D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2025/04/15
※2025/04/15 更新
マルウェア感染させると考えられるURLを検知（2025/04/15）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://u1[.]curtainfrown[.]shop/4ygormbjwr[.]aac
hxxps://u1[.]curtainfrown[.]shop/897c4ieb23[.]aac
hxxps://u1[.]curtainfrown[.]shop/7fchslzmvw[.]aac
hxxps://check[.]codux[.]icu/gkcxv[.]google
hxxps://u1[.]curtainfrown[.]shop/azqebjkqsz[.]aac
hxxps://u1[.]curtainfrown[.]shop/pibq6038wj[.]aac
hxxps://u1[.]curtainfrown[.]shop/wlwqgogsyh[.]aac
hxxps://check[.]kolac[.]icu/gkcxv[.]google
hxxps://u1[.]curtainfrown[.]shop/dwfv6qeggl[.]aac
hxxps://check[.]fegag[.]icu/gkcxv[.]google
hxxps://u1[.]unbentoverwrite[.]shop/iezyi4wo11[.]aac
hxxps://check[.]sipyf[.]icu/gkcxv[.]google
hxxps://u1[.]unbentoverwrite[.]shop/bs5hbqq20c[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/5cgkwp0dnl[.]aac
hxxps://check[.]symad[.]icu/gkcxv[.]google
hxxps://u1[.]unbentoverwrite[.]shop/1y9yohpxwd[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/fsjbhym3a3[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/klo119oiq9[.]aac
hxxps://check[.]vasih[.]icu/gkcxv[.]google
hxxps://u1[.]unbentoverwrite[.]shop/mnihswhyin[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/28qx34f8uo[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/8i0svwo8jr[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/kyhd04mv97[.]aac
hxxps://check[.]qevub[.]icu/gkcxv[.]google
hxxps://u1[.]unbentoverwrite[.]shop/z8iana7t8c[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/qf9nsdvh2k[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/khepn56cjq[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/du74xxhegv[.]aac
hxxps://check[.]wyzof[.]icu/gkcxv[.]google
hxxps://u1[.]unbentoverwrite[.]shop/oipctd9zaw[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/phpk0hq2g5[.]aac
hxxps://u1[.]unbentoverwrite[.]shop/q2runnxxbo[.]aac
ClearFake


URL
hxxps://moonlitwayq[.]run/qiod
hxxps://r1[.]juggleshiftless[.]live/bceff6c50e52949809b37dad0e10534d3a0c81682a3fb036[.]potm
hxxps://borderkjsyui[.]shop/api
hxxps://crackystart[.]help/api
hxxps://harmystpeo[.]help/api
hxxps://azestmodp[.]top/zeda
Lumma Stealer


URL
hxxp://92[.]255[.]85[.]2/pixel[.]exe
hxxp://92[.]255[.]85[.]2/rc[.]mp4
hxxp://92[.]255[.]85[.]2/nums[.]bat
XWorm


URL
hxxps://api[.]telegram[.]org/bot7694680589:AAH7v3RVHta216sxEJEjKVfvPtJtbLd9qY0/sendMessage?chat_id=7987531671
Snake Keylogger


URL
hxxps://hizliveguvenilirshopbutik[.]com/MzMxNzE5MjExY2Q3/
hxxps://pre234232iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/
hxxps://pre242252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/
hxxps://pre221252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/
hxxps://3413pre2343252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/
hxxps://532343252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/
hxxps://63343252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/
hxxps://lajungpopo[.]net/MmEzNTkzZDFkOWQz/
hxxps://odrikatkat[.]top/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvqqnews[.]com/M2EyOTM2M2FlY2My/
hxxps://topfexgg[.]top/MmEzNTkzZDFkOWQz/
Coper


URL
hxxps://jagsrus[.]com/5r6y[.]js
hxxps://skatkat[.]com/5r4y[.]js
hxxps://www[.]chamberscertifiedbookkeeping[.]com/profileLayout
FAKEUPDATES


URL
hxxps://venoxcontrol[.]com/api/install-failure
hxxp://postnews[.]club/cl[.]exe
hxxp://roundworld[.]club/app/app[.]exe
Glupteba


URL
hxxp://195[.]82[.]147[.]98/0Bdh3sQpbD/Login[.]php
Amadey


URL
hxxp://185[.]29[.]9[.]54/urXMLhyJFCopQdyIe114[.]bin
hxxp://192[.]210[.]150[.]28/2/MkudxzBVycinXpJmEUDMMGd251[.]bin
hxxp://192[.]210[.]150[.]28/1/vRTpeEEAKb245[.]bin
CloudEyE


URL
hxxp://ezd5el[.]jegast[.]com/Downloads/Presentation
hxxps://www[.]tyamile[.]ru/Downloads/Presentation
hxxp://webmail[.]vega101[.]com/Downloads/Presentation
hxxp://mail[.]allaeima[.]com/Downloads/Presentation
hxxp://cpanel[.]sinoceancn[.]com/Downloads/Presentation
hxxp://mail[.]landoradebalthazar[.]com/Downloads/Presentation
hxxp://cpcalendars[.]newprojectz[.]co/Downloads/Presentation
hxxp://mail[.]sinoceancn[.]com/Downloads/Presentation
hxxp://webdisk[.]7ntneg[.]com/Downloads/Presentation
hxxp://f9971[.]ketnplc[.]com/Downloads/Presentation
hxxp://www[.]sinoceancn[.]com/Downloads/Presentation
hxxp://mail[.]dsidnatech[.]com/Downloads/Presentation
hxxp://cpcalendars[.]ewsaustraila[.]com/Downloads/Presentation
hxxp://www[.]ketnplc[.]com/Downloads/Presentation
hxxp://cpcalendars[.]lamperll[.]com/Downloads/Presentation
hxxp://cpcontacts[.]singlelights[.]com/Downloads/Presentation
hxxp://www[.]newprojectz[.]co/Downloads/Presentation
hxxp://mail[.]argenexti[.]com/Downloads/Presentation
hxxp://bx[.]ewsaustraila[.]com/Downloads/Presentation
hxxp://mail[.]cis-dmc[.]com/Downloads/Presentation
hxxp://webmail[.]shrdihan[.]com/Downloads/Presentation
hxxp://mail[.]lamperll[.]com/Downloads/Presentation
hxxp://www[.]allaeima[.]com/Downloads/Presentation
Emmenhtal


URL
hxxp://mail[.]allaeima[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://ezd5el[.]jegast[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxps://www[.]tyamile[.]ru/Downloads/Cbqjobosim-Signed[.]exe
hxxp://webmail[.]vega101[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://cpcalendars[.]lamperll[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://cpanel[.]sinoceancn[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://mail[.]argenexti[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://mail[.]cis-dmc[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://www[.]newprojectz[.]co/Downloads/Cbqjobosim-Signed[.]exe
hxxp://mail[.]lamperll[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://www[.]allaeima[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://webdisk[.]7ntneg[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://www[.]ketnplc[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://cpcalendars[.]newprojectz[.]co/Downloads/Cbqjobosim-Signed[.]exe
hxxp://f9971[.]ketnplc[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://mail[.]landoradebalthazar[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://cpcontacts[.]singlelights[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://bx[.]ewsaustraila[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://www[.]sinoceancn[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://mail[.]dsidnatech[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://webmail[.]shrdihan[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://cpcalendars[.]ewsaustraila[.]com/Downloads/Cbqjobosim-Signed[.]exe
hxxp://mail[.]sinoceancn[.]com/Downloads/Cbqjobosim-Signed[.]exe
Ghost RAT


URL
hxxp://49[.]7[.]54[.]162:8443/jquery-3[.]3[.]2[.]min[.]js
hxxp://176[.]65[.]141[.]245/02[.]08[.]2022[.]exe
hxxp://196[.]251[.]87[.]226/02[.]08[.]2022[.]exe
hxxp://13[.]60[.]155[.]25/02[.]08[.]2022[.]exe
hxxp://154[.]8[.]160[.]34:8080/02[.]08[.]2022[.]exe
hxxp://1[.]94[.]37[.]223:8080/02[.]08[.]2022[.]exe
hxxp://62[.]234[.]24[.]38:9988/02[.]08[.]2022[.]exe
hxxp://112[.]124[.]68[.]87:8080/02[.]08[.]2022[.]exe
hxxp://118[.]178[.]128[.]98/02[.]08[.]2022[.]exe
hxxp://13[.]61[.]231[.]109/02[.]08[.]2022[.]exe
hxxp://82[.]156[.]190[.]69/02[.]08[.]2022[.]exe
hxxp://43[.]252[.]230[.]8:8080/02[.]08[.]2022[.]exe
hxxp://175[.]24[.]227[.]106/02[.]08[.]2022[.]exe
hxxp://162[.]14[.]110[.]82/02[.]08[.]2022[.]exe
hxxp://196[.]251[.]72[.]144/02[.]08[.]2022[.]exe
hxxp://8[.]153[.]206[.]47:8888/02[.]08[.]2022[.]exe
hxxp://8[.]210[.]78[.]137:81/02[.]08[.]2022[.]exe
hxxp://120[.]46[.]183[.]147:50081/02[.]08[.]2022[.]exe
hxxp://119[.]3[.]166[.]194:8082/02[.]08[.]2022[.]exe
hxxp://47[.]96[.]136[.]148:8222/02[.]08[.]2022[.]exe
hxxp://47[.]103[.]36[.]17:8090/02[.]08[.]2022[.]exe
hxxp://107[.]172[.]8[.]26/02[.]08[.]2022[.]exe
hxxp://192[.]3[.]211[.]196/02[.]08[.]2022[.]exe
hxxp://39[.]100[.]66[.]145:8082/02[.]08[.]2022[.]exe
hxxp://83[.]229[.]124[.]173:82/02[.]08[.]2022[.]exe
hxxp://47[.]121[.]123[.]96:4747/02[.]08[.]2022[.]exe
hxxp://103[.]119[.]47[.]243:8000/02[.]08[.]2022[.]exe
hxxp://39[.]106[.]72[.]191:28001/02[.]08[.]2022[.]exe
hxxp://43[.]139[.]233[.]218:8181/02[.]08[.]2022[.]exe
hxxp://101[.]43[.]91[.]156:18081/02[.]08[.]2022[.]exe
hxxp://176[.]65[.]138[.]202/02[.]08[.]2022[.]exe
hxxp://185[.]196[.]11[.]208/02[.]08[.]2022[.]exe
Cobalt Strike


URL
hxxp://147[.]45[.]221[.]109/Wcjeaqxsil[.]dat
AsyncRAT


URL
hxxp://www[.]tp-batik77-1[.]vip/hi13/
hxxp://www[.]tu1x120[.]top/hi13/
hxxp://www[.]tudiofoti[.]pro/hi13/
hxxp://www[.]uklor[.]shop/hi13/
hxxp://www[.]w-yudfjp[.]shop/hi13/
hxxp://www[.]x92q[.]top/hi13/
hxxp://www[.]xectgroup[.]net/hi13/
hxxp://www[.]xplosion-proof[.]lat/hi13/
hxxp://www[.]olidspot[.]shop/hi13/
hxxp://www[.]ompanion[.]bio/hi13/
hxxp://www[.]onety[.]skin/hi13/
hxxp://www[.]pb79kasy[.]vip/hi13/
hxxp://www[.]phones-br[.]sbs/hi13/
hxxp://www[.]rog[.]top/hi13/
hxxp://www[.]rtelegans[.]art/hi13/
hxxp://www[.]ry-prodentims[.]shop/hi13/
hxxp://www[.]t775[.]top/hi13/
hxxp://www[.]teelpath[.]shop/hi13/
hxxp://www[.]kfast[.]store/hi13/
hxxp://www[.]kpqh[.]town/hi13/
hxxp://www[.]looring-services329769[.]sbs/hi13/
hxxp://www[.]loud-sevice[.]click/hi13/
hxxp://www[.]lx2cbhe5vee0e1[.]xyz/hi13/
hxxp://www[.]movps[.]net/hi13/
hxxp://www[.]ndotoverf[.]pro/hi13/
hxxp://www[.]netuzio[.]xyz/hi13/
hxxp://www[.]nity-3d-development[.]dev/hi13/
hxxp://www[.]njjwh[.]info/hi13/
hxxp://www[.]erspacehealthandwellness[.]info/hi13/
hxxp://www[.]g1wszulqv7lc[.]xyz/hi13/
hxxp://www[.]gsp657[.]top/hi13/
hxxp://www[.]hagrinleemotooltechus[.]shop/hi13/
hxxp://www[.]hbnzk[.]cfd/hi13/
hxxp://www[.]iaolento12[.]sbs/hi13/
hxxp://www[.]igitalmilanolegacy[.]shop/hi13/
hxxp://www[.]inktrim[.]xyz/hi13/
hxxp://www[.]iralavinc[.]online/hi13/
hxxp://www[.]it4n1ar4t0k7o0[.]xyz/hi13/
hxxp://www[.]avakey[.]shop/hi13/
hxxp://www[.]ayarwarna21[.]live/hi13/
hxxp://www[.]ayeewenvqzqm[.]top/hi13/
hxxp://www[.]aysec[.]net/hi13/
hxxp://www[.]betka[.]xyz/hi13/
hxxp://www[.]cvaultshielded[.]live/hi13/
hxxp://www[.]elayrunway[.]shop/hi13/
hxxp://www[.]ellbar[.]shop/hi13/
hxxp://www[.]elvetvoiceskiresorts[.]website/hi13/
hxxp://www[.]enckubs[.]shop/hi13/
hxxp://www[.]8ln62[.]cfd/hi13/
hxxp://www[.]9882aa1216[.]autos/hi13/
hxxp://www[.]999game[.]website/hi13/
hxxp://www[.]9gi02[.]cfd/hi13/
hxxp://www[.]9ydygorig3l7z[.]xyz/hi13/
hxxp://www[.]aise-your-voice[.]sbs/hi13/
hxxp://www[.]akextow[.]net/hi13/
hxxp://www[.]anpack[.]shop/hi13/
hxxp://www[.]ardengoal[.]net/hi13/
hxxp://www[.]aser-skin-treatment-95250[.]bond/hi13/
hxxp://www[.]01411[.]club/hi13/
hxxp://www[.]130t[.]xyz/hi13/
hxxp://www[.]3a4p8gq8bojwn[.]xyz/hi13/
hxxp://www[.]5zbm0[.]cfd/hi13/
hxxp://www[.]66xq2[.]top/hi13/
hxxp://www[.]873013[.]xyz/hi13/
Formbook




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://u1[.]curtainfrown[.]shop/4ygormbjwr[.]aac hxxps://u1[.]curtainfrown[.]shop/897c4ieb23[.]aac hxxps://u1[.]curtainfrown[.]shop/7fchslzmvw[.]aac hxxps://check[.]codux[.]icu/gkcxv[.]google hxxps://u1[.]curtainfrown[.]shop/azqebjkqsz[.]aac hxxps://u1[.]curtainfrown[.]shop/pibq6038wj[.]aac hxxps://u1[.]curtainfrown[.]shop/wlwqgogsyh[.]aac hxxps://check[.]kolac[.]icu/gkcxv[.]google hxxps://u1[.]curtainfrown[.]shop/dwfv6qeggl[.]aac hxxps://check[.]fegag[.]icu/gkcxv[.]google hxxps://u1[.]unbentoverwrite[.]shop/iezyi4wo11[.]aac hxxps://check[.]sipyf[.]icu/gkcxv[.]google hxxps://u1[.]unbentoverwrite[.]shop/bs5hbqq20c[.]aac hxxps://u1[.]unbentoverwrite[.]shop/5cgkwp0dnl[.]aac hxxps://check[.]symad[.]icu/gkcxv[.]google hxxps://u1[.]unbentoverwrite[.]shop/1y9yohpxwd[.]aac hxxps://u1[.]unbentoverwrite[.]shop/fsjbhym3a3[.]aac hxxps://u1[.]unbentoverwrite[.]shop/klo119oiq9[.]aac hxxps://check[.]vasih[.]icu/gkcxv[.]google hxxps://u1[.]unbentoverwrite[.]shop/mnihswhyin[.]aac hxxps://u1[.]unbentoverwrite[.]shop/28qx34f8uo[.]aac hxxps://u1[.]unbentoverwrite[.]shop/8i0svwo8jr[.]aac hxxps://u1[.]unbentoverwrite[.]shop/kyhd04mv97[.]aac hxxps://check[.]qevub[.]icu/gkcxv[.]google hxxps://u1[.]unbentoverwrite[.]shop/z8iana7t8c[.]aac hxxps://u1[.]unbentoverwrite[.]shop/qf9nsdvh2k[.]aac hxxps://u1[.]unbentoverwrite[.]shop/khepn56cjq[.]aac hxxps://u1[.]unbentoverwrite[.]shop/du74xxhegv[.]aac hxxps://check[.]wyzof[.]icu/gkcxv[.]google hxxps://u1[.]unbentoverwrite[.]shop/oipctd9zaw[.]aac hxxps://u1[.]unbentoverwrite[.]shop/phpk0hq2g5[.]aac hxxps://u1[.]unbentoverwrite[.]shop/q2runnxxbo[.]aac	ClearFake
URL	hxxps://moonlitwayq[.]run/qiod hxxps://r1[.]juggleshiftless[.]live/bceff6c50e52949809b37dad0e10534d3a0c81682a3fb036[.]potm hxxps://borderkjsyui[.]shop/api hxxps://crackystart[.]help/api hxxps://harmystpeo[.]help/api hxxps://azestmodp[.]top/zeda	Lumma Stealer
URL	hxxp://92[.]255[.]85[.]2/pixel[.]exe hxxp://92[.]255[.]85[.]2/rc[.]mp4 hxxp://92[.]255[.]85[.]2/nums[.]bat	XWorm
URL	hxxps://api[.]telegram[.]org/bot7694680589:AAH7v3RVHta216sxEJEjKVfvPtJtbLd9qY0/sendMessage?chat_id=7987531671	Snake Keylogger
URL	hxxps://hizliveguvenilirshopbutik[.]com/MzMxNzE5MjExY2Q3/ hxxps://pre234232iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/ hxxps://pre242252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/ hxxps://pre221252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/ hxxps://3413pre2343252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/ hxxps://532343252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/ hxxps://63343252iumserviceds[.]xyz/MzMxNzE5MjExY2Q3/ hxxps://lajungpopo[.]net/MmEzNTkzZDFkOWQz/ hxxps://odrikatkat[.]top/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvqqnews[.]com/M2EyOTM2M2FlY2My/ hxxps://topfexgg[.]top/MmEzNTkzZDFkOWQz/	Coper
URL	hxxps://jagsrus[.]com/5r6y[.]js hxxps://skatkat[.]com/5r4y[.]js hxxps://www[.]chamberscertifiedbookkeeping[.]com/profileLayout	FAKEUPDATES
URL	hxxps://venoxcontrol[.]com/api/install-failure hxxp://postnews[.]club/cl[.]exe hxxp://roundworld[.]club/app/app[.]exe	Glupteba
URL	hxxp://195[.]82[.]147[.]98/0Bdh3sQpbD/Login[.]php	Amadey
URL	hxxp://185[.]29[.]9[.]54/urXMLhyJFCopQdyIe114[.]bin hxxp://192[.]210[.]150[.]28/2/MkudxzBVycinXpJmEUDMMGd251[.]bin hxxp://192[.]210[.]150[.]28/1/vRTpeEEAKb245[.]bin	CloudEyE
URL	hxxp://ezd5el[.]jegast[.]com/Downloads/Presentation hxxps://www[.]tyamile[.]ru/Downloads/Presentation hxxp://webmail[.]vega101[.]com/Downloads/Presentation hxxp://mail[.]allaeima[.]com/Downloads/Presentation hxxp://cpanel[.]sinoceancn[.]com/Downloads/Presentation hxxp://mail[.]landoradebalthazar[.]com/Downloads/Presentation hxxp://cpcalendars[.]newprojectz[.]co/Downloads/Presentation hxxp://mail[.]sinoceancn[.]com/Downloads/Presentation hxxp://webdisk[.]7ntneg[.]com/Downloads/Presentation hxxp://f9971[.]ketnplc[.]com/Downloads/Presentation hxxp://www[.]sinoceancn[.]com/Downloads/Presentation hxxp://mail[.]dsidnatech[.]com/Downloads/Presentation hxxp://cpcalendars[.]ewsaustraila[.]com/Downloads/Presentation hxxp://www[.]ketnplc[.]com/Downloads/Presentation hxxp://cpcalendars[.]lamperll[.]com/Downloads/Presentation hxxp://cpcontacts[.]singlelights[.]com/Downloads/Presentation hxxp://www[.]newprojectz[.]co/Downloads/Presentation hxxp://mail[.]argenexti[.]com/Downloads/Presentation hxxp://bx[.]ewsaustraila[.]com/Downloads/Presentation hxxp://mail[.]cis-dmc[.]com/Downloads/Presentation hxxp://webmail[.]shrdihan[.]com/Downloads/Presentation hxxp://mail[.]lamperll[.]com/Downloads/Presentation hxxp://www[.]allaeima[.]com/Downloads/Presentation	Emmenhtal
URL	hxxp://mail[.]allaeima[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://ezd5el[.]jegast[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxps://www[.]tyamile[.]ru/Downloads/Cbqjobosim-Signed[.]exe hxxp://webmail[.]vega101[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://cpcalendars[.]lamperll[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://cpanel[.]sinoceancn[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://mail[.]argenexti[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://mail[.]cis-dmc[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://www[.]newprojectz[.]co/Downloads/Cbqjobosim-Signed[.]exe hxxp://mail[.]lamperll[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://www[.]allaeima[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://webdisk[.]7ntneg[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://www[.]ketnplc[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://cpcalendars[.]newprojectz[.]co/Downloads/Cbqjobosim-Signed[.]exe hxxp://f9971[.]ketnplc[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://mail[.]landoradebalthazar[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://cpcontacts[.]singlelights[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://bx[.]ewsaustraila[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://www[.]sinoceancn[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://mail[.]dsidnatech[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://webmail[.]shrdihan[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://cpcalendars[.]ewsaustraila[.]com/Downloads/Cbqjobosim-Signed[.]exe hxxp://mail[.]sinoceancn[.]com/Downloads/Cbqjobosim-Signed[.]exe	Ghost RAT
URL	hxxp://49[.]7[.]54[.]162:8443/jquery-3[.]3[.]2[.]min[.]js hxxp://176[.]65[.]141[.]245/02[.]08[.]2022[.]exe hxxp://196[.]251[.]87[.]226/02[.]08[.]2022[.]exe hxxp://13[.]60[.]155[.]25/02[.]08[.]2022[.]exe hxxp://154[.]8[.]160[.]34:8080/02[.]08[.]2022[.]exe hxxp://1[.]94[.]37[.]223:8080/02[.]08[.]2022[.]exe hxxp://62[.]234[.]24[.]38:9988/02[.]08[.]2022[.]exe hxxp://112[.]124[.]68[.]87:8080/02[.]08[.]2022[.]exe hxxp://118[.]178[.]128[.]98/02[.]08[.]2022[.]exe hxxp://13[.]61[.]231[.]109/02[.]08[.]2022[.]exe hxxp://82[.]156[.]190[.]69/02[.]08[.]2022[.]exe hxxp://43[.]252[.]230[.]8:8080/02[.]08[.]2022[.]exe hxxp://175[.]24[.]227[.]106/02[.]08[.]2022[.]exe hxxp://162[.]14[.]110[.]82/02[.]08[.]2022[.]exe hxxp://196[.]251[.]72[.]144/02[.]08[.]2022[.]exe hxxp://8[.]153[.]206[.]47:8888/02[.]08[.]2022[.]exe hxxp://8[.]210[.]78[.]137:81/02[.]08[.]2022[.]exe hxxp://120[.]46[.]183[.]147:50081/02[.]08[.]2022[.]exe hxxp://119[.]3[.]166[.]194:8082/02[.]08[.]2022[.]exe hxxp://47[.]96[.]136[.]148:8222/02[.]08[.]2022[.]exe hxxp://47[.]103[.]36[.]17:8090/02[.]08[.]2022[.]exe hxxp://107[.]172[.]8[.]26/02[.]08[.]2022[.]exe hxxp://192[.]3[.]211[.]196/02[.]08[.]2022[.]exe hxxp://39[.]100[.]66[.]145:8082/02[.]08[.]2022[.]exe hxxp://83[.]229[.]124[.]173:82/02[.]08[.]2022[.]exe hxxp://47[.]121[.]123[.]96:4747/02[.]08[.]2022[.]exe hxxp://103[.]119[.]47[.]243:8000/02[.]08[.]2022[.]exe hxxp://39[.]106[.]72[.]191:28001/02[.]08[.]2022[.]exe hxxp://43[.]139[.]233[.]218:8181/02[.]08[.]2022[.]exe hxxp://101[.]43[.]91[.]156:18081/02[.]08[.]2022[.]exe hxxp://176[.]65[.]138[.]202/02[.]08[.]2022[.]exe hxxp://185[.]196[.]11[.]208/02[.]08[.]2022[.]exe	Cobalt Strike
URL	hxxp://147[.]45[.]221[.]109/Wcjeaqxsil[.]dat	AsyncRAT
URL	hxxp://www[.]tp-batik77-1[.]vip/hi13/ hxxp://www[.]tu1x120[.]top/hi13/ hxxp://www[.]tudiofoti[.]pro/hi13/ hxxp://www[.]uklor[.]shop/hi13/ hxxp://www[.]w-yudfjp[.]shop/hi13/ hxxp://www[.]x92q[.]top/hi13/ hxxp://www[.]xectgroup[.]net/hi13/ hxxp://www[.]xplosion-proof[.]lat/hi13/ hxxp://www[.]olidspot[.]shop/hi13/ hxxp://www[.]ompanion[.]bio/hi13/ hxxp://www[.]onety[.]skin/hi13/ hxxp://www[.]pb79kasy[.]vip/hi13/ hxxp://www[.]phones-br[.]sbs/hi13/ hxxp://www[.]rog[.]top/hi13/ hxxp://www[.]rtelegans[.]art/hi13/ hxxp://www[.]ry-prodentims[.]shop/hi13/ hxxp://www[.]t775[.]top/hi13/ hxxp://www[.]teelpath[.]shop/hi13/ hxxp://www[.]kfast[.]store/hi13/ hxxp://www[.]kpqh[.]town/hi13/ hxxp://www[.]looring-services329769[.]sbs/hi13/ hxxp://www[.]loud-sevice[.]click/hi13/ hxxp://www[.]lx2cbhe5vee0e1[.]xyz/hi13/ hxxp://www[.]movps[.]net/hi13/ hxxp://www[.]ndotoverf[.]pro/hi13/ hxxp://www[.]netuzio[.]xyz/hi13/ hxxp://www[.]nity-3d-development[.]dev/hi13/ hxxp://www[.]njjwh[.]info/hi13/ hxxp://www[.]erspacehealthandwellness[.]info/hi13/ hxxp://www[.]g1wszulqv7lc[.]xyz/hi13/ hxxp://www[.]gsp657[.]top/hi13/ hxxp://www[.]hagrinleemotooltechus[.]shop/hi13/ hxxp://www[.]hbnzk[.]cfd/hi13/ hxxp://www[.]iaolento12[.]sbs/hi13/ hxxp://www[.]igitalmilanolegacy[.]shop/hi13/ hxxp://www[.]inktrim[.]xyz/hi13/ hxxp://www[.]iralavinc[.]online/hi13/ hxxp://www[.]it4n1ar4t0k7o0[.]xyz/hi13/ hxxp://www[.]avakey[.]shop/hi13/ hxxp://www[.]ayarwarna21[.]live/hi13/ hxxp://www[.]ayeewenvqzqm[.]top/hi13/ hxxp://www[.]aysec[.]net/hi13/ hxxp://www[.]betka[.]xyz/hi13/ hxxp://www[.]cvaultshielded[.]live/hi13/ hxxp://www[.]elayrunway[.]shop/hi13/ hxxp://www[.]ellbar[.]shop/hi13/ hxxp://www[.]elvetvoiceskiresorts[.]website/hi13/ hxxp://www[.]enckubs[.]shop/hi13/ hxxp://www[.]8ln62[.]cfd/hi13/ hxxp://www[.]9882aa1216[.]autos/hi13/ hxxp://www[.]999game[.]website/hi13/ hxxp://www[.]9gi02[.]cfd/hi13/ hxxp://www[.]9ydygorig3l7z[.]xyz/hi13/ hxxp://www[.]aise-your-voice[.]sbs/hi13/ hxxp://www[.]akextow[.]net/hi13/ hxxp://www[.]anpack[.]shop/hi13/ hxxp://www[.]ardengoal[.]net/hi13/ hxxp://www[.]aser-skin-treatment-95250[.]bond/hi13/ hxxp://www[.]01411[.]club/hi13/ hxxp://www[.]130t[.]xyz/hi13/ hxxp://www[.]3a4p8gq8bojwn[.]xyz/hi13/ hxxp://www[.]5zbm0[.]cfd/hi13/ hxxp://www[.]66xq2[.]top/hi13/ hxxp://www[.]873013[.]xyz/hi13/	Formbook

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております