D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様2社: 2025/02/10
※2025/02/10 更新
マルウェア感染させると考えられるURLを検知（2025/02/10）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://global-protect[.]us/encrypthub/ram/
hxxps://global-protect[.]us/encrypthub/ram/ram[.]exe
hxxps://global-protect[.]us/encrypthub/ram/runner[.]ps1
hxxps://mexfex[.]com/ussr/joy[.]exe
Rhadamanthys


URL
hxxp://15[.]235[.]203[.]212/5433/mydreamgirlsheismybestgirleveriseenwithherlovergood[.]gIF
hxxp://15[.]235[.]203[.]212/5433/nuwm/mydreamgirlsheismybestgirleveriseenwithherlovergood[.]hta
hxxp://198[.]23[.]187[.]150/231/cann[.]exe
hxxp://198[.]23[.]187[.]150/xampp/caba/createdbestgirlfriendwholovesmealotwithme[.]hta
hxxp://185[.]29[.]10[.]30/xampp/koc/ck/nicegirlsheverynicepersonalitygoodbeautifulgirlfrined[.]hta
hxxp://172[.]245[.]123[.]86/770/niceskillwithbetterservicegoodgirlmylover[.]txt
hxxp://185[.]29[.]10[.]30/677/greatnicehingsbetterwithgoodthingsfornewwayofbest[.]txt
hxxp://172[.]245[.]123[.]86/770/niceskillwithbetterservicegoodgirlmylover[.]gIF
hxxp://54[.]37[.]131[.]240/114/goodofrmybestthingstogiveubestofthingsgood[.]txt
hxxp://185[.]29[.]10[.]30/677/greatnicehingsbetterwithgoodthingsfornewwayofbest[.]gIF
hxxp://217[.]160[.]163[.]113/99/creambestthingswhichnevergivebestthingsevergive[.]gIF
hxxp://54[.]37[.]131[.]240/114/goodofrmybestthingstogiveubestofthingsgood[.]gIF
hxxp://54[.]37[.]131[.]240/114/sew/goodofrmybestthingstogiveubestofthingsgood[.]hta
hxxp://217[.]160[.]163[.]113/99/shme/creambestthingswhichnevergivebestthingsevergives[.]hta
hxxp://172[.]245[.]123[.]86/770/sina/niceskillwithbetterservicegoodgirlmylover[.]hta
hxxp://185[.]29[.]10[.]30/677/sumi/specialgiftmakewithbestlovershegoodforbestthingsgood[.]hta
hxxp://15[.]235[.]203[.]212/5433/mydreamgirlsheismybestgirleveriseenwithherlovergood[.]txt
hxxp://217[.]160[.]163[.]113/99/creambestthingswhichnevergivebestthingsevergive[.]txt
hxxps://ilimed[.]ro/ufcu/streamingwealth/ssl[.]jpg
hxxps://ilimed[.]ro/ufcu/streamingwealth/backupplan[.]jpg
Remcos


URL
hxxps://gopay[.]stockadv[.]com/fifbank[.]bin
hxxp://47[.]99[.]93[.]43/jhas[.]exe
hxxp://51[.]75[.]31[.]116/02[.]08[.]2022[.]exe
hxxp://104[.]194[.]152[.]141/02[.]08[.]2022[.]exe
hxxp://185[.]73[.]124[.]238/02[.]08[.]2022[.]exe
hxxp://121[.]43[.]131[.]0:8888/02[.]08[.]2022[.]exe
hxxp://124[.]222[.]48[.]227:1111/02[.]08[.]2022[.]exe
hxxp://116[.]205[.]98[.]214:81/02[.]08[.]2022[.]exe
hxxp://47[.]109[.]201[.]173:8888/02[.]08[.]2022[.]exe
hxxp://150[.]158[.]33[.]10:50003/02[.]08[.]2022[.]exe
hxxp://101[.]35[.]45[.]108:50001/02[.]08[.]2022[.]exe
hxxp://39[.]100[.]64[.]169:8081/02[.]08[.]2022[.]exe
hxxp://8[.]130[.]132[.]210:7777/02[.]08[.]2022[.]exe
hxxp://101[.]35[.]228[.]105:11443/02[.]08[.]2022[.]exe
hxxp://119[.]8[.]116[.]145:4444/02[.]08[.]2022[.]exe
hxxp://119[.]8[.]116[.]145:8088/02[.]08[.]2022[.]exe
hxxp://189[.]1[.]216[.]88/02[.]08[.]2022[.]exe
hxxp://106[.]52[.]37[.]207:2233/02[.]08[.]2022[.]exe
hxxp://34[.]78[.]33[.]28/02[.]08[.]2022[.]exe
hxxp://91[.]188[.]254[.]116/02[.]08[.]2022[.]exe
hxxp://193[.]150[.]70[.]7/02[.]08[.]2022[.]exe
hxxp://116[.]205[.]98[.]214:8676/vNNK
Cobalt Strike


URL
hxxp://185[.]215[.]113[.]97/files/ReverseSheller/random[.]exe
hxxp://185[.]215[.]113[.]97/files/5814572372/nAEqBMS[.]exe
hxxp://185[.]215[.]113[.]97/files/1961451777/q8viZ0W[.]exe
hxxp://185[.]215[.]113[.]97/files/6691015685/1VB7gm8[.]exe
hxxp://185[.]215[.]113[.]97/files/5803047068/69LRIU5[.]exe
hxxps://github[.]com/mailclone2500/stealer/raw/refs/heads/main/LinkedinTuVanDat[.]exe
hxxps://forwardxinspiration[.]today/api
hxxps://importenptoc[.]com/api
hxxps://digittaldreams[.]cyou/api
hxxps://cozyhomevpibes[.]cyou/api
hxxp://185[.]215[.]113[.]97/files/7788061076/L65uNi1[.]exe
hxxp://185[.]215[.]113[.]97/files/7788061076/af53YGc[.]exe
hxxps://bitbucket[.]org/emjsjs/azzzhh/downloads/sv279[.]exe
hxxp://185[.]215[.]113[.]97/files/osint1618/random[.]exe
hxxp://185[.]215[.]113[.]97/files/6875802221/1AWhJsY[.]exe
hxxps://infernoenjoyer[.]cfd/1[.]zip
hxxps://modernakdventure[.]cyou/api
hxxps://lightffntasy[.]help/api
hxxps://cozycojrner[.]cyou/api
hxxps://tranqnuilserenity[.]pics/api
hxxps://greenearoth[.]cyou/api
hxxps://mixermixedo[.]click/api
hxxps://ignoredshee[.]com/api
hxxps://pennyspinng[.]shop/api
hxxps://overwrougemny[.]shop/api
hxxps://vastactionu[.]shop/api
hxxps://relymowyiny[.]shop/api
hxxps://islandtosecod[.]shop/api
hxxps://majestimowwer[.]shop/api
hxxps://disgustingxtta[.]shop/api
hxxps://ambigtiousgoals[.]cyou/api
hxxps://fixxyplanterv[.]click/api
hxxps://currencarjh[.]click/api
hxxps://connect-cdn-api[.]tastinessrebaterunny[.]shop/guba[.]png
hxxps://connect-cdn-api[.]tastinessrebaterunny[.]shop/ziba[.]map
hxxps://connect-cdn-api[.]tastinessrebaterunny[.]shop/ruba[.]bpl
hxxp://nopaste[.]net/5N0WWuwk3d
hxxps://nopaste[.]net/31gmoyUfdI
hxxps://nopaste[.]net/gFFvm8SLzB
hxxps://kvndbb3[.]com/g[.]exe
hxxps://pxlayfulpets[.]cyou/api
hxxps://ditgitaldream[.]click/api
hxxps://coczyhome[.]cyou/api
hxxps://modebrnartistry[.]cyou/api
hxxps://activheharmony[.]cyou/api
hxxps://thritvingnature[.]click/api
hxxps://qcleveridea[.]cyou/api
Lumma Stealer


URL
hxxp://185[.]215[.]113[.]97/files/748049926/GjZwgbz[.]exe
SystemBC


URL
hxxps://check[.]zovy[.]site/gkcxv[.]google
hxxps://check[.]aaao[.]site/gkcxv[.]google
hxxps://check[.]eiau[.]site/gkcxv[.]google
hxxps://check[.]ueyu[.]site/gkcxv[.]google
hxxps://check[.]ouyo[.]site/gkcxv[.]google
hxxps://check[.]ooia[.]site/gkcxv[.]google
hxxps://check[.]cvdub[.]site/gkcxv[.]google?i=0e8bb4ba-1c00-4581-a976-8f86083269f1
hxxps://check[.]cvdub[.]site/gkcxv[.]google?i=188c2a1a-bf4e-4c2b-9d63-60407f338d12
hxxps://check[.]cvdub[.]site/gkcxv[.]google?i=de885d54-bfcd-47e2-a0d8-43054753663f
hxxps://check[.]yiui[.]site/gkcxv[.]google?i=c0b6fb47-ef83-415e-bbf1-61dea66be1f3
hxxps://check[.]byzi[.]site/gkcxv[.]google
hxxps://check[.]euuue[.]site/gkcxv[.]google?i=e0a285fb-d3c0-4a94-ba37-85292479a0da
hxxps://check[.]yiui[.]site/gkcxv[.]google?i=c4ad26fe-f98d-43ea-b9d6-1091cc6be014%20check[.]yiui[.]site
hxxps://check[.]budu[.]site/gkcxv[.]google?i=1bdb82b9-86d9-4358-a730-d1fbdc7481d5
hxxps://check[.]euuue[.]site/gkcxv[.]google?i=01b4fc6e-3540-4717-9806-c19e7485f8ea
hxxps://check[.]yiui[.]site/gkcxv[.]google?i=c4ad26fe-f98d-43ea-b9d6-1091cc6be014
hxxps://check[.]budu[.]site/gkcxv[.]google?i=7b88c62d-73f0-4f69-818f-4456aca3fae5
hxxps://check[.]budu[.]site/gkcxv[.]google?i=e3475c87-98a8-4f23-a839-a902062dfa20
hxxps://check[.]ouhoi[.]site/gkcxv[.]google
ClearFake


URL
hxxp://198[.]12[.]81[.]151/315/cann[.]exe
hxxp://198[.]12[.]81[.]151/680/csee[.]exe
hxxp://198[.]12[.]81[.]151/xampp/nvc/greatnamechangedwithgoodnews[.]hta
hxxp://www[.]sxnjkai[.]icu/c07e/
hxxp://www[.]t45nj[.]net/c07e/
hxxp://www[.]toffer[.]xyz/c07e/
hxxp://www[.]utomation-tools-88072[.]bond/c07e/
hxxp://www[.]vaxmobile[.]solutions/c07e/
hxxp://www[.]viora[.]net/c07e/
hxxp://www[.]yememecoin[.]online/c07e/
hxxp://www[.]ystudy[.]tech/c07e/
hxxp://www[.]pps-36972[.]bond/c07e/
hxxp://www[.]pr8o4gu[.]xyz/c07e/
hxxp://www[.]qhealth[.]net/c07e/
hxxp://www[.]ragrantdelightsco[.]online/c07e/
hxxp://www[.]recisiongyn[.]net/c07e/
hxxp://www[.]riafactor[.]xyz/c07e/
hxxp://www[.]rightgroup[.]xyz/c07e/
hxxp://www[.]s-hoteles-en-benidorm-9n[.]today/c07e/
hxxp://www[.]sedlaptopsit[.]today/c07e/
hxxp://www[.]odspace[.]xyz/c07e/
hxxp://www[.]ong-ya[.]info/c07e/
hxxp://www[.]ontosesfericosmpaggoonline[.]xyz/c07e/
hxxp://www[.]ortgage-44158[.]bond/c07e/
hxxp://www[.]ostto[.]net/c07e/
hxxp://www[.]otorcycle-bikes-price[.]today/c07e/
hxxp://www[.]otorcycle-loans-50524[.]bond/c07e/
hxxp://www[.]pkbike[.]shop/c07e/
hxxp://www[.]pnsubscription[.]tech/c07e/
hxxp://www[.]iztrip[.]xyz/c07e/
hxxp://www[.]jvdn[.]online/c07e/
hxxp://www[.]k76[.]lat/c07e/
hxxp://www[.]kslot777wow[.]net/c07e/
hxxp://www[.]l-apartments-for-rent-9n[.]bond/c07e/
hxxp://www[.]laquepsoriasishelp[.]today/c07e/
hxxp://www[.]lara-stefano-wedding[.]info/c07e/
hxxp://www[.]nfluencer-marketing-33606[.]bond/c07e/
hxxp://www[.]nfluencer-marketing-41961[.]bond/c07e/
hxxp://www[.]nline-advertising-76975[.]bond/c07e/
hxxp://www[.]hebsidecollective[.]online/c07e/
hxxp://www[.]hestudentcompass[.]net/c07e/
hxxp://www[.]igitalskool[.]net/c07e/
hxxp://www[.]inglesdatingcourse2[.]today/c07e/
hxxp://www[.]ityheaven[.]webcam/c07e/
hxxp://www[.]itytkam[.]store/c07e/
hxxp://www[.]iu-vera-protezione[.]net/c07e/
hxxp://www[.]ivechatapps-8450599[.]zone/c07e/
hxxp://www[.]ivejasmin[.]photos/c07e/
hxxp://www[.]dcvrt[.]xyz/c07e/
hxxp://www[.]dtofuhouse[.]shop/c07e/
hxxp://www[.]edical-services-34002[.]bond/c07e/
hxxp://www[.]efi-5[.]vip/c07e/
hxxp://www[.]efiadvisor[.]net/c07e/
hxxp://www[.]elwincoastalcarpets[.]net/c07e/
hxxp://www[.]fza[.]xyz/c07e/
hxxp://www[.]gm2[.]biz/c07e/
hxxp://www[.]hanes[.]shop/c07e/
hxxp://www[.]aatahmineh6[.]info/c07e/
hxxp://www[.]ages-community-pravites[.]cloud/c07e/
hxxp://www[.]ango[.]xyz/c07e/
hxxp://www[.]anguage-courses-26145[.]bond/c07e/
hxxp://www[.]appyspuppys[.]store/c07e/
hxxp://www[.]arehouse-inventory-98063[.]bond/c07e/
hxxp://www[.]arehouse-work-best-in[.]today/c07e/
hxxp://www[.]ayday[.]today/c07e/
hxxp://www[.]commerce-14480[.]bond/c07e/
hxxp://www[.]0d8250a16e1[.]xyz/c07e/
hxxp://www[.]88av2908[.]xyz/c07e/
hxxps://ilimed[.]ro/ufcu/streamingwealth/onetribe[.]bin
Formbook


URL
hxxps://github[.]com/shram88/setup/raw/main/bin2[.]exe
hxxps://github[.]com/belyy-git/KaraHOOK/raw/refs/heads/master/cHSzTDjVl[.]exe
hxxp://79[.]110[.]49[.]155/cyb1/index[.]php
Azorult


URL
hxxps://github[.]com/zoax33/Utils/raw/refs/heads/master/savedecrypter[.]exe
Nanocore RAT


URL
hxxp://185[.]215[.]113[.]115/68b591d6548ec281/softokn3[.]dll
hxxps://global-protect[.]us/encrypthub/stealc/stealc[.]exe
hxxp://179[.]43[.]142[.]99/6bad8dda11fd59df/vcruntime140[.]dll
hxxp://5[.]42[.]92[.]215/a5a762673348bc06/vcruntime140[.]dll
hxxp://77[.]239[.]101[.]217/f60898bca117b180[.]php
hxxps://172[.]86[.]70[.]117/58edf5f2a726adf8/sqlite3[.]dll
hxxp://185[.]215[.]113[.]115/68b591d6548ec281/sqlite3[.]dll
hxxp://179[.]43[.]162[.]125/ac1767bd0d56c4c8/sqlite3[.]dll
Stealc


URL
hxxp://62[.]133[.]60[.]69:7777/confirmj[.]com/NetworkEmailBackupWizardControllerSetup[.]msi
DanaBot


URL
hxxp://62[.]133[.]60[.]69:7777/confirmj[.]com/Captcha
hxxp://62[.]133[.]60[.]69:7777/confirm2[.]com/Captcha
hxxps://zoomlu[.]shop/iklominiach[.]cda
Emmenhtal


URL
hxxp://data3[.]info:8080/farm/settup[.]msi
hxxp://193[.]233[.]22[.]171:8080/farm/settup[.]msi
MetaStealer


URL
hxxps://stormyclouds[.]xyz/YTE5MzQ1ZWRkZjY1/
hxxps://otomatikbahcesulamasistemi[.]xyz/fHTKmZhmwRmq/
hxxps://tarimsalverimsulamayontemi[.]xyz/fHTKmZhmwRmq/
hxxps://damlamasulamateknolojileri[.]xyz/fHTKmZhmwRmq/
hxxps://akillitarimsulamasistemleri[.]xyz/fHTKmZhmwRmq/
hxxps://modernciftliksulamayontemi[.]xyz/fHTKmZhmwRmq/
hxxps://verimlisulamataktikveyontem[.]xyz/fHTKmZhmwRmq/
hxxps://tarlaotomatiksulamasistemleri[.]xyz/fHTKmZhmwRmq/
hxxps://bahceveseraotomasyonsulama[.]xyz/fHTKmZhmwRmq/
hxxps://sudepolamaveverimsulama[.]xyz/fHTKmZhmwRmq/
hxxps://bitkisulamastratejiler[.]xyz/fHTKmZhmwRmq/
hxxps://sebzesulamasistemcozumleri[.]xyz/fHTKmZhmwRmq/
hxxps://akillibahcesulamauretimi[.]xyz/fHTKmZhmwRmq/
hxxps://gelenekseltarimsulamamodeli[.]xyz/fHTKmZhmwRmq/
hxxps://sulamaekipmanlariurunleri[.]xyz/fHTKmZhmwRmq/
hxxps://akillidamlamaotomasyonsistemi[.]xyz/fHTKmZhmwRmq/
hxxps://pratikverimlibitkisulama[.]xyz/fHTKmZhmwRmq/
hxxps://topraksizserasulamasistemi[.]xyz/fHTKmZhmwRmq/
hxxps://otomatiksektorelbitkisulama[.]xyz/fHTKmZhmwRmq/
hxxps://verimlitarlavemodernsulama[.]xyz/fHTKmZhmwRmq/
hxxps://bitkisagliginagoresulama[.]xyz/fHTKmZhmwRmq/
hxxps://bluemoonland[.]xyz/MzZkNTliNTU4NDhl/
Coper


URL
hxxps://imitrex24[.]com/fxghx[.]dll
Latrodectus


URL
hxxp://222[.]189[.]122[.]225:32849/Mozi[.]m
hxxp://45[.]115[.]89[.]110:37918/Mozi[.]m
hxxp://45[.]115[.]89[.]241:41029/Mozi[.]m
Mozi


URL
hxxp://cattozzo[.]it/cro[.]bin
hxxp://195[.]211[.]190[.]132/pFQlFz130[.]bin
hxxp://85[.]209[.]128[.]213/VfSTv225[.]bin
hxxp://195[.]211[.]190[.]186/BJXzDhdOYvjbNKHUA56[.]bin
hxxp://195[.]211[.]190[.]186/zXgaEVGFQskwWBwRHSpXsJdbkl247[.]bin
CloudEyE


URL
hxxp://149[.]28[.]156[.]249/tmpya
Dofloo


URL
hxxp://723486cm[.]nyashnyash[.]ru/httpApidownloads[.]php
hxxp://necobox[.]ru/L1nc0In[.]php
hxxp://623127cm[.]nyashk[.]ru/linuxWindows[.]php
hxxp://703035cm[.]nyashk[.]ru/ExternaleternalVmJavascriptgeneratorlocal[.]php
hxxp://62[.]109[.]31[.]116/Generatorjstest/linuxDump/1Vmlongpollsecure/DumpGeoprocessordump/auth8protect/6MariadbLongpollDb/LineTestCpu/update/2GameSecure3/bigloadgame/TestPoll/universal0Temporary/Securelinux/dlepublicPipeApi/testprovidervoiddb/To0wordpressLongpoll/6/0processWpprocess/Downloads/PolldatalifeLocalPublic[.]php
hxxp://115653cm[.]shnyash[.]ru/secureHttppacketcpuwindowsasyncdatalife[.]php
hxxp://955792cm[.]nyashk[.]ru/ImageVideo_HttpPacketprocessprocessorservercentraldownloads[.]php
hxxp://568327cm[.]shnyash[.]ru/trafficWp[.]php
hxxp://web3373[.]craft-host[.]ru/Javascriptgeo[.]php
hxxp://82[.]146[.]37[.]234/Downloads/SecureSecureuniversal2/securetemp11/BaseApi/Image/5/PhpSqlBase/Auth/WordpressEternal/pollsecurelongpolldb[.]php
hxxp://samsuka[.]ru/EternalBigloadUniversalDleUploads[.]php
hxxp://91[.]92[.]42[.]1/7/Eternal_Eternal5/_server/HttpprotectMulti/Dump/3pollVm/1/BetterUniversalProcessorHttp/Processor/providerProtectTraffic/updateprocessor/External_Server/Voiddb/7DleflowerJavascript/PipelongpollWordpress/protonprocessorVideo/7Secure/Low/videoAuthBaseWindowsdatalifeTemporary[.]php
DCRat


URL
hxxps://scionoutmatchsmoked[.]shop/b313d4a4588bd2e7bc9ece877caba58a[.]png
hxxp://185[.]215[.]113[.]97/files/6691015685/Bjkm5hE[.]exe
hxxp://yodartustteam[.]xyz/lem[.]exe
Vidar


URL
hxxps://github[.]com/HonkShefter/sundshefter/raw/refs/heads/main/Update[.]exe
NjRAT


URL
hxxp://iejkbmggndnekad[.]top/1[.]php
hxxps://pilulespascher[.]top/work/index[.]php
hxxps://pilulespascher[.]top/work/original[.]js
hxxps://pilulespascher[.]top/work/file[.]php
hxxps://lakestreetsolar[.]com/33[.]zip
hxxps://xxo[.]colo[.]oystergarden[.]net/editContent
hxxps://telback[.]com/5t5y[.]js
hxxps://telback[.]com/js[.]php
hxxp://emildeeeabebggm[.]top/1[.]php
hxxps://hub[.]unlimitedcashflowevent[.]com/profileLayout
FAKEUPDATES


URL
hxxp://185[.]215[.]113[.]40/sega/random[.]exe
hxxp://185[.]215[.]113[.]209/vcruntime140[.]dll
hxxp://185[.]215[.]113[.]209/softokn3[.]dll
hxxp://138[.]201[.]203[.]107/9bDc8sQ/index[.]php
Amadey


URL
hxxp://82[.]66[.]207[.]146/Steam[.]exe
XWorm


URL
hxxp://touxzw[.]ir/jay/five/fre[.]php
hxxp://touxzw[.]ir/jay/five/PvqDq929BSx_A_D_M1n_a[.]php
hxxps://touxzw[.]ir/jay/five/PvqDq929BSx_A_D_M1n_a[.]php
LokiBot


URL
hxxp://185[.]215[.]113[.]40/doku/random[.]exe
hxxp://212[.]34[.]135[.]153/fester/countrycompetitivepro[.]zip
RedLine Stealer


URL
hxxp://195[.]211[.]190[.]186/yqXjbcPNn92[.]bin
hxxps://api[.]telegram[.]org/bot8061096285:AAEYYo-FdY3VzqcT3L8EdN5KV_wk8MmCyiw/sendMessage?chat_id=6557702940
hxxps://api[.]telegram[.]org/bot7877050495:AAGvQgvVWi81kRnueu9bRetmq_FmSvNT1TI/sendMessage?chat_id=6055880871
Snake Keylogger


URL
hxxps://u2[.]fondnesssprayamiable[.]shop/cp_sh[.]eml
hxxps://u3[.]fondnesssprayamiable[.]shop/scar_int[.]bin
HijackLoader


URL
hxxp://185[.]81[.]68[.]156/z[.]exe
TinyNuke


URL
hxxps://api[.]telegram[.]org/bot7807349280:AAE29sJBJnMYIauQ3X9DXHIUE0WXDkDnSGY/sendMessage?chat_id=8081247323
DarkCloud


URL
hxxps://browser-storage[.]com/install[.]sh
AMOS


URL
hxxps://ggnmcomas[.]site/dev/client[.]bin
hxxps://gmoosomnoem[.]site/dev/client[.]bin
hxxps://gmnormails[.]site/dev/client[.]bin
hxxps://mncomgom[.]site/dev/client[.]bin
hxxps://nasanecesoi[.]site/dev/client[.]bin
hxxps://gmoocsoom[.]site/dev/client[.]bin
hxxp://updatetiker[.]site/dev/client[.]bin
hxxp://updatetiker[.]site/dev/dev[.]sh
hxxp://updatetiker[.]site/dev/test[.]sh
hxxps://gmcomamz[.]site/dev/client[.]bin
hxxps://gsoonmann[.]site/dev/client[.]bin
hxxp://152[.]32[.]138[.]108/dev/client[.]bin
hxxps://namerowem[.]site/dev/client[.]bin
hxxps://gmoonsom[.]site/dev/client[.]bin
hxxps://gmoonsom[.]site/dev/dev[.]sh
hxxps://gsoonmann[.]site/dev/dev[.]sh
hxxps://gmoosomnoem[.]site/dev/dev[.]sh
hxxps://ggnmcomas[.]site/dev/dev[.]sh
hxxps://nasanecesoi[.]site/dev/dev[.]sh
hxxps://gmnormails[.]site/dev/dev[.]sh
hxxps://namerowem[.]site/dev/test[.]sh
hxxps://nasanecesoi[.]site/dev/test[.]sh
hxxps://gmnormails[.]site/dev/test[.]sh
hxxps://ggnmcomas[.]site/dev/test[.]sh
hxxps://gsoonmann[.]site/dev/test[.]sh
hxxps://gmcomamz[.]site/dev/dev[.]sh
hxxps://mncomgom[.]site/dev/test[.]sh
hxxp://152[.]32[.]138[.]108/dev/dev[.]sh
hxxps://mncomgom[.]site/dev/dev[.]sh
hxxps://gmoocsoom[.]site/dev/dev[.]sh
hxxps://namerowem[.]site/dev/dev[.]sh
hxxps://gmgnsecmoi[.]site/dev/dev[.]sh
hxxps://gmcomamz[.]site/dev/test[.]sh
hxxps://gmoocsoom[.]site/dev/test[.]sh
hxxp://152[.]32[.]138[.]108/dev/test[.]sh
hxxps://gmoosomnoem[.]site/dev/test[.]sh
hxxps://gmoonsom[.]site/dev/test[.]sh
hxxps://gmgnsecmoi[.]site/dev/test[.]sh
hxxps://gmgnsecmoi[.]site/dev/client[.]bin
SparkRAT


URL
hxxp://89[.]187[.]140[.]237:1338/xmrig/xmrig_win32
hxxp://89[.]187[.]140[.]237:1338/xmrig/xmrig_linux2
hxxp://89[.]187[.]140[.]237:1338/xmrig/xmrig_darwin
XMRig


URL
hxxp://46[.]8[.]78[.]172/untitled2[.]exe
hxxp://185[.]215[.]113[.]66/64[.]exe
hxxp://222[.]129[.]239[.]32:8085/Photo[.]scr
hxxp://222[.]129[.]239[.]32:8085/AV[.]scr
hxxp://222[.]129[.]239[.]32:8085/Video[.]scr
hxxp://200[.]14[.]250[.]72/BLJYSVHW/IMG001[.]exe
hxxp://221[.]233[.]47[.]26:8081/AV[.]scr
hxxp://221[.]236[.]125[.]189:8000/AV[.]scr
hxxp://221[.]233[.]47[.]19:8081/AV[.]scr
hxxp://221[.]233[.]47[.]19:8081/Video[.]scr
hxxp://221[.]233[.]47[.]19:8081/Photo[.]scr
hxxp://221[.]233[.]47[.]26:8081/Photo[.]scr
hxxp://221[.]233[.]47[.]26:8081/Video[.]scr
hxxp://222[.]129[.]238[.]80:8085/Video[.]scr
hxxp://222[.]129[.]238[.]80:8085/AV[.]scr
hxxp://222[.]129[.]238[.]80:8085/Photo[.]scr
hxxp://47[.]106[.]217[.]147:8080/Video[.]scr
hxxp://47[.]106[.]217[.]147:8080/Photo[.]scr
hxxp://111[.]176[.]22[.]0:8081/AV[.]scr
hxxp://119[.]178[.]149[.]124:8888/Photo[.]scr
hxxp://111[.]176[.]22[.]0:8081/Video[.]scr
hxxp://47[.]106[.]217[.]147:8080/AV[.]scr
hxxp://118[.]119[.]32[.]27:81/Photo[.]scr
hxxp://118[.]119[.]32[.]27:81/Video[.]scr
hxxp://111[.]176[.]22[.]0:8081/Photo[.]scr
hxxp://119[.]178[.]149[.]124:8888/AV[.]scr
hxxp://116[.]133[.]72[.]61:20000/AV[.]scr
hxxp://116[.]133[.]72[.]61:20000/Video[.]scr
hxxp://116[.]133[.]72[.]61:20000/Photo[.]scr
hxxp://118[.]119[.]32[.]27:81/AV[.]scr
hxxp://119[.]178[.]149[.]124:8888/Video[.]scr
Coinminer


URL
hxxps://ilimed[.]ro/ufcu/streamingwealth/onedrives[.]bin
hxxps://api[.]telegram[.]org/bot5019103854:AAHucpCsuoHfPSmzNdwO7ZF0KH52dPfSqqc/sendMessage
hxxps://api[.]telegram[.]org/bot7510448331:AAHCytY6_57dVl2jrU6mtcIyGbcE2spzJjg/sendMessage
hxxps://api[.]telegram[.]org/bot7874496080:AAGuPYfNep3wFkcSC3Q_wev1OwFHhNk_Jak/sendMessage
AsyncRAT


URL
hxxp://91[.]240[.]118[.]49/forsale/silk[.]exe
Socks5 Systemz


URL
hxxp://194[.]85[.]251[.]8/bins/vNERT7ptzUXsbGcLyZZqaT4Q7WZma4MkfR
hxxp://194[.]85[.]251[.]8/bins/maEV1BbTVhWMSHOSdr4HSbVLaEjr0hdzXH
hxxp://194[.]85[.]251[.]8/bins/bUsb4gayg5H8V87OIFr888JhClaThhjeKl
hxxp://194[.]85[.]251[.]8/bins/c1Dpgdbq7RxwNoxl7bFqBTiqszwisHsEap
hxxp://194[.]85[.]251[.]8/bins/slN2UKRlFOwcVbUG8YFynt8S2YoVAqxOwu
hxxp://194[.]85[.]251[.]8/bins/OLjti0GOd59XUJmxdyryr6FmndpJMH4Pgq
hxxp://194[.]85[.]251[.]8/bins/RXn1mT544bA0qdZrL8ythyMoJ5yanJ37WA
hxxp://194[.]85[.]251[.]8/bins/yXdvltLo46FgSOBfHuj6sBShT8xLC2QdhL
hxxp://194[.]85[.]251[.]8/bins/Alz5fhInW8SaYvStbTDGqPoXSyQka6Y5SQ
hxxp://194[.]85[.]251[.]8/bins/eFLpRblzfb3gVEvlZNxaNf3trxxWsQSyLi
hxxp://194[.]85[.]251[.]8/bins/nsuXqzq8FCvqT3hKTtAkEertkIqVXxPnmI
hxxp://194[.]85[.]251[.]8/bins/dCkz4QdqPn4uRRQ7MyKlU6UJ3PXs6oBOnz
hxxp://194[.]85[.]251[.]8/bins/wMcwlOto8iEV1A1EZs30VBjmT4IazdnXzd
hxxp://194[.]85[.]251[.]8/bins/COdMFq5gOT30LJDdG37evxSzjqHS0G9OyR
XOR DDoS


URL
hxxp://googlevoice[.]net/l
GobRAT


URL
hxxp://212[.]192[.]14[.]109/Documents/gay[.]png[.]lnk
hxxp://212[.]192[.]14[.]109/Documents/Test[.]pdf[.]lnk
hxxp://212[.]192[.]14[.]109/Documents/tesyt[.]lnk
QakBot


URL
hxxp://home[.]fivepp5sb[.]top/joLepLgSzIBRhlkJbQYx17
CryptBot


URL
hxxp://176[.]65[.]137[.]193/sex[.]sh
hxxp://176[.]65[.]137[.]193/arm61
Bashlite


URL
hxxp://89[.]197[.]154[.]116:7810/g3N8pPnEF4VPhE6FKN9rnQsD7_CGCojyHAtepi5bgjlyzv8-CPvAtjKTqEWMqo_v_lqKELlLZH9JluTyPkluSijfSc5B6geif_l4JZybsml6Sp6afCdezxHHC29E_SZbL1f8rRmhZ5GOfbZZ_n6iPK-bxLF4-a6eRxyCGMg11T3OD6yVxx95PAmKK74vkraCp1yr1MXAZam-sYz
hxxp://89[.]197[.]154[.]116:7810/uqJGHUwrS78sDS0MS1T7tgXBsnWhX4xAVZJFI1SPbOYVhxJyZLzpG6NPUsL5r4P8vi-KwUFL27BB5PLq1x4Pt2yg-ESb6Zsm9qTKPLHpkTITPsA
Metasploit




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://global-protect[.]us/encrypthub/ram/ hxxps://global-protect[.]us/encrypthub/ram/ram[.]exe hxxps://global-protect[.]us/encrypthub/ram/runner[.]ps1 hxxps://mexfex[.]com/ussr/joy[.]exe	Rhadamanthys
URL	hxxp://15[.]235[.]203[.]212/5433/mydreamgirlsheismybestgirleveriseenwithherlovergood[.]gIF hxxp://15[.]235[.]203[.]212/5433/nuwm/mydreamgirlsheismybestgirleveriseenwithherlovergood[.]hta hxxp://198[.]23[.]187[.]150/231/cann[.]exe hxxp://198[.]23[.]187[.]150/xampp/caba/createdbestgirlfriendwholovesmealotwithme[.]hta hxxp://185[.]29[.]10[.]30/xampp/koc/ck/nicegirlsheverynicepersonalitygoodbeautifulgirlfrined[.]hta hxxp://172[.]245[.]123[.]86/770/niceskillwithbetterservicegoodgirlmylover[.]txt hxxp://185[.]29[.]10[.]30/677/greatnicehingsbetterwithgoodthingsfornewwayofbest[.]txt hxxp://172[.]245[.]123[.]86/770/niceskillwithbetterservicegoodgirlmylover[.]gIF hxxp://54[.]37[.]131[.]240/114/goodofrmybestthingstogiveubestofthingsgood[.]txt hxxp://185[.]29[.]10[.]30/677/greatnicehingsbetterwithgoodthingsfornewwayofbest[.]gIF hxxp://217[.]160[.]163[.]113/99/creambestthingswhichnevergivebestthingsevergive[.]gIF hxxp://54[.]37[.]131[.]240/114/goodofrmybestthingstogiveubestofthingsgood[.]gIF hxxp://54[.]37[.]131[.]240/114/sew/goodofrmybestthingstogiveubestofthingsgood[.]hta hxxp://217[.]160[.]163[.]113/99/shme/creambestthingswhichnevergivebestthingsevergives[.]hta hxxp://172[.]245[.]123[.]86/770/sina/niceskillwithbetterservicegoodgirlmylover[.]hta hxxp://185[.]29[.]10[.]30/677/sumi/specialgiftmakewithbestlovershegoodforbestthingsgood[.]hta hxxp://15[.]235[.]203[.]212/5433/mydreamgirlsheismybestgirleveriseenwithherlovergood[.]txt hxxp://217[.]160[.]163[.]113/99/creambestthingswhichnevergivebestthingsevergive[.]txt hxxps://ilimed[.]ro/ufcu/streamingwealth/ssl[.]jpg hxxps://ilimed[.]ro/ufcu/streamingwealth/backupplan[.]jpg	Remcos
URL	hxxps://gopay[.]stockadv[.]com/fifbank[.]bin hxxp://47[.]99[.]93[.]43/jhas[.]exe hxxp://51[.]75[.]31[.]116/02[.]08[.]2022[.]exe hxxp://104[.]194[.]152[.]141/02[.]08[.]2022[.]exe hxxp://185[.]73[.]124[.]238/02[.]08[.]2022[.]exe hxxp://121[.]43[.]131[.]0:8888/02[.]08[.]2022[.]exe hxxp://124[.]222[.]48[.]227:1111/02[.]08[.]2022[.]exe hxxp://116[.]205[.]98[.]214:81/02[.]08[.]2022[.]exe hxxp://47[.]109[.]201[.]173:8888/02[.]08[.]2022[.]exe hxxp://150[.]158[.]33[.]10:50003/02[.]08[.]2022[.]exe hxxp://101[.]35[.]45[.]108:50001/02[.]08[.]2022[.]exe hxxp://39[.]100[.]64[.]169:8081/02[.]08[.]2022[.]exe hxxp://8[.]130[.]132[.]210:7777/02[.]08[.]2022[.]exe hxxp://101[.]35[.]228[.]105:11443/02[.]08[.]2022[.]exe hxxp://119[.]8[.]116[.]145:4444/02[.]08[.]2022[.]exe hxxp://119[.]8[.]116[.]145:8088/02[.]08[.]2022[.]exe hxxp://189[.]1[.]216[.]88/02[.]08[.]2022[.]exe hxxp://106[.]52[.]37[.]207:2233/02[.]08[.]2022[.]exe hxxp://34[.]78[.]33[.]28/02[.]08[.]2022[.]exe hxxp://91[.]188[.]254[.]116/02[.]08[.]2022[.]exe hxxp://193[.]150[.]70[.]7/02[.]08[.]2022[.]exe hxxp://116[.]205[.]98[.]214:8676/vNNK	Cobalt Strike
URL	hxxp://185[.]215[.]113[.]97/files/ReverseSheller/random[.]exe hxxp://185[.]215[.]113[.]97/files/5814572372/nAEqBMS[.]exe hxxp://185[.]215[.]113[.]97/files/1961451777/q8viZ0W[.]exe hxxp://185[.]215[.]113[.]97/files/6691015685/1VB7gm8[.]exe hxxp://185[.]215[.]113[.]97/files/5803047068/69LRIU5[.]exe hxxps://github[.]com/mailclone2500/stealer/raw/refs/heads/main/LinkedinTuVanDat[.]exe hxxps://forwardxinspiration[.]today/api hxxps://importenptoc[.]com/api hxxps://digittaldreams[.]cyou/api hxxps://cozyhomevpibes[.]cyou/api hxxp://185[.]215[.]113[.]97/files/7788061076/L65uNi1[.]exe hxxp://185[.]215[.]113[.]97/files/7788061076/af53YGc[.]exe hxxps://bitbucket[.]org/emjsjs/azzzhh/downloads/sv279[.]exe hxxp://185[.]215[.]113[.]97/files/osint1618/random[.]exe hxxp://185[.]215[.]113[.]97/files/6875802221/1AWhJsY[.]exe hxxps://infernoenjoyer[.]cfd/1[.]zip hxxps://modernakdventure[.]cyou/api hxxps://lightffntasy[.]help/api hxxps://cozycojrner[.]cyou/api hxxps://tranqnuilserenity[.]pics/api hxxps://greenearoth[.]cyou/api hxxps://mixermixedo[.]click/api hxxps://ignoredshee[.]com/api hxxps://pennyspinng[.]shop/api hxxps://overwrougemny[.]shop/api hxxps://vastactionu[.]shop/api hxxps://relymowyiny[.]shop/api hxxps://islandtosecod[.]shop/api hxxps://majestimowwer[.]shop/api hxxps://disgustingxtta[.]shop/api hxxps://ambigtiousgoals[.]cyou/api hxxps://fixxyplanterv[.]click/api hxxps://currencarjh[.]click/api hxxps://connect-cdn-api[.]tastinessrebaterunny[.]shop/guba[.]png hxxps://connect-cdn-api[.]tastinessrebaterunny[.]shop/ziba[.]map hxxps://connect-cdn-api[.]tastinessrebaterunny[.]shop/ruba[.]bpl hxxp://nopaste[.]net/5N0WWuwk3d hxxps://nopaste[.]net/31gmoyUfdI hxxps://nopaste[.]net/gFFvm8SLzB hxxps://kvndbb3[.]com/g[.]exe hxxps://pxlayfulpets[.]cyou/api hxxps://ditgitaldream[.]click/api hxxps://coczyhome[.]cyou/api hxxps://modebrnartistry[.]cyou/api hxxps://activheharmony[.]cyou/api hxxps://thritvingnature[.]click/api hxxps://qcleveridea[.]cyou/api	Lumma Stealer
URL	hxxp://185[.]215[.]113[.]97/files/748049926/GjZwgbz[.]exe	SystemBC
URL	hxxps://check[.]zovy[.]site/gkcxv[.]google hxxps://check[.]aaao[.]site/gkcxv[.]google hxxps://check[.]eiau[.]site/gkcxv[.]google hxxps://check[.]ueyu[.]site/gkcxv[.]google hxxps://check[.]ouyo[.]site/gkcxv[.]google hxxps://check[.]ooia[.]site/gkcxv[.]google hxxps://check[.]cvdub[.]site/gkcxv[.]google?i=0e8bb4ba-1c00-4581-a976-8f86083269f1 hxxps://check[.]cvdub[.]site/gkcxv[.]google?i=188c2a1a-bf4e-4c2b-9d63-60407f338d12 hxxps://check[.]cvdub[.]site/gkcxv[.]google?i=de885d54-bfcd-47e2-a0d8-43054753663f hxxps://check[.]yiui[.]site/gkcxv[.]google?i=c0b6fb47-ef83-415e-bbf1-61dea66be1f3 hxxps://check[.]byzi[.]site/gkcxv[.]google hxxps://check[.]euuue[.]site/gkcxv[.]google?i=e0a285fb-d3c0-4a94-ba37-85292479a0da hxxps://check[.]yiui[.]site/gkcxv[.]google?i=c4ad26fe-f98d-43ea-b9d6-1091cc6be014%20check[.]yiui[.]site hxxps://check[.]budu[.]site/gkcxv[.]google?i=1bdb82b9-86d9-4358-a730-d1fbdc7481d5 hxxps://check[.]euuue[.]site/gkcxv[.]google?i=01b4fc6e-3540-4717-9806-c19e7485f8ea hxxps://check[.]yiui[.]site/gkcxv[.]google?i=c4ad26fe-f98d-43ea-b9d6-1091cc6be014 hxxps://check[.]budu[.]site/gkcxv[.]google?i=7b88c62d-73f0-4f69-818f-4456aca3fae5 hxxps://check[.]budu[.]site/gkcxv[.]google?i=e3475c87-98a8-4f23-a839-a902062dfa20 hxxps://check[.]ouhoi[.]site/gkcxv[.]google	ClearFake
URL	hxxp://198[.]12[.]81[.]151/315/cann[.]exe hxxp://198[.]12[.]81[.]151/680/csee[.]exe hxxp://198[.]12[.]81[.]151/xampp/nvc/greatnamechangedwithgoodnews[.]hta hxxp://www[.]sxnjkai[.]icu/c07e/ hxxp://www[.]t45nj[.]net/c07e/ hxxp://www[.]toffer[.]xyz/c07e/ hxxp://www[.]utomation-tools-88072[.]bond/c07e/ hxxp://www[.]vaxmobile[.]solutions/c07e/ hxxp://www[.]viora[.]net/c07e/ hxxp://www[.]yememecoin[.]online/c07e/ hxxp://www[.]ystudy[.]tech/c07e/ hxxp://www[.]pps-36972[.]bond/c07e/ hxxp://www[.]pr8o4gu[.]xyz/c07e/ hxxp://www[.]qhealth[.]net/c07e/ hxxp://www[.]ragrantdelightsco[.]online/c07e/ hxxp://www[.]recisiongyn[.]net/c07e/ hxxp://www[.]riafactor[.]xyz/c07e/ hxxp://www[.]rightgroup[.]xyz/c07e/ hxxp://www[.]s-hoteles-en-benidorm-9n[.]today/c07e/ hxxp://www[.]sedlaptopsit[.]today/c07e/ hxxp://www[.]odspace[.]xyz/c07e/ hxxp://www[.]ong-ya[.]info/c07e/ hxxp://www[.]ontosesfericosmpaggoonline[.]xyz/c07e/ hxxp://www[.]ortgage-44158[.]bond/c07e/ hxxp://www[.]ostto[.]net/c07e/ hxxp://www[.]otorcycle-bikes-price[.]today/c07e/ hxxp://www[.]otorcycle-loans-50524[.]bond/c07e/ hxxp://www[.]pkbike[.]shop/c07e/ hxxp://www[.]pnsubscription[.]tech/c07e/ hxxp://www[.]iztrip[.]xyz/c07e/ hxxp://www[.]jvdn[.]online/c07e/ hxxp://www[.]k76[.]lat/c07e/ hxxp://www[.]kslot777wow[.]net/c07e/ hxxp://www[.]l-apartments-for-rent-9n[.]bond/c07e/ hxxp://www[.]laquepsoriasishelp[.]today/c07e/ hxxp://www[.]lara-stefano-wedding[.]info/c07e/ hxxp://www[.]nfluencer-marketing-33606[.]bond/c07e/ hxxp://www[.]nfluencer-marketing-41961[.]bond/c07e/ hxxp://www[.]nline-advertising-76975[.]bond/c07e/ hxxp://www[.]hebsidecollective[.]online/c07e/ hxxp://www[.]hestudentcompass[.]net/c07e/ hxxp://www[.]igitalskool[.]net/c07e/ hxxp://www[.]inglesdatingcourse2[.]today/c07e/ hxxp://www[.]ityheaven[.]webcam/c07e/ hxxp://www[.]itytkam[.]store/c07e/ hxxp://www[.]iu-vera-protezione[.]net/c07e/ hxxp://www[.]ivechatapps-8450599[.]zone/c07e/ hxxp://www[.]ivejasmin[.]photos/c07e/ hxxp://www[.]dcvrt[.]xyz/c07e/ hxxp://www[.]dtofuhouse[.]shop/c07e/ hxxp://www[.]edical-services-34002[.]bond/c07e/ hxxp://www[.]efi-5[.]vip/c07e/ hxxp://www[.]efiadvisor[.]net/c07e/ hxxp://www[.]elwincoastalcarpets[.]net/c07e/ hxxp://www[.]fza[.]xyz/c07e/ hxxp://www[.]gm2[.]biz/c07e/ hxxp://www[.]hanes[.]shop/c07e/ hxxp://www[.]aatahmineh6[.]info/c07e/ hxxp://www[.]ages-community-pravites[.]cloud/c07e/ hxxp://www[.]ango[.]xyz/c07e/ hxxp://www[.]anguage-courses-26145[.]bond/c07e/ hxxp://www[.]appyspuppys[.]store/c07e/ hxxp://www[.]arehouse-inventory-98063[.]bond/c07e/ hxxp://www[.]arehouse-work-best-in[.]today/c07e/ hxxp://www[.]ayday[.]today/c07e/ hxxp://www[.]commerce-14480[.]bond/c07e/ hxxp://www[.]0d8250a16e1[.]xyz/c07e/ hxxp://www[.]88av2908[.]xyz/c07e/ hxxps://ilimed[.]ro/ufcu/streamingwealth/onetribe[.]bin	Formbook
URL	hxxps://github[.]com/shram88/setup/raw/main/bin2[.]exe hxxps://github[.]com/belyy-git/KaraHOOK/raw/refs/heads/master/cHSzTDjVl[.]exe hxxp://79[.]110[.]49[.]155/cyb1/index[.]php	Azorult
URL	hxxps://github[.]com/zoax33/Utils/raw/refs/heads/master/savedecrypter[.]exe	Nanocore RAT
URL	hxxp://185[.]215[.]113[.]115/68b591d6548ec281/softokn3[.]dll hxxps://global-protect[.]us/encrypthub/stealc/stealc[.]exe hxxp://179[.]43[.]142[.]99/6bad8dda11fd59df/vcruntime140[.]dll hxxp://5[.]42[.]92[.]215/a5a762673348bc06/vcruntime140[.]dll hxxp://77[.]239[.]101[.]217/f60898bca117b180[.]php hxxps://172[.]86[.]70[.]117/58edf5f2a726adf8/sqlite3[.]dll hxxp://185[.]215[.]113[.]115/68b591d6548ec281/sqlite3[.]dll hxxp://179[.]43[.]162[.]125/ac1767bd0d56c4c8/sqlite3[.]dll	Stealc
URL	hxxp://62[.]133[.]60[.]69:7777/confirmj[.]com/NetworkEmailBackupWizardControllerSetup[.]msi	DanaBot
URL	hxxp://62[.]133[.]60[.]69:7777/confirmj[.]com/Captcha hxxp://62[.]133[.]60[.]69:7777/confirm2[.]com/Captcha hxxps://zoomlu[.]shop/iklominiach[.]cda	Emmenhtal
URL	hxxp://data3[.]info:8080/farm/settup[.]msi hxxp://193[.]233[.]22[.]171:8080/farm/settup[.]msi	MetaStealer
URL	hxxps://stormyclouds[.]xyz/YTE5MzQ1ZWRkZjY1/ hxxps://otomatikbahcesulamasistemi[.]xyz/fHTKmZhmwRmq/ hxxps://tarimsalverimsulamayontemi[.]xyz/fHTKmZhmwRmq/ hxxps://damlamasulamateknolojileri[.]xyz/fHTKmZhmwRmq/ hxxps://akillitarimsulamasistemleri[.]xyz/fHTKmZhmwRmq/ hxxps://modernciftliksulamayontemi[.]xyz/fHTKmZhmwRmq/ hxxps://verimlisulamataktikveyontem[.]xyz/fHTKmZhmwRmq/ hxxps://tarlaotomatiksulamasistemleri[.]xyz/fHTKmZhmwRmq/ hxxps://bahceveseraotomasyonsulama[.]xyz/fHTKmZhmwRmq/ hxxps://sudepolamaveverimsulama[.]xyz/fHTKmZhmwRmq/ hxxps://bitkisulamastratejiler[.]xyz/fHTKmZhmwRmq/ hxxps://sebzesulamasistemcozumleri[.]xyz/fHTKmZhmwRmq/ hxxps://akillibahcesulamauretimi[.]xyz/fHTKmZhmwRmq/ hxxps://gelenekseltarimsulamamodeli[.]xyz/fHTKmZhmwRmq/ hxxps://sulamaekipmanlariurunleri[.]xyz/fHTKmZhmwRmq/ hxxps://akillidamlamaotomasyonsistemi[.]xyz/fHTKmZhmwRmq/ hxxps://pratikverimlibitkisulama[.]xyz/fHTKmZhmwRmq/ hxxps://topraksizserasulamasistemi[.]xyz/fHTKmZhmwRmq/ hxxps://otomatiksektorelbitkisulama[.]xyz/fHTKmZhmwRmq/ hxxps://verimlitarlavemodernsulama[.]xyz/fHTKmZhmwRmq/ hxxps://bitkisagliginagoresulama[.]xyz/fHTKmZhmwRmq/ hxxps://bluemoonland[.]xyz/MzZkNTliNTU4NDhl/	Coper
URL	hxxps://imitrex24[.]com/fxghx[.]dll	Latrodectus
URL	hxxp://222[.]189[.]122[.]225:32849/Mozi[.]m hxxp://45[.]115[.]89[.]110:37918/Mozi[.]m hxxp://45[.]115[.]89[.]241:41029/Mozi[.]m	Mozi
URL	hxxp://cattozzo[.]it/cro[.]bin hxxp://195[.]211[.]190[.]132/pFQlFz130[.]bin hxxp://85[.]209[.]128[.]213/VfSTv225[.]bin hxxp://195[.]211[.]190[.]186/BJXzDhdOYvjbNKHUA56[.]bin hxxp://195[.]211[.]190[.]186/zXgaEVGFQskwWBwRHSpXsJdbkl247[.]bin	CloudEyE
URL	hxxp://149[.]28[.]156[.]249/tmpya	Dofloo
URL	hxxp://723486cm[.]nyashnyash[.]ru/httpApidownloads[.]php hxxp://necobox[.]ru/L1nc0In[.]php hxxp://623127cm[.]nyashk[.]ru/linuxWindows[.]php hxxp://703035cm[.]nyashk[.]ru/ExternaleternalVmJavascriptgeneratorlocal[.]php hxxp://62[.]109[.]31[.]116/Generatorjstest/linuxDump/1Vmlongpollsecure/DumpGeoprocessordump/auth8protect/6MariadbLongpollDb/LineTestCpu/update/2GameSecure3/bigloadgame/TestPoll/universal0Temporary/Securelinux/dlepublicPipeApi/testprovidervoiddb/To0wordpressLongpoll/6/0processWpprocess/Downloads/PolldatalifeLocalPublic[.]php hxxp://115653cm[.]shnyash[.]ru/secureHttppacketcpuwindowsasyncdatalife[.]php hxxp://955792cm[.]nyashk[.]ru/ImageVideo_HttpPacketprocessprocessorservercentraldownloads[.]php hxxp://568327cm[.]shnyash[.]ru/trafficWp[.]php hxxp://web3373[.]craft-host[.]ru/Javascriptgeo[.]php hxxp://82[.]146[.]37[.]234/Downloads/SecureSecureuniversal2/securetemp11/BaseApi/Image/5/PhpSqlBase/Auth/WordpressEternal/pollsecurelongpolldb[.]php hxxp://samsuka[.]ru/EternalBigloadUniversalDleUploads[.]php hxxp://91[.]92[.]42[.]1/7/Eternal_Eternal5/_server/HttpprotectMulti/Dump/3pollVm/1/BetterUniversalProcessorHttp/Processor/providerProtectTraffic/updateprocessor/External_Server/Voiddb/7DleflowerJavascript/PipelongpollWordpress/protonprocessorVideo/7Secure/Low/videoAuthBaseWindowsdatalifeTemporary[.]php	DCRat
URL	hxxps://scionoutmatchsmoked[.]shop/b313d4a4588bd2e7bc9ece877caba58a[.]png hxxp://185[.]215[.]113[.]97/files/6691015685/Bjkm5hE[.]exe hxxp://yodartustteam[.]xyz/lem[.]exe	Vidar
URL	hxxps://github[.]com/HonkShefter/sundshefter/raw/refs/heads/main/Update[.]exe	NjRAT
URL	hxxp://iejkbmggndnekad[.]top/1[.]php hxxps://pilulespascher[.]top/work/index[.]php hxxps://pilulespascher[.]top/work/original[.]js hxxps://pilulespascher[.]top/work/file[.]php hxxps://lakestreetsolar[.]com/33[.]zip hxxps://xxo[.]colo[.]oystergarden[.]net/editContent hxxps://telback[.]com/5t5y[.]js hxxps://telback[.]com/js[.]php hxxp://emildeeeabebggm[.]top/1[.]php hxxps://hub[.]unlimitedcashflowevent[.]com/profileLayout	FAKEUPDATES
URL	hxxp://185[.]215[.]113[.]40/sega/random[.]exe hxxp://185[.]215[.]113[.]209/vcruntime140[.]dll hxxp://185[.]215[.]113[.]209/softokn3[.]dll hxxp://138[.]201[.]203[.]107/9bDc8sQ/index[.]php	Amadey
URL	hxxp://82[.]66[.]207[.]146/Steam[.]exe	XWorm
URL	hxxp://touxzw[.]ir/jay/five/fre[.]php hxxp://touxzw[.]ir/jay/five/PvqDq929BSx_A_D_M1n_a[.]php hxxps://touxzw[.]ir/jay/five/PvqDq929BSx_A_D_M1n_a[.]php	LokiBot
URL	hxxp://185[.]215[.]113[.]40/doku/random[.]exe hxxp://212[.]34[.]135[.]153/fester/countrycompetitivepro[.]zip	RedLine Stealer
URL	hxxp://195[.]211[.]190[.]186/yqXjbcPNn92[.]bin hxxps://api[.]telegram[.]org/bot8061096285:AAEYYo-FdY3VzqcT3L8EdN5KV_wk8MmCyiw/sendMessage?chat_id=6557702940 hxxps://api[.]telegram[.]org/bot7877050495:AAGvQgvVWi81kRnueu9bRetmq_FmSvNT1TI/sendMessage?chat_id=6055880871	Snake Keylogger
URL	hxxps://u2[.]fondnesssprayamiable[.]shop/cp_sh[.]eml hxxps://u3[.]fondnesssprayamiable[.]shop/scar_int[.]bin	HijackLoader
URL	hxxp://185[.]81[.]68[.]156/z[.]exe	TinyNuke
URL	hxxps://api[.]telegram[.]org/bot7807349280:AAE29sJBJnMYIauQ3X9DXHIUE0WXDkDnSGY/sendMessage?chat_id=8081247323	DarkCloud
URL	hxxps://browser-storage[.]com/install[.]sh	AMOS
URL	hxxps://ggnmcomas[.]site/dev/client[.]bin hxxps://gmoosomnoem[.]site/dev/client[.]bin hxxps://gmnormails[.]site/dev/client[.]bin hxxps://mncomgom[.]site/dev/client[.]bin hxxps://nasanecesoi[.]site/dev/client[.]bin hxxps://gmoocsoom[.]site/dev/client[.]bin hxxp://updatetiker[.]site/dev/client[.]bin hxxp://updatetiker[.]site/dev/dev[.]sh hxxp://updatetiker[.]site/dev/test[.]sh hxxps://gmcomamz[.]site/dev/client[.]bin hxxps://gsoonmann[.]site/dev/client[.]bin hxxp://152[.]32[.]138[.]108/dev/client[.]bin hxxps://namerowem[.]site/dev/client[.]bin hxxps://gmoonsom[.]site/dev/client[.]bin hxxps://gmoonsom[.]site/dev/dev[.]sh hxxps://gsoonmann[.]site/dev/dev[.]sh hxxps://gmoosomnoem[.]site/dev/dev[.]sh hxxps://ggnmcomas[.]site/dev/dev[.]sh hxxps://nasanecesoi[.]site/dev/dev[.]sh hxxps://gmnormails[.]site/dev/dev[.]sh hxxps://namerowem[.]site/dev/test[.]sh hxxps://nasanecesoi[.]site/dev/test[.]sh hxxps://gmnormails[.]site/dev/test[.]sh hxxps://ggnmcomas[.]site/dev/test[.]sh hxxps://gsoonmann[.]site/dev/test[.]sh hxxps://gmcomamz[.]site/dev/dev[.]sh hxxps://mncomgom[.]site/dev/test[.]sh hxxp://152[.]32[.]138[.]108/dev/dev[.]sh hxxps://mncomgom[.]site/dev/dev[.]sh hxxps://gmoocsoom[.]site/dev/dev[.]sh hxxps://namerowem[.]site/dev/dev[.]sh hxxps://gmgnsecmoi[.]site/dev/dev[.]sh hxxps://gmcomamz[.]site/dev/test[.]sh hxxps://gmoocsoom[.]site/dev/test[.]sh hxxp://152[.]32[.]138[.]108/dev/test[.]sh hxxps://gmoosomnoem[.]site/dev/test[.]sh hxxps://gmoonsom[.]site/dev/test[.]sh hxxps://gmgnsecmoi[.]site/dev/test[.]sh hxxps://gmgnsecmoi[.]site/dev/client[.]bin	SparkRAT
URL	hxxp://89[.]187[.]140[.]237:1338/xmrig/xmrig_win32 hxxp://89[.]187[.]140[.]237:1338/xmrig/xmrig_linux2 hxxp://89[.]187[.]140[.]237:1338/xmrig/xmrig_darwin	XMRig
URL	hxxp://46[.]8[.]78[.]172/untitled2[.]exe hxxp://185[.]215[.]113[.]66/64[.]exe hxxp://222[.]129[.]239[.]32:8085/Photo[.]scr hxxp://222[.]129[.]239[.]32:8085/AV[.]scr hxxp://222[.]129[.]239[.]32:8085/Video[.]scr hxxp://200[.]14[.]250[.]72/BLJYSVHW/IMG001[.]exe hxxp://221[.]233[.]47[.]26:8081/AV[.]scr hxxp://221[.]236[.]125[.]189:8000/AV[.]scr hxxp://221[.]233[.]47[.]19:8081/AV[.]scr hxxp://221[.]233[.]47[.]19:8081/Video[.]scr hxxp://221[.]233[.]47[.]19:8081/Photo[.]scr hxxp://221[.]233[.]47[.]26:8081/Photo[.]scr hxxp://221[.]233[.]47[.]26:8081/Video[.]scr hxxp://222[.]129[.]238[.]80:8085/Video[.]scr hxxp://222[.]129[.]238[.]80:8085/AV[.]scr hxxp://222[.]129[.]238[.]80:8085/Photo[.]scr hxxp://47[.]106[.]217[.]147:8080/Video[.]scr hxxp://47[.]106[.]217[.]147:8080/Photo[.]scr hxxp://111[.]176[.]22[.]0:8081/AV[.]scr hxxp://119[.]178[.]149[.]124:8888/Photo[.]scr hxxp://111[.]176[.]22[.]0:8081/Video[.]scr hxxp://47[.]106[.]217[.]147:8080/AV[.]scr hxxp://118[.]119[.]32[.]27:81/Photo[.]scr hxxp://118[.]119[.]32[.]27:81/Video[.]scr hxxp://111[.]176[.]22[.]0:8081/Photo[.]scr hxxp://119[.]178[.]149[.]124:8888/AV[.]scr hxxp://116[.]133[.]72[.]61:20000/AV[.]scr hxxp://116[.]133[.]72[.]61:20000/Video[.]scr hxxp://116[.]133[.]72[.]61:20000/Photo[.]scr hxxp://118[.]119[.]32[.]27:81/AV[.]scr hxxp://119[.]178[.]149[.]124:8888/Video[.]scr	Coinminer
URL	hxxps://ilimed[.]ro/ufcu/streamingwealth/onedrives[.]bin hxxps://api[.]telegram[.]org/bot5019103854:AAHucpCsuoHfPSmzNdwO7ZF0KH52dPfSqqc/sendMessage hxxps://api[.]telegram[.]org/bot7510448331:AAHCytY6_57dVl2jrU6mtcIyGbcE2spzJjg/sendMessage hxxps://api[.]telegram[.]org/bot7874496080:AAGuPYfNep3wFkcSC3Q_wev1OwFHhNk_Jak/sendMessage	AsyncRAT
URL	hxxp://91[.]240[.]118[.]49/forsale/silk[.]exe	Socks5 Systemz
URL	hxxp://194[.]85[.]251[.]8/bins/vNERT7ptzUXsbGcLyZZqaT4Q7WZma4MkfR hxxp://194[.]85[.]251[.]8/bins/maEV1BbTVhWMSHOSdr4HSbVLaEjr0hdzXH hxxp://194[.]85[.]251[.]8/bins/bUsb4gayg5H8V87OIFr888JhClaThhjeKl hxxp://194[.]85[.]251[.]8/bins/c1Dpgdbq7RxwNoxl7bFqBTiqszwisHsEap hxxp://194[.]85[.]251[.]8/bins/slN2UKRlFOwcVbUG8YFynt8S2YoVAqxOwu hxxp://194[.]85[.]251[.]8/bins/OLjti0GOd59XUJmxdyryr6FmndpJMH4Pgq hxxp://194[.]85[.]251[.]8/bins/RXn1mT544bA0qdZrL8ythyMoJ5yanJ37WA hxxp://194[.]85[.]251[.]8/bins/yXdvltLo46FgSOBfHuj6sBShT8xLC2QdhL hxxp://194[.]85[.]251[.]8/bins/Alz5fhInW8SaYvStbTDGqPoXSyQka6Y5SQ hxxp://194[.]85[.]251[.]8/bins/eFLpRblzfb3gVEvlZNxaNf3trxxWsQSyLi hxxp://194[.]85[.]251[.]8/bins/nsuXqzq8FCvqT3hKTtAkEertkIqVXxPnmI hxxp://194[.]85[.]251[.]8/bins/dCkz4QdqPn4uRRQ7MyKlU6UJ3PXs6oBOnz hxxp://194[.]85[.]251[.]8/bins/wMcwlOto8iEV1A1EZs30VBjmT4IazdnXzd hxxp://194[.]85[.]251[.]8/bins/COdMFq5gOT30LJDdG37evxSzjqHS0G9OyR	XOR DDoS
URL	hxxp://googlevoice[.]net/l	GobRAT
URL	hxxp://212[.]192[.]14[.]109/Documents/gay[.]png[.]lnk hxxp://212[.]192[.]14[.]109/Documents/Test[.]pdf[.]lnk hxxp://212[.]192[.]14[.]109/Documents/tesyt[.]lnk	QakBot
URL	hxxp://home[.]fivepp5sb[.]top/joLepLgSzIBRhlkJbQYx17	CryptBot
URL	hxxp://176[.]65[.]137[.]193/sex[.]sh hxxp://176[.]65[.]137[.]193/arm61	Bashlite
URL	hxxp://89[.]197[.]154[.]116:7810/g3N8pPnEF4VPhE6FKN9rnQsD7_CGCojyHAtepi5bgjlyzv8-CPvAtjKTqEWMqo_v_lqKELlLZH9JluTyPkluSijfSc5B6geif_l4JZybsml6Sp6afCdezxHHC29E_SZbL1f8rRmhZ5GOfbZZ_n6iPK-bxLF4-a6eRxyCGMg11T3OD6yVxx95PAmKK74vkraCp1yr1MXAZam-sYz hxxp://89[.]197[.]154[.]116:7810/uqJGHUwrS78sDS0MS1T7tgXBsnWhX4xAVZJFI1SPbOYVhxJyZLzpG6NPUsL5r4P8vi-KwUFL27BB5PLq1x4Pt2yg-ESb6Zsm9qTKPLHpkTITPsA	Metasploit

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております