D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2024/10/30
※2024/10/30 更新
マルウェア感染させると考えられるURLを検知（2024/10/30）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://computeryrati[.]site/api
hxxps://hornylught[.]cyou/api
hxxps://cemeteryun[.]cyou/api
hxxps://www[.]mediafire[.]com/file/2hpiib4zf1371vn/%F0%9F%9F%86LaTesT%E2%9B%A4File%E2%9B%A4Setup%E2%9E%BD2025%E2%9E%BD%E1%B9%94%E1%B8%81%E1%B9%A8%E1%B9%A8%E1%BA%84%E1%B9%8F%E1%B9%9B%E1%B8%8B%F0%9F%9F%86[.]zip/file
hxxp://mcrogers[.]com/acceptruea[.]zip
hxxps://epsemaq[.]com[.]pe/AntiMalware[.]zip
Lumma Stealer


URL
hxxps://bpklub[.]com/1[.]exe
Mars Stealer


URL
hxxp://193[.]3[.]19[.]110/home[.]tar
Amadey


URL
hxxps://ghcopz[.]shop/ClarkB/PWS/fre[.]php
hxxps://ghcopz[.]shop/ClarkB/PWS/PvqDq929BSx_A_D_M1n_a[.]php
hxxps://qrisni[.]me/mZFPRT?&sunshine=cloudy&dulcimer=expensive&traditionalism=hallowed&cancel=muddled&utensil=didactic&pressroom=frightened&slapstick
hxxp://198[.]46[.]178[.]155/312/LKLOGS[.]txt
hxxp://198[.]46[.]178[.]155/311/SMPLLP[.]txt
hxxp://198[.]46[.]178[.]155/422/SMPRGSSR[.]txt
hxxps://qrisni[.]me/LV3eNb?&city=wonderful&ice=wide-eyed&wrestler=belligerent&deadline=groovy&dorothy=abrasive&tom=bright&narcissus=husky&crest=sleepy&mother
hxxps://acesso[.]run/j2AmN9?&cameo=misty&chador=orange&alto=dark&cloak=domineering&efficacy=deeply&pride=grouchy&affect=acoustic&minute=woozy&neuropathologis
hxxp://198[.]46[.]178[.]155/422/seethebestthingswithgoodthingsforgetmebackwithbestthings[.]tIF
hxxp://198[.]46[.]178[.]155/312/uthinkiamthegoodthingsforugivenmebestthingstodowithme[.]tIF
hxxp://198[.]46[.]178[.]155/xampp/lk/goodthingstoapprovethebestwaytounderstandhowmuchgood[.]hta
hxxp://198[.]46[.]178[.]155/422/sw/nicelookgirlfrinedonmyheartshegoodforbestthignstodoforme[.]hta
hxxp://198[.]46[.]178[.]155/311/seethebestpicturewithgreatnewswithgoodthingstodowithme[.]tIF
hxxp://198[.]46[.]178[.]155/xampp/sm/greatthingsalwayshappeningwithgreatattitudewithgoodnews[.]hta
hxxps://198[.]46[.]178[.]155/422/sw/nicelookgirlfrinedonmyheartshegoodforbestthignstodoforme[.]hta
hxxps://198[.]46[.]178[.]155/423/se/seethebestthignswhichgivingbestthingstogetmakeuveryhappy[.]hta
hxxps://198[.]46[.]178[.]155/xampp/sm/greatthingsalwayshappeningwithgreatattitudewithgoodnews[.]hta
hxxps://192[.]3[.]176[.]141/41/ce/greatthingswithgoodnewsgivenbygodthingsgreat[.]hta
hxxps://192[.]3[.]176[.]141/42/ug/seethebestthingsevermeetwithgreatthingstobegood[.]hta
hxxps://198[.]46[.]178[.]155/xampp/lk/goodthingstoapprovethebestwaytounderstandhowmuchgood[.]hta
hxxp://touxzw[.]ir/alpha2/five/fre[.]php
hxxp://touxzw[.]ir/alpha2/five/PvqDq929BSx_A_D_M1n_a[.]php
LokiBot


URL
hxxps://www[.]sodiumlaurethsulfatedesyroyer[.]com/cfgingt/wefhtykdkuydjtrhwtyghyedghd/nisiughodifstnoetseigrrtrgs/nezfdio[.]exe
Quasar RAT


URL
hxxp://www[.]manjeetsteelproductions[.]com/EmQiQblR241[.]bin
hxxp://www[.]manjeetsteelproductions[.]com/VrXzVURs233[.]bin
hxxp://66[.]154[.]113[.]77/SyTTyvbNVSCVKiWfwoWrl59[.]bin
hxxps://bradreddekopp[.]com/pag/Photosetting[.]lzh
hxxps://www[.]campingplatz-goldbergersee[.]de/wp-content/themes/twentyseventeen/ewdsljJmLx76[.]bin
hxxps://www[.]bralo-asia[.]com/LIVE--trash/Krypteredes[.]prm
hxxp://173[.]249[.]193[.]66/AgjClzKiaDBZZAqZfc115[.]bin
CloudEyE


URL
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/mozglue[.]dll
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/softokn3[.]dll
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/msvcp140[.]dll
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/nss3[.]dll
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/freebl3[.]dll
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/sqlite3[.]dll
hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/vcruntime140[.]dll
hxxps://65[.]109[.]243[.]0/freebl3[.]dll
hxxps://65[.]109[.]243[.]0/nss3[.]dll
hxxps://65[.]109[.]243[.]0/sqlp[.]dll
hxxps://65[.]109[.]243[.]0/softokn3[.]dll
hxxps://65[.]109[.]243[.]0/vcruntime140[.]dll
hxxps://65[.]109[.]243[.]0/msvcp140[.]dll
hxxps://116[.]202[.]182[.]67/sqlp[.]dll
hxxps://116[.]202[.]182[.]67/freebl3[.]dll
hxxps://116[.]202[.]182[.]67/vcruntime140[.]dll
hxxps://116[.]202[.]182[.]67/nss3[.]dll
hxxps://116[.]202[.]182[.]67/mozglue[.]dll
hxxp://5[.]178[.]1[.]19/5ffb0d4b87b11580/sqlite3[.]dll
hxxp://92[.]255[.]85[.]33/6cb9fbc8f93bb26b/sqlite3[.]dll
hxxp://5[.]178[.]1[.]19/5ffb0d4b87b11580/freebl3[.]dll
hxxp://5[.]178[.]1[.]19/5ffb0d4b87b11580/nss3[.]dll
hxxp://185[.]215[.]113[.]206/746f34465cf17784/sqlite3[.]dll
hxxps://116[.]202[.]182[.]67/softokn3[.]dll
hxxp://45[.]88[.]76[.]238/3b55d279dd60140c[.]php
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/nss3[.]dll
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/msvcp140[.]dll
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/mozglue[.]dll
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/softokn3[.]dll
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/sqlite3[.]dll
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/vcruntime140[.]dll
hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/freebl3[.]dll
hxxp://45[.]88[.]105[.]194/88a55e38bdbf04ae[.]php
hxxp://65[.]108[.]249[.]83/3392f30dc348fa7b[.]php
Stealc


URL
hxxp://121[.]182[.]174[.]27:3000/server[.]exe
Ghost RAT


URL
hxxp://66[.]42[.]55[.]13/ready[.]apk
hxxps://45[.]87[.]173[.]219/ready[.]apk
SpyNote


URL
hxxps://campuspersever[.]es/chrome_93[.]exe
Coinminer


URL
hxxps://malkafaniskm[.]com/NzY2NDZkZmViYjZj/
hxxps://fukiyibartiyom2[.]com/NzY2NDZkZmViYjZj/
hxxps://malkafali222[.]com/NzY2NDZkZmViYjZj/
hxxps://oyunbaimlisi35[.]com/NzY2NDZkZmViYjZj/
hxxps://mal1fukizmirli[.]com/NzY2NDZkZmViYjZj/
hxxps://32pethsop332[.]com/YmZiMzU0OTU5NGIz/
hxxps://52pethsop332[.]com/YmZiMzU0OTU5NGIz/
hxxps://66pethsop332[.]com/YmZiMzU0OTU5NGIz/
hxxps://76pethsop332[.]com/YmZiMzU0OTU5NGIz/
hxxps://86pethsop3532[.]com/YmZiMzU0OTU5NGIz/
hxxps://766pethsop3232[.]com/YmZiMzU0OTU5NGIz/
hxxps://756pethsop3312[.]com/YmZiMzU0OTU5NGIz/
hxxps://79[.]110[.]48[.]71/NmM2YjMyYjE4MmMx/
Coper


URL
hxxps://prepare2swim[.]com/work/index[.]php
hxxps://prepare2swim[.]com/work/fix[.]php
hxxps://prepare2swim[.]com/work/das[.]php
hxxps://prepare2swim[.]com/work/original[.]js
hxxps://cosdfdfrefdch[.]best/work/original[.]js
hxxps://cosdfdfrefdch[.]best/work/index[.]php
hxxps://cosdfdfrefdch[.]best/work/fix[.]php
hxxps://cosdfdfrefdch[.]best/work/das[.]php
hxxps://hdlclub2[.]cc/work/original[.]js
hxxps://hdlclub2[.]cc/work/fix[.]php
hxxps://hdlclub2[.]cc/work/index[.]php
hxxps://hdlclub2[.]cc/work/das[.]php
hxxps://btnmz[.]range[.]cccinvolve[.]org/orderReview
FAKEUPDATES


URL
hxxp://110[.]182[.]96[.]197:33071/Mozi[.]m
hxxp://113[.]206[.]57[.]79:49914/Mozi[.]m
Mozi


URL
hxxp://87[.]120[.]84[.]38/txt/gseTC3ENkK2egL4[.]exe
Nanocore RAT


URL
hxxp://91[.]149[.]232[.]112:443/fakeurl[.]htm
hxxp://91[.]149[.]232[.]112/fakeurl[.]htm
NetSupportManager RAT


URL
hxxp://192[.]3[.]101[.]21/412/LLMCRTT[.]txt
hxxp://198[.]46[.]178[.]155/423/se/seethebestthignswhichgivingbestthingstogetmakeuveryhappy[.]hta
hxxp://107[.]175[.]113[.]214/xampp/rdh/niceworkingthingswithgreatthingsevengetbackwithgoodnews[.]hta
hxxp://79[.]141[.]164[.]214/445/SRSRFFR[.]txt
hxxp://107[.]175[.]113[.]214/902/walnext[.]exe
hxxp://79[.]141[.]164[.]214/445/greenthingstobegreatthingsforentirepurposeforgreat[.]tIF
hxxp://79[.]141[.]164[.]214/445/es/greatevenevermadeforrgreatthignstogetinbacketothegreat[.]hta
hxxp://192[.]3[.]101[.]21/412/BR/seemybestthingwhichigiventouformakebestappinesswogiven[.]hta
hxxp://192[.]3[.]101[.]21/323/rc/goodthingsbestviewtoseethebetterthingswithmygirlfriend[.]hta
hxxp://192[.]3[.]101[.]8/701/nih/bestintercomthingswhichgivebestthingstogetmeback[.]hta
hxxp://192[.]3[.]101[.]8/701/seethebestthingswihichigetforfuntogetmebackwith[.]tIF
hxxp://192[.]3[.]101[.]21/412/seethebestthingsgivingrenergytomyentirelifeforgetherback[.]tIF
hxxp://85[.]215[.]206[.]82/380/seethebestthingswithgreathappinesswithme[.]tIF
hxxps://104[.]168[.]7[.]51/431/SEES/sheisverynicegirlwithgreatworkingskillwithgereatniceworkign[.]hta
hxxps://192[.]3[.]101[.]21/412/BR/seemybestthingwhichigiventouformakebestappinesswogiven[.]hta
hxxps://192[.]3[.]101[.]21/323/rc/goodthingsbestviewtoseethebetterthingswithmygirlfriend[.]hta
hxxps://192[.]3[.]101[.]8/701/nih/bestintercomthingswhichgivebestthingstogetmeback[.]hta
hxxps://85[.]215[.]206[.]82/380/nnb/seemeherewithgreatthingsentiretimewithgreatthingsonhere[.]hta
hxxps://85[.]215[.]206[.]82/477/ec/kissingismissingbesthingwithevergivenmebestthingstogive[.]hta
hxxp://18[.]189[.]170[.]22/76/ERFFRFG[.]txt
Remcos


URL
hxxps://79[.]141[.]164[.]214/445/es/greatevenevermadeforrgreatthignstogetinbacketothegreat[.]hta
Formbook


URL
hxxps://107[.]175[.]113[.]214/xampp/rdh/niceworkingthingswithgreatthingsevengetbackwithgoodnews[.]hta
NjRAT


URL
hxxp://search-dl1[.]com/bins/nabsh4
hxxp://search-hoj[.]com/nklsh4
hxxp://search-hoj[.]com/jklsh4
hxxp://search-hoj[.]com/bins/sh4
hxxp://search-dl1[.]com/nabsh4
hxxp://search-hoj[.]com/bins/splsh4
hxxp://search-dl1[.]com/bins/splsh4
hxxp://search-hoj[.]com/nabsh4
hxxp://search-hoj[.]com/zersh4
hxxp://search-dl1[.]com/splsh4
hxxp://search-hoj[.]com/sh4
hxxp://search-dl1[.]com/sh4
hxxp://search-dl1[.]com/bins/sh4
hxxp://search-dl1[.]com/zersh4
hxxp://search-dl1[.]com/bins/nklsh4
hxxp://search-hoj[.]com/bins/jklsh4
hxxp://search-dl1[.]com/jklsh4
hxxp://search-dl1[.]com/nklsh4
hxxp://search-hoj[.]com/splsh4
hxxp://search-hoj[.]com/bins/nklsh4
hxxp://search-hoj[.]com/bins/nabsh4
hxxp://search-dl1[.]com/bins/zersh4
hxxp://search-dl1[.]com/bins/jklsh4
hxxp://search-hoj[.]com/bins/zersh4
hxxp://search-mnt[.]com/nklsh4
hxxp://search-mnt[.]com/bins/nklsh4
hxxp://search-dl2[.]com/bins/jklsh4
hxxp://search-mnt[.]com/jklsh4
hxxp://search-dl2[.]com/nabsh4
hxxp://search-dl2[.]com/bins/nabsh4
hxxp://search-dl2[.]com/nklsh4
hxxp://search-mnt[.]com/splsh4
hxxp://search-dl2[.]com/splsh4
hxxp://search-dl2[.]com/jklsh4
hxxp://search-mnt[.]com/bins/zersh4
hxxp://search-mnt[.]com/bins/splsh4
hxxp://search-dl2[.]com/sh4
hxxp://search-dl2[.]com/bins/splsh4
hxxp://search-mnt[.]com/bins/nabsh4
hxxp://search-mnt[.]com/zersh4
hxxp://search-mnt[.]com/nabsh4
hxxp://search-mnt[.]com/bins/sh4
hxxp://search-dl2[.]com/bins/zersh4
hxxp://search-mnt[.]com/bins/jklsh4
hxxp://search-dl2[.]com/zersh4
hxxp://search-dl2[.]com/bins/sh4
hxxp://search-dl2[.]com/bins/nklsh4
hxxp://search-mnt[.]com/sh4
hxxp://search-hrd[.]com/bins/splsh4
hxxp://search-hrd[.]com/nklsh4
hxxp://search-hrd[.]com/bins/jklsh4
hxxp://search-hrd[.]com/jklsh4
hxxp://search-hrd[.]com/bins/nabsh4
hxxp://search-hrd[.]com/bins/nklsh4
hxxp://search-hrd[.]com/splsh4
hxxp://search-hrd[.]com/bins/zersh4
hxxp://search-hrd[.]com/zersh4
hxxp://search-hrd[.]com/sh4
hxxp://search-hrd[.]com/bins/sh4
hxxp://search-hrd[.]com/nabsh4
hxxp://search-grd[.]com/bins/nklsh4
hxxp://search-grd[.]com/bins/sh4
hxxp://search-grd[.]com/jklsh4
hxxp://search-grd[.]com/bins/splsh4
hxxp://search-grd[.]com/bins/zersh4
hxxp://search-grd[.]com/bins/nabsh4
hxxp://search-grd[.]com/splsh4
hxxp://search-grd[.]com/nabsh4
hxxp://search-grd[.]com/nklsh4
hxxp://search-grd[.]com/sh4
hxxp://search-grd[.]com/zersh4
hxxp://search-grd[.]com/bins/jklsh4
hxxp://search-dur[.]com/bins/nabsh4
hxxp://search-dur[.]com/bins/splsh4
hxxp://search-dur[.]com/bins/sh4
hxxp://search-dur[.]com/zersh4
hxxp://search-dur[.]com/bins/nklsh4
hxxp://search-dur[.]com/bins/jklsh4
hxxp://search-dur[.]com/sh4
hxxp://search-dur[.]com/nabsh4
hxxp://search-dur[.]com/splsh4
hxxp://search-dur[.]com/bins/zersh4
hxxp://search-dur[.]com/nklsh4
hxxp://search-dur[.]com/jklsh4
hxxp://zxload1[.]com/nklsh4
hxxp://loadapi1[.]com/bins/zersh4
hxxp://loadapi1[.]com/sh4
hxxp://zxload1[.]com/splsh4
hxxp://zxload1[.]com/jklsh4
hxxp://zxload1[.]com/sh4
hxxp://loadapi1[.]com/jklsh4
hxxp://zxload1[.]com/nabsh4
hxxp://zxload1[.]com/bins/sh4
hxxp://zxload1[.]com/zersh4
hxxp://zxload1[.]com/bins/splsh4
hxxp://zxload1[.]com/bins/nabsh4
hxxp://zxload1[.]com/bins/zersh4
hxxp://zxload1[.]com/bins/nklsh4
hxxp://loadapi1[.]com/bins/jklsh4
hxxp://loadapi1[.]com/zersh4
hxxp://loadapi1[.]com/bins/splsh4
hxxp://loadapi1[.]com/bins/nklsh4
hxxp://loadapi1[.]com/bins/nabsh4
hxxp://loadapi1[.]com/splsh4
hxxp://loadapi1[.]com/nabsh4
hxxp://loadapi1[.]com/nklsh4
hxxp://loadapi1[.]com/bins/sh4
hxxp://search-dl3[.]com/nklsh4
hxxp://search-dl3[.]com/nabsh4
hxxp://search-dl3[.]com/zersh4
hxxp://search-dl3[.]com/bins/splsh4
hxxp://search-dl3[.]com/jklsh4
hxxp://search-dl3[.]com/bins/jklsh4
hxxp://search-dl3[.]com/bins/sh4
hxxp://search-dl3[.]com/bins/nabsh4
hxxp://search-dl3[.]com/splsh4
hxxp://search-dl3[.]com/sh4
hxxp://search-dl3[.]com/bins/zersh4
hxxp://search-sug[.]com/nabsh4
hxxp://search-dl3[.]com/bins/nklsh4
hxxp://search-sug[.]com/bins/nklsh4
hxxp://search-sug[.]com/bins/zersh4
hxxp://search-sug[.]com/bins/nabsh4
hxxp://search-sug[.]com/bins/splsh4
hxxp://search-sug[.]com/sh4
hxxp://search-sug[.]com/zersh4
hxxp://search-sug[.]com/bins/sh4
hxxp://search-sug[.]com/splsh4
hxxp://search-sug[.]com/nklsh4
hxxp://search-sug[.]com/jklsh4
hxxp://search-sug[.]com/bins/jklsh4
hxxp://search-syt[.]com/bins/nabsh4
hxxp://search-syt[.]com/zersh4
hxxp://search-syt[.]com/nklsh4
hxxp://search-syt[.]com/jklsh4
hxxp://search-syt[.]com/bins/nklsh4
hxxp://search-syt[.]com/bins/sh4
hxxp://search-syt[.]com/bins/splsh4
hxxp://search-syt[.]com/bins/jklsh4
hxxp://search-syt[.]com/splsh4
hxxp://search-syt[.]com/sh4
hxxp://search-syt[.]com/bins/zersh4
hxxp://search-syt[.]com/nabsh4
hxxp://search-fst[.]com/jklsh4
hxxp://search-fst[.]com/splsh4
hxxp://search-fst[.]com/sh4
hxxp://search-fst[.]com/bins/nabsh4
hxxp://search-fst[.]com/bins/jklsh4
hxxp://search-fst[.]com/bins/sh4
hxxp://search-fst[.]com/bins/zersh4
hxxp://search-fst[.]com/nklsh4
hxxp://search-fst[.]com/bins/nklsh4
hxxp://search-fst[.]com/nabsh4
hxxp://search-fst[.]com/bins/splsh4
hxxp://search-fst[.]com/zersh4
hxxp://search-blp[.]net/jklsh4
hxxp://search-blp[.]net/zersh4
hxxp://search-blp[.]net/nabsh4
hxxp://search-blp[.]net/sh4
hxxp://search-blp[.]net/bins/jklsh4
hxxp://search-blp[.]net/bins/splsh4
hxxp://search-blp[.]net/nklsh4
hxxp://search-blp[.]net/bins/nklsh4
hxxp://search-blp[.]net/bins/sh4
hxxp://search-blp[.]net/bins/zersh4
hxxp://search-blp[.]net/splsh4
hxxp://search-blp[.]net/bins/nabsh4
hxxp://mg-plant[.]com/jklsh4
hxxp://bmzbaumaschinen[.]com/nabsh4
hxxp://bmzbaumaschinen[.]com/bins/nklsh4
hxxp://bmzbaumaschinen[.]com/nklsh4
hxxp://mg-plant[.]com/bins/jklsh4
hxxp://mg-plant[.]com/sh4
hxxp://mg-plant[.]com/bins/splsh4
hxxp://mg-plant[.]com/splsh4
hxxp://mg-plant[.]com/nklsh4
hxxp://spainparkvillas[.]com/sh4
hxxp://spainparkvillas[.]com/zersh4
hxxp://spainparkvillas[.]com/splsh4
hxxp://spainparkvillas[.]com/bins/zersh4
hxxp://spainparkvillas[.]com/nklsh4
hxxp://spainparkvillas[.]com/nabsh4
hxxp://185[.]193[.]127[.]129/p-p[.]c-[.]DUSK
hxxp://185[.]193[.]127[.]129/i-5[.]8-6[.]DUSK
hxxp://185[.]193[.]127[.]129/a-r[.]m-6[.]DUSK
hxxp://185[.]193[.]127[.]129/a-r[.]m-4[.]DUSK
hxxp://185[.]193[.]127[.]129/i-6[.]8-6[.]DUSK
hxxp://185[.]193[.]127[.]129/s-p[.]a-k[.]DUSK
hxxp://185[.]193[.]127[.]129/m-6[.]8-k[.]DUSK
hxxp://185[.]193[.]127[.]129/s-h[.]4-[.]DUSK
hxxp://185[.]193[.]127[.]129/a-r[.]m-5[.]DUSK
hxxp://185[.]193[.]127[.]129/x-8[.]6-[.]DUSK
hxxp://185[.]193[.]127[.]129/m-p[.]s-l[.]DUSK
hxxp://185[.]193[.]127[.]129/a-r[.]m-7[.]DUSK
hxxp://185[.]193[.]127[.]129/m-i[.]p-s[.]DUSK
hxxp://bmzbaumaschinen[.]com/bins/splsh4
hxxp://80[.]66[.]77[.]238/e1x[.]arm
Bashlite


URL
hxxp://mcrogers[.]com/Factura-d13141b4-d555-4231-bed1-406f373a7acd[.]zip
Vidar


URL
hxxp://23[.]95[.]60[.]88/Firstdayback[.]txt
hxxp://192[.]3[.]220[.]20/husbandnewera[.]txt
Agent Tesla


URL
hxxps://api[.]telegram[.]org/bot7824077250:AAFcoqx_HuY2oC2csA-0G-hez0Tv78Sn08E/sendMessage?chat_id=7546472414
Snake Keylogger


URL
hxxp://gdx[.]o7lab[.]me/[.]exe
RedLine Stealer


URL
hxxp://49[.]233[.]250[.]33/02[.]08[.]2022[.]exe
hxxp://116[.]205[.]237[.]158:10012/02[.]08[.]2022[.]exe
hxxp://120[.]26[.]139[.]208:50060/02[.]08[.]2022[.]exe
hxxp://43[.]245[.]198[.]226/02[.]08[.]2022[.]exe
hxxp://111[.]229[.]123[.]199/02[.]08[.]2022[.]exe
hxxp://154[.]92[.]19[.]29:1231/02[.]08[.]2022[.]exe
hxxp://8[.]146[.]198[.]223:8888/02[.]08[.]2022[.]exe
hxxp://8[.]154[.]18[.]17:8090/02[.]08[.]2022[.]exe
hxxp://8[.]137[.]19[.]188:83/02[.]08[.]2022[.]exe
hxxp://79[.]124[.]58[.]130:7698/02[.]08[.]2022[.]exe
hxxp://120[.]26[.]111[.]197:8899/02[.]08[.]2022[.]exe
hxxp://203[.]86[.]239[.]24/02[.]08[.]2022[.]exe
hxxp://49[.]65[.]96[.]139:8087/02[.]08[.]2022[.]exe
hxxp://141[.]11[.]218[.]13:10481/02[.]08[.]2022[.]exe
hxxp://104[.]233[.]245[.]4/02[.]08[.]2022[.]exe
hxxp://47[.]97[.]174[.]199:8080/02[.]08[.]2022[.]exe
hxxp://39[.]108[.]142[.]219:64412/02[.]08[.]2022[.]exe
hxxp://47[.]94[.]168[.]145:9999/02[.]08[.]2022[.]exe
hxxp://1[.]92[.]79[.]25:9992/02[.]08[.]2022[.]exe
hxxp://87[.]120[.]116[.]31/02[.]08[.]2022[.]exe
hxxp://156[.]255[.]2[.]100:18896/02[.]08[.]2022[.]exe
hxxp://124[.]70[.]0[.]56:8091/02[.]08[.]2022[.]exe
hxxp://120[.]78[.]83[.]129:10086/02[.]08[.]2022[.]exe
hxxp://62[.]234[.]81[.]85:9999/02[.]08[.]2022[.]exe
hxxp://114[.]55[.]100[.]165:19999/02[.]08[.]2022[.]exe
hxxp://47[.]113[.]150[.]236:8888/02[.]08[.]2022[.]exe
hxxp://159[.]75[.]148[.]143:18080/02[.]08[.]2022[.]exe
hxxp://47[.]109[.]178[.]63:81/02[.]08[.]2022[.]exe
hxxp://154[.]9[.]254[.]227:30000/02[.]08[.]2022[.]exe
Cobalt Strike


URL
hxxps://moitt-gov-pk[.]dytt88[.]co/3b7a9398/doc[.]rtf
SideWinder




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://computeryrati[.]site/api hxxps://hornylught[.]cyou/api hxxps://cemeteryun[.]cyou/api hxxps://www[.]mediafire[.]com/file/2hpiib4zf1371vn/%F0%9F%9F%86LaTesT%E2%9B%A4File%E2%9B%A4Setup%E2%9E%BD2025%E2%9E%BD%E1%B9%94%E1%B8%81%E1%B9%A8%E1%B9%A8%E1%BA%84%E1%B9%8F%E1%B9%9B%E1%B8%8B%F0%9F%9F%86[.]zip/file hxxp://mcrogers[.]com/acceptruea[.]zip hxxps://epsemaq[.]com[.]pe/AntiMalware[.]zip	Lumma Stealer
URL	hxxps://bpklub[.]com/1[.]exe	Mars Stealer
URL	hxxp://193[.]3[.]19[.]110/home[.]tar	Amadey
URL	hxxps://ghcopz[.]shop/ClarkB/PWS/fre[.]php hxxps://ghcopz[.]shop/ClarkB/PWS/PvqDq929BSx_A_D_M1n_a[.]php hxxps://qrisni[.]me/mZFPRT?&sunshine=cloudy&dulcimer=expensive&traditionalism=hallowed&cancel=muddled&utensil=didactic&pressroom=frightened&slapstick hxxp://198[.]46[.]178[.]155/312/LKLOGS[.]txt hxxp://198[.]46[.]178[.]155/311/SMPLLP[.]txt hxxp://198[.]46[.]178[.]155/422/SMPRGSSR[.]txt hxxps://qrisni[.]me/LV3eNb?&city=wonderful&ice=wide-eyed&wrestler=belligerent&deadline=groovy&dorothy=abrasive&tom=bright&narcissus=husky&crest=sleepy&mother hxxps://acesso[.]run/j2AmN9?&cameo=misty&chador=orange&alto=dark&cloak=domineering&efficacy=deeply&pride=grouchy&affect=acoustic&minute=woozy&neuropathologis hxxp://198[.]46[.]178[.]155/422/seethebestthingswithgoodthingsforgetmebackwithbestthings[.]tIF hxxp://198[.]46[.]178[.]155/312/uthinkiamthegoodthingsforugivenmebestthingstodowithme[.]tIF hxxp://198[.]46[.]178[.]155/xampp/lk/goodthingstoapprovethebestwaytounderstandhowmuchgood[.]hta hxxp://198[.]46[.]178[.]155/422/sw/nicelookgirlfrinedonmyheartshegoodforbestthignstodoforme[.]hta hxxp://198[.]46[.]178[.]155/311/seethebestpicturewithgreatnewswithgoodthingstodowithme[.]tIF hxxp://198[.]46[.]178[.]155/xampp/sm/greatthingsalwayshappeningwithgreatattitudewithgoodnews[.]hta hxxps://198[.]46[.]178[.]155/422/sw/nicelookgirlfrinedonmyheartshegoodforbestthignstodoforme[.]hta hxxps://198[.]46[.]178[.]155/423/se/seethebestthignswhichgivingbestthingstogetmakeuveryhappy[.]hta hxxps://198[.]46[.]178[.]155/xampp/sm/greatthingsalwayshappeningwithgreatattitudewithgoodnews[.]hta hxxps://192[.]3[.]176[.]141/41/ce/greatthingswithgoodnewsgivenbygodthingsgreat[.]hta hxxps://192[.]3[.]176[.]141/42/ug/seethebestthingsevermeetwithgreatthingstobegood[.]hta hxxps://198[.]46[.]178[.]155/xampp/lk/goodthingstoapprovethebestwaytounderstandhowmuchgood[.]hta hxxp://touxzw[.]ir/alpha2/five/fre[.]php hxxp://touxzw[.]ir/alpha2/five/PvqDq929BSx_A_D_M1n_a[.]php	LokiBot
URL	hxxps://www[.]sodiumlaurethsulfatedesyroyer[.]com/cfgingt/wefhtykdkuydjtrhwtyghyedghd/nisiughodifstnoetseigrrtrgs/nezfdio[.]exe	Quasar RAT
URL	hxxp://www[.]manjeetsteelproductions[.]com/EmQiQblR241[.]bin hxxp://www[.]manjeetsteelproductions[.]com/VrXzVURs233[.]bin hxxp://66[.]154[.]113[.]77/SyTTyvbNVSCVKiWfwoWrl59[.]bin hxxps://bradreddekopp[.]com/pag/Photosetting[.]lzh hxxps://www[.]campingplatz-goldbergersee[.]de/wp-content/themes/twentyseventeen/ewdsljJmLx76[.]bin hxxps://www[.]bralo-asia[.]com/LIVE--trash/Krypteredes[.]prm hxxp://173[.]249[.]193[.]66/AgjClzKiaDBZZAqZfc115[.]bin	CloudEyE
URL	hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/mozglue[.]dll hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/softokn3[.]dll hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/msvcp140[.]dll hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/nss3[.]dll hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/freebl3[.]dll hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/sqlite3[.]dll hxxp://77[.]83[.]175[.]105/4db719b1f2f948b0/vcruntime140[.]dll hxxps://65[.]109[.]243[.]0/freebl3[.]dll hxxps://65[.]109[.]243[.]0/nss3[.]dll hxxps://65[.]109[.]243[.]0/sqlp[.]dll hxxps://65[.]109[.]243[.]0/softokn3[.]dll hxxps://65[.]109[.]243[.]0/vcruntime140[.]dll hxxps://65[.]109[.]243[.]0/msvcp140[.]dll hxxps://116[.]202[.]182[.]67/sqlp[.]dll hxxps://116[.]202[.]182[.]67/freebl3[.]dll hxxps://116[.]202[.]182[.]67/vcruntime140[.]dll hxxps://116[.]202[.]182[.]67/nss3[.]dll hxxps://116[.]202[.]182[.]67/mozglue[.]dll hxxp://5[.]178[.]1[.]19/5ffb0d4b87b11580/sqlite3[.]dll hxxp://92[.]255[.]85[.]33/6cb9fbc8f93bb26b/sqlite3[.]dll hxxp://5[.]178[.]1[.]19/5ffb0d4b87b11580/freebl3[.]dll hxxp://5[.]178[.]1[.]19/5ffb0d4b87b11580/nss3[.]dll hxxp://185[.]215[.]113[.]206/746f34465cf17784/sqlite3[.]dll hxxps://116[.]202[.]182[.]67/softokn3[.]dll hxxp://45[.]88[.]76[.]238/3b55d279dd60140c[.]php hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/nss3[.]dll hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/msvcp140[.]dll hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/mozglue[.]dll hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/softokn3[.]dll hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/sqlite3[.]dll hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/vcruntime140[.]dll hxxp://45[.]88[.]76[.]238/11d003c031fcb1b4/freebl3[.]dll hxxp://45[.]88[.]105[.]194/88a55e38bdbf04ae[.]php hxxp://65[.]108[.]249[.]83/3392f30dc348fa7b[.]php	Stealc
URL	hxxp://121[.]182[.]174[.]27:3000/server[.]exe	Ghost RAT
URL	hxxp://66[.]42[.]55[.]13/ready[.]apk hxxps://45[.]87[.]173[.]219/ready[.]apk	SpyNote
URL	hxxps://campuspersever[.]es/chrome_93[.]exe	Coinminer
URL	hxxps://malkafaniskm[.]com/NzY2NDZkZmViYjZj/ hxxps://fukiyibartiyom2[.]com/NzY2NDZkZmViYjZj/ hxxps://malkafali222[.]com/NzY2NDZkZmViYjZj/ hxxps://oyunbaimlisi35[.]com/NzY2NDZkZmViYjZj/ hxxps://mal1fukizmirli[.]com/NzY2NDZkZmViYjZj/ hxxps://32pethsop332[.]com/YmZiMzU0OTU5NGIz/ hxxps://52pethsop332[.]com/YmZiMzU0OTU5NGIz/ hxxps://66pethsop332[.]com/YmZiMzU0OTU5NGIz/ hxxps://76pethsop332[.]com/YmZiMzU0OTU5NGIz/ hxxps://86pethsop3532[.]com/YmZiMzU0OTU5NGIz/ hxxps://766pethsop3232[.]com/YmZiMzU0OTU5NGIz/ hxxps://756pethsop3312[.]com/YmZiMzU0OTU5NGIz/ hxxps://79[.]110[.]48[.]71/NmM2YjMyYjE4MmMx/	Coper
URL	hxxps://prepare2swim[.]com/work/index[.]php hxxps://prepare2swim[.]com/work/fix[.]php hxxps://prepare2swim[.]com/work/das[.]php hxxps://prepare2swim[.]com/work/original[.]js hxxps://cosdfdfrefdch[.]best/work/original[.]js hxxps://cosdfdfrefdch[.]best/work/index[.]php hxxps://cosdfdfrefdch[.]best/work/fix[.]php hxxps://cosdfdfrefdch[.]best/work/das[.]php hxxps://hdlclub2[.]cc/work/original[.]js hxxps://hdlclub2[.]cc/work/fix[.]php hxxps://hdlclub2[.]cc/work/index[.]php hxxps://hdlclub2[.]cc/work/das[.]php hxxps://btnmz[.]range[.]cccinvolve[.]org/orderReview	FAKEUPDATES
URL	hxxp://110[.]182[.]96[.]197:33071/Mozi[.]m hxxp://113[.]206[.]57[.]79:49914/Mozi[.]m	Mozi
URL	hxxp://87[.]120[.]84[.]38/txt/gseTC3ENkK2egL4[.]exe	Nanocore RAT
URL	hxxp://91[.]149[.]232[.]112:443/fakeurl[.]htm hxxp://91[.]149[.]232[.]112/fakeurl[.]htm	NetSupportManager RAT
URL	hxxp://192[.]3[.]101[.]21/412/LLMCRTT[.]txt hxxp://198[.]46[.]178[.]155/423/se/seethebestthignswhichgivingbestthingstogetmakeuveryhappy[.]hta hxxp://107[.]175[.]113[.]214/xampp/rdh/niceworkingthingswithgreatthingsevengetbackwithgoodnews[.]hta hxxp://79[.]141[.]164[.]214/445/SRSRFFR[.]txt hxxp://107[.]175[.]113[.]214/902/walnext[.]exe hxxp://79[.]141[.]164[.]214/445/greenthingstobegreatthingsforentirepurposeforgreat[.]tIF hxxp://79[.]141[.]164[.]214/445/es/greatevenevermadeforrgreatthignstogetinbacketothegreat[.]hta hxxp://192[.]3[.]101[.]21/412/BR/seemybestthingwhichigiventouformakebestappinesswogiven[.]hta hxxp://192[.]3[.]101[.]21/323/rc/goodthingsbestviewtoseethebetterthingswithmygirlfriend[.]hta hxxp://192[.]3[.]101[.]8/701/nih/bestintercomthingswhichgivebestthingstogetmeback[.]hta hxxp://192[.]3[.]101[.]8/701/seethebestthingswihichigetforfuntogetmebackwith[.]tIF hxxp://192[.]3[.]101[.]21/412/seethebestthingsgivingrenergytomyentirelifeforgetherback[.]tIF hxxp://85[.]215[.]206[.]82/380/seethebestthingswithgreathappinesswithme[.]tIF hxxps://104[.]168[.]7[.]51/431/SEES/sheisverynicegirlwithgreatworkingskillwithgereatniceworkign[.]hta hxxps://192[.]3[.]101[.]21/412/BR/seemybestthingwhichigiventouformakebestappinesswogiven[.]hta hxxps://192[.]3[.]101[.]21/323/rc/goodthingsbestviewtoseethebetterthingswithmygirlfriend[.]hta hxxps://192[.]3[.]101[.]8/701/nih/bestintercomthingswhichgivebestthingstogetmeback[.]hta hxxps://85[.]215[.]206[.]82/380/nnb/seemeherewithgreatthingsentiretimewithgreatthingsonhere[.]hta hxxps://85[.]215[.]206[.]82/477/ec/kissingismissingbesthingwithevergivenmebestthingstogive[.]hta hxxp://18[.]189[.]170[.]22/76/ERFFRFG[.]txt	Remcos
URL	hxxps://79[.]141[.]164[.]214/445/es/greatevenevermadeforrgreatthignstogetinbacketothegreat[.]hta	Formbook
URL	hxxps://107[.]175[.]113[.]214/xampp/rdh/niceworkingthingswithgreatthingsevengetbackwithgoodnews[.]hta	NjRAT
URL	hxxp://search-dl1[.]com/bins/nabsh4 hxxp://search-hoj[.]com/nklsh4 hxxp://search-hoj[.]com/jklsh4 hxxp://search-hoj[.]com/bins/sh4 hxxp://search-dl1[.]com/nabsh4 hxxp://search-hoj[.]com/bins/splsh4 hxxp://search-dl1[.]com/bins/splsh4 hxxp://search-hoj[.]com/nabsh4 hxxp://search-hoj[.]com/zersh4 hxxp://search-dl1[.]com/splsh4 hxxp://search-hoj[.]com/sh4 hxxp://search-dl1[.]com/sh4 hxxp://search-dl1[.]com/bins/sh4 hxxp://search-dl1[.]com/zersh4 hxxp://search-dl1[.]com/bins/nklsh4 hxxp://search-hoj[.]com/bins/jklsh4 hxxp://search-dl1[.]com/jklsh4 hxxp://search-dl1[.]com/nklsh4 hxxp://search-hoj[.]com/splsh4 hxxp://search-hoj[.]com/bins/nklsh4 hxxp://search-hoj[.]com/bins/nabsh4 hxxp://search-dl1[.]com/bins/zersh4 hxxp://search-dl1[.]com/bins/jklsh4 hxxp://search-hoj[.]com/bins/zersh4 hxxp://search-mnt[.]com/nklsh4 hxxp://search-mnt[.]com/bins/nklsh4 hxxp://search-dl2[.]com/bins/jklsh4 hxxp://search-mnt[.]com/jklsh4 hxxp://search-dl2[.]com/nabsh4 hxxp://search-dl2[.]com/bins/nabsh4 hxxp://search-dl2[.]com/nklsh4 hxxp://search-mnt[.]com/splsh4 hxxp://search-dl2[.]com/splsh4 hxxp://search-dl2[.]com/jklsh4 hxxp://search-mnt[.]com/bins/zersh4 hxxp://search-mnt[.]com/bins/splsh4 hxxp://search-dl2[.]com/sh4 hxxp://search-dl2[.]com/bins/splsh4 hxxp://search-mnt[.]com/bins/nabsh4 hxxp://search-mnt[.]com/zersh4 hxxp://search-mnt[.]com/nabsh4 hxxp://search-mnt[.]com/bins/sh4 hxxp://search-dl2[.]com/bins/zersh4 hxxp://search-mnt[.]com/bins/jklsh4 hxxp://search-dl2[.]com/zersh4 hxxp://search-dl2[.]com/bins/sh4 hxxp://search-dl2[.]com/bins/nklsh4 hxxp://search-mnt[.]com/sh4 hxxp://search-hrd[.]com/bins/splsh4 hxxp://search-hrd[.]com/nklsh4 hxxp://search-hrd[.]com/bins/jklsh4 hxxp://search-hrd[.]com/jklsh4 hxxp://search-hrd[.]com/bins/nabsh4 hxxp://search-hrd[.]com/bins/nklsh4 hxxp://search-hrd[.]com/splsh4 hxxp://search-hrd[.]com/bins/zersh4 hxxp://search-hrd[.]com/zersh4 hxxp://search-hrd[.]com/sh4 hxxp://search-hrd[.]com/bins/sh4 hxxp://search-hrd[.]com/nabsh4 hxxp://search-grd[.]com/bins/nklsh4 hxxp://search-grd[.]com/bins/sh4 hxxp://search-grd[.]com/jklsh4 hxxp://search-grd[.]com/bins/splsh4 hxxp://search-grd[.]com/bins/zersh4 hxxp://search-grd[.]com/bins/nabsh4 hxxp://search-grd[.]com/splsh4 hxxp://search-grd[.]com/nabsh4 hxxp://search-grd[.]com/nklsh4 hxxp://search-grd[.]com/sh4 hxxp://search-grd[.]com/zersh4 hxxp://search-grd[.]com/bins/jklsh4 hxxp://search-dur[.]com/bins/nabsh4 hxxp://search-dur[.]com/bins/splsh4 hxxp://search-dur[.]com/bins/sh4 hxxp://search-dur[.]com/zersh4 hxxp://search-dur[.]com/bins/nklsh4 hxxp://search-dur[.]com/bins/jklsh4 hxxp://search-dur[.]com/sh4 hxxp://search-dur[.]com/nabsh4 hxxp://search-dur[.]com/splsh4 hxxp://search-dur[.]com/bins/zersh4 hxxp://search-dur[.]com/nklsh4 hxxp://search-dur[.]com/jklsh4 hxxp://zxload1[.]com/nklsh4 hxxp://loadapi1[.]com/bins/zersh4 hxxp://loadapi1[.]com/sh4 hxxp://zxload1[.]com/splsh4 hxxp://zxload1[.]com/jklsh4 hxxp://zxload1[.]com/sh4 hxxp://loadapi1[.]com/jklsh4 hxxp://zxload1[.]com/nabsh4 hxxp://zxload1[.]com/bins/sh4 hxxp://zxload1[.]com/zersh4 hxxp://zxload1[.]com/bins/splsh4 hxxp://zxload1[.]com/bins/nabsh4 hxxp://zxload1[.]com/bins/zersh4 hxxp://zxload1[.]com/bins/nklsh4 hxxp://loadapi1[.]com/bins/jklsh4 hxxp://loadapi1[.]com/zersh4 hxxp://loadapi1[.]com/bins/splsh4 hxxp://loadapi1[.]com/bins/nklsh4 hxxp://loadapi1[.]com/bins/nabsh4 hxxp://loadapi1[.]com/splsh4 hxxp://loadapi1[.]com/nabsh4 hxxp://loadapi1[.]com/nklsh4 hxxp://loadapi1[.]com/bins/sh4 hxxp://search-dl3[.]com/nklsh4 hxxp://search-dl3[.]com/nabsh4 hxxp://search-dl3[.]com/zersh4 hxxp://search-dl3[.]com/bins/splsh4 hxxp://search-dl3[.]com/jklsh4 hxxp://search-dl3[.]com/bins/jklsh4 hxxp://search-dl3[.]com/bins/sh4 hxxp://search-dl3[.]com/bins/nabsh4 hxxp://search-dl3[.]com/splsh4 hxxp://search-dl3[.]com/sh4 hxxp://search-dl3[.]com/bins/zersh4 hxxp://search-sug[.]com/nabsh4 hxxp://search-dl3[.]com/bins/nklsh4 hxxp://search-sug[.]com/bins/nklsh4 hxxp://search-sug[.]com/bins/zersh4 hxxp://search-sug[.]com/bins/nabsh4 hxxp://search-sug[.]com/bins/splsh4 hxxp://search-sug[.]com/sh4 hxxp://search-sug[.]com/zersh4 hxxp://search-sug[.]com/bins/sh4 hxxp://search-sug[.]com/splsh4 hxxp://search-sug[.]com/nklsh4 hxxp://search-sug[.]com/jklsh4 hxxp://search-sug[.]com/bins/jklsh4 hxxp://search-syt[.]com/bins/nabsh4 hxxp://search-syt[.]com/zersh4 hxxp://search-syt[.]com/nklsh4 hxxp://search-syt[.]com/jklsh4 hxxp://search-syt[.]com/bins/nklsh4 hxxp://search-syt[.]com/bins/sh4 hxxp://search-syt[.]com/bins/splsh4 hxxp://search-syt[.]com/bins/jklsh4 hxxp://search-syt[.]com/splsh4 hxxp://search-syt[.]com/sh4 hxxp://search-syt[.]com/bins/zersh4 hxxp://search-syt[.]com/nabsh4 hxxp://search-fst[.]com/jklsh4 hxxp://search-fst[.]com/splsh4 hxxp://search-fst[.]com/sh4 hxxp://search-fst[.]com/bins/nabsh4 hxxp://search-fst[.]com/bins/jklsh4 hxxp://search-fst[.]com/bins/sh4 hxxp://search-fst[.]com/bins/zersh4 hxxp://search-fst[.]com/nklsh4 hxxp://search-fst[.]com/bins/nklsh4 hxxp://search-fst[.]com/nabsh4 hxxp://search-fst[.]com/bins/splsh4 hxxp://search-fst[.]com/zersh4 hxxp://search-blp[.]net/jklsh4 hxxp://search-blp[.]net/zersh4 hxxp://search-blp[.]net/nabsh4 hxxp://search-blp[.]net/sh4 hxxp://search-blp[.]net/bins/jklsh4 hxxp://search-blp[.]net/bins/splsh4 hxxp://search-blp[.]net/nklsh4 hxxp://search-blp[.]net/bins/nklsh4 hxxp://search-blp[.]net/bins/sh4 hxxp://search-blp[.]net/bins/zersh4 hxxp://search-blp[.]net/splsh4 hxxp://search-blp[.]net/bins/nabsh4 hxxp://mg-plant[.]com/jklsh4 hxxp://bmzbaumaschinen[.]com/nabsh4 hxxp://bmzbaumaschinen[.]com/bins/nklsh4 hxxp://bmzbaumaschinen[.]com/nklsh4 hxxp://mg-plant[.]com/bins/jklsh4 hxxp://mg-plant[.]com/sh4 hxxp://mg-plant[.]com/bins/splsh4 hxxp://mg-plant[.]com/splsh4 hxxp://mg-plant[.]com/nklsh4 hxxp://spainparkvillas[.]com/sh4 hxxp://spainparkvillas[.]com/zersh4 hxxp://spainparkvillas[.]com/splsh4 hxxp://spainparkvillas[.]com/bins/zersh4 hxxp://spainparkvillas[.]com/nklsh4 hxxp://spainparkvillas[.]com/nabsh4 hxxp://185[.]193[.]127[.]129/p-p[.]c-[.]DUSK hxxp://185[.]193[.]127[.]129/i-5[.]8-6[.]DUSK hxxp://185[.]193[.]127[.]129/a-r[.]m-6[.]DUSK hxxp://185[.]193[.]127[.]129/a-r[.]m-4[.]DUSK hxxp://185[.]193[.]127[.]129/i-6[.]8-6[.]DUSK hxxp://185[.]193[.]127[.]129/s-p[.]a-k[.]DUSK hxxp://185[.]193[.]127[.]129/m-6[.]8-k[.]DUSK hxxp://185[.]193[.]127[.]129/s-h[.]4-[.]DUSK hxxp://185[.]193[.]127[.]129/a-r[.]m-5[.]DUSK hxxp://185[.]193[.]127[.]129/x-8[.]6-[.]DUSK hxxp://185[.]193[.]127[.]129/m-p[.]s-l[.]DUSK hxxp://185[.]193[.]127[.]129/a-r[.]m-7[.]DUSK hxxp://185[.]193[.]127[.]129/m-i[.]p-s[.]DUSK hxxp://bmzbaumaschinen[.]com/bins/splsh4 hxxp://80[.]66[.]77[.]238/e1x[.]arm	Bashlite
URL	hxxp://mcrogers[.]com/Factura-d13141b4-d555-4231-bed1-406f373a7acd[.]zip	Vidar
URL	hxxp://23[.]95[.]60[.]88/Firstdayback[.]txt hxxp://192[.]3[.]220[.]20/husbandnewera[.]txt	Agent Tesla
URL	hxxps://api[.]telegram[.]org/bot7824077250:AAFcoqx_HuY2oC2csA-0G-hez0Tv78Sn08E/sendMessage?chat_id=7546472414	Snake Keylogger
URL	hxxp://gdx[.]o7lab[.]me/[.]exe	RedLine Stealer
URL	hxxp://49[.]233[.]250[.]33/02[.]08[.]2022[.]exe hxxp://116[.]205[.]237[.]158:10012/02[.]08[.]2022[.]exe hxxp://120[.]26[.]139[.]208:50060/02[.]08[.]2022[.]exe hxxp://43[.]245[.]198[.]226/02[.]08[.]2022[.]exe hxxp://111[.]229[.]123[.]199/02[.]08[.]2022[.]exe hxxp://154[.]92[.]19[.]29:1231/02[.]08[.]2022[.]exe hxxp://8[.]146[.]198[.]223:8888/02[.]08[.]2022[.]exe hxxp://8[.]154[.]18[.]17:8090/02[.]08[.]2022[.]exe hxxp://8[.]137[.]19[.]188:83/02[.]08[.]2022[.]exe hxxp://79[.]124[.]58[.]130:7698/02[.]08[.]2022[.]exe hxxp://120[.]26[.]111[.]197:8899/02[.]08[.]2022[.]exe hxxp://203[.]86[.]239[.]24/02[.]08[.]2022[.]exe hxxp://49[.]65[.]96[.]139:8087/02[.]08[.]2022[.]exe hxxp://141[.]11[.]218[.]13:10481/02[.]08[.]2022[.]exe hxxp://104[.]233[.]245[.]4/02[.]08[.]2022[.]exe hxxp://47[.]97[.]174[.]199:8080/02[.]08[.]2022[.]exe hxxp://39[.]108[.]142[.]219:64412/02[.]08[.]2022[.]exe hxxp://47[.]94[.]168[.]145:9999/02[.]08[.]2022[.]exe hxxp://1[.]92[.]79[.]25:9992/02[.]08[.]2022[.]exe hxxp://87[.]120[.]116[.]31/02[.]08[.]2022[.]exe hxxp://156[.]255[.]2[.]100:18896/02[.]08[.]2022[.]exe hxxp://124[.]70[.]0[.]56:8091/02[.]08[.]2022[.]exe hxxp://120[.]78[.]83[.]129:10086/02[.]08[.]2022[.]exe hxxp://62[.]234[.]81[.]85:9999/02[.]08[.]2022[.]exe hxxp://114[.]55[.]100[.]165:19999/02[.]08[.]2022[.]exe hxxp://47[.]113[.]150[.]236:8888/02[.]08[.]2022[.]exe hxxp://159[.]75[.]148[.]143:18080/02[.]08[.]2022[.]exe hxxp://47[.]109[.]178[.]63:81/02[.]08[.]2022[.]exe hxxp://154[.]9[.]254[.]227:30000/02[.]08[.]2022[.]exe	Cobalt Strike
URL	hxxps://moitt-gov-pk[.]dytt88[.]co/3b7a9398/doc[.]rtf	SideWinder

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております