D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様13社: 2025/02/03
※2025/02/03 更新
マルウェア感染させると考えられるURLを検知（2025/02/03）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://weixe[.]ir/txt/RW1EbLWSWWfWZzX[.]exe
hxxp://touxzw[.]ir/sccc/five/PvqDq929BSx_A_D_M1n_a[.]php
LokiBot


URL
hxxps://89[.]197[.]154[.]116/Excel-https[.]exe
hxxp://156[.]253[.]250[.]62/uploads/1[.]vbs
hxxp://148[.]135[.]23[.]194:8899/02[.]08[.]2022[.]exe
hxxp://101[.]43[.]166[.]60:5555/02[.]08[.]2022[.]exe
hxxp://60[.]19[.]13[.]188:8980/02[.]08[.]2022[.]exe
hxxp://111[.]173[.]104[.]246/02[.]08[.]2022[.]exe
hxxp://45[.]192[.]96[.]63:6005/02[.]08[.]2022[.]exe
hxxp://45[.]192[.]96[.]63:6003/02[.]08[.]2022[.]exe
hxxp://123[.]136[.]93[.]211:8036/02[.]08[.]2022[.]exe
hxxp://117[.]50[.]178[.]197:57982/02[.]08[.]2022[.]exe
Cobalt Strike


URL
hxxp://51[.]21[.]41[.]165:5555/smbhost[.]exe
hxxp://195[.]177[.]95[.]149/sh
hxxp://156[.]253[.]250[.]62/uploads/UmnrNoAnyOpt[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/GeneratedScript[.]ps1
hxxp://195[.]177[.]95[.]149/i686
hxxp://195[.]177[.]95[.]149/arm7
hxxp://195[.]177[.]95[.]149/aarch64
hxxp://195[.]177[.]95[.]149/x86_64
Coinminer


URL
hxxp://51[.]21[.]41[.]165:5555/UIServices[.]exe
hxxps://api[.]telegram[.]org/bot6987227198:AAGW8xEs5eNdfO7EF-8152h-RqJkKbn52BE/sendMessage?chat_id=1075483951
hxxp://156[.]253[.]250[.]62/uploads/pure[.]vbs
hxxp://185[.]7[.]214[.]54/b[.]jpg
hxxp://185[.]215[.]113[.]39/files/sawdu5t/random[.]exe
hxxp://185[.]215[.]113[.]39/files/7193289845/IJWSn6z[.]exe
AsyncRAT


URL
hxxp://87[.]120[.]120[.]56/crypt/chrisx[.]ps1
hxxp://87[.]120[.]120[.]56/crypt/ed[.]ps1
hxxp://87[.]120[.]120[.]56/crypt/foreign[.]ps1
hxxp://87[.]120[.]120[.]56/crypt/ebu[.]ps1
hxxp://87[.]120[.]120[.]56/crypt/em3[.]ps1
hxxp://87[.]120[.]120[.]56/crypt/xx[.]ps1
Formbook


URL
hxxp://62[.]111[.]142[.]118/mimikatz/Win32/mimilib[.]dll
hxxp://62[.]111[.]142[.]118/mimikatz/x64/mimikatz[.]exe
hxxp://62[.]111[.]142[.]118/mimikatz/x64/mimidrv[.]sys
hxxp://62[.]111[.]142[.]118/Pobrane/Invoke-Mimikatz[.]ps1
hxxp://62[.]111[.]142[.]118/Invoke-Mimikatz[.]ps1
MimiKatz


URL
hxxp://88[.]151[.]192[.]50/putty[.]exe
hxxp://2[.]59[.]163[.]172/svc[.]exe
hxxp://2[.]59[.]163[.]172/svc2[.]exe
hxxp://2[.]59[.]163[.]172/ukraine/svc1[.]exe
hxxp://156[.]253[.]250[.]62/uploads/Loader[.]vbs
hxxp://192[.]3[.]26[.]147/340/we/nicegirlsaidsheisverybeautifulgirlentiretimeevergettinggoo[.]hta
hxxp://88[.]151[.]192[.]50/svc[.]exe
SmokeLoader


URL
hxxps://bit1[.]smogturfprance[.]shop/cacaduk[.]captcha
hxxps://solve[.]zyde[.]org/awjsx[.]captcha
hxxps://solve[.]feqy[.]org/awjsx[.]captcha
hxxps://solve[.]wyji[.]org/awjsx[.]captcha
hxxps://solve[.]qabi[.]org/awjsx[.]captcha
hxxps://solve[.]xclb[.]org/awjsx[.]captcha
hxxps://solve[.]wbth[.]org/awjsx[.]captcha
hxxps://solve[.]vjgh[.]org/awjsx[.]captcha
hxxps://solve[.]kxlv[.]org/awjsx[.]captcha
hxxps://solve[.]vsdd[.]org/awjsx[.]captcha
hxxps://solve[.]rlvw[.]org/awjsx[.]captcha
hxxps://solve[.]nrxk[.]org/awjsx[.]captcha
ClearFake


URL
hxxp://62[.]60[.]226[.]64/file/4422_8390[.]exe
hxxp://62[.]60[.]226[.]64/file/1374_2790[.]exe
PrivateLoader


URL
hxxp://62[.]60[.]226[.]64/file/4181_461[.]exe
hxxp://152[.]228[.]229[.]214/54/buh/bh/shegivenmebestthingsentietimetogivenmebesthings______betterthingswithbetterwaygetbackwithgreatforme__________bestthingsbetterthingstniertieme[.]doc
hxxp://152[.]228[.]229[.]214/301/creamissingfaloververynicewithentireitimegtogetmelsee[.]gIF
hxxp://172[.]245[.]119[.]74/xampp/rrx/wemeetagainforbestthingstodo[.]hta
hxxp://217[.]160[.]163[.]113/550/sman/wegivenbestthngsforbestgirlfriendwhobestforentiretime[.]hta
hxxp://107[.]172[.]148[.]212/xampp/kkn/nsoo/nomralwaygivenmebestthingswithentireilifegoses[.]hta
hxxp://104[.]168[.]7[.]72/120/scess/seethebestthingstobesuccessfullygetbackwithentiretime[.]hta
hxxp://107[.]172[.]148[.]212/xampp/kkn/nsoo/givemebestoutputwithfreemindgoodforentiregood[.]hta
hxxp://172[.]245[.]123[.]86/744/shewe/nicegirlgivenmebestthingswithentiretimegoodfor[.]hta
Remcos


URL
hxxp://20[.]210[.]245[.]1/Passwords[.]txt[.]scr
hxxp://20[.]210[.]245[.]1/Document_838929[.]txt[.]scr
hxxp://20[.]210[.]245[.]1/Me[.]jpg[.]scr
hxxp://20[.]210[.]245[.]1/Porn[.]mp4[.]scr
hxxp://20[.]210[.]245[.]1/Private[.]txt[.]scr
hxxp://20[.]210[.]245[.]1/Document[.]txt[.]scr
Phorpiex


URL
hxxp://62[.]111[.]142[.]118/update[.]exe
hxxp://62[.]111[.]142[.]118/Pobrane/agUiTibN[.]hta
Metasploit


URL
hxxp://156[.]253[.]250[.]62/uploads/sqfire[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/MyNew[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/ALLINBIN[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/kccj_nova[.]vbs
hxxp://107[.]172[.]148[.]212/xampp/nmbk/nm/nmssb[.]hta
MASS Logger


URL
hxxp://156[.]253[.]250[.]62/uploads/tt[.]vbs
hxxp://89[.]23[.]97[.]214/Team/BILLI[.]exe
hxxp://89[.]23[.]97[.]214/TeamBuild/win64_svchost[.]exe
hxxp://156[.]253[.]250[.]62/uploads/5[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/4[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/crypto[.]vbs
hxxp://156[.]253[.]250[.]62/uploads/2026[.]vbs
Quasar RAT


URL
hxxp://jilas[.]net/file/Enquiry-Dubai[.]js
0bj3ctivityStealer


URL
hxxps://portable2016[.]top/work/index[.]php
hxxps://portable2016[.]top/work/upl[.]php
hxxps://cansupeker[.]com/folder[.]zip
hxxps://portable2016[.]top/work/original[.]js
hxxps://ppdpharmaco[.]com/5k5g[.]js
hxxps://ppdpharmaco[.]com/js[.]php
hxxps://tacscc[.]com/5s41[.]js
hxxps://tacscc[.]com/js[.]php
hxxps://gameofthronesmemes[.]top/work/index[.]php
hxxps://gameofthronesmemes[.]top/work/upl[.]php
hxxps://gameofthronesmemes[.]top/work/original[.]js
hxxp://ffjihcnfkhihlmd[.]top/1[.]php
FAKEUPDATES


URL
hxxp://92[.]255[.]57[.]155/yXNwKVfkS28Y/Login[.]php
Amadey


URL
hxxps://dreamcloudsite[.]xyz/MzZkNTliNTU4NDhl/
hxxps://deepsek[.]icu/DeepSeek[.]apk
hxxps://goldenbirdzone[.]xyz/MzZkNTliNTU4NDhl/
Coper


URL
hxxps://sweepyribs[.]lat/api
hxxps://knowninshea[.]shop/api
hxxps://fashiontrends2023[.]biz/api
hxxps://spottyalle[.]biz/api
hxxps://techgasreview[.]biz/api
hxxps://muscleinitai[.]biz/api
hxxp://clammypunero[.]com/api
hxxp://garderjjerop[.]com/api
hxxp://plasticreie[.]com/api
hxxp://shunstriderk[.]net/api
hxxp://skirtgrippys[.]com/api
hxxp://toppyneedus[.]biz/api
hxxp://vividimaginatigon[.]top/api
hxxp://believezioep[.]com/api
hxxp://cabbagepattof[.]net/api
hxxp://89[.]23[.]97[.]214/Team/32cv[.]exe
hxxp://89[.]23[.]97[.]214/Google/Launcher[.]exe
hxxp://89[.]23[.]97[.]214/Advert/alivi[.]exe
hxxp://185[.]215[.]113[.]97/files/SQL_gulong1/random[.]exe
hxxp://185[.]11[.]61[.]10/ScreenSync[.]exe
hxxp://185[.]11[.]61[.]9/InstallSetup[.]exe
hxxp://185[.]215[.]113[.]97/files/notfinancing/random[.]exe
hxxps://vividimaginatigon[.]top/api
hxxps://garderjjerop[.]com/api
hxxps://clammypunero[.]com/api
hxxps://skirtgrippys[.]com/api
hxxps://plasticreie[.]com/api
hxxps://cabbagepattof[.]net/api
hxxps://believezioep[.]com/api
hxxps://shunstriderk[.]net/api
hxxps://innovationhubf[.]top/api
hxxps://warlikedbeliev[.]org/api
hxxps://docshare[.]icu/templates/imagesoftware/1[.]exe
hxxps://docshare[.]icu/templates/imagesoftware/ImageEditorforWP[.]exe
hxxp://195[.]20[.]18[.]146/dftg7d6tg9s6f796gs96afasd
hxxp://45[.]143[.]200[.]244/Documents/ImportantInformation[.]pdf[.]lnk
hxxps://securesways[.]click/api
hxxp://185[.]246[.]189[.]78/Downloads/booking_invoice7223541[.]pdf[.]lnk
hxxps://answerzeypher[.]biz/api
hxxps://wanyajarysu[.]click/api
hxxps://humdrumviosl[.]click/api
hxxps://drinkeracte[.]biz/api
hxxps://aromaticridz[.]biz/api
hxxps://runnedarred[.]com/api
hxxps://subduedkinlkly[.]shop/api
Lumma Stealer


URL
hxxps://api[.]telegram[.]org/bot8018149517:AAGK_JH2rbFUhupxezqUln9lvYu9km5btWY/sendMessage?chat_id=7250529719
hxxp://23[.]94[.]80[.]230/xampp/nub/weseethebestthingsevermadewithbestwithnewthingsgoodforme[.]hta
hxxp://23[.]94[.]80[.]230/235/suwce[.]exe
hxxp://23[.]94[.]80[.]230/xampp/bnk/greatdaystartedwithgreatmagicalthingspostedgood[.]hta
Snake Keylogger


URL
hxxp://154[.]216[.]20[.]246/4bbfd212e4bc2b67[.]php
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/sqlite3[.]dll
hxxp://77[.]105[.]146[.]130/791db24d796b6003/vcruntime140[.]dll
hxxps://185[.]217[.]197[.]202/5e0fc67937c1156b/sqlite3[.]dll
hxxp://185[.]215[.]113[.]115/c4becf79229cb002[.]php
Stealc


URL
hxxp://147[.]45[.]44[.]209/1[.]exe
hxxp://62[.]60[.]226[.]64/public_files/kShkfki[.]txt
hxxp://147[.]45[.]44[.]209/lem[.]exe
hxxp://147[.]45[.]44[.]42/boom/tvhaqk[.]exe
hxxp://147[.]45[.]44[.]42/boom/uykb[.]exe
Vidar


URL
hxxp://mainworkapp[.]com/c
TrickMo


URL
hxxps://certifica-bancamediolanum[.]com/app/Mediolanum2[.]0[.]apk
hxxp://it-mediolanumbanca[.]com/app/Mediolanum2[.]0[.]apk
SpyNote


URL
hxxps://vivaforevew[.]com/test/
hxxps://wersogkiwgow[.]com/test/
Latrodectus


URL
hxxps://api[.]telegram[.]org/bot6305495597:AAF_ew9pYtXGGwSyDG7TEmK1g6BlTM8J_4s/
Agent Tesla


URL
hxxp://185[.]215[.]113[.]16/inc/Lead_dumper[.]exe
hxxp://185[.]215[.]113[.]97/files/SQL_gulong/random[.]exe
RedLine Stealer


URL
hxxp://192[.]10[.]135[.]210:45577/Mozi[.]m
hxxp://69[.]23[.]241[.]65:44835/Mozi[.]m
hxxp://61[.]0[.]223[.]71:32990/Mozi[.]m
hxxp://110[.]183[.]25[.]12:53456/Mozi[.]m
hxxp://223[.]11[.]60[.]184:35597/Mozi[.]m
Mozi


URL
hxxp://193[.]200[.]78[.]26/yakuza[.]sh4
hxxp://193[.]200[.]78[.]26/yakuza[.]x86
hxxp://193[.]200[.]78[.]26/yakuza[.]ppc
hxxp://193[.]200[.]78[.]26/yakuza[.]mips
hxxp://193[.]200[.]78[.]26/bins[.]sh
hxxp://193[.]200[.]78[.]26/yakuza[.]m68k
hxxp://193[.]200[.]78[.]26/yakuza[.]mpsl
hxxp://193[.]200[.]78[.]26/yakuza[.]i586
hxxp://193[.]200[.]78[.]26/yakuza[.]x32
hxxp://193[.]200[.]78[.]26/yakuza[.]arm4
hxxp://193[.]200[.]78[.]26/yakuza[.]arm6
hxxp://5[.]252[.]177[.]239/pXdN91[.]sh4
hxxp://5[.]252[.]177[.]239/pXdN91[.]mipsel
hxxp://5[.]252[.]177[.]239/pXdN91[.]i586
hxxp://5[.]252[.]177[.]239/pXdN91[.]i686
hxxp://5[.]252[.]177[.]239/pXdN91[.]mips
hxxp://5[.]252[.]177[.]239/pXdN91[.]armv4l
hxxp://5[.]252[.]177[.]239/pXdN91[.]sparc
hxxp://5[.]252[.]177[.]239/pXdN91[.]x86
hxxp://5[.]252[.]177[.]239/pXdN91[.]armv5l
hxxp://5[.]252[.]177[.]239/pXdN91[.]powerpc-440fp
hxxp://5[.]252[.]177[.]239/pXdN91[.]m68k
hxxp://5[.]252[.]177[.]239/pXdN91[.]armv7l
hxxp://5[.]252[.]177[.]239/pXdN91[.]armv6l
hxxp://156[.]229[.]232[.]99/rep[.]mpsl
hxxp://5[.]252[.]177[.]239/pXdN91[.]sh
hxxp://156[.]229[.]232[.]99/rep[.]sh4
hxxp://156[.]229[.]232[.]99/rep[.]ppc
hxxp://156[.]229[.]232[.]99/rep[.]mips
hxxp://156[.]229[.]232[.]99/rep[.]m68k
hxxp://156[.]229[.]232[.]99/rep[.]spc
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]sh
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]i686
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]armv4l
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]sparc
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]armv7l
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]armv5l
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]i686
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]sh4
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]mipsel
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]m68k
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]i586
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]mips
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]sh
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]i586
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]mipsel
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]sparc
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]armv5l
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]sh4
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]mips
hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]armv4l
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]m68k
hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]armv6l
hxxp://193[.]17[.]183[.]233/nshsh4
hxxp://193[.]17[.]183[.]233/sh4
Bashlite


URL
hxxp://hlag[.]cc/245_Dkexwtykvxt
DBatLoader


URL
hxxp://156[.]253[.]250[.]62/uploads/XClient[.]vbs
XWorm


URL
hxxp://51[.]21[.]41[.]165:5555/services[.]png
Citadel


URL
hxxp://185[.]14[.]31[.]13/wp-content/includes/siderographic75YDF[.]exe
Koi Loader


URL
hxxps://lnbox[.]info/cool/setup_x64[.]msi
hxxp://31[.]192[.]232[.]108:8080/cool/setup_x64[.]msi
hxxp://31[.]192[.]232[.]108:8080/doc/Document-0191536[.]pdf[.]lnk
hxxp://31[.]192[.]232[.]108:8080/cool/setup[.]msi
hxxp://hq-office[.]us/fork/setup[.]msi
hxxp://hq-office[.]us:8080/fork/setup[.]msi
hxxp://193[.]233[.]72[.]58:8080/fork/setup[.]msi
hxxp://hq-office[.]us/scan/Scan_copy_1106658[.]lnk
hxxp://hq-office[.]us:8080/scan/Scan_copy_1106658[.]lnk
hxxp://193[.]233[.]72[.]58:8080/scan/Scan_copy_1106658[.]lnk
hxxp://ns1[.]data02[.]info:8080/gate/setup[.]msi
hxxp://data02[.]info:8080/gate/setup[.]msi
hxxp://ns2[.]data02[.]info:8080/gate/setup[.]msi
hxxp://31[.]192[.]232[.]18:8080/gate/setup[.]msi
hxxp://193[.]233[.]72[.]58:8080/fork/setup315[.]msi
hxxp://hq-office[.]us/fork/setup315[.]msi
hxxp://193[.]233[.]72[.]58:8080/scan/Scan_copy_11058103[.]pdf[.]lnk
MetaStealer


URL
hxxp://emarketstats[.]com/front[.]php
Satacom


URL
hxxp://home[.]thrtww13vt[.]top/quzflHxcFiQHARiMlHLt173
CryptBot


URL
hxxp://pseudoironia[.]ru/providervmLinelowDefaultlinuxprivate[.]php
hxxp://babos[.]top/imagecpuupdateprocessBigloadLinuxwplocal[.]php
hxxp://464064cm[.]shnyash[.]ru/PipeUpdatemultiBaselinuxTempCentralDownloads[.]php
hxxp://activequestion[.]ru/externallongpollFlowerWpdlelocalPrivatecentral[.]php
DCRat


URL
hxxp://62[.]60[.]234[.]160:7777/confirmm[.]com/Captcha
hxxp://bookingmanage[.]com/manage/SysToolsv
hxxp://bookingmanage[.]com/manage/bookings
hxxps://woolav[.]shop/jumpingjack[.]mp4
hxxps://requinos[.]shop/matataakuna[.]mp4
hxxps://sumala[.]shop/Pumpkin[.]mp4
hxxp://5[.]253[.]59[.]210:7777/confirma3[.]com/Captcha2
Emmenhtal


URL
hxxps://wiramulia[.]com/contact
hxxps://atlantida[.]team/smp/Appinstaller[.]zip
hxxps://mac-only[.]team/smp/getfile[.]php
AMOS


URL
hxxp://5[.]35[.]95[.]240/idk[.]exe
BlankGrabber


URL
hxxps://pecanclusteredjalapeno[.]shop/Up
hxxps://pecanclusteredjalapeno[.]shop/Up/b
hxxps://u2[.]servicelandingkaraoke[.]shop/cp_sh[.]eml
hxxps://rivalillicitlytransfer[.]shop/Up
hxxps://rivalillicitlytransfer[.]shop/Up/b
hxxps://rivalillicitlytransfer[.]shop/ujs/
ACR Stealer


URL
hxxp://195[.]20[.]18[.]146/d8shf08ghakfh8f0h09ashfakjhfsdhfa8hghaihf
hxxp://195[.]20[.]18[.]146/dgfasd7yfgda876sf
PureLogs Stealer


URL
hxxp://195[.]20[.]18[.]146/jimgumbels
Rhadamanthys


URL
hxxp://195[.]20[.]18[.]146/ph
Phemedrone Stealer


URL
hxxp://65[.]20[.]105[.]244:8080/api/Document_0518[.]lnk
hxxp://cloudledger[.]me:8080/api/Document_0518[.]lnk
QakBot


URL
hxxps://genericfixer[.]com/libraries4[.]aspx
hxxps://genericfixer[.]com/kernel96[.]aspx
hxxps://genericfixer[.]com/sysfixsync/kernel-patches/january-2025/fixomatic[.]php
Matanbuchus


URL
hxxp://104[.]161[.]16[.]229/GngkgoPnY233[.]bin
CloudEyE




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://weixe[.]ir/txt/RW1EbLWSWWfWZzX[.]exe hxxp://touxzw[.]ir/sccc/five/PvqDq929BSx_A_D_M1n_a[.]php	LokiBot
URL	hxxps://89[.]197[.]154[.]116/Excel-https[.]exe hxxp://156[.]253[.]250[.]62/uploads/1[.]vbs hxxp://148[.]135[.]23[.]194:8899/02[.]08[.]2022[.]exe hxxp://101[.]43[.]166[.]60:5555/02[.]08[.]2022[.]exe hxxp://60[.]19[.]13[.]188:8980/02[.]08[.]2022[.]exe hxxp://111[.]173[.]104[.]246/02[.]08[.]2022[.]exe hxxp://45[.]192[.]96[.]63:6005/02[.]08[.]2022[.]exe hxxp://45[.]192[.]96[.]63:6003/02[.]08[.]2022[.]exe hxxp://123[.]136[.]93[.]211:8036/02[.]08[.]2022[.]exe hxxp://117[.]50[.]178[.]197:57982/02[.]08[.]2022[.]exe	Cobalt Strike
URL	hxxp://51[.]21[.]41[.]165:5555/smbhost[.]exe hxxp://195[.]177[.]95[.]149/sh hxxp://156[.]253[.]250[.]62/uploads/UmnrNoAnyOpt[.]vbs hxxp://156[.]253[.]250[.]62/uploads/GeneratedScript[.]ps1 hxxp://195[.]177[.]95[.]149/i686 hxxp://195[.]177[.]95[.]149/arm7 hxxp://195[.]177[.]95[.]149/aarch64 hxxp://195[.]177[.]95[.]149/x86_64	Coinminer
URL	hxxp://51[.]21[.]41[.]165:5555/UIServices[.]exe hxxps://api[.]telegram[.]org/bot6987227198:AAGW8xEs5eNdfO7EF-8152h-RqJkKbn52BE/sendMessage?chat_id=1075483951 hxxp://156[.]253[.]250[.]62/uploads/pure[.]vbs hxxp://185[.]7[.]214[.]54/b[.]jpg hxxp://185[.]215[.]113[.]39/files/sawdu5t/random[.]exe hxxp://185[.]215[.]113[.]39/files/7193289845/IJWSn6z[.]exe	AsyncRAT
URL	hxxp://87[.]120[.]120[.]56/crypt/chrisx[.]ps1 hxxp://87[.]120[.]120[.]56/crypt/ed[.]ps1 hxxp://87[.]120[.]120[.]56/crypt/foreign[.]ps1 hxxp://87[.]120[.]120[.]56/crypt/ebu[.]ps1 hxxp://87[.]120[.]120[.]56/crypt/em3[.]ps1 hxxp://87[.]120[.]120[.]56/crypt/xx[.]ps1	Formbook
URL	hxxp://62[.]111[.]142[.]118/mimikatz/Win32/mimilib[.]dll hxxp://62[.]111[.]142[.]118/mimikatz/x64/mimikatz[.]exe hxxp://62[.]111[.]142[.]118/mimikatz/x64/mimidrv[.]sys hxxp://62[.]111[.]142[.]118/Pobrane/Invoke-Mimikatz[.]ps1 hxxp://62[.]111[.]142[.]118/Invoke-Mimikatz[.]ps1	MimiKatz
URL	hxxp://88[.]151[.]192[.]50/putty[.]exe hxxp://2[.]59[.]163[.]172/svc[.]exe hxxp://2[.]59[.]163[.]172/svc2[.]exe hxxp://2[.]59[.]163[.]172/ukraine/svc1[.]exe hxxp://156[.]253[.]250[.]62/uploads/Loader[.]vbs hxxp://192[.]3[.]26[.]147/340/we/nicegirlsaidsheisverybeautifulgirlentiretimeevergettinggoo[.]hta hxxp://88[.]151[.]192[.]50/svc[.]exe	SmokeLoader
URL	hxxps://bit1[.]smogturfprance[.]shop/cacaduk[.]captcha hxxps://solve[.]zyde[.]org/awjsx[.]captcha hxxps://solve[.]feqy[.]org/awjsx[.]captcha hxxps://solve[.]wyji[.]org/awjsx[.]captcha hxxps://solve[.]qabi[.]org/awjsx[.]captcha hxxps://solve[.]xclb[.]org/awjsx[.]captcha hxxps://solve[.]wbth[.]org/awjsx[.]captcha hxxps://solve[.]vjgh[.]org/awjsx[.]captcha hxxps://solve[.]kxlv[.]org/awjsx[.]captcha hxxps://solve[.]vsdd[.]org/awjsx[.]captcha hxxps://solve[.]rlvw[.]org/awjsx[.]captcha hxxps://solve[.]nrxk[.]org/awjsx[.]captcha	ClearFake
URL	hxxp://62[.]60[.]226[.]64/file/4422_8390[.]exe hxxp://62[.]60[.]226[.]64/file/1374_2790[.]exe	PrivateLoader
URL	hxxp://62[.]60[.]226[.]64/file/4181_461[.]exe hxxp://152[.]228[.]229[.]214/54/buh/bh/shegivenmebestthingsentietimetogivenmebesthings______betterthingswithbetterwaygetbackwithgreatforme__________bestthingsbetterthingstniertieme[.]doc hxxp://152[.]228[.]229[.]214/301/creamissingfaloververynicewithentireitimegtogetmelsee[.]gIF hxxp://172[.]245[.]119[.]74/xampp/rrx/wemeetagainforbestthingstodo[.]hta hxxp://217[.]160[.]163[.]113/550/sman/wegivenbestthngsforbestgirlfriendwhobestforentiretime[.]hta hxxp://107[.]172[.]148[.]212/xampp/kkn/nsoo/nomralwaygivenmebestthingswithentireilifegoses[.]hta hxxp://104[.]168[.]7[.]72/120/scess/seethebestthingstobesuccessfullygetbackwithentiretime[.]hta hxxp://107[.]172[.]148[.]212/xampp/kkn/nsoo/givemebestoutputwithfreemindgoodforentiregood[.]hta hxxp://172[.]245[.]123[.]86/744/shewe/nicegirlgivenmebestthingswithentiretimegoodfor[.]hta	Remcos
URL	hxxp://20[.]210[.]245[.]1/Passwords[.]txt[.]scr hxxp://20[.]210[.]245[.]1/Document_838929[.]txt[.]scr hxxp://20[.]210[.]245[.]1/Me[.]jpg[.]scr hxxp://20[.]210[.]245[.]1/Porn[.]mp4[.]scr hxxp://20[.]210[.]245[.]1/Private[.]txt[.]scr hxxp://20[.]210[.]245[.]1/Document[.]txt[.]scr	Phorpiex
URL	hxxp://62[.]111[.]142[.]118/update[.]exe hxxp://62[.]111[.]142[.]118/Pobrane/agUiTibN[.]hta	Metasploit
URL	hxxp://156[.]253[.]250[.]62/uploads/sqfire[.]vbs hxxp://156[.]253[.]250[.]62/uploads/MyNew[.]vbs hxxp://156[.]253[.]250[.]62/uploads/ALLINBIN[.]vbs hxxp://156[.]253[.]250[.]62/uploads/kccj_nova[.]vbs hxxp://107[.]172[.]148[.]212/xampp/nmbk/nm/nmssb[.]hta	MASS Logger
URL	hxxp://156[.]253[.]250[.]62/uploads/tt[.]vbs hxxp://89[.]23[.]97[.]214/Team/BILLI[.]exe hxxp://89[.]23[.]97[.]214/TeamBuild/win64_svchost[.]exe hxxp://156[.]253[.]250[.]62/uploads/5[.]vbs hxxp://156[.]253[.]250[.]62/uploads/4[.]vbs hxxp://156[.]253[.]250[.]62/uploads/crypto[.]vbs hxxp://156[.]253[.]250[.]62/uploads/2026[.]vbs	Quasar RAT
URL	hxxp://jilas[.]net/file/Enquiry-Dubai[.]js	0bj3ctivityStealer
URL	hxxps://portable2016[.]top/work/index[.]php hxxps://portable2016[.]top/work/upl[.]php hxxps://cansupeker[.]com/folder[.]zip hxxps://portable2016[.]top/work/original[.]js hxxps://ppdpharmaco[.]com/5k5g[.]js hxxps://ppdpharmaco[.]com/js[.]php hxxps://tacscc[.]com/5s41[.]js hxxps://tacscc[.]com/js[.]php hxxps://gameofthronesmemes[.]top/work/index[.]php hxxps://gameofthronesmemes[.]top/work/upl[.]php hxxps://gameofthronesmemes[.]top/work/original[.]js hxxp://ffjihcnfkhihlmd[.]top/1[.]php	FAKEUPDATES
URL	hxxp://92[.]255[.]57[.]155/yXNwKVfkS28Y/Login[.]php	Amadey
URL	hxxps://dreamcloudsite[.]xyz/MzZkNTliNTU4NDhl/ hxxps://deepsek[.]icu/DeepSeek[.]apk hxxps://goldenbirdzone[.]xyz/MzZkNTliNTU4NDhl/	Coper
URL	hxxps://sweepyribs[.]lat/api hxxps://knowninshea[.]shop/api hxxps://fashiontrends2023[.]biz/api hxxps://spottyalle[.]biz/api hxxps://techgasreview[.]biz/api hxxps://muscleinitai[.]biz/api hxxp://clammypunero[.]com/api hxxp://garderjjerop[.]com/api hxxp://plasticreie[.]com/api hxxp://shunstriderk[.]net/api hxxp://skirtgrippys[.]com/api hxxp://toppyneedus[.]biz/api hxxp://vividimaginatigon[.]top/api hxxp://believezioep[.]com/api hxxp://cabbagepattof[.]net/api hxxp://89[.]23[.]97[.]214/Team/32cv[.]exe hxxp://89[.]23[.]97[.]214/Google/Launcher[.]exe hxxp://89[.]23[.]97[.]214/Advert/alivi[.]exe hxxp://185[.]215[.]113[.]97/files/SQL_gulong1/random[.]exe hxxp://185[.]11[.]61[.]10/ScreenSync[.]exe hxxp://185[.]11[.]61[.]9/InstallSetup[.]exe hxxp://185[.]215[.]113[.]97/files/notfinancing/random[.]exe hxxps://vividimaginatigon[.]top/api hxxps://garderjjerop[.]com/api hxxps://clammypunero[.]com/api hxxps://skirtgrippys[.]com/api hxxps://plasticreie[.]com/api hxxps://cabbagepattof[.]net/api hxxps://believezioep[.]com/api hxxps://shunstriderk[.]net/api hxxps://innovationhubf[.]top/api hxxps://warlikedbeliev[.]org/api hxxps://docshare[.]icu/templates/imagesoftware/1[.]exe hxxps://docshare[.]icu/templates/imagesoftware/ImageEditorforWP[.]exe hxxp://195[.]20[.]18[.]146/dftg7d6tg9s6f796gs96afasd hxxp://45[.]143[.]200[.]244/Documents/ImportantInformation[.]pdf[.]lnk hxxps://securesways[.]click/api hxxp://185[.]246[.]189[.]78/Downloads/booking_invoice7223541[.]pdf[.]lnk hxxps://answerzeypher[.]biz/api hxxps://wanyajarysu[.]click/api hxxps://humdrumviosl[.]click/api hxxps://drinkeracte[.]biz/api hxxps://aromaticridz[.]biz/api hxxps://runnedarred[.]com/api hxxps://subduedkinlkly[.]shop/api	Lumma Stealer
URL	hxxps://api[.]telegram[.]org/bot8018149517:AAGK_JH2rbFUhupxezqUln9lvYu9km5btWY/sendMessage?chat_id=7250529719 hxxp://23[.]94[.]80[.]230/xampp/nub/weseethebestthingsevermadewithbestwithnewthingsgoodforme[.]hta hxxp://23[.]94[.]80[.]230/235/suwce[.]exe hxxp://23[.]94[.]80[.]230/xampp/bnk/greatdaystartedwithgreatmagicalthingspostedgood[.]hta	Snake Keylogger
URL	hxxp://154[.]216[.]20[.]246/4bbfd212e4bc2b67[.]php hxxp://77[.]91[.]68[.]247/a5a762673348bc06/sqlite3[.]dll hxxp://77[.]105[.]146[.]130/791db24d796b6003/vcruntime140[.]dll hxxps://185[.]217[.]197[.]202/5e0fc67937c1156b/sqlite3[.]dll hxxp://185[.]215[.]113[.]115/c4becf79229cb002[.]php	Stealc
URL	hxxp://147[.]45[.]44[.]209/1[.]exe hxxp://62[.]60[.]226[.]64/public_files/kShkfki[.]txt hxxp://147[.]45[.]44[.]209/lem[.]exe hxxp://147[.]45[.]44[.]42/boom/tvhaqk[.]exe hxxp://147[.]45[.]44[.]42/boom/uykb[.]exe	Vidar
URL	hxxp://mainworkapp[.]com/c	TrickMo
URL	hxxps://certifica-bancamediolanum[.]com/app/Mediolanum2[.]0[.]apk hxxp://it-mediolanumbanca[.]com/app/Mediolanum2[.]0[.]apk	SpyNote
URL	hxxps://vivaforevew[.]com/test/ hxxps://wersogkiwgow[.]com/test/	Latrodectus
URL	hxxps://api[.]telegram[.]org/bot6305495597:AAF_ew9pYtXGGwSyDG7TEmK1g6BlTM8J_4s/	Agent Tesla
URL	hxxp://185[.]215[.]113[.]16/inc/Lead_dumper[.]exe hxxp://185[.]215[.]113[.]97/files/SQL_gulong/random[.]exe	RedLine Stealer
URL	hxxp://192[.]10[.]135[.]210:45577/Mozi[.]m hxxp://69[.]23[.]241[.]65:44835/Mozi[.]m hxxp://61[.]0[.]223[.]71:32990/Mozi[.]m hxxp://110[.]183[.]25[.]12:53456/Mozi[.]m hxxp://223[.]11[.]60[.]184:35597/Mozi[.]m	Mozi
URL	hxxp://193[.]200[.]78[.]26/yakuza[.]sh4 hxxp://193[.]200[.]78[.]26/yakuza[.]x86 hxxp://193[.]200[.]78[.]26/yakuza[.]ppc hxxp://193[.]200[.]78[.]26/yakuza[.]mips hxxp://193[.]200[.]78[.]26/bins[.]sh hxxp://193[.]200[.]78[.]26/yakuza[.]m68k hxxp://193[.]200[.]78[.]26/yakuza[.]mpsl hxxp://193[.]200[.]78[.]26/yakuza[.]i586 hxxp://193[.]200[.]78[.]26/yakuza[.]x32 hxxp://193[.]200[.]78[.]26/yakuza[.]arm4 hxxp://193[.]200[.]78[.]26/yakuza[.]arm6 hxxp://5[.]252[.]177[.]239/pXdN91[.]sh4 hxxp://5[.]252[.]177[.]239/pXdN91[.]mipsel hxxp://5[.]252[.]177[.]239/pXdN91[.]i586 hxxp://5[.]252[.]177[.]239/pXdN91[.]i686 hxxp://5[.]252[.]177[.]239/pXdN91[.]mips hxxp://5[.]252[.]177[.]239/pXdN91[.]armv4l hxxp://5[.]252[.]177[.]239/pXdN91[.]sparc hxxp://5[.]252[.]177[.]239/pXdN91[.]x86 hxxp://5[.]252[.]177[.]239/pXdN91[.]armv5l hxxp://5[.]252[.]177[.]239/pXdN91[.]powerpc-440fp hxxp://5[.]252[.]177[.]239/pXdN91[.]m68k hxxp://5[.]252[.]177[.]239/pXdN91[.]armv7l hxxp://5[.]252[.]177[.]239/pXdN91[.]armv6l hxxp://156[.]229[.]232[.]99/rep[.]mpsl hxxp://5[.]252[.]177[.]239/pXdN91[.]sh hxxp://156[.]229[.]232[.]99/rep[.]sh4 hxxp://156[.]229[.]232[.]99/rep[.]ppc hxxp://156[.]229[.]232[.]99/rep[.]mips hxxp://156[.]229[.]232[.]99/rep[.]m68k hxxp://156[.]229[.]232[.]99/rep[.]spc hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]sh hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]i686 hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]armv4l hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]sparc hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]armv7l hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]armv5l hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]i686 hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]sh4 hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]mipsel hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]m68k hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]i586 hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]mips hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]sh hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]i586 hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]mipsel hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]sparc hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]armv5l hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]sh4 hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]mips hxxp://srv9-mivocloud[.]500apps[.]net/pXdN91[.]armv4l hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]m68k hxxp://mail1[.]tech-notifications[.]com/pXdN91[.]armv6l hxxp://193[.]17[.]183[.]233/nshsh4 hxxp://193[.]17[.]183[.]233/sh4	Bashlite
URL	hxxp://hlag[.]cc/245_Dkexwtykvxt	DBatLoader
URL	hxxp://156[.]253[.]250[.]62/uploads/XClient[.]vbs	XWorm
URL	hxxp://51[.]21[.]41[.]165:5555/services[.]png	Citadel
URL	hxxp://185[.]14[.]31[.]13/wp-content/includes/siderographic75YDF[.]exe	Koi Loader
URL	hxxps://lnbox[.]info/cool/setup_x64[.]msi hxxp://31[.]192[.]232[.]108:8080/cool/setup_x64[.]msi hxxp://31[.]192[.]232[.]108:8080/doc/Document-0191536[.]pdf[.]lnk hxxp://31[.]192[.]232[.]108:8080/cool/setup[.]msi hxxp://hq-office[.]us/fork/setup[.]msi hxxp://hq-office[.]us:8080/fork/setup[.]msi hxxp://193[.]233[.]72[.]58:8080/fork/setup[.]msi hxxp://hq-office[.]us/scan/Scan_copy_1106658[.]lnk hxxp://hq-office[.]us:8080/scan/Scan_copy_1106658[.]lnk hxxp://193[.]233[.]72[.]58:8080/scan/Scan_copy_1106658[.]lnk hxxp://ns1[.]data02[.]info:8080/gate/setup[.]msi hxxp://data02[.]info:8080/gate/setup[.]msi hxxp://ns2[.]data02[.]info:8080/gate/setup[.]msi hxxp://31[.]192[.]232[.]18:8080/gate/setup[.]msi hxxp://193[.]233[.]72[.]58:8080/fork/setup315[.]msi hxxp://hq-office[.]us/fork/setup315[.]msi hxxp://193[.]233[.]72[.]58:8080/scan/Scan_copy_11058103[.]pdf[.]lnk	MetaStealer
URL	hxxp://emarketstats[.]com/front[.]php	Satacom
URL	hxxp://home[.]thrtww13vt[.]top/quzflHxcFiQHARiMlHLt173	CryptBot
URL	hxxp://pseudoironia[.]ru/providervmLinelowDefaultlinuxprivate[.]php hxxp://babos[.]top/imagecpuupdateprocessBigloadLinuxwplocal[.]php hxxp://464064cm[.]shnyash[.]ru/PipeUpdatemultiBaselinuxTempCentralDownloads[.]php hxxp://activequestion[.]ru/externallongpollFlowerWpdlelocalPrivatecentral[.]php	DCRat
URL	hxxp://62[.]60[.]234[.]160:7777/confirmm[.]com/Captcha hxxp://bookingmanage[.]com/manage/SysToolsv hxxp://bookingmanage[.]com/manage/bookings hxxps://woolav[.]shop/jumpingjack[.]mp4 hxxps://requinos[.]shop/matataakuna[.]mp4 hxxps://sumala[.]shop/Pumpkin[.]mp4 hxxp://5[.]253[.]59[.]210:7777/confirma3[.]com/Captcha2	Emmenhtal
URL	hxxps://wiramulia[.]com/contact hxxps://atlantida[.]team/smp/Appinstaller[.]zip hxxps://mac-only[.]team/smp/getfile[.]php	AMOS
URL	hxxp://5[.]35[.]95[.]240/idk[.]exe	BlankGrabber
URL	hxxps://pecanclusteredjalapeno[.]shop/Up hxxps://pecanclusteredjalapeno[.]shop/Up/b hxxps://u2[.]servicelandingkaraoke[.]shop/cp_sh[.]eml hxxps://rivalillicitlytransfer[.]shop/Up hxxps://rivalillicitlytransfer[.]shop/Up/b hxxps://rivalillicitlytransfer[.]shop/ujs/	ACR Stealer
URL	hxxp://195[.]20[.]18[.]146/d8shf08ghakfh8f0h09ashfakjhfsdhfa8hghaihf hxxp://195[.]20[.]18[.]146/dgfasd7yfgda876sf	PureLogs Stealer
URL	hxxp://195[.]20[.]18[.]146/jimgumbels	Rhadamanthys
URL	hxxp://195[.]20[.]18[.]146/ph	Phemedrone Stealer
URL	hxxp://65[.]20[.]105[.]244:8080/api/Document_0518[.]lnk hxxp://cloudledger[.]me:8080/api/Document_0518[.]lnk	QakBot
URL	hxxps://genericfixer[.]com/libraries4[.]aspx hxxps://genericfixer[.]com/kernel96[.]aspx hxxps://genericfixer[.]com/sysfixsync/kernel-patches/january-2025/fixomatic[.]php	Matanbuchus
URL	hxxp://104[.]161[.]16[.]229/GngkgoPnY233[.]bin	CloudEyE

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております