D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様6社: 2024/12/09
※2024/12/09 更新
マルウェア感染させると考えられるURLを検知（2024/12/09）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://api[.]telegram[.]org/bot6224217116:AAGNvwYwFGJq74My50AttE7zm5CocLNeufI/
hxxp://192[.]3[.]243[.]136/fromamerica[.]exe
hxxp://192[.]3[.]243[.]136/Nueva%20Orden[.]exe
Agent Tesla


URL
hxxp://116[.]203[.]12[.]9/nss3[.]dll
hxxp://116[.]203[.]12[.]9/softokn3[.]dll
hxxp://65[.]109[.]243[.]177/freebl3[.]dll
hxxp://154[.]216[.]20[.]48/f3920c55236c2636/sqlite3[.]dll
hxxp://78[.]47[.]154[.]228/msvcp140[.]dll
hxxp://95[.]216[.]179[.]187/vcruntime140[.]dll
hxxp://78[.]47[.]154[.]228/freebl3[.]dll
hxxp://95[.]215[.]207[.]66/e4560d7fffe268c9/softokn3[.]dll
hxxp://5[.]75[.]213[.]159/softokn3[.]dll
hxxp://65[.]109[.]243[.]177/vcruntime140[.]dll
hxxp://78[.]47[.]154[.]228/softokn3[.]dll
hxxp://147[.]45[.]44[.]190/dace046278f1f1ba/nss3[.]dll?2/
hxxp://65[.]109[.]243[.]177/msvcp140[.]dll
hxxp://5[.]75[.]212[.]86/nss3[.]dll
hxxp://5[.]75[.]212[.]86/softokn3[.]dll
hxxp://87[.]120[.]127[.]44/263ff79562167f22/vcruntime140[.]dll
hxxp://116[.]203[.]12[.]9/freebl3[.]dll
hxxp://5[.]75[.]212[.]86/freebl3[.]dll
hxxp://95[.]216[.]179[.]187/nss3[.]dll
hxxp://116[.]203[.]12[.]9/msvcp140[.]dll
hxxp://87[.]120[.]127[.]44/263ff79562167f22/softokn3[.]dll
hxxp://78[.]47[.]154[.]228/vcruntime140[.]dll
hxxp://87[.]120[.]127[.]44/263ff79562167f22/msvcp140[.]dll
hxxp://65[.]109[.]243[.]177/nss3[.]dll
hxxp://5[.]75[.]213[.]159/msvcp140[.]dll
hxxp://87[.]120[.]127[.]44/263ff79562167f22/nss3[.]dll
hxxp://5[.]75[.]211[.]47/msvcp140[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/softokn3[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/freebl3[.]dll
hxxp://5[.]75[.]212[.]86/msvcp140[.]dll
hxxp://116[.]203[.]12[.]9/mozglue[.]dll
hxxp://5[.]75[.]213[.]159/nss3[.]dll
hxxp://65[.]109[.]243[.]177/softokn3[.]dll
hxxp://95[.]215[.]207[.]66/e4560d7fffe268c9/sqlite3[.]dll
hxxp://95[.]216[.]179[.]187/mozglue[.]dll
hxxp://95[.]216[.]179[.]187/msvcp140[.]dll
hxxp://116[.]203[.]12[.]9/sqlite3[.]dll
hxxp://5[.]75[.]213[.]159/freebl3[.]dll
hxxp://78[.]47[.]154[.]228/mozglue[.]dll
hxxp://5[.]75[.]212[.]86/vcruntime140[.]dll
hxxp://213[.]226[.]114[.]54/msvcp140[.]dll
hxxp://213[.]226[.]114[.]54/sqlite3[.]dll
hxxp://78[.]47[.]154[.]228/nss3[.]dll
hxxp://87[.]120[.]127[.]44/263ff79562167f22/mozglue[.]dll
hxxp://45[.]66[.]10[.]14/6cbce0ff179e097d/sqlite3[.]dll
hxxp://87[.]120[.]127[.]44/263ff79562167f22/sqlite3[.]dll
hxxp://5[.]75[.]208[.]99/nss3[.]dll
hxxp://77[.]105[.]164[.]106/263ff79562167f22/vcruntime140[.]dll
hxxp://5[.]75[.]213[.]159/vcruntime140[.]dll
hxxp://77[.]105[.]164[.]106/263ff79562167f22/sqlite3[.]dll
hxxp://213[.]226[.]114[.]54/softokn3[.]dll
hxxp://92[.]119[.]114[.]245/975fe29e47d261cd/sqlite3[.]dll
hxxp://65[.]109[.]243[.]177/mozglue[.]dll
hxxp://116[.]203[.]12[.]9/vcruntime140[.]dll
hxxp://5[.]75[.]211[.]47/mozglue[.]dll
hxxp://77[.]105[.]164[.]106/263ff79562167f22/msvcp140[.]dll
hxxp://5[.]75[.]213[.]159/mozglue[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/sqlite3[.]dll
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/sqlite3[.]dll
hxxp://5[.]75[.]208[.]99/mozglue[.]dll
hxxp://213[.]226[.]114[.]54/nss3[.]dll
hxxp://77[.]105[.]164[.]106/263ff79562167f22/softokn3[.]dll
hxxp://77[.]105[.]164[.]106/263ff79562167f22/freebl3[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/mozglue[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/sqlite3[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/msvcp140[.]dll
hxxp://5[.]75[.]212[.]86/mozglue[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/nss3[.]dll
hxxp://213[.]226[.]114[.]54/mozglue[.]dll
hxxp://5[.]75[.]211[.]47/vcruntime140[.]dll
hxxp://5[.]75[.]208[.]99/msvcp140[.]dll
hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/vcruntime140[.]dll
hxxp://5[.]75[.]211[.]47/softokn3[.]dll
hxxp://213[.]226[.]114[.]54/freebl3[.]dll
hxxp://185[.]209[.]21[.]146/80c261b81f73786d/softokn3[.]dll
hxxp://185[.]209[.]21[.]146/80c261b81f73786d/vcruntime140[.]dll
hxxp://185[.]209[.]21[.]146/80c261b81f73786d/sqlite3[.]dll
hxxp://5[.]75[.]208[.]99/freebl3[.]dll
hxxp://5[.]75[.]208[.]99/softokn3[.]dll
hxxp://5[.]75[.]211[.]47/freebl3[.]dll
hxxp://185[.]209[.]21[.]146/80c261b81f73786d/mozglue[.]dll
hxxp://5[.]75[.]208[.]99/vcruntime140[.]dll
hxxp://5[.]75[.]211[.]47/nss3[.]dll
hxxp://147[.]45[.]78[.]18/nss3[.]dll
hxxp://185[.]209[.]21[.]146/80c261b81f73786d/nss3[.]dll
hxxp://185[.]209[.]21[.]146/80c261b81f73786d/freebl3[.]dll
hxxp://213[.]226[.]114[.]54/vcruntime140[.]dll
hxxp://178[.]22[.]31[.]134/527ff9c619e7ef71[.]php
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/msvcp140[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/mozglue[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/nss3[.]dll
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/nss3[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/msvcp140[.]dll
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/mozglue[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/softokn3[.]dll
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/vcruntime140[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/vcruntime140[.]dll
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/freebl3[.]dll
hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/freebl3[.]dll
hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/softokn3[.]dll
hxxp://87[.]120[.]126[.]143/734cbeda74d43126/vcruntime140[.]dll
hxxp://87[.]120[.]126[.]143/734cbeda74d43126/freebl3[.]dll
hxxp://87[.]120[.]126[.]143/734cbeda74d43126/softokn3[.]dll
hxxp://87[.]120[.]126[.]143/734cbeda74d43126/nss3[.]dll
hxxp://87[.]120[.]126[.]143/734cbeda74d43126/sqlite3[.]dll
hxxp://87[.]120[.]126[.]143/734cbeda74d43126/msvcp140[.]dll
Stealc


URL
hxxps://berb[.]fitnessclub-filmfanatics[.]com/naailq0[.]cpl
hxxps://berb[.]fitnessclub-filmfanatics[.]com/z[.]mp4
hxxp://31[.]41[.]244[.]12/files/7427009775/BhD8htX[.]exe
hxxp://31[.]41[.]244[.]9/files/rhnew[.]exe
hxxp://31[.]41[.]244[.]10/files/rhnew[.]exe
hxxps://leg-sate-boat[.]sbs/api
hxxps://frogs-severz[.]sbs/api
hxxps://a1m0sph3reds[.]cyou/api
hxxps://brendon-sharjen[.]biz/api
hxxps://wserdtfyguhij[.]2024-vipticket[.]com/k[.]mp4
hxxps://wserdtfyguhij[.]2024-vipticket[.]com/IntroductoryTunes[.]exe
hxxp://45[.]202[.]35[.]169/Downloads//Book_1892739888[.]pdf[.]lnk
hxxp://45[.]202[.]35[.]169/Downloads/Book_1892739888[.]pdf[.]lnk
hxxp://31[.]41[.]244[.]11/files/6453571829/BY5BeYh[.]exe
hxxps://download-695-18112-002-webdav-logicaldoc[.]smartpdfcloud[.]com/Downloads/Book_1892739888[.]pdf[.]lnk
hxxps://www[.]memoriumloader[.]lol/Encrypt[.]exe
hxxps://toqyxuy[.]shop/api
hxxps://lumzulyj[.]shop/api
hxxps://nins[.]in/cembra/power/powersearch
hxxps://ojantrade[.]com/adobePDFmanager[.]txt
hxxp://83[.]217[.]209[.]163/zbuild21/drop1[.]exe
hxxps://lumbluesky[.]shop/api
hxxps://lumramavyy[.]shop/api
hxxps://lumpeguwey[.]shop/api
hxxps://lumdukekiy[.]shop/api
hxxps://lummozudey[.]shop/api
hxxps://lumzacynuy[.]shop/api
hxxps://lumkymenau[.]shop/api
hxxps://lumcozynest[.]shop/api
hxxps://lummomusuo[.]shop/api
hxxps://lumkecuq[.]shop/api
hxxps://lumlasolyo[.]shop/api
hxxps://lumtovusao[.]shop/api
hxxps://lumfokim[.]shop/api
hxxps://lumlideweo[.]shop/api
hxxps://lumlacumii[.]shop/api
hxxps://lumqalij[.]shop/api
hxxps://lumcyjukui[.]shop/api
hxxps://lumgentlewave[.]shop/api
hxxps://lumtechtribune[.]shop/api
hxxps://lumzenspace[.]shop/api
hxxps://lumquvonee[.]shop/api
hxxps://lumsawedua[.]shop/api
hxxps://lumsuxinya[.]shop/api
hxxps://jigateu[.]shop/api
hxxp://65[.]38[.]121[.]215/Downloads/INTRUM6863107[.]pdf[.]lnk
hxxps://ojantrade[.]com/adobePDFmanager
hxxps://ojantrade[.]com/UQEBVVEF[.]exe
hxxps://ojantrade[.]com/file/ZDLLEWKV[.]exe
hxxps://ojantrade[.]com/HIRFQQNA[.]exe
Lumma Stealer


URL
hxxp://8[.]138[.]173[.]127:40000/32http[.]exe
hxxp://8[.]138[.]173[.]127:40000/32[.]exe
hxxp://212[.]34[.]130[.]199/nov02/talkcustomerpro[.]zip
hxxp://166[.]88[.]54[.]35/nov05/homeintranetpro[.]zip
hxxp://e4l4[.]com/beacon_x64[.]exe
hxxp://major[.]iric[.]ca/MajorLabEn/MC-Tools_files/mcsym[.]zip
hxxp://124[.]223[.]19[.]180:17822/5Jmq
Cobalt Strike


URL
hxxp://103[.]192[.]179[.]31/linux_amd64xxxx
hxxp://103[.]192[.]179[.]31/linux_386xxx
Kaiji


URL
hxxp://31[.]41[.]244[.]11/files/1818813749/QFkl8hP[.]exe
hxxps://185[.]196[.]8[.]239/r_p[.]exe
Orcus RAT


URL
hxxp://updatestat[.]site/tegga[.]hta
hxxp://www[.]totya[.]ir/download/moghararat-1402/moghararat-1402[.]zip
hxxps://exodus[.]lat/COMSurrogate[.]exe
hxxps://liveisdestiny[.]me/librarydll2[.]exe
hxxp://121[.]62[.]21[.]150:6854/jdgcfh[.]exe
hxxps://onlineshoppe[.]semilinktech[.]com/wp-content/logo[.]jpg
hxxp://121[.]62[.]21[.]150:6854/hbgfcvg[.]exe
hxxp://104[.]233[.]210[.]179/xmr1025[.]rar?rand=21392
hxxp://181[.]214[.]58[.]112/ctrl/Normal[.]doc
hxxp://31[.]13[.]224[.]51/good[.]exe
hxxp://79[.]137[.]195[.]151/cleanfda/zzh
hxxp://dl[.]aigoingtokill[.]club/ctrl/file/lminer[.]exe
hxxp://pyats[.]top/3nFTk7/zzh
hxxp://45[.]83[.]122[.]25/3nFTk7/zzh
hxxp://83[.]217[.]209[.]163/msh/drop2[.]exe
hxxp://pyats[.]top/3nFTk7/init[.]sh
hxxp://45[.]83[.]122[.]25/3nFTk7/init[.]sh
hxxp://83[.]217[.]209[.]163/angel/drop2[.]exe
hxxp://89[.]169[.]13[.]138/buildmanu[.]exe
hxxp://83[.]217[.]209[.]163/zbuild21/drop2[.]exe
Coinminer


URL
hxxp://31[.]41[.]244[.]10/files/martin/random[.]exe
hxxp://31[.]41[.]244[.]9/files/martin/random[.]exe
CryptBot


URL
hxxp://31[.]41[.]244[.]10/files/unique2/random[.]exe
hxxp://31[.]41[.]244[.]9/files/unique2/random[.]exe
hxxp://92[.]63[.]197[.]221/dl?name=usone
GCleaner


URL
hxxp://87[.]120[.]115[.]240/Downloads/p-y-p-perifoneo-1[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/whatsapp-video-2021-04-22-at-13[.]00[.]22[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/ted_final-cut-1[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/shallipopi_-_free_service[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/07-rema-ozeba-bazemack[.]com_[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/outsyd_dj_ft_famous_pluto_outsyd_eddie_tega_boi_dc_-_feel_d_mood[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/bella_shmurda_-_shalaye[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/orbital233[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/www[.]pharmaself24[.]it_-1[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/private_keys[.]txt[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/angled-window-template-instructions-watermark_small[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/p-y-p[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/Comingtotown[.]txt[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/ttsmaker-file-2024-11-22-1-24-42[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/promotional-video-final-1[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/morbid-thoughts[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/www[.]pharmaself24[.]it-1[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/Comingtotown[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/lavagem-e-impermeabiliza25252525252525252525252525c325252525252525252525252525a725252525252525252525252525c325252525252525252525252525a3o-em-estofados[.]mp4[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/davido_ft_yg_marley_-_awuke[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/kizz_daniel_ft_adekunle_gold_-_pano_tona[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/eminem[.]mp3[.]lnk
hxxp://87[.]120[.]115[.]240/Downloads/passwords[.]txt[.]lnk
QakBot


URL
hxxps://myoptimalbest[.]com/work/download[.]php
hxxps://sexologoconsulta[.]com/work/download[.]php
hxxps://explodingfishamerica[.]com/work/download[.]php
hxxps://almondtreehill[.]com/work/download[.]php
hxxps://augustinianabbey[.]com/work/download[.]php
hxxps://bellevillepaddlingclub[.]com/work/download[.]php
hxxps://cliniquemedicalerichelieu[.]com/work/download[.]php
hxxps://coursecomrade[.]com/work/download[.]php
hxxps://digitaj[.]com/work/download[.]php
hxxps://kevinleeart[.]com/work/download[.]php
hxxps://kortojura[.]com/work/download[.]php
hxxps://royallinefrenchies[.]com/work/download[.]php
hxxps://synergeahealthcentre[.]com/work/download[.]php
hxxps://clickgotheshears[.]com/work/download[.]php
hxxps://kitbennett[.]com/work/original[.]js
hxxps://eventpiggy[.]com/work/download[.]php
hxxps://kitbennett[.]com/work/index[.]php
hxxps://kitbennett[.]com/work/download[.]php
hxxps://kitbennett[.]com/work/yyy[.]zip
hxxps://mybellycast[.]com/work/original[.]js
hxxps://mybellycast[.]com/work/download[.]php
hxxps://mybellycast[.]com/work/index[.]php
hxxps://mybellycast[.]com/work/yyy[.]zip
hxxps://lieutenant-beaudry[.]com/work/original[.]js
hxxps://lieutenant-beaudry[.]com/work/download[.]php
hxxps://lieutenant-beaudry[.]com/work/yyy[.]zip
hxxps://lieutenant-beaudry[.]com/work/index[.]php
hxxps://uasdivision[.]com/work/download[.]php
hxxps://lesoiseauxivres[.]com/work/download[.]php
hxxps://windsorcancerresearch[.]ca/work/yyy[.]zip
hxxps://windsorcancerresearch[.]ca/work/download[.]php
hxxps://windsorcancerresearch[.]ca/work/index[.]php
hxxps://windsorcancerresearch[.]ca/work/original[.]js
hxxps://lesoiseauxivres[.]com/work/yyy[.]zip
hxxps://lesoiseauxivres[.]com/work/original[.]js
hxxps://lesoiseauxivres[.]com/work/index[.]php
hxxps://eventpiggy[.]com/work/index[.]php
hxxps://eventpiggy[.]com/work/original[.]js
hxxps://eventpiggy[.]com/work/yyy[.]zip
hxxps://clickgotheshears[.]com/work/index[.]php
hxxps://clickgotheshears[.]com/work/original[.]js
hxxps://clickgotheshears[.]com/work/yyy[.]zip
hxxps://synergeahealthcentre[.]com/work/index[.]php
hxxps://synergeahealthcentre[.]com/work/original[.]js
hxxps://synergeahealthcentre[.]com/work/yyy[.]zip
hxxps://royallinefrenchies[.]com/work/index[.]php
hxxps://royallinefrenchies[.]com/work/original[.]js
hxxps://royallinefrenchies[.]com/work/yyy[.]zip
hxxps://kortojura[.]com/work/index[.]php
hxxps://kortojura[.]com/work/original[.]js
hxxps://kortojura[.]com/work/yyy[.]zip
hxxps://kevinleeart[.]com/work/index[.]php
hxxps://kevinleeart[.]com/work/original[.]js
hxxps://kevinleeart[.]com/work/yyy[.]zip
hxxps://digitaj[.]com/work/original[.]js
hxxps://digitaj[.]com/work/index[.]php
hxxps://digitaj[.]com/work/yyy[.]zip
hxxps://coursecomrade[.]com/work/index[.]php
hxxps://coursecomrade[.]com/work/original[.]js
hxxps://coursecomrade[.]com/work/yyy[.]zip
hxxps://cliniquemedicalerichelieu[.]com/work/index[.]php
hxxps://cliniquemedicalerichelieu[.]com/work/original[.]js
hxxps://cliniquemedicalerichelieu[.]com/work/yyy[.]zip
hxxps://bellevillepaddlingclub[.]com/work/index[.]php
hxxps://bellevillepaddlingclub[.]com/work/original[.]js
hxxps://bellevillepaddlingclub[.]com/work/yyy[.]zip
hxxps://augustinianabbey[.]com/work/index[.]php
hxxps://augustinianabbey[.]com/work/original[.]js
hxxps://augustinianabbey[.]com/work/yyy[.]zip
hxxps://almondtreehill[.]com/work/index[.]php
hxxps://almondtreehill[.]com/work/original[.]js
hxxps://explodingfishamerica[.]com/work/index[.]php
hxxps://explodingfishamerica[.]com/work/original[.]js
hxxps://uasdivision[.]com/work/yyy[.]zip
hxxps://uasdivision[.]com/work/index[.]php
hxxps://uasdivision[.]com/work/original[.]js
hxxps://wanconyan[.]co/work/download[.]php
hxxps://almondtreehill[.]com/work/yyy[.]zip
hxxps://explodingfishamerica[.]com/work/yyy[.]zip
hxxps://sexologoconsulta[.]com/work/index[.]php
hxxps://sexologoconsulta[.]com/work/original[.]js
hxxps://sexologoconsulta[.]com/work/yyy[.]zip
hxxps://myoptimalbest[.]com/work/index[.]php
hxxps://myoptimalbest[.]com/work/original[.]js
hxxps://myoptimalbest[.]com/work/yyy[.]zip
hxxps://chewels[.]com/s5985j[.]js
hxxps://dcaa[.]info/work/original[.]js
hxxps://dcaa[.]info/work/index[.]php
hxxps://dcaa[.]info/work/download[.]php
hxxps://dcaa[.]info/work/yyy[.]zip
hxxps://casibom[.]cyou/work/yyy[.]zip
hxxps://casibom[.]cyou/work/download[.]php
hxxps://casibom[.]cyou/work/index[.]php
hxxps://casibom[.]cyou/work/original[.]js
hxxps://czzz[.]com/ax331[.]js
hxxps://tasteofgoodness[.]info/work/yyy[.]zip
hxxps://tasteofgoodness[.]info/work/download[.]php
hxxps://tasteofgoodness[.]info/work/original[.]js
hxxps://tasteofgoodness[.]info/work/index[.]php
hxxps://incomingacc[.]com/work/download[.]php
hxxps://coeshor[.]com/hcysi1982[.]js
hxxps://incomingacc[.]com/work/original[.]js
hxxps://incomingacc[.]com/work/index[.]php
hxxps://incomingacc[.]com/work/yyy[.]zip
hxxps://dlsotec[.]com/work/download[.]php
hxxps://dlsotec[.]com/work/original[.]js
hxxps://dlsotec[.]com/work/index[.]php
hxxps://dlsotec[.]com/work/yyy[.]zip
hxxps://best-net[.]biz/work/download[.]php
hxxps://nooo[.]law[.]kimsavagelaw[.]com/merchantServices
hxxps://ims[.]law[.]kimsavagelaw[.]com/merchantServices
hxxps://ggsp[.]law[.]kimsavagelaw[.]com/merchantServices
hxxps://coeshor[.]com/js[.]php
hxxps://iognews[.]com/hpms1989[.]js
hxxps://iognews[.]com/hw47531[.]js
hxxps://gardenworksproject[.]org/wp-admin/maint/QRlqoMji[.]txt
hxxps://iognews[.]com/js[.]php
FAKEUPDATES


URL
hxxps://paste[.]ee/r/PeRoX/0
hxxps://paste[.]ee/d/8Mvet
hxxps://paste[.]ee/d/AP9Jj/0
hxxps://grupodulcemar[.]pe/FACTURA-0987678[.]exe
hxxp://87[.]106[.]161[.]219/654/hrd/weneedtocreatebesthingswithgreatunderstandhowpowerfulthigns__________weneedbetterunderstandtogetmebackwithme________verynicethingsarearoundonmewithgreatthings[.]doc
hxxps://haramb[.]net/KillingInstructional[.]exe
hxxps://www[.]grupodulcemar[.]pe/INVOICE-9876[.]exe
hxxps://inspirecollege[.]co[.]uk/wp-admin/docx[.]bat
hxxp://grupodulcemar[.]pe/factura[.]exe
hxxp://www[.]grupodulcemar[.]pe/FACTURA-0987678[.]exe
hxxp://www[.]grupodulcemar[.]pe/PO076567890000[.]exe
hxxp://www[.]grupodulcemar[.]pe/factura[.]exe
Remcos


URL
hxxps://www[.]stipamana[.]com/docdryhsfghdfghdfhgd/tsgthsgzsdfdfhgdythgrsdtgdsr/xsdghdfykgfuktgfjufrkujghdnjyrtder/buildds[.]doc
hxxps://www[.]stipamana[.]com/sedtryerytsrtyuerthreytwsytysrerter/zgdargaregwaerwgsergtseggs/dfghsgthwstrsrthtghtgh/brtyhdrh[.]exe
hxxps://stipamana[.]com/zAfhgdghdgsdherfthgdfghdfghdfgdghd/asgsdsdhsfhydjfhgmjgfmjfxfsdghdsfgndf/ufgujfgyhjdtrsdrsryetgrsdgdtgdsghdfg/ergdthyfyhnxfhgdfgthdftgsdjydfy/acfgshxdf[.]exe
hxxp://stipamana[.]com/docdryhsfghdfghdfhgd/tsgthsgzsdfdfhgdythgrsdtgdsr/xsdghdfykgfuktgfjufrkujghdnjyrtder/buildds[.]doc
XenoRAT


URL
hxxp://212[.]34[.]130[.]199/nov03/coststatisticpro[.]zip
DarkTortilla


URL
hxxp://31[.]41[.]244[.]11/good/trak[.]exe
hxxp://31[.]41[.]244[.]9/good/trak[.]exe
hxxp://31[.]41[.]244[.]10/good/trak[.]exe
hxxp://31[.]41[.]244[.]12/good/trak[.]exe
hxxp://grupodulcemar[.]pe/INVOICE09000[.]bat
hxxp://l3monrat[.]com/build[.]exe
hxxp://83[.]217[.]209[.]163/msh/drop1[.]exe
hxxp://83[.]217[.]209[.]163/angel/build[.]exe
hxxp://www[.]grupodulcemar[.]pe/FACT0987789000900[.]exe
RedLine Stealer


URL
hxxp://212[.]34[.]130[.]199/nov01/datapublishingpro[.]zip
hxxp://166[.]88[.]54[.]35/nov03/deepenvironmentpro[.]zip
hxxps://107[.]172[.]44[.]175/244/SW/bestimylover[.]hta
hxxp://172[.]245[.]123[.]29/770/we/seemybestdayguvenu[.]hta
hxxps://172[.]245[.]123[.]29/770/we/seemybestdayguvenu[.]hta
hxxps://103[.]237[.]86[.]5/xampp/uh/nicenamewithgoodheartwithentiretimegivenbemebest_________thrnothinghavewhichfeelgreatwithgoodnewsforever________sheissupposetogivethemgreatthigns[.]doc
hxxp://103[.]237[.]86[.]5/xampp/nc/creamynaturealbingivebestsweetoutputofentiretimewhichfeelhotcakewithnicetricking___________theyniceforentirethings____________verynicesweetkissesgivenbymegood[.]doc
hxxp://107[.]175[.]113[.]196/xampp/dh/seemejkiss[.]hta
hxxp://107[.]175[.]113[.]196/400/win[.]exe
Formbook


URL
hxxp://cyberyoda[.]icu/lem[.]exe
Vidar


URL
hxxps://venom[.]likes[.]cash/r/ntoskrnl[.]exe
hxxp://31[.]41[.]244[.]11/files/7299809293/gDJ389J[.]exe
hxxp://31[.]41[.]244[.]11/files/7299809293/kelyBT9[.]exe
Quasar RAT


URL
hxxp://89[.]197[.]154[.]116/Transfer-http[.]zip
hxxp://89[.]197[.]154[.]116/Transfer-http[.]vbs
hxxp://89[.]197[.]154[.]116:7810/eHF-4tVTnNnq3-vejdLJogPiK3ZJIfBMUU62cmVlE9wjtuWSickS7QKt5X9Hh9rbWOGSx3mSkw2thVfP2JbI7rn_FcQhaZ3C
hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_https_32[.]exe
Metasploit


URL
hxxp://166[.]88[.]54[.]35/nov02/fieldanalystspro[.]zip
NetSupportManager RAT


URL
hxxps://api[.]telegram[.]org/bot7924749806:AAG-WJhqQVHwMR7UVUYahs5tVC-3tNXnruE/sendMessage?chat_id=7009913093
hxxps://cia[.]tf/645b21c9a9f4b1d500e490ea0186cef5[.]exe
hxxp://grupodulcemar[.]pe/PHJG9876789000[.]exe
hxxp://www[.]grupodulcemar[.]pe/FACTURA-09876RT567800[.]exe
Snake Keylogger


URL
hxxps://paste[.]ee/d/FbuFz/0
hxxps://paste[.]ee/d/mrGyu/0
hxxp://163[.]123[.]142[.]193/PURCHASE%20ORDER%20006-2024%20GIA-AV%20Rev%201_pdf[.]exe
CloudEyE


URL
hxxps://paste[.]ee/d/DEoKu/0
hxxps://paste[.]ee/d/4XQuV/0
hxxps://paste[.]ee/d/3jfzQ/0
hxxps://paste[.]ee/d/13Pvy/0
hxxps://paste[.]ee/d/qvWBO/0
hxxps://paste[.]ee/d/ubQx3/0
hxxp://194[.]87[.]145[.]71/222[.]exe
hxxp://31[.]41[.]244[.]11/files/7299809293/qk4EiZw[.]exe
hxxp://103[.]20[.]102[.]62/DC09[.]bat
hxxp://31[.]41[.]244[.]11/files/6554834407/ZdGtikR[.]exe
hxxp://31[.]41[.]244[.]11/files/6554834407/B3vKvPi[.]exe
hxxp://l3monrat[.]com/spoolsv[.]exe
AsyncRAT


URL
hxxp://124[.]217[.]246[.]246/Power-Credit/Download[.]aspx?file=FastCredit[.]apk
SMSspy


URL
hxxp://socotab[.]net/72078b0_9t851c[.]exe
hxxp://95[.]163[.]152[.]69/chelentano[.]exe
hxxps://valorantskinschanger[.]com/nancybee[.]exe
hxxps://fitgirl-repackes[.]me/apilibx64[.]exe
hxxp://91[.]214[.]78[.]71/responsibilityleadpro[.]exe
hxxp://31[.]41[.]244[.]11/files/6946140361/Ed7zZr4[.]exe
hxxp://89[.]23[.]100[.]74/resp[.]exe
Meduza Stealer


URL
hxxp://31[.]41[.]244[.]11/files/6453571829/1LbGasx[.]exe
PureLogs Stealer


URL
hxxp://87[.]120[.]115[.]168/586
hxxp://87[.]120[.]115[.]168/co
hxxp://87[.]120[.]115[.]168/dss
hxxp://185[.]91[.]127[.]27/roze[.]mipsel
hxxp://185[.]91[.]127[.]27/roze[.]i586
hxxp://185[.]91[.]127[.]27/roze[.]i686
hxxp://87[.]120[.]115[.]168/m68k
hxxp://185[.]91[.]127[.]27/roze[.]sh4
hxxp://87[.]120[.]115[.]168/sh4
hxxp://185[.]91[.]127[.]27/roze[.]ppc
hxxp://87[.]120[.]115[.]168/mipsel
hxxp://185[.]91[.]127[.]27/roze[.]mips
hxxp://185[.]91[.]127[.]27/roze[.]armv5
hxxp://185[.]91[.]127[.]27/roze[.]m68k
hxxp://185[.]91[.]127[.]27/roze[.]x86
hxxp://87[.]120[.]115[.]168/ppc
hxxp://87[.]120[.]115[.]168/dc
hxxp://87[.]120[.]115[.]168/arm61
hxxp://87[.]120[.]115[.]168/sex[.]sh
hxxp://87[.]120[.]115[.]168/mips
hxxp://185[.]91[.]127[.]27/roze[.]armv4
hxxp://185[.]91[.]127[.]27/roze[.]armv6
hxxp://185[.]91[.]127[.]27/roze[.]sparc
hxxp://93[.]123[.]85[.]191/Sakura[.]sh
hxxp://93[.]123[.]85[.]191/a-r[.]m-6[.]Sakura
hxxp://93[.]123[.]85[.]191/a-r[.]m-4[.]Sakura
hxxp://93[.]123[.]85[.]191/s-h[.]4-[.]Sakura
hxxp://93[.]123[.]85[.]191/a-r[.]m-7[.]Sakura
hxxp://93[.]123[.]85[.]191/x-8[.]6-[.]Sakura
hxxp://93[.]123[.]85[.]191/m-i[.]p-s[.]Sakura
hxxp://93[.]123[.]85[.]191/x-3[.]2-[.]Sakura
hxxp://93[.]123[.]85[.]191/i-5[.]8-6[.]Sakura
hxxp://93[.]123[.]85[.]191/m-p[.]s-l[.]Sakura
hxxp://93[.]123[.]85[.]191/p-p[.]c-[.]Sakura
hxxp://93[.]123[.]85[.]191/a-r[.]m-5[.]Sakura
hxxp://93[.]123[.]85[.]191/m-6[.]8-k[.]Sakura
hxxp://87[.]120[.]112[.]101/weedcron
hxxp://87[.]120[.]112[.]101/weedopenssh
hxxp://87[.]120[.]112[.]101/weedshit
hxxp://87[.]120[.]112[.]101/weedsh
hxxp://87[.]120[.]112[.]101/weedsshd
hxxp://93[.]123[.]85[.]60/logsbins[.]sh
hxxp://87[.]120[.]112[.]101/weedapache2
hxxp://87[.]120[.]112[.]101/weedbash
hxxp://87[.]120[.]112[.]101/weedntpd
hxxp://87[.]120[.]112[.]101/weedtftp
hxxp://45[.]125[.]66[.]23/jklsh4
hxxp://s1[.]bulletproof[.]my/sh4
hxxp://s1[.]bulletproof[.]my/zersh4
hxxp://45[.]125[.]66[.]23/nabsh4
hxxp://s1[.]bulletproof[.]my/splsh4
hxxp://s1[.]bulletproof[.]my/nabsh4
hxxp://45[.]125[.]66[.]23/nklsh4
hxxp://s1[.]bulletproof[.]my/jklsh4
hxxp://45[.]125[.]66[.]23/sh4
hxxp://45[.]125[.]66[.]23/zersh4
hxxp://s1[.]bulletproof[.]my/nklsh4
hxxp://45[.]125[.]66[.]23/splsh4
Bashlite


URL
hxxps://pastebin[.]com/raw/qYqj8YJr
hxxps://pastebin[.]com/raw/bza26rSa
POWERSTATS


URL
hxxps://pastebin[.]com/raw/YEbcCfzC
PerlBot


URL
hxxps://melladown[.]click/mellat[.]apk
IRATA


URL
hxxp://195[.]133[.]11[.]40/?h=195[.]133[.]11[.]40&p=80&t=tcp&a=l64&stage=true
hxxp://165[.]232[.]176[.]151/file[.]elf
ConnectBack


URL
hxxp://121[.]62[.]21[.]150:6854/l64
BillGates


URL
hxxp://20[.]151[.]75[.]185/Invoice[.]exe
hxxps://jobcity[.]com/img/RM0XpX/
hxxps://exilum[.]com/homegrownorlando[.]com/closed-section/additional-area/740331365-R4cXbyqTk/
hxxps://www[.]reifenquick[.]de/Scripts/statement/ul397wfyb/
hxxps://reifenquick[.]de/Scripts/hl8-8w4cs-6325/
hxxps://www[.]reifenquick[.]de/Scripts/closed_957176_mxqSdoJ6a4IZ/close_warehouse/ql55hnq09iyn6lm_334stxvw03wyv/
hxxp://hunter[.]freshworx[.]com/et8_webservice/mail/attach/61EB0719-3A26-D60D-7630-B0A2084EEB02/684538_Rechnung_74700680333[.]doc
Emotet


URL
hxxps://codeload[.]github[.]com/54N4L/mimikatzWindows/zip/refs/heads/master
MimiKatz


URL
hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_tcp[.]exe
hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_tcp_32[.]exe
hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_https[.]exe
hxxp://2ig[.]cs[.]alab01[.]de/payloads/v/m_x64_rev_tcp_unstaged_80[.]exe
hxxp://2ig[.]cs[.]alab01[.]de/payloads/v/m_x64_rev_tcp_80[.]exe
hxxps://2ig[.]cs[.]alab01[.]de/payloads/v/m_x64_rev_tcp_80[.]exe
Meterpreter


URL
hxxps://176[.]113[.]115[.]163/instrumental/list[.]exe
hxxp://176[.]113[.]115[.]163/factory/steel[.]exe
hxxp://176[.]113[.]115[.]163/instrumental/basx[.]exe
hxxps://176[.]113[.]115[.]163/factory/steel[.]exe
Socks5 Systemz


URL
hxxp://dddotx[.]shop/Bish2[.]exe
hxxp://dddotx[.]shop/DLLL[.]dll
hxxp://grupodulcemar[.]pe/FACTURA09876567000[.]bat
hxxp://66[.]63[.]187[.]231/35/tu-35[.]exe
hxxp://www[.]stipamana[.]com/dftjedrshyyj/Panel/five/fre[.]php
hxxps://www[.]stipamana[.]com/dftjedrshyyj/Panel/five/fre[.]php
LokiBot


URL
hxxps://889mmm[.]com/kusaka[.]php?call=ib
hxxps://omzmao[.]com/kusaka[.]php?call=ib
hxxps://k8vn138[.]com/kusaka[.]php?call=ib
hxxps://nyc-mag[.]com/kusaka[.]php?call=ib
hxxp://141[.]98[.]9[.]201/joinsystem
AMOS


URL
hxxp://109[.]230[.]200[.]236/T1Client[.]exe
hxxp://109[.]230[.]200[.]236/t1server[.]exe
hxxp://otkazaza[.]ru/lineSecureLowProcessBigloadwindowsuniversalDatalifeDlepublic[.]php
hxxp://185[.]246[.]67[.]73/Uploads/server9/universalUploads/Trafficcentraldatalife/phplow3/trackMultiupdatePacket/Javascript3lowpython/db/ProtonBigloadApiline/5flowertrackJs/VoiddbProtect/1Temptraffic/TrackDatalife0/auth/JsToProton/uploads6centralLinux/Providerto_packetLowServerbaseDownloads[.]php
hxxp://premove[.]ru/ExternalupdateProcessorlongpollBigloadSqllinuxpublic[.]php
hxxp://31[.]41[.]244[.]11/files/7658082748/wTMEVe8[.]exe
hxxp://77[.]73[.]39[.]158/4TempjsApi/dleLocalrequestAsync/Line/5pythonDefaultasync/windowsTestPipe/Mariadb/7/ProviderpipehttplowAuthBigloaddleLocalcdndownloads[.]php
hxxp://193[.]32[.]162[.]64/Linelow[.]php
hxxp://91[.]227[.]41[.]9/imagePipepolldletemp[.]php
DCRat


URL
hxxp://103[.]230[.]121[.]243:22533/build[.]s[.]apk
hxxp://51[.]20[.]2[.]165:3000/build[.]s[.]apk
hxxp://198[.]199[.]74[.]62:22533/build[.]s[.]apk
hxxp://64[.]227[.]131[.]111/build[.]s[.]apk
hxxp://139[.]59[.]55[.]116/build[.]s[.]apk
AhMyth


URL
hxxps://www[.]supermercadoesmeralda[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]smilecaredental[.]net/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]gestorea[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]steffe[.]nu/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]vandkcleaning[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]thomasrodenberg[.]dk/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]safalupacharkendra[.]com[.]np/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]wearerescue[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]kaisermagazine[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://zolatourism[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://abandonedporn[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://mundodosbrinquedos[.]app[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://dahalayush[.]com[.]np/wp-content/plugins/wats/openfl[.]php?id=
hxxps://vegadent[.]es/wp-content/plugins/wats/openfl[.]php?id=
hxxps://demo[.]pagodalabs[.]com[.]np/sandro/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]empowerimmigrants[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://freebusinessappraisals[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://halifaxblackfilm[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://idiinhu[.]or[.]id/wp-content/plugins/wats/openfl[.]php?id=
hxxps://sedotwcsemarangtermurah[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://plasticstrapthailand[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://realty[.]scrybedigital[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://bravo1solucoespatrimoniais[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://vestidodefiesta[.]org/wp-content/plugins/wats/openfl[.]php?id=
hxxps://moneyinfo[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://esign[.]bvccsolutions[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://kmhdijogjaistimewa[.]org/wp-content/plugins/wats/openfl[.]php?id=
hxxps://netwerkgoedvolk[.]nl/wp-content/plugins/wats/openfl[.]php?id=
hxxps://pedroaugustops[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://demo[.]pagodalabs[.]com[.]np/subaru/wp-content/plugins/wats/openfl[.]php?id=
hxxps://kantorberitaburuh[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://halonikah[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://britishpropolisteam[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://demo[.]pagodalabs[.]com[.]np/himalayan-distillery/hdl-new/wp-content/plugins/wats/openfl[.]php?id=
hxxps://promo[.]generos[.]store/wp-content/plugins/wats/openfl[.]php?id=
hxxps://infinia[.]ae/wp-content/plugins/wats/openfl[.]php?id=
hxxps://ibhayi-electronics[.]co[.]za/wp-content/plugins/wats/openfl[.]php?id=
hxxps://kaoisencoes[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]campergoals[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://pbimh[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://luxiahomes[.]com[.]au/wp-content/plugins/wats/openfl[.]php?id=
hxxps://aquiseconstruyealgo[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://reicars[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://suaraselebes[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://polarcusinternational[.]com/careers/wp-content/plugins/wats/openfl[.]php?id=
hxxps://demo[.]pagodalabs[.]com[.]np/nibl/wp-content/plugins/wats/openfl[.]php?id=
hxxps://ctciwiring[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://kwesipharma[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://mabestqualityconstruction[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://mundodosmetodos[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://katealisonschoolng[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://njcu[.]info/eco/wp-content/plugins/wats/openfl[.]php?id=
hxxps://w3lab[.]w3lab[.]cloud/wp-content/plugins/wats/openfl[.]php?id=
hxxps://etrans[.]id/wp-content/plugins/wats/openfl[.]php?id=
hxxps://maniautomobiles[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]casacrescer[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://proctoxl[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://lp[.]engemarinha[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id=
hxxps://promend[.]nl/wp-content/plugins/wats/openfl[.]php?id=
hxxps://ottawablackfilm[.]com/wp-content/plugins/wats/openfl[.]php?id=
hxxps://mockup[.]worldhalalfood[.]com/metrorocket/wp-content/plugins/wats/openfl[.]php?id=
hxxp://bingowow[.]nl/wp-content/plugins/wats/openfl[.]php?id=
hxxps://www[.]blancblanc[.]com/cms/wp-content/plugins/wats/openfl[.]php?id=
hxxps://assodomtogo[.]org/wp-content/plugins/wats/openfl[.]php?id=
Matanbuchus


URL
hxxp://94[.]156[.]177[.]33/Lv2D7fGdopb/Login[.]php
hxxp://connect[.]resourcecloud[.]shop/pLQvfD4d5/Login[.]php
hxxp://185[.]208[.]158[.]96/mzmtrpwoe113eelxn/Login[.]php
hxxp://185[.]215[.]113[.]43/Zu7JuNko/Login[.]php
hxxp://62[.]60[.]226[.]15/8fj482jd9/Login[.]php
hxxp://147[.]45[.]47[.]35/bDjkb2xSd/Login[.]php
hxxp://154[.]216[.]20[.]42/h9k4kfklCdszZ3/Login[.]php
hxxp://185[.]172[.]128[.]99/u6vhSc3PPq/Login[.]php
hxxp://185[.]172[.]128[.]100/u6vhSc3PPq/Login[.]php
hxxp://89[.]23[.]103[.]42/hb9IvshS01/Login[.]php
hxxp://77[.]91[.]77[.]140/g9bkfkWf/Login[.]php
hxxp://94[.]156[.]68[.]141/h9fmdW5/Login[.]php
hxxp://89[.]23[.]103[.]42/hb9IvshS02/Login[.]php
hxxp://94[.]156[.]8[.]147/Mze23dSPbF4/Login[.]php
hxxp://94[.]232[.]249[.]157/hb9IvshS03/Login[.]php
hxxp://checkthebestofferyoucanget[.]com/h9fmdW5/Login[.]php
hxxp://expertbigworldupdate[.]com/h9fmdW5/Login[.]php
hxxp://findthebestopportunityforyou[.]com/8BvxwQdec3/Login[.]php?
hxxp://innovupdates3[.]com/h9fmdW6/Login[.]php
hxxp://simple-updatereport[.]com/h9fmdW5/Login[.]php
hxxp://simple-updatereport2[.]com/h9fmdW5/Login[.]php
hxxps://simple-updatereport2[.]com/h9fmdW5/Login[.]php
hxxp://www[.]brasseriehub2[.]com/h9fmdW5/Login[.]php
hxxp://185[.]172[.]128[.]116/Mb3GvQs8/Login[.]php
hxxp://147[.]45[.]47[.]155/ku4Nor9/Login[.]php
hxxp://185[.]196[.]8[.]126/h9fmdW7/Login[.]php
hxxp://185[.]215[.]113[.]16/Jo89Ku7d/Login[.]php
hxxp://185[.]215[.]113[.]19/CoreOPT/Login[.]php
hxxp://185[.]215[.]113[.]26/Dem7kTu/Login[.]php
hxxp://45[.]202[.]35[.]101/pLQvfD4d/Login[.]php
hxxp://45[.]80[.]158[.]31/g9bkfkWf/Login[.]php
hxxp://5[.]42[.]64[.]44/BlsSwk93eX/Login[.]php
hxxp://66[.]78[.]40[.]146[.]kyun[.]network/8BvxwQdec3/Login[.]php
hxxp://77[.]91[.]77[.]81/Kiru9gu/Login[.]php
hxxp://77[.]91[.]77[.]82/Hun4Ko/Login[.]php
hxxp://79[.]137[.]192[.]15/n9djvSc3x/Login[.]php
hxxp://91[.]92[.]242[.]139/Pneh2sXQk0/Login[.]php
hxxp://someniceglasseswithdiscount[.]com/8BvxwQdec3/Login[.]php
hxxp://www[.]ruspyc[.]top/j4Fvskd3/Login[.]php
hxxp://31[.]41[.]244[.]11/files/8049824649/qtmPs7h[.]exe
Amadey


URL
hxxp://182[.]119[.]228[.]231:58644/Mozi[.]m
hxxp://102[.]33[.]104[.]192:37402/Mozi[.]m
hxxp://115[.]48[.]149[.]196:36024/Mozi[.]m
Mozi


URL
hxxp://guanggaoban[.]net/ready[.]apk
hxxp://random[.]tggame[.]xyz/TenMotives_base[.]apk
hxxp://guanggaoban[.]net/baidu[.]apk
hxxp://random[.]tggame[.]xyz/ready[.]apk
hxxp://random[.]tggame[.]xyz/Ucbridge_base[.]apk
hxxp://zhibodaohang[.]cc/Ucbridge_base[.]apk
hxxp://random[.]tggame[.]xyz/baidu[.]apk
hxxp://zhibodaohang[.]cc/TenMotives_base[.]apk
hxxp://guanggaoban[.]net/Ucbridge_base[.]apk
hxxp://zhibodaohang[.]cc/baidu[.]apk
hxxp://zhibodaohang[.]cc/ready[.]apk
hxxp://guanggaoban[.]net/TenMotives_base[.]apk
SpyNote


URL
hxxps://quanlyphongnet[.]com/net/run[.]exe
hxxp://31[.]41[.]244[.]11/files/5878897896/sS6lYim[.]exe
Babadeda


URL
hxxps://661544537453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/
hxxps://5564237453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/
hxxps://8774437453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/
hxxps://7894437453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/
hxxps://934437453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://6255553981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://62333981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://8237453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://3637453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://34437453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://332137453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/
hxxps://4453981d0595033c23[.]com/MjNkNTlkYzBhZjNk/
hxxps://zzd768db37e5e2f5a7fbc0fe1fee5b311[.]com/YzhkZjQwNDRkN2Uy/
hxxps://22d768db37e5e2f5a7fbc0fe1fee5b311[.]com/YzhkZjQwNDRkN2Uy/
Coper


URL
hxxp://6[.]magicalomaha[.]co/forum/viewtopic[.]php
hxxp://6[.]magicalomaha[.]com/forum/viewtopic[.]php
hxxp://www[.]weallscheme[.]com/wp-content/uploads/2010/07/menu[.]php
hxxp://www[.]scoopcelebrity[.]com/mobiledummy/wp-content/plugins/wordpress-seo/admin/linkdex/external[.]php
hxxp://www[.]evokingyou[.]com/fashion/wp-content/themes/twentyeleven/inc/external[.]php
hxxp://forums[.]lolapps[.]com/includes/cron/response[.]php
hxxp://www[.]kitchenaria[.]com/modules/gateway2/Protx/response[.]php
Pony


URL
hxxps://codeload[.]github[.]com/chydn0y/xworm-rat/zip/refs/heads/main
XWorm


URL
hxxps://gomotest[.]premiumprotectiondis[.]org/webpanel/Panel/login[.]php
Gomorrah stealer


URL
hxxps://taco-keys[.]com/licenseUser[.]php
hxxps://puta-key[.]com/licenseUser[.]php
Satacom


URL
hxxp://87[.]6[.]220[.]118/xmrig[.]exe
XMRig


URL
hxxp://83[.]217[.]209[.]163/angel/drop3[.]exe
hxxp://83[.]217[.]209[.]163/zbuild21/drop3[.]exe
Phemedrone Stealer


URL
hxxp://158[.]101[.]196[.]44/AVEvasion[.]dll
hxxp://158[.]101[.]196[.]44/Execute[.]ps1
hxxp://158[.]101[.]196[.]44/random[.]txt
Rozena


URL
hxxp://31[.]41[.]244[.]11/files/6554834407/ntRoEwh[.]exe
StormKitty


URL
hxxp://31[.]41[.]244[.]11/files/7658082748/gdxjQRY[.]exe
PureCrypter




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://api[.]telegram[.]org/bot6224217116:AAGNvwYwFGJq74My50AttE7zm5CocLNeufI/ hxxp://192[.]3[.]243[.]136/fromamerica[.]exe hxxp://192[.]3[.]243[.]136/Nueva%20Orden[.]exe	Agent Tesla
URL	hxxp://116[.]203[.]12[.]9/nss3[.]dll hxxp://116[.]203[.]12[.]9/softokn3[.]dll hxxp://65[.]109[.]243[.]177/freebl3[.]dll hxxp://154[.]216[.]20[.]48/f3920c55236c2636/sqlite3[.]dll hxxp://78[.]47[.]154[.]228/msvcp140[.]dll hxxp://95[.]216[.]179[.]187/vcruntime140[.]dll hxxp://78[.]47[.]154[.]228/freebl3[.]dll hxxp://95[.]215[.]207[.]66/e4560d7fffe268c9/softokn3[.]dll hxxp://5[.]75[.]213[.]159/softokn3[.]dll hxxp://65[.]109[.]243[.]177/vcruntime140[.]dll hxxp://78[.]47[.]154[.]228/softokn3[.]dll hxxp://147[.]45[.]44[.]190/dace046278f1f1ba/nss3[.]dll?2/ hxxp://65[.]109[.]243[.]177/msvcp140[.]dll hxxp://5[.]75[.]212[.]86/nss3[.]dll hxxp://5[.]75[.]212[.]86/softokn3[.]dll hxxp://87[.]120[.]127[.]44/263ff79562167f22/vcruntime140[.]dll hxxp://116[.]203[.]12[.]9/freebl3[.]dll hxxp://5[.]75[.]212[.]86/freebl3[.]dll hxxp://95[.]216[.]179[.]187/nss3[.]dll hxxp://116[.]203[.]12[.]9/msvcp140[.]dll hxxp://87[.]120[.]127[.]44/263ff79562167f22/softokn3[.]dll hxxp://78[.]47[.]154[.]228/vcruntime140[.]dll hxxp://87[.]120[.]127[.]44/263ff79562167f22/msvcp140[.]dll hxxp://65[.]109[.]243[.]177/nss3[.]dll hxxp://5[.]75[.]213[.]159/msvcp140[.]dll hxxp://87[.]120[.]127[.]44/263ff79562167f22/nss3[.]dll hxxp://5[.]75[.]211[.]47/msvcp140[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/softokn3[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/freebl3[.]dll hxxp://5[.]75[.]212[.]86/msvcp140[.]dll hxxp://116[.]203[.]12[.]9/mozglue[.]dll hxxp://5[.]75[.]213[.]159/nss3[.]dll hxxp://65[.]109[.]243[.]177/softokn3[.]dll hxxp://95[.]215[.]207[.]66/e4560d7fffe268c9/sqlite3[.]dll hxxp://95[.]216[.]179[.]187/mozglue[.]dll hxxp://95[.]216[.]179[.]187/msvcp140[.]dll hxxp://116[.]203[.]12[.]9/sqlite3[.]dll hxxp://5[.]75[.]213[.]159/freebl3[.]dll hxxp://78[.]47[.]154[.]228/mozglue[.]dll hxxp://5[.]75[.]212[.]86/vcruntime140[.]dll hxxp://213[.]226[.]114[.]54/msvcp140[.]dll hxxp://213[.]226[.]114[.]54/sqlite3[.]dll hxxp://78[.]47[.]154[.]228/nss3[.]dll hxxp://87[.]120[.]127[.]44/263ff79562167f22/mozglue[.]dll hxxp://45[.]66[.]10[.]14/6cbce0ff179e097d/sqlite3[.]dll hxxp://87[.]120[.]127[.]44/263ff79562167f22/sqlite3[.]dll hxxp://5[.]75[.]208[.]99/nss3[.]dll hxxp://77[.]105[.]164[.]106/263ff79562167f22/vcruntime140[.]dll hxxp://5[.]75[.]213[.]159/vcruntime140[.]dll hxxp://77[.]105[.]164[.]106/263ff79562167f22/sqlite3[.]dll hxxp://213[.]226[.]114[.]54/softokn3[.]dll hxxp://92[.]119[.]114[.]245/975fe29e47d261cd/sqlite3[.]dll hxxp://65[.]109[.]243[.]177/mozglue[.]dll hxxp://116[.]203[.]12[.]9/vcruntime140[.]dll hxxp://5[.]75[.]211[.]47/mozglue[.]dll hxxp://77[.]105[.]164[.]106/263ff79562167f22/msvcp140[.]dll hxxp://5[.]75[.]213[.]159/mozglue[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/sqlite3[.]dll hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/sqlite3[.]dll hxxp://5[.]75[.]208[.]99/mozglue[.]dll hxxp://213[.]226[.]114[.]54/nss3[.]dll hxxp://77[.]105[.]164[.]106/263ff79562167f22/softokn3[.]dll hxxp://77[.]105[.]164[.]106/263ff79562167f22/freebl3[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/mozglue[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/sqlite3[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/msvcp140[.]dll hxxp://5[.]75[.]212[.]86/mozglue[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/nss3[.]dll hxxp://213[.]226[.]114[.]54/mozglue[.]dll hxxp://5[.]75[.]211[.]47/vcruntime140[.]dll hxxp://5[.]75[.]208[.]99/msvcp140[.]dll hxxp://212[.]86[.]115[.]216/6ef7b5a1a18fd719/vcruntime140[.]dll hxxp://5[.]75[.]211[.]47/softokn3[.]dll hxxp://213[.]226[.]114[.]54/freebl3[.]dll hxxp://185[.]209[.]21[.]146/80c261b81f73786d/softokn3[.]dll hxxp://185[.]209[.]21[.]146/80c261b81f73786d/vcruntime140[.]dll hxxp://185[.]209[.]21[.]146/80c261b81f73786d/sqlite3[.]dll hxxp://5[.]75[.]208[.]99/freebl3[.]dll hxxp://5[.]75[.]208[.]99/softokn3[.]dll hxxp://5[.]75[.]211[.]47/freebl3[.]dll hxxp://185[.]209[.]21[.]146/80c261b81f73786d/mozglue[.]dll hxxp://5[.]75[.]208[.]99/vcruntime140[.]dll hxxp://5[.]75[.]211[.]47/nss3[.]dll hxxp://147[.]45[.]78[.]18/nss3[.]dll hxxp://185[.]209[.]21[.]146/80c261b81f73786d/nss3[.]dll hxxp://185[.]209[.]21[.]146/80c261b81f73786d/freebl3[.]dll hxxp://213[.]226[.]114[.]54/vcruntime140[.]dll hxxp://178[.]22[.]31[.]134/527ff9c619e7ef71[.]php hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/msvcp140[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/mozglue[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/nss3[.]dll hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/nss3[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/msvcp140[.]dll hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/mozglue[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/softokn3[.]dll hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/vcruntime140[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/vcruntime140[.]dll hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/freebl3[.]dll hxxp://178[.]22[.]31[.]134/cb8373ac6348bc41/freebl3[.]dll hxxp://178[.]22[.]31[.]97/cb8373ac6348bc41/softokn3[.]dll hxxp://87[.]120[.]126[.]143/734cbeda74d43126/vcruntime140[.]dll hxxp://87[.]120[.]126[.]143/734cbeda74d43126/freebl3[.]dll hxxp://87[.]120[.]126[.]143/734cbeda74d43126/softokn3[.]dll hxxp://87[.]120[.]126[.]143/734cbeda74d43126/nss3[.]dll hxxp://87[.]120[.]126[.]143/734cbeda74d43126/sqlite3[.]dll hxxp://87[.]120[.]126[.]143/734cbeda74d43126/msvcp140[.]dll	Stealc
URL	hxxps://berb[.]fitnessclub-filmfanatics[.]com/naailq0[.]cpl hxxps://berb[.]fitnessclub-filmfanatics[.]com/z[.]mp4 hxxp://31[.]41[.]244[.]12/files/7427009775/BhD8htX[.]exe hxxp://31[.]41[.]244[.]9/files/rhnew[.]exe hxxp://31[.]41[.]244[.]10/files/rhnew[.]exe hxxps://leg-sate-boat[.]sbs/api hxxps://frogs-severz[.]sbs/api hxxps://a1m0sph3reds[.]cyou/api hxxps://brendon-sharjen[.]biz/api hxxps://wserdtfyguhij[.]2024-vipticket[.]com/k[.]mp4 hxxps://wserdtfyguhij[.]2024-vipticket[.]com/IntroductoryTunes[.]exe hxxp://45[.]202[.]35[.]169/Downloads//Book_1892739888[.]pdf[.]lnk hxxp://45[.]202[.]35[.]169/Downloads/Book_1892739888[.]pdf[.]lnk hxxp://31[.]41[.]244[.]11/files/6453571829/BY5BeYh[.]exe hxxps://download-695-18112-002-webdav-logicaldoc[.]smartpdfcloud[.]com/Downloads/Book_1892739888[.]pdf[.]lnk hxxps://www[.]memoriumloader[.]lol/Encrypt[.]exe hxxps://toqyxuy[.]shop/api hxxps://lumzulyj[.]shop/api hxxps://nins[.]in/cembra/power/powersearch hxxps://ojantrade[.]com/adobePDFmanager[.]txt hxxp://83[.]217[.]209[.]163/zbuild21/drop1[.]exe hxxps://lumbluesky[.]shop/api hxxps://lumramavyy[.]shop/api hxxps://lumpeguwey[.]shop/api hxxps://lumdukekiy[.]shop/api hxxps://lummozudey[.]shop/api hxxps://lumzacynuy[.]shop/api hxxps://lumkymenau[.]shop/api hxxps://lumcozynest[.]shop/api hxxps://lummomusuo[.]shop/api hxxps://lumkecuq[.]shop/api hxxps://lumlasolyo[.]shop/api hxxps://lumtovusao[.]shop/api hxxps://lumfokim[.]shop/api hxxps://lumlideweo[.]shop/api hxxps://lumlacumii[.]shop/api hxxps://lumqalij[.]shop/api hxxps://lumcyjukui[.]shop/api hxxps://lumgentlewave[.]shop/api hxxps://lumtechtribune[.]shop/api hxxps://lumzenspace[.]shop/api hxxps://lumquvonee[.]shop/api hxxps://lumsawedua[.]shop/api hxxps://lumsuxinya[.]shop/api hxxps://jigateu[.]shop/api hxxp://65[.]38[.]121[.]215/Downloads/INTRUM6863107[.]pdf[.]lnk hxxps://ojantrade[.]com/adobePDFmanager hxxps://ojantrade[.]com/UQEBVVEF[.]exe hxxps://ojantrade[.]com/file/ZDLLEWKV[.]exe hxxps://ojantrade[.]com/HIRFQQNA[.]exe	Lumma Stealer
URL	hxxp://8[.]138[.]173[.]127:40000/32http[.]exe hxxp://8[.]138[.]173[.]127:40000/32[.]exe hxxp://212[.]34[.]130[.]199/nov02/talkcustomerpro[.]zip hxxp://166[.]88[.]54[.]35/nov05/homeintranetpro[.]zip hxxp://e4l4[.]com/beacon_x64[.]exe hxxp://major[.]iric[.]ca/MajorLabEn/MC-Tools_files/mcsym[.]zip hxxp://124[.]223[.]19[.]180:17822/5Jmq	Cobalt Strike
URL	hxxp://103[.]192[.]179[.]31/linux_amd64xxxx hxxp://103[.]192[.]179[.]31/linux_386xxx	Kaiji
URL	hxxp://31[.]41[.]244[.]11/files/1818813749/QFkl8hP[.]exe hxxps://185[.]196[.]8[.]239/r_p[.]exe	Orcus RAT
URL	hxxp://updatestat[.]site/tegga[.]hta hxxp://www[.]totya[.]ir/download/moghararat-1402/moghararat-1402[.]zip hxxps://exodus[.]lat/COMSurrogate[.]exe hxxps://liveisdestiny[.]me/librarydll2[.]exe hxxp://121[.]62[.]21[.]150:6854/jdgcfh[.]exe hxxps://onlineshoppe[.]semilinktech[.]com/wp-content/logo[.]jpg hxxp://121[.]62[.]21[.]150:6854/hbgfcvg[.]exe hxxp://104[.]233[.]210[.]179/xmr1025[.]rar?rand=21392 hxxp://181[.]214[.]58[.]112/ctrl/Normal[.]doc hxxp://31[.]13[.]224[.]51/good[.]exe hxxp://79[.]137[.]195[.]151/cleanfda/zzh hxxp://dl[.]aigoingtokill[.]club/ctrl/file/lminer[.]exe hxxp://pyats[.]top/3nFTk7/zzh hxxp://45[.]83[.]122[.]25/3nFTk7/zzh hxxp://83[.]217[.]209[.]163/msh/drop2[.]exe hxxp://pyats[.]top/3nFTk7/init[.]sh hxxp://45[.]83[.]122[.]25/3nFTk7/init[.]sh hxxp://83[.]217[.]209[.]163/angel/drop2[.]exe hxxp://89[.]169[.]13[.]138/buildmanu[.]exe hxxp://83[.]217[.]209[.]163/zbuild21/drop2[.]exe	Coinminer
URL	hxxp://31[.]41[.]244[.]10/files/martin/random[.]exe hxxp://31[.]41[.]244[.]9/files/martin/random[.]exe	CryptBot
URL	hxxp://31[.]41[.]244[.]10/files/unique2/random[.]exe hxxp://31[.]41[.]244[.]9/files/unique2/random[.]exe hxxp://92[.]63[.]197[.]221/dl?name=usone	GCleaner
URL	hxxp://87[.]120[.]115[.]240/Downloads/p-y-p-perifoneo-1[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/whatsapp-video-2021-04-22-at-13[.]00[.]22[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/ted_final-cut-1[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/shallipopi_-_free_service[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/07-rema-ozeba-bazemack[.]com_[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/outsyd_dj_ft_famous_pluto_outsyd_eddie_tega_boi_dc_-_feel_d_mood[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/bella_shmurda_-_shalaye[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/orbital233[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/www[.]pharmaself24[.]it_-1[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/private_keys[.]txt[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/angled-window-template-instructions-watermark_small[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/p-y-p[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/Comingtotown[.]txt[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/ttsmaker-file-2024-11-22-1-24-42[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/promotional-video-final-1[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/morbid-thoughts[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/www[.]pharmaself24[.]it-1[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/Comingtotown[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/lavagem-e-impermeabiliza25252525252525252525252525c325252525252525252525252525a725252525252525252525252525c325252525252525252525252525a3o-em-estofados[.]mp4[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/davido_ft_yg_marley_-_awuke[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/kizz_daniel_ft_adekunle_gold_-_pano_tona[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/eminem[.]mp3[.]lnk hxxp://87[.]120[.]115[.]240/Downloads/passwords[.]txt[.]lnk	QakBot
URL	hxxps://myoptimalbest[.]com/work/download[.]php hxxps://sexologoconsulta[.]com/work/download[.]php hxxps://explodingfishamerica[.]com/work/download[.]php hxxps://almondtreehill[.]com/work/download[.]php hxxps://augustinianabbey[.]com/work/download[.]php hxxps://bellevillepaddlingclub[.]com/work/download[.]php hxxps://cliniquemedicalerichelieu[.]com/work/download[.]php hxxps://coursecomrade[.]com/work/download[.]php hxxps://digitaj[.]com/work/download[.]php hxxps://kevinleeart[.]com/work/download[.]php hxxps://kortojura[.]com/work/download[.]php hxxps://royallinefrenchies[.]com/work/download[.]php hxxps://synergeahealthcentre[.]com/work/download[.]php hxxps://clickgotheshears[.]com/work/download[.]php hxxps://kitbennett[.]com/work/original[.]js hxxps://eventpiggy[.]com/work/download[.]php hxxps://kitbennett[.]com/work/index[.]php hxxps://kitbennett[.]com/work/download[.]php hxxps://kitbennett[.]com/work/yyy[.]zip hxxps://mybellycast[.]com/work/original[.]js hxxps://mybellycast[.]com/work/download[.]php hxxps://mybellycast[.]com/work/index[.]php hxxps://mybellycast[.]com/work/yyy[.]zip hxxps://lieutenant-beaudry[.]com/work/original[.]js hxxps://lieutenant-beaudry[.]com/work/download[.]php hxxps://lieutenant-beaudry[.]com/work/yyy[.]zip hxxps://lieutenant-beaudry[.]com/work/index[.]php hxxps://uasdivision[.]com/work/download[.]php hxxps://lesoiseauxivres[.]com/work/download[.]php hxxps://windsorcancerresearch[.]ca/work/yyy[.]zip hxxps://windsorcancerresearch[.]ca/work/download[.]php hxxps://windsorcancerresearch[.]ca/work/index[.]php hxxps://windsorcancerresearch[.]ca/work/original[.]js hxxps://lesoiseauxivres[.]com/work/yyy[.]zip hxxps://lesoiseauxivres[.]com/work/original[.]js hxxps://lesoiseauxivres[.]com/work/index[.]php hxxps://eventpiggy[.]com/work/index[.]php hxxps://eventpiggy[.]com/work/original[.]js hxxps://eventpiggy[.]com/work/yyy[.]zip hxxps://clickgotheshears[.]com/work/index[.]php hxxps://clickgotheshears[.]com/work/original[.]js hxxps://clickgotheshears[.]com/work/yyy[.]zip hxxps://synergeahealthcentre[.]com/work/index[.]php hxxps://synergeahealthcentre[.]com/work/original[.]js hxxps://synergeahealthcentre[.]com/work/yyy[.]zip hxxps://royallinefrenchies[.]com/work/index[.]php hxxps://royallinefrenchies[.]com/work/original[.]js hxxps://royallinefrenchies[.]com/work/yyy[.]zip hxxps://kortojura[.]com/work/index[.]php hxxps://kortojura[.]com/work/original[.]js hxxps://kortojura[.]com/work/yyy[.]zip hxxps://kevinleeart[.]com/work/index[.]php hxxps://kevinleeart[.]com/work/original[.]js hxxps://kevinleeart[.]com/work/yyy[.]zip hxxps://digitaj[.]com/work/original[.]js hxxps://digitaj[.]com/work/index[.]php hxxps://digitaj[.]com/work/yyy[.]zip hxxps://coursecomrade[.]com/work/index[.]php hxxps://coursecomrade[.]com/work/original[.]js hxxps://coursecomrade[.]com/work/yyy[.]zip hxxps://cliniquemedicalerichelieu[.]com/work/index[.]php hxxps://cliniquemedicalerichelieu[.]com/work/original[.]js hxxps://cliniquemedicalerichelieu[.]com/work/yyy[.]zip hxxps://bellevillepaddlingclub[.]com/work/index[.]php hxxps://bellevillepaddlingclub[.]com/work/original[.]js hxxps://bellevillepaddlingclub[.]com/work/yyy[.]zip hxxps://augustinianabbey[.]com/work/index[.]php hxxps://augustinianabbey[.]com/work/original[.]js hxxps://augustinianabbey[.]com/work/yyy[.]zip hxxps://almondtreehill[.]com/work/index[.]php hxxps://almondtreehill[.]com/work/original[.]js hxxps://explodingfishamerica[.]com/work/index[.]php hxxps://explodingfishamerica[.]com/work/original[.]js hxxps://uasdivision[.]com/work/yyy[.]zip hxxps://uasdivision[.]com/work/index[.]php hxxps://uasdivision[.]com/work/original[.]js hxxps://wanconyan[.]co/work/download[.]php hxxps://almondtreehill[.]com/work/yyy[.]zip hxxps://explodingfishamerica[.]com/work/yyy[.]zip hxxps://sexologoconsulta[.]com/work/index[.]php hxxps://sexologoconsulta[.]com/work/original[.]js hxxps://sexologoconsulta[.]com/work/yyy[.]zip hxxps://myoptimalbest[.]com/work/index[.]php hxxps://myoptimalbest[.]com/work/original[.]js hxxps://myoptimalbest[.]com/work/yyy[.]zip hxxps://chewels[.]com/s5985j[.]js hxxps://dcaa[.]info/work/original[.]js hxxps://dcaa[.]info/work/index[.]php hxxps://dcaa[.]info/work/download[.]php hxxps://dcaa[.]info/work/yyy[.]zip hxxps://casibom[.]cyou/work/yyy[.]zip hxxps://casibom[.]cyou/work/download[.]php hxxps://casibom[.]cyou/work/index[.]php hxxps://casibom[.]cyou/work/original[.]js hxxps://czzz[.]com/ax331[.]js hxxps://tasteofgoodness[.]info/work/yyy[.]zip hxxps://tasteofgoodness[.]info/work/download[.]php hxxps://tasteofgoodness[.]info/work/original[.]js hxxps://tasteofgoodness[.]info/work/index[.]php hxxps://incomingacc[.]com/work/download[.]php hxxps://coeshor[.]com/hcysi1982[.]js hxxps://incomingacc[.]com/work/original[.]js hxxps://incomingacc[.]com/work/index[.]php hxxps://incomingacc[.]com/work/yyy[.]zip hxxps://dlsotec[.]com/work/download[.]php hxxps://dlsotec[.]com/work/original[.]js hxxps://dlsotec[.]com/work/index[.]php hxxps://dlsotec[.]com/work/yyy[.]zip hxxps://best-net[.]biz/work/download[.]php hxxps://nooo[.]law[.]kimsavagelaw[.]com/merchantServices hxxps://ims[.]law[.]kimsavagelaw[.]com/merchantServices hxxps://ggsp[.]law[.]kimsavagelaw[.]com/merchantServices hxxps://coeshor[.]com/js[.]php hxxps://iognews[.]com/hpms1989[.]js hxxps://iognews[.]com/hw47531[.]js hxxps://gardenworksproject[.]org/wp-admin/maint/QRlqoMji[.]txt hxxps://iognews[.]com/js[.]php	FAKEUPDATES
URL	hxxps://paste[.]ee/r/PeRoX/0 hxxps://paste[.]ee/d/8Mvet hxxps://paste[.]ee/d/AP9Jj/0 hxxps://grupodulcemar[.]pe/FACTURA-0987678[.]exe hxxp://87[.]106[.]161[.]219/654/hrd/weneedtocreatebesthingswithgreatunderstandhowpowerfulthigns__________weneedbetterunderstandtogetmebackwithme________verynicethingsarearoundonmewithgreatthings[.]doc hxxps://haramb[.]net/KillingInstructional[.]exe hxxps://www[.]grupodulcemar[.]pe/INVOICE-9876[.]exe hxxps://inspirecollege[.]co[.]uk/wp-admin/docx[.]bat hxxp://grupodulcemar[.]pe/factura[.]exe hxxp://www[.]grupodulcemar[.]pe/FACTURA-0987678[.]exe hxxp://www[.]grupodulcemar[.]pe/PO076567890000[.]exe hxxp://www[.]grupodulcemar[.]pe/factura[.]exe	Remcos
URL	hxxps://www[.]stipamana[.]com/docdryhsfghdfghdfhgd/tsgthsgzsdfdfhgdythgrsdtgdsr/xsdghdfykgfuktgfjufrkujghdnjyrtder/buildds[.]doc hxxps://www[.]stipamana[.]com/sedtryerytsrtyuerthreytwsytysrerter/zgdargaregwaerwgsergtseggs/dfghsgthwstrsrthtghtgh/brtyhdrh[.]exe hxxps://stipamana[.]com/zAfhgdghdgsdherfthgdfghdfghdfgdghd/asgsdsdhsfhydjfhgmjgfmjfxfsdghdsfgndf/ufgujfgyhjdtrsdrsryetgrsdgdtgdsghdfg/ergdthyfyhnxfhgdfgthdftgsdjydfy/acfgshxdf[.]exe hxxp://stipamana[.]com/docdryhsfghdfghdfhgd/tsgthsgzsdfdfhgdythgrsdtgdsr/xsdghdfykgfuktgfjufrkujghdnjyrtder/buildds[.]doc	XenoRAT
URL	hxxp://212[.]34[.]130[.]199/nov03/coststatisticpro[.]zip	DarkTortilla
URL	hxxp://31[.]41[.]244[.]11/good/trak[.]exe hxxp://31[.]41[.]244[.]9/good/trak[.]exe hxxp://31[.]41[.]244[.]10/good/trak[.]exe hxxp://31[.]41[.]244[.]12/good/trak[.]exe hxxp://grupodulcemar[.]pe/INVOICE09000[.]bat hxxp://l3monrat[.]com/build[.]exe hxxp://83[.]217[.]209[.]163/msh/drop1[.]exe hxxp://83[.]217[.]209[.]163/angel/build[.]exe hxxp://www[.]grupodulcemar[.]pe/FACT0987789000900[.]exe	RedLine Stealer
URL	hxxp://212[.]34[.]130[.]199/nov01/datapublishingpro[.]zip hxxp://166[.]88[.]54[.]35/nov03/deepenvironmentpro[.]zip hxxps://107[.]172[.]44[.]175/244/SW/bestimylover[.]hta hxxp://172[.]245[.]123[.]29/770/we/seemybestdayguvenu[.]hta hxxps://172[.]245[.]123[.]29/770/we/seemybestdayguvenu[.]hta hxxps://103[.]237[.]86[.]5/xampp/uh/nicenamewithgoodheartwithentiretimegivenbemebest_________thrnothinghavewhichfeelgreatwithgoodnewsforever________sheissupposetogivethemgreatthigns[.]doc hxxp://103[.]237[.]86[.]5/xampp/nc/creamynaturealbingivebestsweetoutputofentiretimewhichfeelhotcakewithnicetricking___________theyniceforentirethings____________verynicesweetkissesgivenbymegood[.]doc hxxp://107[.]175[.]113[.]196/xampp/dh/seemejkiss[.]hta hxxp://107[.]175[.]113[.]196/400/win[.]exe	Formbook
URL	hxxp://cyberyoda[.]icu/lem[.]exe	Vidar
URL	hxxps://venom[.]likes[.]cash/r/ntoskrnl[.]exe hxxp://31[.]41[.]244[.]11/files/7299809293/gDJ389J[.]exe hxxp://31[.]41[.]244[.]11/files/7299809293/kelyBT9[.]exe	Quasar RAT
URL	hxxp://89[.]197[.]154[.]116/Transfer-http[.]zip hxxp://89[.]197[.]154[.]116/Transfer-http[.]vbs hxxp://89[.]197[.]154[.]116:7810/eHF-4tVTnNnq3-vejdLJogPiK3ZJIfBMUU62cmVlE9wjtuWSickS7QKt5X9Hh9rbWOGSx3mSkw2thVfP2JbI7rn_FcQhaZ3C hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_https_32[.]exe	Metasploit
URL	hxxp://166[.]88[.]54[.]35/nov02/fieldanalystspro[.]zip	NetSupportManager RAT
URL	hxxps://api[.]telegram[.]org/bot7924749806:AAG-WJhqQVHwMR7UVUYahs5tVC-3tNXnruE/sendMessage?chat_id=7009913093 hxxps://cia[.]tf/645b21c9a9f4b1d500e490ea0186cef5[.]exe hxxp://grupodulcemar[.]pe/PHJG9876789000[.]exe hxxp://www[.]grupodulcemar[.]pe/FACTURA-09876RT567800[.]exe	Snake Keylogger
URL	hxxps://paste[.]ee/d/FbuFz/0 hxxps://paste[.]ee/d/mrGyu/0 hxxp://163[.]123[.]142[.]193/PURCHASE%20ORDER%20006-2024%20GIA-AV%20Rev%201_pdf[.]exe	CloudEyE
URL	hxxps://paste[.]ee/d/DEoKu/0 hxxps://paste[.]ee/d/4XQuV/0 hxxps://paste[.]ee/d/3jfzQ/0 hxxps://paste[.]ee/d/13Pvy/0 hxxps://paste[.]ee/d/qvWBO/0 hxxps://paste[.]ee/d/ubQx3/0 hxxp://194[.]87[.]145[.]71/222[.]exe hxxp://31[.]41[.]244[.]11/files/7299809293/qk4EiZw[.]exe hxxp://103[.]20[.]102[.]62/DC09[.]bat hxxp://31[.]41[.]244[.]11/files/6554834407/ZdGtikR[.]exe hxxp://31[.]41[.]244[.]11/files/6554834407/B3vKvPi[.]exe hxxp://l3monrat[.]com/spoolsv[.]exe	AsyncRAT
URL	hxxp://124[.]217[.]246[.]246/Power-Credit/Download[.]aspx?file=FastCredit[.]apk	SMSspy
URL	hxxp://socotab[.]net/72078b0_9t851c[.]exe hxxp://95[.]163[.]152[.]69/chelentano[.]exe hxxps://valorantskinschanger[.]com/nancybee[.]exe hxxps://fitgirl-repackes[.]me/apilibx64[.]exe hxxp://91[.]214[.]78[.]71/responsibilityleadpro[.]exe hxxp://31[.]41[.]244[.]11/files/6946140361/Ed7zZr4[.]exe hxxp://89[.]23[.]100[.]74/resp[.]exe	Meduza Stealer
URL	hxxp://31[.]41[.]244[.]11/files/6453571829/1LbGasx[.]exe	PureLogs Stealer
URL	hxxp://87[.]120[.]115[.]168/586 hxxp://87[.]120[.]115[.]168/co hxxp://87[.]120[.]115[.]168/dss hxxp://185[.]91[.]127[.]27/roze[.]mipsel hxxp://185[.]91[.]127[.]27/roze[.]i586 hxxp://185[.]91[.]127[.]27/roze[.]i686 hxxp://87[.]120[.]115[.]168/m68k hxxp://185[.]91[.]127[.]27/roze[.]sh4 hxxp://87[.]120[.]115[.]168/sh4 hxxp://185[.]91[.]127[.]27/roze[.]ppc hxxp://87[.]120[.]115[.]168/mipsel hxxp://185[.]91[.]127[.]27/roze[.]mips hxxp://185[.]91[.]127[.]27/roze[.]armv5 hxxp://185[.]91[.]127[.]27/roze[.]m68k hxxp://185[.]91[.]127[.]27/roze[.]x86 hxxp://87[.]120[.]115[.]168/ppc hxxp://87[.]120[.]115[.]168/dc hxxp://87[.]120[.]115[.]168/arm61 hxxp://87[.]120[.]115[.]168/sex[.]sh hxxp://87[.]120[.]115[.]168/mips hxxp://185[.]91[.]127[.]27/roze[.]armv4 hxxp://185[.]91[.]127[.]27/roze[.]armv6 hxxp://185[.]91[.]127[.]27/roze[.]sparc hxxp://93[.]123[.]85[.]191/Sakura[.]sh hxxp://93[.]123[.]85[.]191/a-r[.]m-6[.]Sakura hxxp://93[.]123[.]85[.]191/a-r[.]m-4[.]Sakura hxxp://93[.]123[.]85[.]191/s-h[.]4-[.]Sakura hxxp://93[.]123[.]85[.]191/a-r[.]m-7[.]Sakura hxxp://93[.]123[.]85[.]191/x-8[.]6-[.]Sakura hxxp://93[.]123[.]85[.]191/m-i[.]p-s[.]Sakura hxxp://93[.]123[.]85[.]191/x-3[.]2-[.]Sakura hxxp://93[.]123[.]85[.]191/i-5[.]8-6[.]Sakura hxxp://93[.]123[.]85[.]191/m-p[.]s-l[.]Sakura hxxp://93[.]123[.]85[.]191/p-p[.]c-[.]Sakura hxxp://93[.]123[.]85[.]191/a-r[.]m-5[.]Sakura hxxp://93[.]123[.]85[.]191/m-6[.]8-k[.]Sakura hxxp://87[.]120[.]112[.]101/weedcron hxxp://87[.]120[.]112[.]101/weedopenssh hxxp://87[.]120[.]112[.]101/weedshit hxxp://87[.]120[.]112[.]101/weedsh hxxp://87[.]120[.]112[.]101/weedsshd hxxp://93[.]123[.]85[.]60/logsbins[.]sh hxxp://87[.]120[.]112[.]101/weedapache2 hxxp://87[.]120[.]112[.]101/weedbash hxxp://87[.]120[.]112[.]101/weedntpd hxxp://87[.]120[.]112[.]101/weedtftp hxxp://45[.]125[.]66[.]23/jklsh4 hxxp://s1[.]bulletproof[.]my/sh4 hxxp://s1[.]bulletproof[.]my/zersh4 hxxp://45[.]125[.]66[.]23/nabsh4 hxxp://s1[.]bulletproof[.]my/splsh4 hxxp://s1[.]bulletproof[.]my/nabsh4 hxxp://45[.]125[.]66[.]23/nklsh4 hxxp://s1[.]bulletproof[.]my/jklsh4 hxxp://45[.]125[.]66[.]23/sh4 hxxp://45[.]125[.]66[.]23/zersh4 hxxp://s1[.]bulletproof[.]my/nklsh4 hxxp://45[.]125[.]66[.]23/splsh4	Bashlite
URL	hxxps://pastebin[.]com/raw/qYqj8YJr hxxps://pastebin[.]com/raw/bza26rSa	POWERSTATS
URL	hxxps://pastebin[.]com/raw/YEbcCfzC	PerlBot
URL	hxxps://melladown[.]click/mellat[.]apk	IRATA
URL	hxxp://195[.]133[.]11[.]40/?h=195[.]133[.]11[.]40&p=80&t=tcp&a=l64&stage=true hxxp://165[.]232[.]176[.]151/file[.]elf	ConnectBack
URL	hxxp://121[.]62[.]21[.]150:6854/l64	BillGates
URL	hxxp://20[.]151[.]75[.]185/Invoice[.]exe hxxps://jobcity[.]com/img/RM0XpX/ hxxps://exilum[.]com/homegrownorlando[.]com/closed-section/additional-area/740331365-R4cXbyqTk/ hxxps://www[.]reifenquick[.]de/Scripts/statement/ul397wfyb/ hxxps://reifenquick[.]de/Scripts/hl8-8w4cs-6325/ hxxps://www[.]reifenquick[.]de/Scripts/closed_957176_mxqSdoJ6a4IZ/close_warehouse/ql55hnq09iyn6lm_334stxvw03wyv/ hxxp://hunter[.]freshworx[.]com/et8_webservice/mail/attach/61EB0719-3A26-D60D-7630-B0A2084EEB02/684538_Rechnung_74700680333[.]doc	Emotet
URL	hxxps://codeload[.]github[.]com/54N4L/mimikatzWindows/zip/refs/heads/master	MimiKatz
URL	hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_tcp[.]exe hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_tcp_32[.]exe hxxp://2ig[.]cs[.]alab01[.]de/payloads/win/m_rev_https[.]exe hxxp://2ig[.]cs[.]alab01[.]de/payloads/v/m_x64_rev_tcp_unstaged_80[.]exe hxxp://2ig[.]cs[.]alab01[.]de/payloads/v/m_x64_rev_tcp_80[.]exe hxxps://2ig[.]cs[.]alab01[.]de/payloads/v/m_x64_rev_tcp_80[.]exe	Meterpreter
URL	hxxps://176[.]113[.]115[.]163/instrumental/list[.]exe hxxp://176[.]113[.]115[.]163/factory/steel[.]exe hxxp://176[.]113[.]115[.]163/instrumental/basx[.]exe hxxps://176[.]113[.]115[.]163/factory/steel[.]exe	Socks5 Systemz
URL	hxxp://dddotx[.]shop/Bish2[.]exe hxxp://dddotx[.]shop/DLLL[.]dll hxxp://grupodulcemar[.]pe/FACTURA09876567000[.]bat hxxp://66[.]63[.]187[.]231/35/tu-35[.]exe hxxp://www[.]stipamana[.]com/dftjedrshyyj/Panel/five/fre[.]php hxxps://www[.]stipamana[.]com/dftjedrshyyj/Panel/five/fre[.]php	LokiBot
URL	hxxps://889mmm[.]com/kusaka[.]php?call=ib hxxps://omzmao[.]com/kusaka[.]php?call=ib hxxps://k8vn138[.]com/kusaka[.]php?call=ib hxxps://nyc-mag[.]com/kusaka[.]php?call=ib hxxp://141[.]98[.]9[.]201/joinsystem	AMOS
URL	hxxp://109[.]230[.]200[.]236/T1Client[.]exe hxxp://109[.]230[.]200[.]236/t1server[.]exe hxxp://otkazaza[.]ru/lineSecureLowProcessBigloadwindowsuniversalDatalifeDlepublic[.]php hxxp://185[.]246[.]67[.]73/Uploads/server9/universalUploads/Trafficcentraldatalife/phplow3/trackMultiupdatePacket/Javascript3lowpython/db/ProtonBigloadApiline/5flowertrackJs/VoiddbProtect/1Temptraffic/TrackDatalife0/auth/JsToProton/uploads6centralLinux/Providerto_packetLowServerbaseDownloads[.]php hxxp://premove[.]ru/ExternalupdateProcessorlongpollBigloadSqllinuxpublic[.]php hxxp://31[.]41[.]244[.]11/files/7658082748/wTMEVe8[.]exe hxxp://77[.]73[.]39[.]158/4TempjsApi/dleLocalrequestAsync/Line/5pythonDefaultasync/windowsTestPipe/Mariadb/7/ProviderpipehttplowAuthBigloaddleLocalcdndownloads[.]php hxxp://193[.]32[.]162[.]64/Linelow[.]php hxxp://91[.]227[.]41[.]9/imagePipepolldletemp[.]php	DCRat
URL	hxxp://103[.]230[.]121[.]243:22533/build[.]s[.]apk hxxp://51[.]20[.]2[.]165:3000/build[.]s[.]apk hxxp://198[.]199[.]74[.]62:22533/build[.]s[.]apk hxxp://64[.]227[.]131[.]111/build[.]s[.]apk hxxp://139[.]59[.]55[.]116/build[.]s[.]apk	AhMyth
URL	hxxps://www[.]supermercadoesmeralda[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]smilecaredental[.]net/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]gestorea[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]steffe[.]nu/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]vandkcleaning[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]thomasrodenberg[.]dk/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]safalupacharkendra[.]com[.]np/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]wearerescue[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]kaisermagazine[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://zolatourism[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://abandonedporn[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://mundodosbrinquedos[.]app[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://dahalayush[.]com[.]np/wp-content/plugins/wats/openfl[.]php?id= hxxps://vegadent[.]es/wp-content/plugins/wats/openfl[.]php?id= hxxps://demo[.]pagodalabs[.]com[.]np/sandro/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]empowerimmigrants[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://freebusinessappraisals[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://halifaxblackfilm[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://idiinhu[.]or[.]id/wp-content/plugins/wats/openfl[.]php?id= hxxps://sedotwcsemarangtermurah[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://plasticstrapthailand[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://realty[.]scrybedigital[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://bravo1solucoespatrimoniais[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://vestidodefiesta[.]org/wp-content/plugins/wats/openfl[.]php?id= hxxps://moneyinfo[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://esign[.]bvccsolutions[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://kmhdijogjaistimewa[.]org/wp-content/plugins/wats/openfl[.]php?id= hxxps://netwerkgoedvolk[.]nl/wp-content/plugins/wats/openfl[.]php?id= hxxps://pedroaugustops[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://demo[.]pagodalabs[.]com[.]np/subaru/wp-content/plugins/wats/openfl[.]php?id= hxxps://kantorberitaburuh[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://halonikah[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://britishpropolisteam[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://demo[.]pagodalabs[.]com[.]np/himalayan-distillery/hdl-new/wp-content/plugins/wats/openfl[.]php?id= hxxps://promo[.]generos[.]store/wp-content/plugins/wats/openfl[.]php?id= hxxps://infinia[.]ae/wp-content/plugins/wats/openfl[.]php?id= hxxps://ibhayi-electronics[.]co[.]za/wp-content/plugins/wats/openfl[.]php?id= hxxps://kaoisencoes[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]campergoals[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://pbimh[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://luxiahomes[.]com[.]au/wp-content/plugins/wats/openfl[.]php?id= hxxps://aquiseconstruyealgo[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://reicars[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://suaraselebes[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://polarcusinternational[.]com/careers/wp-content/plugins/wats/openfl[.]php?id= hxxps://demo[.]pagodalabs[.]com[.]np/nibl/wp-content/plugins/wats/openfl[.]php?id= hxxps://ctciwiring[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://kwesipharma[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://mabestqualityconstruction[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://mundodosmetodos[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://katealisonschoolng[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://njcu[.]info/eco/wp-content/plugins/wats/openfl[.]php?id= hxxps://w3lab[.]w3lab[.]cloud/wp-content/plugins/wats/openfl[.]php?id= hxxps://etrans[.]id/wp-content/plugins/wats/openfl[.]php?id= hxxps://maniautomobiles[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]casacrescer[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://proctoxl[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://lp[.]engemarinha[.]com[.]br/wp-content/plugins/wats/openfl[.]php?id= hxxps://promend[.]nl/wp-content/plugins/wats/openfl[.]php?id= hxxps://ottawablackfilm[.]com/wp-content/plugins/wats/openfl[.]php?id= hxxps://mockup[.]worldhalalfood[.]com/metrorocket/wp-content/plugins/wats/openfl[.]php?id= hxxp://bingowow[.]nl/wp-content/plugins/wats/openfl[.]php?id= hxxps://www[.]blancblanc[.]com/cms/wp-content/plugins/wats/openfl[.]php?id= hxxps://assodomtogo[.]org/wp-content/plugins/wats/openfl[.]php?id=	Matanbuchus
URL	hxxp://94[.]156[.]177[.]33/Lv2D7fGdopb/Login[.]php hxxp://connect[.]resourcecloud[.]shop/pLQvfD4d5/Login[.]php hxxp://185[.]208[.]158[.]96/mzmtrpwoe113eelxn/Login[.]php hxxp://185[.]215[.]113[.]43/Zu7JuNko/Login[.]php hxxp://62[.]60[.]226[.]15/8fj482jd9/Login[.]php hxxp://147[.]45[.]47[.]35/bDjkb2xSd/Login[.]php hxxp://154[.]216[.]20[.]42/h9k4kfklCdszZ3/Login[.]php hxxp://185[.]172[.]128[.]99/u6vhSc3PPq/Login[.]php hxxp://185[.]172[.]128[.]100/u6vhSc3PPq/Login[.]php hxxp://89[.]23[.]103[.]42/hb9IvshS01/Login[.]php hxxp://77[.]91[.]77[.]140/g9bkfkWf/Login[.]php hxxp://94[.]156[.]68[.]141/h9fmdW5/Login[.]php hxxp://89[.]23[.]103[.]42/hb9IvshS02/Login[.]php hxxp://94[.]156[.]8[.]147/Mze23dSPbF4/Login[.]php hxxp://94[.]232[.]249[.]157/hb9IvshS03/Login[.]php hxxp://checkthebestofferyoucanget[.]com/h9fmdW5/Login[.]php hxxp://expertbigworldupdate[.]com/h9fmdW5/Login[.]php hxxp://findthebestopportunityforyou[.]com/8BvxwQdec3/Login[.]php? hxxp://innovupdates3[.]com/h9fmdW6/Login[.]php hxxp://simple-updatereport[.]com/h9fmdW5/Login[.]php hxxp://simple-updatereport2[.]com/h9fmdW5/Login[.]php hxxps://simple-updatereport2[.]com/h9fmdW5/Login[.]php hxxp://www[.]brasseriehub2[.]com/h9fmdW5/Login[.]php hxxp://185[.]172[.]128[.]116/Mb3GvQs8/Login[.]php hxxp://147[.]45[.]47[.]155/ku4Nor9/Login[.]php hxxp://185[.]196[.]8[.]126/h9fmdW7/Login[.]php hxxp://185[.]215[.]113[.]16/Jo89Ku7d/Login[.]php hxxp://185[.]215[.]113[.]19/CoreOPT/Login[.]php hxxp://185[.]215[.]113[.]26/Dem7kTu/Login[.]php hxxp://45[.]202[.]35[.]101/pLQvfD4d/Login[.]php hxxp://45[.]80[.]158[.]31/g9bkfkWf/Login[.]php hxxp://5[.]42[.]64[.]44/BlsSwk93eX/Login[.]php hxxp://66[.]78[.]40[.]146[.]kyun[.]network/8BvxwQdec3/Login[.]php hxxp://77[.]91[.]77[.]81/Kiru9gu/Login[.]php hxxp://77[.]91[.]77[.]82/Hun4Ko/Login[.]php hxxp://79[.]137[.]192[.]15/n9djvSc3x/Login[.]php hxxp://91[.]92[.]242[.]139/Pneh2sXQk0/Login[.]php hxxp://someniceglasseswithdiscount[.]com/8BvxwQdec3/Login[.]php hxxp://www[.]ruspyc[.]top/j4Fvskd3/Login[.]php hxxp://31[.]41[.]244[.]11/files/8049824649/qtmPs7h[.]exe	Amadey
URL	hxxp://182[.]119[.]228[.]231:58644/Mozi[.]m hxxp://102[.]33[.]104[.]192:37402/Mozi[.]m hxxp://115[.]48[.]149[.]196:36024/Mozi[.]m	Mozi
URL	hxxp://guanggaoban[.]net/ready[.]apk hxxp://random[.]tggame[.]xyz/TenMotives_base[.]apk hxxp://guanggaoban[.]net/baidu[.]apk hxxp://random[.]tggame[.]xyz/ready[.]apk hxxp://random[.]tggame[.]xyz/Ucbridge_base[.]apk hxxp://zhibodaohang[.]cc/Ucbridge_base[.]apk hxxp://random[.]tggame[.]xyz/baidu[.]apk hxxp://zhibodaohang[.]cc/TenMotives_base[.]apk hxxp://guanggaoban[.]net/Ucbridge_base[.]apk hxxp://zhibodaohang[.]cc/baidu[.]apk hxxp://zhibodaohang[.]cc/ready[.]apk hxxp://guanggaoban[.]net/TenMotives_base[.]apk	SpyNote
URL	hxxps://quanlyphongnet[.]com/net/run[.]exe hxxp://31[.]41[.]244[.]11/files/5878897896/sS6lYim[.]exe	Babadeda
URL	hxxps://661544537453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/ hxxps://5564237453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/ hxxps://8774437453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/ hxxps://7894437453981d0595033c23[.]xyz/N2IzYzFlOTM3MWU3/ hxxps://934437453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://6255553981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://62333981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://8237453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://3637453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://34437453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://332137453981d0595033c23[.]com/N2IzYzFlOTM3MWU3/ hxxps://4453981d0595033c23[.]com/MjNkNTlkYzBhZjNk/ hxxps://zzd768db37e5e2f5a7fbc0fe1fee5b311[.]com/YzhkZjQwNDRkN2Uy/ hxxps://22d768db37e5e2f5a7fbc0fe1fee5b311[.]com/YzhkZjQwNDRkN2Uy/	Coper
URL	hxxp://6[.]magicalomaha[.]co/forum/viewtopic[.]php hxxp://6[.]magicalomaha[.]com/forum/viewtopic[.]php hxxp://www[.]weallscheme[.]com/wp-content/uploads/2010/07/menu[.]php hxxp://www[.]scoopcelebrity[.]com/mobiledummy/wp-content/plugins/wordpress-seo/admin/linkdex/external[.]php hxxp://www[.]evokingyou[.]com/fashion/wp-content/themes/twentyeleven/inc/external[.]php hxxp://forums[.]lolapps[.]com/includes/cron/response[.]php hxxp://www[.]kitchenaria[.]com/modules/gateway2/Protx/response[.]php	Pony
URL	hxxps://codeload[.]github[.]com/chydn0y/xworm-rat/zip/refs/heads/main	XWorm
URL	hxxps://gomotest[.]premiumprotectiondis[.]org/webpanel/Panel/login[.]php	Gomorrah stealer
URL	hxxps://taco-keys[.]com/licenseUser[.]php hxxps://puta-key[.]com/licenseUser[.]php	Satacom
URL	hxxp://87[.]6[.]220[.]118/xmrig[.]exe	XMRig
URL	hxxp://83[.]217[.]209[.]163/angel/drop3[.]exe hxxp://83[.]217[.]209[.]163/zbuild21/drop3[.]exe	Phemedrone Stealer
URL	hxxp://158[.]101[.]196[.]44/AVEvasion[.]dll hxxp://158[.]101[.]196[.]44/Execute[.]ps1 hxxp://158[.]101[.]196[.]44/random[.]txt	Rozena
URL	hxxp://31[.]41[.]244[.]11/files/6554834407/ntRoEwh[.]exe	StormKitty
URL	hxxp://31[.]41[.]244[.]11/files/7658082748/gdxjQRY[.]exe	PureCrypter

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております