhitthetruenetwork____nicepeoplesgetmeback[.]doc
hxxp://172[.]232[.]189[.]85/2414/eno/nicetomeetyouthepersonwhowanttounderstandiamagoodboywhocantakeyouintheheavenwithentirelifesystletoseethatsheismygirl______greatthingstobewant[.]doc
hxxp://172[.]236[.]19[.]62/340/ncv/feelniceforgivenmegreatthingstobegreatforgetbacknicepictureofmygirlfrinedwhoreallylovedeveryonetogetmebackwithherlifesheisbeauty______nicegirliseenforeverme[.]doc
hxxp://198[.]12[.]81[.]171/83/gfv/weneedpicturetogetmebackwithgoodsuccessfullthingswanttobegreatwithentirethingsgosuccessfulljourneyonurcareer________bestgreatsuccess[.]doc
hxxp://45[.]79[.]190[.]156/560/ec/nicezorkforentirethingtobegogreqterthenqnyzheretget,eunderstqndhozbequtifulgirlsheisverynicegirlifoundinnortheqstsidezodndoerfillzodfe[.]doc
hxxp://45[.]79[.]190[.]156/560/greatthingstobegreatthingswithmeg[.]tIF
hxxp://107[.]172[.]148[.]248/130/dg/weseethepicturewithnewthingswithgreatthingstobegreatunderstandpicturenewthingswithgreatundrstandhereonseetegreat__________greatsuccessonhere[.]doc
Remcos


URL
hxxp://1[.]92[.]146[.]107/linux_arm5
hxxp://1[.]92[.]146[.]107/linux_amd64
hxxp://1[.]92[.]146[.]107/linux_aarch64
hxxp://1[.]92[.]146[.]107/linux_mips64
hxxp://1[.]92[.]146[.]107/linux_mips
hxxp://1[.]92[.]146[.]107/linux_arm6
hxxp://1[.]92[.]146[.]107/linux_arm7
Ares


URL
hxxp://176[.]111[.]174[.]109/kurwa
Tofsee


URL
hxxp://204[.]10[.]160[.]223/foVwWGCKMF230[.]bin
hxxp://103[.]237[.]86[.]136/QHDweQjudBxOH171[.]bin
hxxp://103[.]237[.]86[.]137/CDffcqqkGdQO150[.]bin
hxxp://107[.]150[.]19[.]141/YzMDBQdXEiLgTivrH243[.]bin
hxxp://64[.]188[.]18[.]85/jmSQVwyK199[.]bin
hxxp://204[.]10[.]160[.]199/nuFQGcHXOlDhwOAJdu247[.]bin
hxxp://204[.]10[.]160[.]199/nsTtrctxLoMwQlyGi221[.]bin
hxxp://204[.]10[.]160[.]199/RgwizFTsBTeTMlDnqyb133[.]bin
hxxp://212[.]162[.]149[.]166/xZwsyqvLHmFzB174[.]bin
hxxp://212[.]162[.]149[.]156/BKsmNLyGMLXliYUz90[.]bin
hxxp://204[.]10[.]160[.]133/DMvXhO179[.]bin
hxxp://212[.]162[.]149[.]156/qjTHHXFG5[.]bin
CloudEyE


URL
hxxp://147[.]45[.]44[.]104/lopsa/66eaadab755d2_installs[.]exe
hxxp://160[.]25[.]72[.]207/ARMAF/MPA[.]exe
PureLogs Stealer


URL
hxxps://eb2a[.]live/ready[.]apk
hxxps://fshjfjhxjhjh[.]top/ready[.]apk
hxxps://154[.]91[.]84[.]35/ready[.]apk
hxxps://www[.]eb2a[.]live/ready[.]apk
hxxps://51[.]161[.]13[.]209/ready[.]apk
hxxps://mail[.]eb2a[.]live/ready[.]apk
hxxp://69[.]10[.]45[.]181/ready[.]apk
hxxp://45[.]152[.]67[.]25:8080/ready[.]apk
hxxp://137[.]184[.]53[.]152:8081/Test[.]apk
hxxp://137[.]184[.]53[.]152:8081/Test%20(12)[.]apk
hxxp://137[.]184[.]53[.]152:8081/Chrome[.]apk
hxxp://137[.]184[.]53[.]152:8081/Telegram%20(3)[.]apk
SpyNote


URL
hxxp://37[.]48[.]102[.]22:1820/is-ready
WSHRAT


URL
hxxps://www[.]hercvlesconcrete[.]com/Document[.]zip
hxxps://api[.]telegram[.]org/bot7541020039:AAGsq8h1YFdFZMkWR4YvtTV1a-gYO_XOaR4/sendMessage?chat_id=5593200404
hxxps://api[.]telegram[.]org/bot7984047337:AAGSaG0nExqxkiCbwnZqDwxijOF59XBFFIM/sendMessage?chat_id=2135869667
hxxps://api[.]telegram[.]org/bot7325762278:AAFPrMvoiNNZ5rT_5Kz3dP1guR4ZEPdF-9A/sendMessage?chat_id=5692813672
Snake Keylogger


URL
hxxp://188[.]34[.]184[.]47/auto/9923765c101c3aa0fca26d109ef9ebe8/231[.]exe
DarkGate


URL
hxxps://www[.]mcxntoolsservice[.]com/srne[.]php
Bitter RAT


URL
hxxp://89[.]197[.]154[.]116//Prototype[.]exe
hxxp://89[.]197[.]154[.]116//Journal[.]zip
hxxp://89[.]197[.]154[.]116//Monitor[.]exe
hxxp://89[.]197[.]154[.]116//Utility3[.]exe
hxxp://89[.]197[.]154[.]116//service[.]exe
hxxp://89[.]197[.]154[.]116//Utility2[.]exe
hxxp://89[.]197[.]154[.]116//Utility[.]zip
hxxp://89[.]197[.]154[.]116//Extension[.]zip
hxxp://89[.]197[.]154[.]116//Organiser[.]exe
hxxp://89[.]197[.]154[.]116//Charter[.]exe
hxxp://89[.]197[.]154[.]116//Journal[.]exe
hxxp://89[.]197[.]154[.]116//Extension2[.]exe
hxxp://89[.]197[.]154[.]116//Accounts[.]zip
hxxp://89[.]197[.]154[.]116//Beta2[.]zip
hxxp://198[.]12[.]81[.]171/xampp/cno/newthingstogetmebackwtih[.]hta
hxxp://89[.]197[.]154[.]116//Prototype[.]zip
hxxp://47[.]120[.]46[.]210:81/hZh3
hxxp://47[.]120[.]46[.]210:81/YtW9
hxxp://89[.]197[.]154[.]116//Meeting[.]exe
hxxps://204[.]152[.]203[.]78/dot[.]gif
Cobalt Strike


URL
hxxp://89[.]197[.]154[.]116//Tracker[.]exe
hxxp://89[.]197[.]154[.]116//Icon[.]exe
hxxp://89[.]197[.]154[.]116//Excel[.]exe
hxxp://89[.]197[.]154[.]116//Uploader[.]exe
hxxp://89[.]197[.]154[.]116//Excel[.]zip
Meterpreter


URL
hxxp://41[.]216[.]188[.]190/api/wp-admin[.]php
hxxps://haggaifashion[.]com/app/appgate15[.]exe
hxxp://45[.]91[.]200[.]135/api/wp-admin[.]php
PrivateLoader


URL
hxxp://107[.]175[.]243[.]142/xampp/bv/niceworkonudpationprocesstogetmebackwtihentirethingstobefineformetounderstandallgreatgoingtobethanksforevery_______nicepeoplesaround[.]doc
DBatLoader


URL
hxxps://smolcatkgi[.]shop/endpoint
hxxps://viewphoto[.]lol/download/dwnl[.]php
ClearFake


URL
hxxp://tat-neftbank[.]ru/wcmd[.]htm
hxxp://tat-neftbank[.]ru/kkq[.]php
Berbew


URL
hxxp://198[.]98[.]51[.]37:27222/b/mips
hxxp://198[.]98[.]51[.]37:27222/s/mips
hxxp://198[.]98[.]51[.]37:27222/s/386
hxxp://198[.]98[.]51[.]37:27222/b/386
hxxp://198[.]98[.]51[.]37:27222/s/amd64
hxxp://198[.]98[.]51[.]37:27222/b/amd64
hxxp://198[.]98[.]51[.]37:27222/s/aarch64
hxxp://198[.]98[.]51[.]37:27222/s/arm7
hxxp://198[.]98[.]51[.]37:27222/s/mips64
hxxp://198[.]98[.]51[.]37:27222/b/mips64
hxxp://198[.]98[.]51[.]37:27222/s/arm5
hxxp://198[.]98[.]51[.]37:27222/s/linux
hxxp://198[.]98[.]51[.]37:27222/b/aarch64
hxxp://198[.]98[.]51[.]37:27222/b/mips64el
hxxp://198[.]98[.]51[.]37:27222/s/mips64el
hxxp://198[.]98[.]51[.]37:27222/s/arm6
hxxp://198[.]98[.]51[.]37:27222/b/mipsel
hxxp://198[.]98[.]51[.]37:27222/b/arm7
hxxp://198[.]98[.]51[.]37:27222/b/arm5
hxxp://198[.]98[.]51[.]37:27222/b/arm6
hxxp://198[.]98[.]51[.]37:27222/b/linux
hxxp://198[.]98[.]51[.]37:27222/s/mipsel
Kaiji


URL
hxxps://oneip[.]com[.]my/wp-content/images/pic4[.]jpg
StormKitty


URL
hxxp://66[.]63[.]187[.]123/txt/rBn3LXCczP9Nj7f[.]exe
Nanocore RAT





※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://github-scanner[.]shop/download[.]txt hxxp://147[.]45[.]44[.]104/lopsa/66eaf17e9bd9e_Softwarepaxck[.]exe hxxp://147[.]45[.]44[.]104/revada/66eb0d09c9f08_Gads[.]exe hxxp://185[.]215[.]113[.]19/inc/Amadeus[.]exe hxxp://185[.]215[.]113[.]117/inc/Amadeus[.]exe hxxp://185[.]215[.]113[.]117/inc/broadcom5[.]exe hxxp://147[.]45[.]44[.]131/files/jrj6[.]exe hxxp://147[.]45[.]44[.]131/files/Sus[.]exe hxxp://147[.]45[.]44[.]131/files/gf9[.]exe hxxps://steppyplantnw[.]shop/api hxxps://contractowno[.]shop/api hxxps://tendencerangej[.]shop/api hxxps://surveriysiop[.]shop/api hxxps://tearrybyiwo[.]shop/api hxxps://strappystyio[.]shop/api hxxps://fossillargeiw[.]shop/api hxxps://coursedonnyre[.]shop/api hxxps://captainynfanw[.]shop/api hxxps://appleboltelwk[.]shop/api hxxps://trolleyrreiwn[.]shop/api hxxps://bearrytankkewo[.]shop/api hxxps://intoductionweoa[.]shop/api hxxps://presennttykwo[.]shop/api hxxps://innovaxingenieros[.]com/lnfsda[.]exe hxxps://github-scanner[.]com//l6E[.]exe hxxp://185[.]215[.]113[.]19/inc/Firefox[.]exe hxxp://185[.]215[.]113[.]16/inc/Firefox[.]exe hxxp://185[.]215[.]113[.]117/inc/Firefox[.]exe hxxp://147[.]45[.]44[.]131/files/Susel1[.]exe hxxp://147[.]45[.]44[.]131/files/Traxx1[.]exe hxxp://147[.]45[.]44[.]131/files/pqo7[.]exe hxxp://147[.]45[.]44[.]131/files/CodeSpaces[.]exe hxxps://universittsyos[.]shop/api hxxps://uniqueadowpqm[.]shop/api hxxps://thanngkwwqlm[.]shop/api hxxps://tellyqperoiqo[.]shop/api hxxps://talktaitoovee[.]shop/api hxxps://suntanynwowqm[.]shop/api hxxps://stretchedsqosqp[.]shop/api hxxps://sopranntkwow[.]shop/api hxxps://soliddywdwu[.]shop/api hxxps://shareehodwnqm[.]shop/api hxxps://samledwwekspzxp[.]shop/api hxxps://s3api[.]shop/api/ hxxps://runngerrybiwo[.]shop/api hxxps://resindecdesjai[.]shop/api hxxps://refrencireoi[.]shop/api hxxps://provicnwiqmp[.]shop/api hxxps://optinewlip[.]shop/api hxxps://ohhyhousedmxznw[.]shop/api hxxps://obstacleosdsapq[.]shop/api hxxps://nationattwllwqm[.]shop/api hxxps://muuudsaowis[.]shop/api hxxps://muggudrowiwm[.]shop/api hxxps://managgerowkso[.]shop/api hxxps://liversymbwqp[.]shop/api hxxps://lisstyassicrown[.]shop/api hxxps://joystickkyjwq[.]shop/api hxxps://integratedmwqo[.]shop/api hxxps://insistytriro[.]shop/api hxxps://hardshippdiv[.]shop/api hxxps://harassuwqom[.]shop/api hxxps://haltconcrenrsi[.]shop/api hxxps://forymsweeelsm[.]shop/api hxxps://discoveriwm[.]shop/api hxxps://diamonykeqpwm[.]shop/api hxxps://deteriotraiwo[.]shop/api hxxps://depsairryosp[.]shop/api hxxps://deliveerkoqwmn[.]shop/api hxxps://damagedowqm[.]shop/api hxxps://conservaitiwo[.]shop/api hxxps://compunnnyyioq[.]shop/api hxxps://chammypaswiqo[.]shop/api hxxps://candidaiteopwm[.]shop/api hxxps://bananadwidndewo[.]shop/api hxxps://assignmentygassdyw[.]shop/api hxxps://approoverowps[.]shop/api hxxps://analystuysowp[.]shop/api hxxps://addicitedoqowm[.]shop/api hxxps://abledzovmposia[.]shop/api hxxps://lootebarrkeyn[.]shop/api hxxp://147[.]45[.]44[.]104/yuop/66eff9f890580_appSetup[.]exe hxxp://194[.]116[.]215[.]195/File[.]exe hxxp://147[.]45[.]44[.]104/prog/66f063cce5470_crypted[.]exe hxxp://147[.]45[.]44[.]104/revada/66f01072d72ba_appSetup[.]exe hxxps://oneip[.]com[.]my/wp-content/images/pic3[.]jpg hxxps://oneip[.]com[.]my/wp-content/images/pic2[.]jpg hxxps://illuminazioneproduzione[.]it/lgnasdfnds[.]exe hxxp://185[.]215[.]113[.]16/inc/blackload[.]exe hxxps://covvercilverow[.]shop/api hxxps://surroundeocw[.]shop/api hxxps://abortinoiwiam[.]shop/api hxxps://pumpkinkwquo[.]shop/api hxxps://priooozekw[.]shop/api hxxps://deallyharvenw[.]shop/api hxxps://defenddsouneuw[.]shop/api hxxps://racedsuitreow[.]shop/api hxxps://liedshorqwi[.]shop/api hxxps://bommotmynwjq[.]shop/api hxxps://swinngydisaosp[.]shop/api hxxps://stoolybootwmwn[.]shop/api hxxps://fannydayywjwo[.]shop/api hxxps://trolleyrreiwn[.]shop/api/ hxxps://fossillargeiw[.]shop/api/ hxxp://steppyplantnw[.]shop/api hxxps://steppyplantnw[.]shop/api/ hxxps://surveriysiop[.]shop/api/ hxxps://captainynfanw[.]shop/api/ hxxps://tendencerangej[.]shop/api/ hxxp://tendencerangej[.]shop/api hxxps://appleboltelwk[.]shop/api/ hxxp://intoductionweoa[.]shop/api hxxps://conctrajwi[.]shop/api hxxps://pilotyiess[.]shop/api hxxps://statuesquesiqow[.]shop/api hxxps://videobenefdii[.]shop/api hxxps://cittypillyekwo[.]shop/api hxxps://siegednwqu[.]shop/api hxxps://dosedcastrerwns[.]shop/api hxxps://teenaggerwwysm[.]shop/api hxxps://presennttykwo[.]shop/api/ hxxps://fastidioudqmwo[.]shop/api hxxps://wrisstytenewj[.]shop/api hxxps://pianoswimen[.]shop/api hxxps://roaddrermncomplai[.]shop/api hxxps://invitedmwdnqi[.]shop/api hxxp://147[.]45[.]44[.]104/prog/66f16f7e683b4_Trippers[.]exe hxxp://103[.]130[.]147[.]211/Files/CheckTool[.]exe hxxps://mizzerablekmo[.]shop/api hxxp://147[.]45[.]44[.]104/revada/66f18402cdd5c_crypted[.]exe hxxps://candleduseiwo[.]shop/api hxxp://147[.]45[.]44[.]104/revada/66f1aed72de87_crypted[.]exe hxxp://147[.]45[.]44[.]104/lopsa/66f19a8fe6780_coreUniver_consalting[.]exe hxxp://185[.]215[.]113[.]19/inc/LummaC222222[.]exe hxxp://185[.]215[.]113[.]16/inc/LummaC222222[.]exe hxxp://185[.]215[.]113[.]117/inc/LummaC222222[.]exe hxxp://147[.]45[.]44[.]131/files/otqp9[.]exe hxxp://147[.]45[.]44[.]131/files/ypqhgl[.]exe	Lumma Stealer
URL	hxxp://108[.]181[.]157[.]69:88/360[.]exe	YoungLotus
URL	hxxp://45[.]202[.]35[.]101/pLQvfD4d/index[.]php hxxp://147[.]45[.]44[.]104/lopsa/66ebb3bf78bd6_Send[.]exe hxxp://185[.]215[.]113[.]103/mine/random[.]exe hxxp://185[.]215[.]113[.]37/mine/random[.]exe hxxp://185[.]215[.]113[.]117/dobre/splwow64[.]exe hxxp://185[.]215[.]113[.]117/ProlongedPortable[.]dll hxxp://185[.]215[.]113[.]100/mine/random[.]exe hxxp://147[.]45[.]44[.]104/malesa/66ea90ff1fefe_15[.]exe hxxp://185[.]215[.]113[.]43/Zu7JuNko/index[.]php	Amadey
URL	hxxp://468198cl[.]nyashtop[.]top/video_HttpCpuDefaultsqlUniversalprivatetempcdn[.]php hxxp://45[.]154[.]99[.]246/CpubaseHttpcpu/3LongpollWp/Dump/PrivateRequestmultiLow/Trackprotondumpexternal/privateLine/jsServer[.]php hxxp://147[.]45[.]44[.]131/files/ponos[.]exe hxxp://297701cm[.]n9shka[.]top/longpollmulti[.]php hxxp://45[.]145[.]228[.]132/57_11[.]bin hxxp://89[.]23[.]97[.]130/processor7better/TempDbLongpollProvider/5TemporaryAuthphp/javascript/FlowerPythonLocal/7protectExternal/5universal7Wordpress/wpAsyncPollProcessor/Dump_auth/MultiMultiBase/ExternalJavascriptJs/6/Wordpress/externaltopython_RequestlowMultidefaultpubliccentral[.]php hxxp://316897cm[.]newnyash[.]top/pollpacketgeoMultiLocal[.]php	DCRat
URL	hxxp://147[.]45[.]44[.]104/revada/66ed0c1bc99a0_setup333[.]exe hxxp://147[.]45[.]44[.]104/yuop/66ec71a8dd7f7_setup33[.]exe hxxp://147[.]45[.]44[.]104/malesa/66ec0e61998bf_setup30[.]exe hxxp://147[.]45[.]44[.]104/malesa/66eaee5323f5d_setup3[.]exe hxxp://147[.]45[.]44[.]104/revada/66edcd212760d_set3[.]exe hxxp://147[.]45[.]44[.]104/revada/66ed9f86292a3_setup3333[.]exe hxxp://192[.]3[.]223[.]30/200/LODCE[.]txt hxxp://147[.]45[.]44[.]104/yuop/66ef3064a18c2_setup3[.]exe hxxp://147[.]45[.]44[.]104/yuop/66ee79315857f_setup33333[.]exe hxxp://147[.]45[.]44[.]104/revada/66efcc2ab2731_setup3[.]exe hxxp://nwgrus[.]ru/tmp/index[.]php hxxp://147[.]45[.]44[.]104/lopsa/66f064675abb3_lyla3[.]exe hxxp://147[.]45[.]44[.]104/yuop/66f1b3d23ffe5_lyla1[.]exe	SmokeLoader
URL	hxxp://93[.]123[.]85[.]163/ppc hxxp://45[.]89[.]247[.]122/hidakibest[.]sh hxxp://52[.]169[.]233[.]237/bins[.]sh hxxp://52[.]169[.]233[.]237/yakuza[.]sh4 hxxp://209[.]105[.]242[.]216/Demon[.]arm6 hxxp://209[.]105[.]242[.]216/Demon[.]arm7 hxxp://45[.]89[.]247[.]122/hidakibest[.]mpsl hxxp://45[.]89[.]247[.]122/hidakibest[.]x86 hxxp://45[.]89[.]247[.]122/hidakibest[.]mips hxxp://45[.]89[.]247[.]122/hidakibest[.]sparc hxxp://45[.]89[.]247[.]122/hidakibest[.]arm6 hxxp://45[.]89[.]247[.]122/hidakibest[.]ppc hxxp://45[.]89[.]247[.]122/hidakibest[.]arm5 hxxp://45[.]89[.]247[.]122/hidakibest[.]arm4 hxxp://109[.]248[.]207[.]168/arm61 hxxp://5[.]253[.]246[.]137/roze[.]sparc hxxp://5[.]253[.]246[.]137/roze[.]m68k hxxp://5[.]253[.]246[.]137/roze[.]i586 hxxp://5[.]253[.]246[.]137/roze[.]sh4 hxxp://5[.]253[.]246[.]137/roze[.]i686 hxxp://5[.]253[.]246[.]137/roze[.]ppc hxxp://5[.]253[.]246[.]137/roze[.]x86 hxxp://5[.]253[.]246[.]137/roze[.]mips hxxp://5[.]253[.]246[.]137/roze[.]mipsel hxxp://5[.]253[.]246[.]137/roze[.]armv6 hxxp://5[.]253[.]246[.]137/roze[.]armv4 hxxp://5[.]253[.]246[.]137/roze[.]armv5 hxxp://178[.]215[.]238[.]7/hidakibest[.]arm7 hxxp://185[.]157[.]247[.]125/0daympsl hxxp://thvip-bm[.]tokenv1[.]cloud/rebirth[.]mpsl hxxp://thvip-bm[.]tokenv1[.]cloud/bins[.]sh hxxp://178[.]215[.]238[.]7/hidakibest[.]ppc hxxp://178[.]215[.]238[.]7/hidakibest[.]x86 hxxp://178[.]215[.]238[.]7/hidakibest[.]mips hxxp://178[.]215[.]238[.]7/hidakibest[.]mpsl hxxp://178[.]215[.]238[.]7/hidakibest[.]arm4 hxxp://178[.]215[.]238[.]7/hidakibest[.]arm6 hxxp://178[.]215[.]238[.]7/hidakibest[.]arm5 hxxp://178[.]215[.]238[.]7/hidakibest[.]sparc	Bashlite
URL	hxxp://185[.]215[.]113[.]100/doun/game[.]exe hxxp://185[.]215[.]113[.]103/steam/random[.]exe hxxp://185[.]215[.]113[.]103/doun/game[.]exe hxxps://nerv[.]com[.]pe/sdhsfd[.]exe hxxp://147[.]45[.]44[.]104/prog/66ecb452ba19c_sfbdsgfd[.]exe hxxp://185[.]215[.]113[.]37/steam/random[.]exe hxxp://185[.]215[.]113[.]100/test/random[.]exe hxxp://185[.]215[.]113[.]37/test/random[.]exe hxxp://185[.]215[.]113[.]103/test/random[.]exe hxxps://nasionaltv[.]com/shhds[.]exe hxxp://147[.]45[.]45[.]69/sfddsghd[.]exe	Mars Stealer
URL	hxxp://147[.]45[.]44[.]104/lopsa/66ea645129e6a_jacobs[.]exe hxxp://154[.]216[.]19[.]60/arm7 hxxp://154[.]216[.]19[.]56/nvidia/system hxxp://154[.]216[.]19[.]56/cpu/cpu[.]sh hxxp://154[.]216[.]19[.]56/cpu[.]jpg hxxp://154[.]216[.]19[.]56/cpu/nanominer-linux-3[.]7[.]7[.]tar[.]gz hxxp://154[.]216[.]19[.]56/dev[.]jpg hxxp://206[.]206[.]76[.]183/wconfig[.]json hxxp://206[.]206[.]76[.]183/xmrig[.]exe	Coinminer
URL	hxxp://175[.]148[.]254[.]146:33892/Mozi[.]m hxxp://222[.]138[.]117[.]244:34949/Mozi[.]m hxxp://120[.]61[.]3[.]168:46598/Mozi[.]m hxxp://176[.]74[.]118[.]170:49866/Mozi[.]m hxxp://61[.]0[.]176[.]62:54862/Mozi[.]m hxxp://59[.]88[.]12[.]221:56283/Mozi[.]m	Mozi
URL	hxxp://154[.]216[.]19[.]60/aarch64 hxxp://154[.]216[.]19[.]60/clean hxxp://154[.]216[.]19[.]60/sh hxxp://154[.]216[.]19[.]60/i686 hxxp://154[.]216[.]19[.]60/x86_64	RedTail
URL	hxxp://89[.]197[.]154[.]116:7810/4_C7W2cwSJ5TNFI1NdglBwJJjpY9c-aimhKxyeadkNusu01pd1-jlYLOLzdP_4xfXF1LYV5jqBl8nywIpe7ggb_u3A36_19q36EdsOuFfYGTEFXg0fy341ZneWstwyacOHgRBAiMg2K53j4E5Cf8uImhogXemNhJLbHgB hxxp://89[.]197[.]154[.]116:7810/dDmZLRctSF-O2Y_Y6DNv7gGR1g00Lo-DSbAP10Qhyakl6e3RBIKZx4eGRNsN-6iE5mPtUWD3pQadMjciytVqzPL hxxp://89[.]197[.]154[.]116:7810/huGC1aTx6yf7CvoLneazWgnuOQe879sh hxxp://193[.]117[.]208[.]101//TripVPN[.]zip hxxp://193[.]117[.]208[.]101//Cloudshare[.]vbs hxxp://193[.]117[.]208[.]101//TripVPN[.]txt[.]lnk hxxp://193[.]117[.]208[.]101//Cloudshare[.]zip hxxp://193[.]117[.]208[.]101//Windows11[.]zip hxxp://193[.]117[.]208[.]101//sample[.]zip hxxp://193[.]117[.]208[.]101//sample[.]exe hxxp://193[.]117[.]208[.]101//CovidPass[.]exe hxxp://193[.]117[.]208[.]101//TripVPN[.]exe hxxp://89[.]197[.]154[.]116//Organiser2[.]zip hxxp://89[.]197[.]154[.]116//Prototype2[.]zip hxxp://89[.]197[.]154[.]116//Tracker[.]zip hxxp://89[.]197[.]154[.]116//Extension2[.]zip hxxp://89[.]197[.]154[.]116//Organiser3[.]zip hxxp://89[.]197[.]154[.]116//Setup[.]zip	Metasploit
URL	hxxps://pelentions[.]com/MlCs/caldo[.]png	JanelaRAT
URL	hxxps://virtual[.]urban-orthodontics[.]com/feFHRgbDJC8Zw310StlrZA/DfWQemT88BZkiMhOIPj8fij0wCZE2ZAA= hxxps://mtpolice2030[.]com/cdn-vs/original[.]js hxxps://mtpolice2030[.]com/cdn-vs/index[.]php hxxps://mtpolice2030[.]com/cdn-vs/fix[.]php hxxps://mtpolice2030[.]com/cdn-vs/data[.]php hxxps://myugu[.]therapy[.]emergencepsychservices[.]com/orderReview hxxps://lhc[.]therapy[.]emergencepsychservices[.]com/orderReview hxxps://mkwk[.]therapy[.]emergencepsychservices[.]com/orderReview hxxps://virtana-tech[.]com/trade/fix[.]php hxxps://virtana-tech[.]com/trade/original[.]js hxxps://virtana-tech[.]com/trade/index[.]php hxxps://virtana-tech[.]com/trade/d[.]php hxxps://qqmb[.]free[.]thebitmeister[.]com/orderReview hxxps://lpgv[.]free[.]thebitmeister[.]com/orderReview	FAKEUPDATES
URL	hxxp://154[.]216[.]17[.]169/t hxxp://121[.]127[.]34[.]110/fuckjewishpeople[.]arm4	Mirai
URL	hxxp://176[.]113[.]115[.]33/thebig/noode[.]exe hxxp://193[.]187[.]174[.]58/thebig/getlab[.]exe	Socks5 Systemz
URL	hxxp://147[.]45[.]44[.]104/prog/66ed33717e4c1_vfdshfdag15[.]exe hxxps://nerv[.]com[.]pe/vfsdgdf[.]exe hxxp://147[.]45[.]44[.]104/prog/66ed5659d6ee7_vcxhsdf12[.]exe hxxp://147[.]45[.]44[.]104/prog/66ed33772bbe7_vdfhsjf16[.]exe hxxp://147[.]45[.]44[.]104/prog/66ed336eac985_vdfhssfdg12[.]exe hxxp://147[.]45[.]44[.]104/prog/66ecb4509c214_vbfdsg12[.]exe hxxps://nasionaltv[.]com/vejsfs16[.]exe hxxps://nerv[.]com[.]pe/vsfdhgg15[.]exe hxxp://147[.]45[.]44[.]104/yuop/66ed8059174df_ConsiderMilfs[.]exe hxxp://147[.]45[.]44[.]104/prog/66ed337476b90_vfdshd[.]exe hxxp://147[.]45[.]44[.]104/prog/66ecb44e7f1ca_vdfshd15[.]exe hxxps://nerv[.]com[.]pe/vdshgdf16[.]exe hxxp://147[.]45[.]44[.]104/prog/66eef0d27af21_vfdsgfd[.]exe hxxps://brightorbitconsultancy[.]com/vfdsgfd[.]exe hxxps://innovaxingenieros[.]com/vkfsags12[.]exe hxxps://innovaxingenieros[.]com/vsfdajg16[.]exe hxxp://147[.]45[.]44[.]104/revada/66f00ee5b1ba6_cry[.]exe hxxp://147[.]45[.]44[.]104/prog/66eef0d509347_vfdshg16[.]exe hxxp://147[.]45[.]44[.]104/prog/66eef0cfe6c57_vdcsdgf15[.]exe hxxp://147[.]45[.]44[.]104/prog/66eef0d7ec94e_vrewgh12[.]exe hxxp://147[.]45[.]44[.]104/yuop/66f00f515201d_otr[.]exe hxxps://dfgdfgfhgjfggedfgdfhvh[.]xyz/server/new/cry[.]exe hxxps://dfgdfgfhgjfggedfgdfhvh[.]xyz/server/new/otr[.]exe hxxps://tirrex[.]cl/folder/otra[.]exe hxxp://147[.]45[.]44[.]104/prog/66ecb44c35444_vfdhsgdf[.]exe hxxps://trasporteymensajeriacyj[.]com/assets/c1[.]exe hxxps://nasionaltv[.]com/vfdshf[.]exe hxxps://nasionaltv[.]com/vdfsh12[.]exe hxxp://147[.]45[.]44[.]104/revada/66f148e50e8e1_goodJob[.]exe hxxp://147[.]45[.]45[.]69/vdshdf[.]exe hxxps://nasionaltv[.]com/vsg15[.]exe hxxp://147[.]45[.]45[.]69/vfdsfh12[.]exe hxxp://147[.]45[.]45[.]69/vfsdhfsd16[.]exe hxxp://147[.]45[.]45[.]69/vfdgfd15[.]exe hxxp://147[.]45[.]44[.]104/revada/66f19da1b85de_cryotr[.]exe	Vidar
URL	hxxp://147[.]45[.]44[.]104/yuop/66ec3528901bb_winupdate11[.]exe hxxp://66[.]63[.]187[.]123/txt/73EtsZxIoDetWTu[.]exe hxxp://109[.]248[.]150[.]159/tMBNNydkDMqAIHr158[.]bin hxxps://api[.]telegram[.]org/bot6852245174:AAHgk_9s-tH6YNacTaCnQz56uJMggI0fZDw/ hxxp://papeleriaveneplast[.]com/nigx/notebyx[.]exe hxxp://papeleriaveneplast[.]com/sWgiokoty/wcxoplwq[.]exe hxxps://mohawatradingco[.]com/DHL-Receipt[.]js	Agent Tesla
URL	hxxp://52[.]169[.]233[.]237/yakuza[.]mpsl hxxp://52[.]169[.]233[.]237/yakuza[.]ppc hxxp://52[.]169[.]233[.]237/yakuza[.]x86 hxxp://52[.]169[.]233[.]237/yakuza[.]arm4 hxxp://52[.]169[.]233[.]237/yakuza[.]arm5 hxxp://52[.]169[.]233[.]237/yakuza[.]m68k hxxp://52[.]169[.]233[.]237/yakuza[.]arm6 hxxp://52[.]169[.]233[.]237/yakuza[.]mips hxxp://52[.]169[.]233[.]237/yakuza[.]x32 hxxp://52[.]169[.]233[.]237/yakuza[.]i586	Yakuza
URL	hxxp://185[.]215[.]113[.]37/0d60be0de163924d/nss3[.]dll hxxp://185[.]215[.]113[.]37/0d60be0de163924d/sqlite3[.]dll hxxp://185[.]215[.]113[.]37/0d60be0de163924d/freebl3[.]dll hxxp://185[.]215[.]113[.]37/0d60be0de163924d/mozglue[.]dll hxxp://185[.]215[.]113[.]37/0d60be0de163924d/softokn3[.]dll hxxp://185[.]215[.]113[.]37/0d60be0de163924d/msvcp140[.]dll hxxp://185[.]215[.]113[.]37/0d60be0de163924d/vcruntime140[.]dll hxxp://185[.]215[.]113[.]37/doun/game[.]exe hxxp://154[.]216[.]18[.]13/1a6bc231b835769a[.]php hxxp://185[.]215[.]113[.]16/inc/needmoney[.]exe hxxp://185[.]215[.]113[.]19/inc/needmoney[.]exe hxxp://185[.]215[.]113[.]117/reno/zuda[.]exe hxxp://212[.]34[.]148[.]47/f3920c55236c2636/msvcp140[.]dll hxxp://212[.]34[.]148[.]47/f3920c55236c2636/softokn3[.]dll hxxp://212[.]34[.]148[.]47/f3920c55236c2636/mozglue[.]dll hxxp://212[.]34[.]148[.]47/f3920c55236c2636/freebl3[.]dll hxxp://212[.]34[.]148[.]47/f3920c55236c2636/nss3[.]dll hxxp://212[.]34[.]148[.]47/f3920c55236c2636/sqlite3[.]dll hxxp://212[.]34[.]148[.]47/f3920c55236c2636/vcruntime140[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/freebl3[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/nss3[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/sqlite3[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/msvcp140[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/vcruntime140[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/mozglue[.]dll hxxp://154[.]216[.]18[.]13/f3920c55236c2636/softokn3[.]dll hxxp://185[.]215[.]113[.]100/vera/nate[.]exe hxxp://185[.]215[.]113[.]37/vera/nate[.]exe hxxp://185[.]215[.]113[.]103/vera/nate[.]exe hxxps://innovaxingenieros[.]com/smdsg[.]exe hxxps://innovaxingenieros[.]com/vlsadg[.]exe hxxp://147[.]45[.]44[.]104/prog/66eef0cc8034a_sdgdfs[.]exe hxxps://brightorbitconsultancy[.]com/sdgdfs[.]exe hxxp://45[.]200[.]149[.]45/909443e03ce77329[.]php hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/mozglue[.]dll hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/msvcp140[.]dll hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/nss3[.]dll hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/sqlite3[.]dll hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/freebl3[.]dll hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/softokn3[.]dll hxxp://45[.]200[.]149[.]43/9e16d717fbeceda0/vcruntime140[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/nss3[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/msvcp140[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/vcruntime140[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/mozglue[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/freebl3[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/sqlite3[.]dll hxxp://45[.]200[.]149[.]45/9e16d717fbeceda0/softokn3[.]dll hxxp://45[.]200[.]149[.]47/909443e03ce77329[.]php	Stealc
URL	hxxp://www[.]plantytime[.]com/CITROEN[.]msi hxxp://plantytime[.]com/CITROEN[.]msi hxxp://188[.]119[.]113[.]152/CITROEN[.]msi hxxps://greshunka[.]com:8041/bazar[.]php hxxps://92[.]118[.]112[.]130:8041/bazar[.]php hxxp://gertioma[.]top/o[.]jpg	BazarBackdoor
URL	hxxp://147[.]45[.]44[.]104/yuop/66ec34ea3a1b3_app3454636138226159146[.]exe hxxp://147[.]45[.]44[.]104/revada/66ebe621bc80b_ffile[.]exe hxxp://185[.]215[.]113[.]117/inc/GIFT-INFO[.]lMG[.]exe hxxp://185[.]215[.]113[.]117/inc/resex[.]exe hxxp://185[.]215[.]113[.]117/inc/whiteheroin[.]exe hxxp://185[.]215[.]113[.]117/inc/penis[.]exe hxxp://185[.]215[.]113[.]117/inc/morphic[.]exe hxxp://185[.]215[.]113[.]117/inc/bundle[.]exe hxxp://185[.]215[.]113[.]117/inc/vlst[.]exe hxxp://176[.]111[.]174[.]140/psfod[.]exe hxxp://147[.]45[.]44[.]104/yuop/66efe93a74999_crypted[.]exe hxxp://147[.]45[.]44[.]104/revada/66ef2d38305f6_crypted[.]exe hxxp://147[.]45[.]44[.]104/yuop/66eea6336b153_app16540406983468141987[.]exe hxxp://147[.]45[.]44[.]104/yuop/66f011901da27_crypted[.]exe hxxp://147[.]45[.]44[.]104/revada/66f0115e28dc4_crypted[.]exe hxxp://147[.]45[.]44[.]104/revada/66eeefee8eaa2_crypted[.]exe hxxp://147[.]45[.]44[.]104/yuop/66ed7ef071886_crypted[.]exe hxxp://147[.]45[.]44[.]104/revada/66f01434b5b1a_crypted[.]exe hxxp://147[.]45[.]44[.]104/yuop/66edb89bc4073_crypted[.]exe hxxp://185[.]215[.]113[.]117/inc/kiyan[.]exe	RedLine Stealer
URL	hxxp://104[.]128[.]56[.]140/JavaX-Helper[.]exe hxxp://69[.]10[.]45[.]181/exe/svchost[.]exe	XWorm
URL	hxxps://sdm-sitmc[.]com/wp-content/plugins/z-downloads/ hxxps://vaultreach[.]com/wp-content/plugins/z-downloads/ hxxps://www[.]erpquipu[.]com/wp-content/plugins/z-downloads/ hxxps://www[.]defrasystem[.]it/wp-content/plugins/z-downloads/ hxxps://swagdetailing[.]vn/wp-content/plugins/z-downloads/ hxxps://str-travaux[.]com/wp-content/plugins/z-downloads/ hxxps://www[.]envioacanaria[.]es/wp-content/plugins/z-downloads/ hxxps://www[.]racarteles[.]com[.]ar/wp-content/plugins/z-downloads/ hxxps://theitalianplaceprovidore[.]com[.]au/wp-content/plugins/z-downloads/ hxxps://trinitetech[.]com/wp-content/plugins/z-downloads/ hxxps://themufti[.]com/wp-content/plugins/z-downloads/ hxxps://teeoi2024[.]teeoi[.]com/wp-content/plugins/z-downloads/ hxxps://www[.]ristoranteamicimiei[.]it/wp-content/plugins/z-downloads/ hxxps://restasfunerals[.]gr/wp-content/plugins/z-downloads/ hxxps://veraflorindo[.]adv[.]br/wp-content/plugins/z-downloads/ hxxps://usatimenetwork[.]com/wp-content/plugins/z-downloads/ hxxps://rebabeachresort[.]in/wp-content/plugins/z-downloads/ hxxps://zazipoa[.]co[.]ke/wp-content/plugins/z-downloads/ hxxps://www[.]carpetparadise[.]com[.]au/wp-content/plugins/z-downloads/ hxxps://serbacetak[.]com/wp-content/plugins/z-downloads/ hxxps://sikkacrownofnoida[.]com/wp-content/plugins/z-downloads/ hxxps://tehran-ballbearings[.]ir/wp-content/plugins/z-downloads/ hxxps://www[.]urnammu[.]org/wp-content/plugins/z-downloads/ hxxps://sema-sa[.]com/wp-content/plugins/z-downloads/ hxxps://seawave[.]online/wp-content/plugins/z-downloads/ hxxps://www[.]jejouedelamusique[.]com/wp-content/plugins/z-downloads/ hxxps://smartnepali[.]com/wp-content/plugins/z-downloads/ hxxps://primo-investment[.]com/wp-content/plugins/z-downloads/ hxxps://ortekinsaat[.]com/wp-content/plugins/z-downloads/ hxxps://lesyogaphiles[.]com/wp-content/plugins/z-downloads/ hxxps://luxuryumrahcars[.]com/wp-content/plugins/z-downloads/ hxxps://plusaccountingservices[.]com/wp-content/plugins/z-downloads/ hxxps://newcms-fuv[.]toponseek[.]com/wp-content/plugins/z-downloads/ hxxps://pixocad[.]com/wp-content/plugins/z-downloads/ hxxps://lgservice[.]smithup[.]site/wp-content/plugins/z-downloads/ hxxps://menuuo[.]com/wp-content/plugins/z-downloads/ hxxps://ogslnolly[.]com/wp-content/plugins/z-downloads/ hxxps://myanetwork[.]org/wp-content/plugins/z-downloads/ hxxps://onlineshoppingmantra[.]com/wp-content/plugins/z-downloads/ hxxps://medsourceglobal[.]com/wp-content/plugins/z-downloads/ hxxps://nahcamargo[.]com[.]br/wp-content/plugins/z-downloads/ hxxps://mybackofficesolutions[.]us/wp-content/plugins/z-downloads/ hxxps://pakistanchurchplanting[.]com/wp-content/plugins/z-downloads/ hxxps://lyne-melis[.]fr/wp-content/plugins/z-downloads/ hxxps://manitpoint[.]com/wp-content/plugins/z-downloads/ hxxps://parasseasonss[.]com/wp-content/plugins/z-downloads/ hxxps://packtechperu[.]com/wp-content/plugins/z-downloads/ hxxps://oxnardappliancerepairmasters[.]com/wp-content/plugins/z-downloads/ hxxps://garudahospital[.]in/wp-content/plugins/z-downloads/ hxxps://ignetwork[.]us/wp-content/plugins/z-downloads/ hxxps://gaticosymonetes[.]com/wp-content/plugins/z-downloads/ hxxps://ims[.]25pockets[.]com/wp-content/plugins/z-downloads/ hxxps://inkpulsive[.]com/wp-content/plugins/z-downloads/ hxxps://guillermoopticos[.]com/wp-content/plugins/z-downloads/ hxxps://itstime[.]love/wp-content/plugins/z-downloads/ hxxps://homes121s[.]in/wp-content/plugins/z-downloads/ hxxps://impressionblog[.]co[.]uk/wp-content/plugins/z-downloads/ hxxps://intermittentliving[.]houbenfysiotherapie[.]nl/wp-content/plugins/z-downloads/ hxxps://ethadalkhayr[.]com/wp-content/plugins/z-downloads/ hxxps://foundehd[.]org/wp-content/plugins/z-downloads/ hxxps://brickkiln[.]org/wp-content/plugins/z-downloads/ hxxps://epicradio[.]com[.]ar/wp-content/plugins/z-downloads/ hxxps://ambiencetivertonn[.]com/wp-content/plugins/z-downloads/ hxxps://brunafarinonpediatra[.]com[.]br/wp-content/plugins/z-downloads/ hxxps://blogdokter[.]online/wp-content/plugins/z-downloads/ hxxps://dnarchitetti[.]com/wp-content/plugins/z-downloads/ hxxps://davincibellasartes[.]es/wp-content/plugins/z-downloads/ hxxps://fchaneliere[.]com/wp-content/plugins/z-downloads/ hxxps://amrapaliheartbeatcity[.]com/wp-content/plugins/z-downloads/ hxxps://daretodream[.]cloud/wp-content/plugins/z-downloads/ hxxps://belapornatureza[.]com[.]br/wp-content/plugins/z-downloads/ hxxps://acknowledgementforproject[.]com/wp-content/plugins/z-downloads/ hxxps://arctus[.]ca/wp-content/plugins/z-downloads/ hxxps://atsknightsbridge[.]in/wp-content/plugins/z-downloads/ hxxps://finbloggy[.]com/wp-content/plugins/z-downloads/ hxxps://amjadexport[.]com/wp-content/plugins/z-downloads/	Brute Ratel C4
URL	hxxp://185[.]215[.]113[.]117/inc/S%D0%B5tup[.]exe hxxp://185[.]215[.]113[.]117/dobre/acentric[.]exe hxxp://fivevf5pt[.]top/v1/upload[.]php hxxp://twelvevd12vs[.]top/v1/upload[.]php hxxp://tventyvf20pt[.]top/v1/upload[.]php	CryptBot
URL	hxxp://185[.]215[.]113[.]117/inc/Client_protected[.]exe hxxps://www[.]informacionoportuna[.]com/wp-content/uploads/2024/09/7777[.]txt hxxps://www[.]informacionoportuna[.]com/wp-content/uploads/2024/09/66azul[.]txt	NjRAT
URL	hxxp://185[.]215[.]113[.]117/inc/Pichon[.]exe hxxp://185[.]215[.]113[.]117/inc/cclent[.]exe hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SGRH/K1R[.]txt	Quasar RAT
URL	hxxp://185[.]215[.]113[.]117/inc/5KNCHALAH[.]exe hxxp://185[.]215[.]113[.]117/inc/HVNC1[.]exe hxxps://tmpfiles[.]org/dl/13064919/rcqirfnqr[.]exe	PureCrypter
URL	hxxp://185[.]215[.]113[.]117/inc/XClient_protected[.]exe	Venom RAT
URL	hxxp://185[.]215[.]113[.]117/inc/freedom[.]exe hxxp://104[.]243[.]38[.]54/600/audiodg[.]exe hxxp://104[.]243[.]38[.]54/xampp/hu/wecreatednewthingsinthisworldtogetmebackwithnewthingstounderstandverywellthenicepersonevermadewithmeshecutebabygirl_____lovetoseeyou[.]doc hxxp://104[.]243[.]38[.]54/600/audiodii[.]exe hxxp://103[.]131[.]130[.]154/144/audiodg[.]exe hxxp://103[.]131[.]130[.]154/xampp/eso/IEnetworkcookie[.]hta	Formbook
URL	hxxp://147[.]45[.]44[.]104/yuop/66e571613a5a3_Server[.]exe	KrBanker
URL	hxxp://82[.]147[.]85[.]52/Loader[.]exe	RansomHub
URL	hxxps://update-ledger[.]net/info3[.]php hxxps://update-ledger[.]net/info2[.]php hxxps://update-ledger[.]net/ns/nsm_vpro[.]ini hxxps://update-ledger[.]net/ns/PCICL32[.]DLL hxxps://update-ledger[.]net/ns/HTCTL32[.]DLL hxxps://update-ledger[.]net/ns/msvcr100[.]dll hxxps://update-ledger[.]net/ns/nskbfltr[.]inf hxxps://update-ledger[.]net/ns/client32[.]exe hxxps://update-ledger[.]net/ns/PCICHEK[.]DLL hxxps://update-ledger[.]net/ns/pcicapi[.]dll hxxps://update-ledger[.]net/ns/TCCTL32[.]DLL hxxps://update-ledger[.]net/ns/remcmdstub[.]exe hxxps://update-ledger[.]net/ns/NSM[.]ini hxxps://update-ledger[.]net/ns/client32[.]ini hxxps://update-ledger[.]net/ns/NSM[.]LIC hxxps://update-ledger[.]net/ns/AudioCapture[.]dll hxxps://mlm-cdn[.]com/ssd/sdn1[.]zip hxxps://mlm-cdn[.]com/ssd/sdn4[.]zip hxxps://mlm-cdn[.]com/ssd/sdn3[.]zip hxxps://mlm-cdn[.]com/ssd/sdn2[.]zip hxxp://147[.]45[.]44[.]131/files/990[.]exe hxxps://www[.]chefspavilion[.]com/cdn-vs/data[.]php hxxps://185[.]33[.]85[.]42/cdn-vs/data[.]php hxxps://ncf[.]ceprone[.]com/data[.]php hxxps://www[.]jmconsultores[.]ceprone[.]com/data[.]php hxxps://www[.]butikhotel[.]ceprone[.]com/data[.]php hxxps://apf[.]ceprone[.]com/data[.]php hxxps://webdisk[.]uataf[.]ceprone[.]com/data[.]php hxxps://www[.]tomascastelo[.]ceprone[.]com/data[.]php hxxps://www[.]afdc[.]ceprone[.]com/data[.]php hxxps://www[.]televisaogemeas[.]ceprone[.]com/data[.]php hxxps://www[.]ceprone[.]com/data[.]php hxxps://www[.]test[.]exameja[.]ceprone[.]com/data[.]php hxxps://loja[.]ceprone[.]com/data[.]php hxxps://www[.]stellamaris[.]ceprone[.]com/data[.]php hxxps://www[.]michely[.]ceprone[.]com/data[.]php hxxps://www[.]rainha[.]ceprone[.]com/data[.]php hxxps://stellamaris[.]ceprone[.]com/data[.]php hxxps://www[.]demo-zilka[.]ceprone[.]com/data[.]php hxxps://www[.]arbet[.]ceprone[.]com/data[.]php hxxps://amiguinhos[.]ceprone[.]com/data[.]php hxxps://test[.]exameja[.]ceprone[.]com/data[.]php hxxps://www[.]orphad[.]ceprone[.]com/data[.]php hxxps://ciwa[.]ceprone[.]com/data[.]php hxxps://examego[.]ceprone[.]com/data[.]php hxxps://www[.]exameja[.]ceprone[.]com/data[.]php hxxps://www[.]ncf[.]ceprone[.]com/data[.]php hxxps://www[.]loja[.]ceprone[.]com/data[.]php hxxps://checkout[.]ceprone[.]com/data[.]php hxxps://absa[.]ceprone[.]com/data[.]php hxxps://www[.]genafricana[.]ceprone[.]com/data[.]php hxxps://www[.]sheltongotine[.]ceprone[.]com/data[.]php hxxps://whm[.]waresta[.]ceprone[.]com/data[.]php hxxps://www[.]zilka[.]ceprone[.]com/data[.]php hxxps://www[.]wooneya[.]ceprone[.]com/data[.]php hxxps://demo-zilka[.]ceprone[.]com/data[.]php hxxps://ajp[.]ceprone[.]com/data[.]php hxxps://www[.]demo-zilk[.]ceprone[.]com/data[.]php hxxps://www[.]examego[.]ceprone[.]com/data[.]php hxxps://www[.]sernorte[.]ceprone[.]com/data[.]php hxxps://artmarcas[.]ceprone[.]com/data[.]php hxxps://79[.]141[.]161[.]172/data[.]php hxxps://ceprone[.]com/data[.]php hxxp://147[.]45[.]44[.]131/files/Name[.]exe	NetSupportManager RAT
URL	hxxps://tmpfiles[.]org/dl/13121783/inst_4wky_x[.]exe hxxp://176[.]111[.]174[.]140/tyh[.]exe hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/ENVS/DS1[.]txt hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/J1[.]txt hxxp://103[.]130[.]147[.]211/Files/inst_4WKY_x[.]exe hxxp://165[.]227[.]81[.]186/payroll[.]php hxxp://185[.]174[.]101[.]88:777/gno[.]jpg hxxps://185[.]174[.]101[.]88/gno[.]jpg hxxps://jumboplastsrl[.]com[.]ar/rr/nsmoney[.]jpg hxxp://104[.]243[.]37[.]177:888/npa[.]vbs hxxps://104[.]243[.]37[.]177/npa[.]vbs hxxps://104[.]243[.]37[.]177/to[.]txt hxxp://104[.]243[.]37[.]177:888/to[.]txt	AsyncRAT
URL	hxxp://198[.]46[.]178[.]181/755/unb/seewhatthebuttersmooththingsgetmebackwithentirechocolatebuttersmoothbiscoutweneedtruebuttersmoothchocolatevaanilla_______seethebuttersmooth[.]doc hxxp://103[.]182[.]19[.]148/10200/lionskingcobraimageshighqaulitybmp[.]bmp hxxp://192[.]3[.]193[.]155/xampp/boz/bz/IEnetworkroundthings[.]hta hxxp://192[.]3[.]193[.]155/xampp/mesz/mz/IEnetupdationprocess[.]hta hxxp://198[.]46[.]178[.]137/136/RNR[.]txt hxxp://52[.]195[.]219[.]214/xampp/de/IEnetshowwork[.]hta hxxp://99[.]79[.]191[.]228/450/MeMpEng[.]exe hxxp://52[.]195[.]219[.]214/56/MeMpEng[.]exe hxxp://192[.]3[.]193[.]155/xampp/mesz/wethinkchocolatebuttersmoothbunhave[.]tIF hxxp://192[.]227[.]225[.]173/xampp/hbu/IEnetshoot[.]hta hxxp://192[.]227[.]225[.]173/M0209T/csrss[.]exe hxxp://192[.]3[.]243[.]166/xampp/sw/enghss[.]hta hxxp://192[.]3[.]243[.]166/118/MeMpEng[.]exe hxxp://192[.]3[.]193[.]155/xampp/boz/wecreatedbuttersmoothbutterthings[.]tIF hxxp://103[.]182[.]19[.]148/10200/BRB[.]txt hxxp://99[.]79[.]191[.]228/xampp/wfg/IEnetCatUpdate[.]hta hxxp://23[.]95[.]235[.]112/122/MKCV[.]txt hxxp://198[.]46[.]178[.]154/100500/HWE[.]txt hxxp://172[.]232[.]4[.]203/300400/SVSS[.]txt hxxp://198[.]46[.]178[.]154/100500/vff/lioniskingandtigerisalsotryingforkingbutdifferentistheattitudeofthistwoanimalaredifferentlionsisalwaysalionitsucantcomparewith__anyotherbecauselionbeauties[.]doc hxxp://198[.]46[.]178[.]154/400500/gbv/lionsaregetbacktothejungleforentirethingstochangewearelionkingofthejungletigersaregreatthingstounderstandjunglelionskingofjungletigers___stillalsolionsarekingof[.]doc hxxp://172[.]232[.]4[.]203/300400/svcc/lionsarekingofthejungletigersarebornintheearthforbeahavinggreatandtheyareverydangrouslionsarelawayskingbeause__beautifullionsandkingaregreat[.]doc hxxp://172[.]232[.]4[.]203/300400/lionandtigerfemalesarelooklikeverynice[.]bmp hxxp://198[.]12[.]107[.]122/400400/PHGT[.]txt hxxp://198[.]46[.]178[.]154/100500/lionsandtigerbeautifulpicture[.]bmp hxxp://198[.]46[.]178[.]154/400500/lionsarekingofjungleimagesamazing[.]bmp hxxp://198[.]12[.]81[.]228/600/RGGV[.]txt hxxp://198[.]46[.]178[.]154/400500/WDC[.]txt hxxp://23[.]94[.]148[.]16/70/kmb/weneednewthingstogetmebackwithentirethingstogetbackwtihnewprofilepicturewithnewfashionwhichmakefeelrichwithme______bestchoclatefilledruffel[.]doc hxxp://23[.]94[.]148[.]16/60/cbf[.]txt hxxp://198[.]46[.]177[.]156/100200/MCCA[.]txt hxxp://198[.]46[.]177[.]156/xampp/mcc/lionsaregreatinthevaluewholookingfornatureofthejngletoundertandlionskingisgreatinthejungletogetitbacktoundeerstandlionskingofjungle___alwaysgreatlionsjungle[.]doc hxxp://192[.]227[.]173[.]64/7090/LOCC[.]txt hxxp://198[.]46[.]177[.]156/100200/lionsandtigersarekingofjungleimageshere[.]bmp hxxp://192[.]227[.]173[.]64/xampp/kobo/uhg[.]txt hxxp://23[.]94[.]148[.]16/60/bnc/seethebestwayforunderstandthegreatthingstogetmebackwithnicethingsunderstandbutterscoochwithnicemilkwhichaddedoneinthecake________sheisveryhostgirl[.]doc hxxp://23[.]94[.]148[.]16/90/WEFV[.]txt hxxp://23[.]94[.]148[.]16/70/LDRC[.]txt hxxp://23[.]94[.]148[.]16/70/weneedgreatchocolatecakeneed[.]tIF hxxp://198[.]23[.]188[.]147/90/LVCR[.]txt hxxp://198[.]23[.]188[.]147/90/iamthereatwarriorforgirlspicute[.]tIF hxxp://198[.]23[.]188[.]147/140/noc/IEnetworking[.]hta hxxp://198[.]23[.]188[.]147/72/hon/mepictureeverythingonherewithuverywellwithouthavingsuchanicenewswhichneedtohappenedeverywheresheisreallynicegirlalwaystogetme____sheisverynicegirl[.]doc hxxp://198[.]23[.]188[.]147/150/NOCMG[.]txt hxxp://198[.]23[.]188[.]147/90/we/IEnetworkgetme[.]hta hxxp://198[.]23[.]188[.]147/150/ceo/IEnetworkcreatedudpate[.]hta hxxp://198[.]23[.]188[.]147/72/mypicturenotwithmeonherenothave[.]tIF hxxp://198[.]23[.]188[.]147/140/SRFVC[.]txt hxxp://198[.]23[.]188[.]147/140/picturegetmebackwithnewthingshere[.]tIF hxxp://198[.]23[.]188[.]147/72/WERFF[.]txt hxxp://198[.]23[.]188[.]147/150/geewithicreamsandwitchtatstyiloveit[.]tIF hxxp://23[.]94[.]148[.]16/60/seethebutterscoochmilkwithsweet[.]tIF hxxp://172[.]232[.]189[.]85/2414/RNCFF[.]txt hxxp://172[.]236[.]19[.]62/340/NINEO[.]txt hxxp://172[.]236[.]19[.]62/293/RWERR[.]txt hxxp://198[.]12[.]81[.]171/83/RNCFC[.]txt hxxp://107[.]172[.]148[.]248/82/awss[.]txt hxxp://107[.]172[.]148[.]248/130/RMOTH[.]txt hxxp://45[.]90[.]89[.]123/2117/RMCCF[.]txt hxxp://107[.]175[.]243[.]142/254/audiodg[.]exe hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RS[.]txt hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RF[.]txt hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RTJ[.]txt hxxp://91[.]202[.]233[.]169/Tak/Reg/Marz/SH/RRTT[.]txt hxxp://172[.]236[.]19[.]62/293/min/seethepicturetogetmebacktheupdateionprocesswhichreallyfineforgetmebackwithentireprocessgoodandgreatforsuccessfulthings_______veryfineexpeince[.]doc hxxp://45[.]90[.]89[.]123/2117/sk/weskineverythingtobeperfectwithentirethingstodropdownwitheverythinginactiontodoentireprojectreadyforhitthetruenetwork____nicepeoplesgetmeback[.]doc hxxp://172[.]232[.]189[.]85/2414/eno/nicetomeetyouthepersonwhowanttounderstandiamagoodboywhocantakeyouintheheavenwithentirelifesystletoseethatsheismygirl______greatthingstobewant[.]doc hxxp://172[.]236[.]19[.]62/340/ncv/feelniceforgivenmegreatthingstobegreatforgetbacknicepictureofmygirlfrinedwhoreallylovedeveryonetogetmebackwithherlifesheisbeauty______nicegirliseenforeverme[.]doc hxxp://198[.]12[.]81[.]171/83/gfv/weneedpicturetogetmebackwithgoodsuccessfullthingswanttobegreatwithentirethingsgosuccessfulljourneyonurcareer________bestgreatsuccess[.]doc hxxp://45[.]79[.]190[.]156/560/ec/nicezorkforentirethingtobegogreqterthenqnyzheretget,eunderstqndhozbequtifulgirlsheisverynicegirlifoundinnortheqstsidezodndoerfillzodfe[.]doc hxxp://45[.]79[.]190[.]156/560/greatthingstobegreatthingswithmeg[.]tIF hxxp://107[.]172[.]148[.]248/130/dg/weseethepicturewithnewthingswithgreatthingstobegreatunderstandpicturenewthingswithgreatundrstandhereonseetegreat__________greatsuccessonhere[.]doc	Remcos
URL	hxxp://1[.]92[.]146[.]107/linux_arm5 hxxp://1[.]92[.]146[.]107/linux_amd64 hxxp://1[.]92[.]146[.]107/linux_aarch64 hxxp://1[.]92[.]146[.]107/linux_mips64 hxxp://1[.]92[.]146[.]107/linux_mips hxxp://1[.]92[.]146[.]107/linux_arm6 hxxp://1[.]92[.]146[.]107/linux_arm7	Ares
URL	hxxp://176[.]111[.]174[.]109/kurwa	Tofsee
URL	hxxp://204[.]10[.]160[.]223/foVwWGCKMF230[.]bin hxxp://103[.]237[.]86[.]136/QHDweQjudBxOH171[.]bin hxxp://103[.]237[.]86[.]137/CDffcqqkGdQO150[.]bin hxxp://107[.]150[.]19[.]141/YzMDBQdXEiLgTivrH243[.]bin hxxp://64[.]188[.]18[.]85/jmSQVwyK199[.]bin hxxp://204[.]10[.]160[.]199/nuFQGcHXOlDhwOAJdu247[.]bin hxxp://204[.]10[.]160[.]199/nsTtrctxLoMwQlyGi221[.]bin hxxp://204[.]10[.]160[.]199/RgwizFTsBTeTMlDnqyb133[.]bin hxxp://212[.]162[.]149[.]166/xZwsyqvLHmFzB174[.]bin hxxp://212[.]162[.]149[.]156/BKsmNLyGMLXliYUz90[.]bin hxxp://204[.]10[.]160[.]133/DMvXhO179[.]bin hxxp://212[.]162[.]149[.]156/qjTHHXFG5[.]bin	CloudEyE
URL	hxxp://147[.]45[.]44[.]104/lopsa/66eaadab755d2_installs[.]exe hxxp://160[.]25[.]72[.]207/ARMAF/MPA[.]exe	PureLogs Stealer
URL	hxxps://eb2a[.]live/ready[.]apk hxxps://fshjfjhxjhjh[.]top/ready[.]apk hxxps://154[.]91[.]84[.]35/ready[.]apk hxxps://www[.]eb2a[.]live/ready[.]apk hxxps://51[.]161[.]13[.]209/ready[.]apk hxxps://mail[.]eb2a[.]live/ready[.]apk hxxp://69[.]10[.]45[.]181/ready[.]apk hxxp://45[.]152[.]67[.]25:8080/ready[.]apk hxxp://137[.]184[.]53[.]152:8081/Test[.]apk hxxp://137[.]184[.]53[.]152:8081/Test%20(12)[.]apk hxxp://137[.]184[.]53[.]152:8081/Chrome[.]apk hxxp://137[.]184[.]53[.]152:8081/Telegram%20(3)[.]apk	SpyNote
URL	hxxp://37[.]48[.]102[.]22:1820/is-ready	WSHRAT
URL	hxxps://www[.]hercvlesconcrete[.]com/Document[.]zip hxxps://api[.]telegram[.]org/bot7541020039:AAGsq8h1YFdFZMkWR4YvtTV1a-gYO_XOaR4/sendMessage?chat_id=5593200404 hxxps://api[.]telegram[.]org/bot7984047337:AAGSaG0nExqxkiCbwnZqDwxijOF59XBFFIM/sendMessage?chat_id=2135869667 hxxps://api[.]telegram[.]org/bot7325762278:AAFPrMvoiNNZ5rT_5Kz3dP1guR4ZEPdF-9A/sendMessage?chat_id=5692813672	Snake Keylogger
URL	hxxp://188[.]34[.]184[.]47/auto/9923765c101c3aa0fca26d109ef9ebe8/231[.]exe	DarkGate
URL	hxxps://www[.]mcxntoolsservice[.]com/srne[.]php	Bitter RAT
URL	hxxp://89[.]197[.]154[.]116//Prototype[.]exe hxxp://89[.]197[.]154[.]116//Journal[.]zip hxxp://89[.]197[.]154[.]116//Monitor[.]exe hxxp://89[.]197[.]154[.]116//Utility3[.]exe hxxp://89[.]197[.]154[.]116//service[.]exe hxxp://89[.]197[.]154[.]116//Utility2[.]exe hxxp://89[.]197[.]154[.]116//Utility[.]zip hxxp://89[.]197[.]154[.]116//Extension[.]zip hxxp://89[.]197[.]154[.]116//Organiser[.]exe hxxp://89[.]197[.]154[.]116//Charter[.]exe hxxp://89[.]197[.]154[.]116//Journal[.]exe hxxp://89[.]197[.]154[.]116//Extension2[.]exe hxxp://89[.]197[.]154[.]116//Accounts[.]zip hxxp://89[.]197[.]154[.]116//Beta2[.]zip hxxp://198[.]12[.]81[.]171/xampp/cno/newthingstogetmebackwtih[.]hta hxxp://89[.]197[.]154[.]116//Prototype[.]zip hxxp://47[.]120[.]46[.]210:81/hZh3 hxxp://47[.]120[.]46[.]210:81/YtW9 hxxp://89[.]197[.]154[.]116//Meeting[.]exe hxxps://204[.]152[.]203[.]78/dot[.]gif	Cobalt Strike
URL	hxxp://89[.]197[.]154[.]116//Tracker[.]exe hxxp://89[.]197[.]154[.]116//Icon[.]exe hxxp://89[.]197[.]154[.]116//Excel[.]exe hxxp://89[.]197[.]154[.]116//Uploader[.]exe hxxp://89[.]197[.]154[.]116//Excel[.]zip	Meterpreter
URL	hxxp://41[.]216[.]188[.]190/api/wp-admin[.]php hxxps://haggaifashion[.]com/app/appgate15[.]exe hxxp://45[.]91[.]200[.]135/api/wp-admin[.]php	PrivateLoader
URL	hxxp://107[.]175[.]243[.]142/xampp/bv/niceworkonudpationprocesstogetmebackwtihentirethingstobefineformetounderstandallgreatgoingtobethanksforevery_______nicepeoplesaround[.]doc	DBatLoader
URL	hxxps://smolcatkgi[.]shop/endpoint hxxps://viewphoto[.]lol/download/dwnl[.]php	ClearFake
URL	hxxp://tat-neftbank[.]ru/wcmd[.]htm hxxp://tat-neftbank[.]ru/kkq[.]php	Berbew
URL	hxxp://198[.]98[.]51[.]37:27222/b/mips hxxp://198[.]98[.]51[.]37:27222/s/mips hxxp://198[.]98[.]51[.]37:27222/s/386 hxxp://198[.]98[.]51[.]37:27222/b/386 hxxp://198[.]98[.]51[.]37:27222/s/amd64 hxxp://198[.]98[.]51[.]37:27222/b/amd64 hxxp://198[.]98[.]51[.]37:27222/s/aarch64 hxxp://198[.]98[.]51[.]37:27222/s/arm7 hxxp://198[.]98[.]51[.]37:27222/s/mips64 hxxp://198[.]98[.]51[.]37:27222/b/mips64 hxxp://198[.]98[.]51[.]37:27222/s/arm5 hxxp://198[.]98[.]51[.]37:27222/s/linux hxxp://198[.]98[.]51[.]37:27222/b/aarch64 hxxp://198[.]98[.]51[.]37:27222/b/mips64el hxxp://198[.]98[.]51[.]37:27222/s/mips64el hxxp://198[.]98[.]51[.]37:27222/s/arm6 hxxp://198[.]98[.]51[.]37:27222/b/mipsel hxxp://198[.]98[.]51[.]37:27222/b/arm7 hxxp://198[.]98[.]51[.]37:27222/b/arm5 hxxp://198[.]98[.]51[.]37:27222/b/arm6 hxxp://198[.]98[.]51[.]37:27222/b/linux hxxp://198[.]98[.]51[.]37:27222/s/mipsel	Kaiji
URL	hxxps://oneip[.]com[.]my/wp-content/images/pic4[.]jpg	StormKitty
URL	hxxp://66[.]63[.]187[.]123/txt/rBn3LXCczP9Nj7f[.]exe	Nanocore RAT

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております