D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様21社: 2023/03/10
※2023/03/10 更新
マルウェア感染させると考えられるURLを検知（2023/03/10）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://172[.]245[.]135[.]141/sammie[.]exe
hxxp://192[.]3[.]101[.]160/708/vbc[.]exe
hxxp://192[.]3[.]101[.]160/709/vbc[.]exe
hxxp://23[.]94[.]231[.]188/7971/vbc[.]exe
hxxp://23[.]94[.]231[.]188/8180/vbc[.]exe
hxxps://rollodoors[.]com/FwkrYHRQMYigbJIaxtQdb87[.]java
hxxp://192[.]3[.]194[.]46/obinna[.]exe
hxxp://107[.]172[.]4[.]169/uy/cr7[.]exe
Agent Tesla


URL
hxxps://merfs[.]fun/java/centos/33940/10032b[.]exe
hxxp://94[.]142[.]138[.]182/0jVu73d/Plugins/clip64[.]dll
hxxp://94[.]142[.]138[.]182/0jVu73d/Plugins/cred64[.]dll
hxxp://77[.]91[.]78[.]17/0jVu73d/Plugins/cred64[.]dll
hxxp://77[.]91[.]78[.]17/0jVu73d/Plugins/clip64[.]dll
hxxp://193[.]56[.]146[.]218/images/IMG_489440/Plugins/cred64[.]dll
hxxp://193[.]56[.]146[.]218/images/IMG_489440/Plugins/clip64[.]dll
hxxps://miyyf[.]world/java/centos/33940/10032b[.]exe
hxxp://193[.]42[.]33[.]28/0bjdn2Z/Login[.]php
hxxp://specialblue[.]in/dF30Hn4m/Login[.]php
hxxp://31[.]41[.]244[.]200/games/category/index[.]php
hxxps://miyyf[.]world/gallery/photo_004[.]exe
Amadey


URL
hxxp://45[.]9[.]74[.]87/auth
hxxp://94[.]142[.]138[.]185/auth
hxxp://94[.]142[.]138[.]176/auth
hxxp://89[.]208[.]142[.]245/auth
hxxp://94[.]131[.]112[.]108/auth
Aurora Stealer


URL
hxxp://46[.]183[.]222[.]115/Roth2/Panel/index[.]php
Azorult


URL
hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]arm7
Bashlite


URL
hxxps://adobe-l[.]com/b326b5062b2f0e69046810717534cb90[.]php
BATLOADER


URL
hxxps://lbhandlesystem[.]com/Axiom/set[.]php
Bitter RAT


URL
hxxp://84[.]38[.]130[.]165/Ligning199[.]inf
hxxp://84[.]38[.]130[.]165/Pristallen[.]prx
CloudEyE


URL
hxxps://43[.]154[.]207[.]209:8089/www/handle/doc
hxxp://AWS-S3[.]NET/jquery-3[.]3[.]1[.]min[.]js
hxxps://45[.]76[.]107[.]226/owa/
hxxps://sportiffcity[.]com/Divide/favicon[.]ico/N9ODQFIZV
hxxp://49[.]4[.]88[.]243:8089/dot[.]gif
hxxp://49[.]232[.]222[.]254:20001/__utm[.]gif
hxxps://ccbsec[.]ccb[.]fyi/api/info
hxxp://39[.]98[.]182[.]254/pixel
hxxp://124[.]220[.]45[.]192/ca
hxxp://40[.]88[.]43[.]171/ga[.]js
hxxps://www[.]csconn[.]cc:8443/aaaaaaaaa
hxxps://23[.]106[.]215[.]241/Understand/v3[.]49/L7VSMFRMKGXH
hxxps://kayevabunu[.]com/Understand/v3[.]49/L7VSMFRMKGXH
hxxp://101[.]35[.]18[.]189/updates[.]rss
hxxps://vsrssup[.]com/tab_shop[.]js
hxxps://94[.]232[.]46[.]27/ptj
hxxps://seeusdt[.]com/activity
hxxps://120[.]79[.]244[.]61/static/woodpecker[.]js
hxxp://81[.]19[.]135[.]48/j[.]ad
hxxp://193[.]56[.]146[.]161:8080/image/
hxxps://1[.]116[.]3[.]85:1443/www/handle/doc
hxxp://143[.]42[.]120[.]56:8086/category/research-2/
hxxp://43[.]143[.]195[.]119/ptj
hxxp://49[.]232[.]22[.]171/fwlink
Cobalt Strike


URL
hxxp://lahrom42[.]top/gate[.]php
CryptBot


URL
hxxp://88314[.]cllt[.]nyashteam[.]top/nyashsupport[.]php
hxxp://89[.]23[.]110[.]215/CdnGenerator/Uploads/PrivateSql/Db/Public/Vm7Uploadseternal/BigloadMulti6/71Server/Flowereternal/Default5secure/PipeupdateKesha32[.]php
hxxp://65[.]21[.]251[.]86/DumpmultiPacketwp/universal/8DbvoiddbPipe/JavascriptlowTest/update1secureCentral/local/1pipe/Dump0Low3/JsVoiddb1multi/apiDumpExternal/Lowprovider/GeoProton/Protect/eternal/LinuxDownloadsMulti4/external/6JsDumpprovider/To18Cdn/Mariadb/phpPolllinux[.]php
hxxp://198939[.]clmonth[.]nyashteam[.]top/defaultwordpresswpPublic[.]php
DCRat


URL
hxxps://parnas[.]rent/ebcc974e24/AGN/
hxxp://www[.]garrett[.]kz/faq/OneqxLnCFRgtiOXoo/
hxxps://wandmaster[.]net/bitrix/FLx/
hxxp://mealux[.]by/personal/i2l4DLYTQAhh1ZuQof/
hxxps://modern-city[.]by/bitrix/Bov/
hxxps://as-auto[.]su/eshop_app/HH2j9SH/
hxxp://news[.]coin[.]su/personal/OzsyCyDFCfANBPNvH/
hxxp://arlex[.]su/services/WSxJ50NpOv7W/
hxxp://mtp[.]evotek[.]vn/wp-content/L/?214340
hxxp://mama-mia[.]su/images/HNh3uWHxHCdqwQvBj/
hxxps://chefshop[.]kz/bitrix/i7TCSWqoZ93MWdb/
hxxp://igryshka[.]com/about/TV/
hxxps://kanzler-style[.]com/images/TKzFbbTT/
hxxps://maxidom[.]su/ufabon/1ucxMrl5AiGKl1yy/
hxxp://kgsn[.]su/wp-includes/i65VIMRf/
hxxps://bugry[.]rent/2dec45dbc6/Elg6rjXOOxX/
hxxp://heyharryworldwide[.]com/cgi-bin/Jms7gw/
hxxps://schaublorenz[.]su/auth/8B4JqBrKAGX/
hxxps://www[.]kakadu[.]by/news/7h1iV2qbu/
hxxp://1it[.]fit/site_vp/uv4LLIIDH/
hxxp://procraft[.]com/wp-content/R4Bkr8bQSo/
hxxps://bonita[.]pro/services/6njgHqkwYuu/
hxxp://rref[.]su/uchastniki/aO44/
hxxp://schaublorenz[.]su/auth/8B4JqBrKAGX/
hxxps://studyrf[.]com/information/wrzZ/
hxxps://kroner[.]pro/wp-includes/wzYUuHY2h/
hxxps://mi-shop[.]fi/store/U3XHjnJfGV/
hxxp://johnstewartstudies[.]org/clL1rQdzP1XCeJa5O3Z/
Emotet


URL
hxxps://4c44f[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent
hxxps://a4c86[.]tool[.]pearldentalgroup[.]ca/subscribeEvent
FAKEUPDATES


URL
hxxp://84[.]38[.]130[.]165/Enzym[.]mix
hxxp://179[.]43[.]175[.]187/ksjy/Rats[.]exe
hxxp://179[.]43[.]175[.]187/ksjy/Rat[.]exe
Formbook


URL
hxxp://www[.]dwf72[.]go[.]th/connect/index[.]php
hxxps://inthbc[.]com/scarica/contratto[.]zip
hxxps://inthbc[.]com/scarica/impresa[.]zip
hxxps://inthbc[.]com/scarica/cliente[.]zip
hxxps://inthbc[.]com/scarica/Direzione[.]zip
hxxps://inthbc[.]com/scarica/azienda[.]zip
hxxps://inthbc[.]com/scarica/AgenziaEntrate[.]zip
hxxp://saoudflowers[.]com/connect/index[.]php
hxxps://ohcalls[.]click2clock[.]com/scarica/contratto[.]zip
hxxps://ohcalls[.]click2clock[.]com/scarica/azienda[.]zip
hxxps://dominiqueimmora[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://dominiqueimmora[.]com/scarica/impresa[.]zip
hxxps://dominiqueimmora[.]com/scarica/cliente[.]zip
hxxps://dominiqueimmora[.]com/scarica/AgenziaEntrate[.]zip
hxxps://dominiqueimmora[.]com/scarica/azienda[.]zip
hxxps://dominiqueimmora[.]com/scarica/contratto[.]zip
hxxps://dominiqueimmora[.]com/scarica/Direzione[.]zip
hxxps://ohcalls[.]click2clock[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://ohcalls[.]click2clock[.]com/scarica/AgenziaEntrate[.]zip
hxxps://ohcalls[.]click2clock[.]com/scarica/cliente[.]zip
hxxps://ohcalls[.]click2clock[.]com/scarica/impresa[.]zip
hxxps://ohcalls[.]click2clock[.]com/scarica/Direzione[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/contratto[.]zip
hxxps://inthbc[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/Direzione[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/impresa[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/cliente[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/azienda[.]zip
hxxps://dev[.]goodstuffdist[.]com/scarica/AgenziaEntrate[.]zip
hxxps://stuniquehospital[.]com/scarica/Agenzia_Entrate[.]zip
Gozi


URL
hxxp://107[.]174[.]45[.]14/570/vbc[.]exe
hxxp://103[.]167[.]84[.]121/590/vbc[.]exe
hxxp://103[.]167[.]92[.]45/kung/GG18[.]exe
hxxp://85[.]31[.]45[.]28/m_00277/[.]win32[.]exe
hxxp://107[.]174[.]45[.]14/9070/vbc[.]exe
LokiBot


URL
hxxp://85[.]239[.]53[.]83/UHY/000
hxxp://85[.]239[.]54[.]236/P86/000
QakBot


URL
hxxps://mindfree[.]co[.]za/1/Recrypted[.]pif
Quasar RAT


URL
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
RecordBreaker


URL
hxxp://208[.]67[.]105[.]179/mollyzx[.]exe
hxxps://merfs[.]fun/gallery/photo_004[.]exe
hxxp://77[.]91[.]78[.]17/ChromeFIX_error[.]exe
hxxp://167[.]88[.]170[.]23/55551[.]exe
hxxps://ladejobi[.]com/Hasbro3311[.]exe
hxxp://31[.]41[.]244[.]200/DSC01489/foto0113[.]exe
RedLine Stealer


URL
hxxp://23[.]94[.]99[.]117/3591/vbc[.]exe
Remcos


URL
hxxp://akmedia[.]in/js/k/index[.]php
hxxp://bethesdaserukam[.]org/setting/k/index[.]php
hxxp://stemschools[.]in/js/k/index[.]php
hxxp://dejarestaurant[.]com/wp-admin/js/k/index[.]php
hxxp://moabscript[.]ir/wp-admin/js/k/index[.]php
hxxp://nicehybridseeds[.]com/image/catalog/k/index[.]php
hxxp://imaker[.]io/picktail/js/k/index[.]php
hxxp://nanavatisworld[.]com/assets/js/k/index[.]php
hxxp://smartbubox[.]com/img/k/index[.]php
hxxp://krigenpharmaceuticals[.]com/js/k/index[.]php
SmokeLoader


URL
hxxp://198[.]46[.]174[.]164/599/vbc[.]exe
Snake Keylogger


URL
hxxp://15[.]204[.]49[.]145/files/HAD[.]exe
Socelars


URL
hxxp://179[.]43[.]175[.]10/482ca91956745c96[.]php
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/mozglue[.]dll
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/msvcp140[.]dll
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/freebl3[.]dll
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/nss3[.]dll
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/softokn3[.]dll
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/vcruntime140[.]dll
hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/sqlite3[.]dll
Stealc




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://172[.]245[.]135[.]141/sammie[.]exe hxxp://192[.]3[.]101[.]160/708/vbc[.]exe hxxp://192[.]3[.]101[.]160/709/vbc[.]exe hxxp://23[.]94[.]231[.]188/7971/vbc[.]exe hxxp://23[.]94[.]231[.]188/8180/vbc[.]exe hxxps://rollodoors[.]com/FwkrYHRQMYigbJIaxtQdb87[.]java hxxp://192[.]3[.]194[.]46/obinna[.]exe hxxp://107[.]172[.]4[.]169/uy/cr7[.]exe	Agent Tesla
URL	hxxps://merfs[.]fun/java/centos/33940/10032b[.]exe hxxp://94[.]142[.]138[.]182/0jVu73d/Plugins/clip64[.]dll hxxp://94[.]142[.]138[.]182/0jVu73d/Plugins/cred64[.]dll hxxp://77[.]91[.]78[.]17/0jVu73d/Plugins/cred64[.]dll hxxp://77[.]91[.]78[.]17/0jVu73d/Plugins/clip64[.]dll hxxp://193[.]56[.]146[.]218/images/IMG_489440/Plugins/cred64[.]dll hxxp://193[.]56[.]146[.]218/images/IMG_489440/Plugins/clip64[.]dll hxxps://miyyf[.]world/java/centos/33940/10032b[.]exe hxxp://193[.]42[.]33[.]28/0bjdn2Z/Login[.]php hxxp://specialblue[.]in/dF30Hn4m/Login[.]php hxxp://31[.]41[.]244[.]200/games/category/index[.]php hxxps://miyyf[.]world/gallery/photo_004[.]exe	Amadey
URL	hxxp://45[.]9[.]74[.]87/auth hxxp://94[.]142[.]138[.]185/auth hxxp://94[.]142[.]138[.]176/auth hxxp://89[.]208[.]142[.]245/auth hxxp://94[.]131[.]112[.]108/auth	Aurora Stealer
URL	hxxp://46[.]183[.]222[.]115/Roth2/Panel/index[.]php	Azorult
URL	hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]arm7	Bashlite
URL	hxxps://adobe-l[.]com/b326b5062b2f0e69046810717534cb90[.]php	BATLOADER
URL	hxxps://lbhandlesystem[.]com/Axiom/set[.]php	Bitter RAT
URL	hxxp://84[.]38[.]130[.]165/Ligning199[.]inf hxxp://84[.]38[.]130[.]165/Pristallen[.]prx	CloudEyE
URL	hxxps://43[.]154[.]207[.]209:8089/www/handle/doc hxxp://AWS-S3[.]NET/jquery-3[.]3[.]1[.]min[.]js hxxps://45[.]76[.]107[.]226/owa/ hxxps://sportiffcity[.]com/Divide/favicon[.]ico/N9ODQFIZV hxxp://49[.]4[.]88[.]243:8089/dot[.]gif hxxp://49[.]232[.]222[.]254:20001/__utm[.]gif hxxps://ccbsec[.]ccb[.]fyi/api/info hxxp://39[.]98[.]182[.]254/pixel hxxp://124[.]220[.]45[.]192/ca hxxp://40[.]88[.]43[.]171/ga[.]js hxxps://www[.]csconn[.]cc:8443/aaaaaaaaa hxxps://23[.]106[.]215[.]241/Understand/v3[.]49/L7VSMFRMKGXH hxxps://kayevabunu[.]com/Understand/v3[.]49/L7VSMFRMKGXH hxxp://101[.]35[.]18[.]189/updates[.]rss hxxps://vsrssup[.]com/tab_shop[.]js hxxps://94[.]232[.]46[.]27/ptj hxxps://seeusdt[.]com/activity hxxps://120[.]79[.]244[.]61/static/woodpecker[.]js hxxp://81[.]19[.]135[.]48/j[.]ad hxxp://193[.]56[.]146[.]161:8080/image/ hxxps://1[.]116[.]3[.]85:1443/www/handle/doc hxxp://143[.]42[.]120[.]56:8086/category/research-2/ hxxp://43[.]143[.]195[.]119/ptj hxxp://49[.]232[.]22[.]171/fwlink	Cobalt Strike
URL	hxxp://lahrom42[.]top/gate[.]php	CryptBot
URL	hxxp://88314[.]cllt[.]nyashteam[.]top/nyashsupport[.]php hxxp://89[.]23[.]110[.]215/CdnGenerator/Uploads/PrivateSql/Db/Public/Vm7Uploadseternal/BigloadMulti6/71Server/Flowereternal/Default5secure/PipeupdateKesha32[.]php hxxp://65[.]21[.]251[.]86/DumpmultiPacketwp/universal/8DbvoiddbPipe/JavascriptlowTest/update1secureCentral/local/1pipe/Dump0Low3/JsVoiddb1multi/apiDumpExternal/Lowprovider/GeoProton/Protect/eternal/LinuxDownloadsMulti4/external/6JsDumpprovider/To18Cdn/Mariadb/phpPolllinux[.]php hxxp://198939[.]clmonth[.]nyashteam[.]top/defaultwordpresswpPublic[.]php	DCRat
URL	hxxps://parnas[.]rent/ebcc974e24/AGN/ hxxp://www[.]garrett[.]kz/faq/OneqxLnCFRgtiOXoo/ hxxps://wandmaster[.]net/bitrix/FLx/ hxxp://mealux[.]by/personal/i2l4DLYTQAhh1ZuQof/ hxxps://modern-city[.]by/bitrix/Bov/ hxxps://as-auto[.]su/eshop_app/HH2j9SH/ hxxp://news[.]coin[.]su/personal/OzsyCyDFCfANBPNvH/ hxxp://arlex[.]su/services/WSxJ50NpOv7W/ hxxp://mtp[.]evotek[.]vn/wp-content/L/?214340 hxxp://mama-mia[.]su/images/HNh3uWHxHCdqwQvBj/ hxxps://chefshop[.]kz/bitrix/i7TCSWqoZ93MWdb/ hxxp://igryshka[.]com/about/TV/ hxxps://kanzler-style[.]com/images/TKzFbbTT/ hxxps://maxidom[.]su/ufabon/1ucxMrl5AiGKl1yy/ hxxp://kgsn[.]su/wp-includes/i65VIMRf/ hxxps://bugry[.]rent/2dec45dbc6/Elg6rjXOOxX/ hxxp://heyharryworldwide[.]com/cgi-bin/Jms7gw/ hxxps://schaublorenz[.]su/auth/8B4JqBrKAGX/ hxxps://www[.]kakadu[.]by/news/7h1iV2qbu/ hxxp://1it[.]fit/site_vp/uv4LLIIDH/ hxxp://procraft[.]com/wp-content/R4Bkr8bQSo/ hxxps://bonita[.]pro/services/6njgHqkwYuu/ hxxp://rref[.]su/uchastniki/aO44/ hxxp://schaublorenz[.]su/auth/8B4JqBrKAGX/ hxxps://studyrf[.]com/information/wrzZ/ hxxps://kroner[.]pro/wp-includes/wzYUuHY2h/ hxxps://mi-shop[.]fi/store/U3XHjnJfGV/ hxxp://johnstewartstudies[.]org/clL1rQdzP1XCeJa5O3Z/	Emotet
URL	hxxps://4c44f[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent hxxps://a4c86[.]tool[.]pearldentalgroup[.]ca/subscribeEvent	FAKEUPDATES
URL	hxxp://84[.]38[.]130[.]165/Enzym[.]mix hxxp://179[.]43[.]175[.]187/ksjy/Rats[.]exe hxxp://179[.]43[.]175[.]187/ksjy/Rat[.]exe	Formbook
URL	hxxp://www[.]dwf72[.]go[.]th/connect/index[.]php hxxps://inthbc[.]com/scarica/contratto[.]zip hxxps://inthbc[.]com/scarica/impresa[.]zip hxxps://inthbc[.]com/scarica/cliente[.]zip hxxps://inthbc[.]com/scarica/Direzione[.]zip hxxps://inthbc[.]com/scarica/azienda[.]zip hxxps://inthbc[.]com/scarica/AgenziaEntrate[.]zip hxxp://saoudflowers[.]com/connect/index[.]php hxxps://ohcalls[.]click2clock[.]com/scarica/contratto[.]zip hxxps://ohcalls[.]click2clock[.]com/scarica/azienda[.]zip hxxps://dominiqueimmora[.]com/scarica/Agenzia_Entrate[.]zip hxxps://dominiqueimmora[.]com/scarica/impresa[.]zip hxxps://dominiqueimmora[.]com/scarica/cliente[.]zip hxxps://dominiqueimmora[.]com/scarica/AgenziaEntrate[.]zip hxxps://dominiqueimmora[.]com/scarica/azienda[.]zip hxxps://dominiqueimmora[.]com/scarica/contratto[.]zip hxxps://dominiqueimmora[.]com/scarica/Direzione[.]zip hxxps://ohcalls[.]click2clock[.]com/scarica/Agenzia_Entrate[.]zip hxxps://ohcalls[.]click2clock[.]com/scarica/AgenziaEntrate[.]zip hxxps://ohcalls[.]click2clock[.]com/scarica/cliente[.]zip hxxps://ohcalls[.]click2clock[.]com/scarica/impresa[.]zip hxxps://ohcalls[.]click2clock[.]com/scarica/Direzione[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/contratto[.]zip hxxps://inthbc[.]com/scarica/Agenzia_Entrate[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/Direzione[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/impresa[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/cliente[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/Agenzia_Entrate[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/azienda[.]zip hxxps://dev[.]goodstuffdist[.]com/scarica/AgenziaEntrate[.]zip hxxps://stuniquehospital[.]com/scarica/Agenzia_Entrate[.]zip	Gozi
URL	hxxp://107[.]174[.]45[.]14/570/vbc[.]exe hxxp://103[.]167[.]84[.]121/590/vbc[.]exe hxxp://103[.]167[.]92[.]45/kung/GG18[.]exe hxxp://85[.]31[.]45[.]28/m_00277/[.]win32[.]exe hxxp://107[.]174[.]45[.]14/9070/vbc[.]exe	LokiBot
URL	hxxp://85[.]239[.]53[.]83/UHY/000 hxxp://85[.]239[.]54[.]236/P86/000	QakBot
URL	hxxps://mindfree[.]co[.]za/1/Recrypted[.]pif	Quasar RAT
URL	hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://45[.]82[.]71[.]192/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll	RecordBreaker
URL	hxxp://208[.]67[.]105[.]179/mollyzx[.]exe hxxps://merfs[.]fun/gallery/photo_004[.]exe hxxp://77[.]91[.]78[.]17/ChromeFIX_error[.]exe hxxp://167[.]88[.]170[.]23/55551[.]exe hxxps://ladejobi[.]com/Hasbro3311[.]exe hxxp://31[.]41[.]244[.]200/DSC01489/foto0113[.]exe	RedLine Stealer
URL	hxxp://23[.]94[.]99[.]117/3591/vbc[.]exe	Remcos
URL	hxxp://akmedia[.]in/js/k/index[.]php hxxp://bethesdaserukam[.]org/setting/k/index[.]php hxxp://stemschools[.]in/js/k/index[.]php hxxp://dejarestaurant[.]com/wp-admin/js/k/index[.]php hxxp://moabscript[.]ir/wp-admin/js/k/index[.]php hxxp://nicehybridseeds[.]com/image/catalog/k/index[.]php hxxp://imaker[.]io/picktail/js/k/index[.]php hxxp://nanavatisworld[.]com/assets/js/k/index[.]php hxxp://smartbubox[.]com/img/k/index[.]php hxxp://krigenpharmaceuticals[.]com/js/k/index[.]php	SmokeLoader
URL	hxxp://198[.]46[.]174[.]164/599/vbc[.]exe	Snake Keylogger
URL	hxxp://15[.]204[.]49[.]145/files/HAD[.]exe	Socelars
URL	hxxp://179[.]43[.]175[.]10/482ca91956745c96[.]php hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/mozglue[.]dll hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/msvcp140[.]dll hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/freebl3[.]dll hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/nss3[.]dll hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/softokn3[.]dll hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/vcruntime140[.]dll hxxp://179[.]43[.]175[.]10/0feffcf7a685a01f/sqlite3[.]dll	Stealc

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております