D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2023/08/14
※2023/08/14 更新
マルウェア感染させると考えられるURLを検知（2023/08/14）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://194[.]180[.]48[.]72/SDR[.]exe
hxxp://5[.]255[.]107[.]172/forum/images/158[.]exe
Lumma Stealer


URL
hxxp://198[.]23[.]187[.]135/180/AdobeSettings[.]exe
hxxp://194[.]55[.]224[.]13/_errorpages/koob7[.]doc
hxxp://194[.]55[.]224[.]13/_errorpages/koob7[.]exe
hxxp://104[.]168[.]46[.]25/890/oj/hkcmds[.]exe
hxxp://66[.]154[.]113[.]5/YcnXUmeAnjrR38[.]bin
CloudEyE


URL
hxxp://318145cm[.]nyashkoon[.]top/nyashsupport[.]php
hxxp://185[.]161[.]251[.]195/7BaseDbPoll/1/Test/provider/processorDefault[.]php
hxxp://860618cm[.]nyashkoon[.]top/nyashsupport[.]php
hxxp://857224cm[.]nyashkoon[.]top/nyashsupport[.]php
hxxp://933858cm[.]nyashkoon[.]top/nyashsupport[.]php
hxxp://188[.]120[.]224[.]186/7datalifeTest/JsMultiauthVideo/78/processorLocal/Sql/DleSqlProvidersecure/8gamePrivate/Apiphpuniversal/Server_video/serverTest5Public/7Testasync/dumpUploads7/Temp8/video/js3multi/Central1/cpuProviderJs/Dbserver3/9Pipe/Javascriptdle[.]php
hxxp://185[.]182[.]111[.]66/JavascriptLow[.]php
DCRat


URL
hxxps://ndrjb[.]timeline[.]transversallearning[.]com/editContent
hxxps://qpq[.]plan[.]gemmadeealexander[.]com/editContent
hxxps://jjrdv[.]timeline[.]transversallearning[.]com/editContent
hxxps://lbq[.]timeline[.]transversallearning[.]com/editContent
hxxps://bejlc[.]timeline[.]transversallearning[.]com/editContent
hxxps://fxhwx[.]timeline[.]transversallearning[.]com/editContent
hxxps://sgsr[.]timeline[.]transversallearning[.]com/editContent
hxxps://cin[.]timeline[.]transversallearning[.]com/editContent
hxxps://qdx[.]timeline[.]transversallearning[.]com/editContent
hxxps://nkh[.]timeline[.]transversallearning[.]com/editContent
hxxps://pkho[.]timeline[.]transversallearning[.]com/editContent
hxxps://gstatick[.]com/tFvG7M
hxxps://nnvic[.]timeline[.]transversallearning[.]com/editContent
hxxps://x64[.]nvize[.]com/MHp2C0tYFWJUWEw5BU9aKUJYTClIHBt6Vh8ffhIH
hxxps://x64[.]nvize[.]com/4expF5rOCn6FzlMl1NlFNZKYDGfD1kt2j40FbpuJNnGRzkU1k85TNZaGS2o=
FAKEUPDATES


URL
hxxps://62[.]234[.]206[.]247:8888/www/handle/doc
hxxps://210[.]209[.]125[.]194/www/handle/doc
hxxp://138[.]197[.]10[.]20/pixel
hxxp://121[.]127[.]249[.]136/fwlink
hxxp://124[.]70[.]129[.]64:9090/pixel
hxxp://43[.]134[.]114[.]253/updates[.]rss
hxxps://198[.]46[.]226[.]96/IE9CompatViewList[.]xml
hxxp://42[.]192[.]86[.]94:8888/IE9CompatViewList[.]xml
hxxp://77[.]105[.]146[.]38/cx
hxxp://152[.]136[.]35[.]240/j[.]ad
hxxp://120[.]46[.]187[.]180:6666/g[.]pixel
hxxp://cs-go[.]btpanel[.]asia/c/msdownload/update/others/2016/12/29136388_
hxxp://144[.]202[.]44[.]90:4444/g[.]pixel
hxxp://94[.]156[.]253[.]25:8081/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://2[.]59[.]254[.]192:8081/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxps://94[.]156[.]253[.]25/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://image[.]baiduu[.]org/load
hxxps://107[.]172[.]190[.]126/g[.]pixel
hxxps://118[.]195[.]157[.]85/pixel[.]gif
hxxp://101[.]43[.]103[.]253:8008/ptj
hxxp://45[.]95[.]172[.]83/ptj
hxxp://62[.]234[.]182[.]35:7003/en_US/all[.]js
hxxp://154[.]90[.]57[.]70/match
hxxp://94[.]156[.]253[.]25/en_US/all[.]js
hxxps://vps[.]cpple[.]tk:4433/match
hxxps://23[.]234[.]254[.]155:4433/g[.]pixel
hxxp://154[.]90[.]57[.]70/load
hxxp://nesanocige[.]us:443/files/favicon[.]ico
hxxp://149[.]129[.]72[.]37:8880/g[.]pixel
hxxp://36[.]140[.]61[.]132:8080/IE9CompatViewList[.]xml
hxxps://103[.]44[.]244[.]230/pixel
hxxps://198[.]46[.]226[.]96/visit[.]js
hxxps://154[.]9[.]253[.]54/api/3
hxxps://23[.]92[.]208[.]51/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://175[.]178[.]80[.]121:8001/ga[.]js
hxxps://farulig[.]us/kj[.]html
hxxps://43[.]134[.]114[.]253/match
hxxp://20[.]106[.]253[.]207/cm
hxxps://94[.]131[.]113[.]69/updates[.]rss
hxxps://128[.]1[.]134[.]49/IE9CompatViewList[.]xml
hxxp://42[.]51[.]45[.]187:8888/match
hxxps://149[.]129[.]72[.]37:8142/ptj
hxxps://64[.]94[.]211[.]20/en_US/all[.]js
hxxps://ys035[.]tv/jquery-3[.]3[.]1[.]min[.]js
hxxp://128[.]1[.]134[.]49:50001/jquery-3[.]3[.]1[.]min[.]js
hxxps://182[.]92[.]77[.]74/recite/v9[.]52/6FCQ3UVD9
hxxps://stela-artua[.]xyz/c/msdownload/update/others/2020/10/29136388_
hxxps://45[.]85[.]77[.]189/pixel
hxxp://45[.]85[.]77[.]189:8080/fwlink
hxxps://37[.]139[.]129[.]44:1433/jquery-3[.]3[.]1[.]min[.]js
hxxp://139[.]196[.]47[.]225:8023/api/3
hxxp://23[.]234[.]200[.]144:18882/i5Vi
hxxp://23[.]234[.]200[.]144:18882/activity
hxxps://182[.]92[.]77[.]74:8443/recite/v9[.]52/6FCQ3UVD9
hxxp://42[.]51[.]40[.]232:8086/match
hxxp://124[.]220[.]182[.]36/ptj
hxxps://37[.]139[.]129[.]44/jquery-3[.]3[.]1[.]min[.]js
hxxps://1[.]117[.]176[.]254/pixel
hxxp://1[.]117[.]176[.]254/IE9CompatViewList[.]xml
Cobalt Strike


URL
hxxp://23[.]94[.]148[.]61/978/gucc[.]exe
hxxp://2[.]59[.]254[.]18/_errorpages/stanzx[.]exe
hxxp://94[.]156[.]161[.]167/tl/izs45[.]txt
hxxp://94[.]156[.]161[.]167/IFB[.]vbs
hxxp://23[.]94[.]148[.]61/450/msedge[.]exe
hxxp://23[.]94[.]148[.]61/977/gucc[.]exe
hxxp://193[.]233[.]255[.]9/lend/blackfridaydiscount[.]exe
hxxp://94[.]156[.]253[.]108/exe/aaao[.]exe
hxxps://emojied[.]net/%F0%9F%98%82%F0%9F%98%A1%F0%9F%99%82%F0%9F%99%8A%F0%9F%98%A7%F0%9F%99%82
hxxp://23[.]94[.]148[.]61/wii/2/000000000000000%23%23%23%23%23%23%23%23%23%23%23%23%23%23000000000000000000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300000000000[.]doc
Agent Tesla


URL
hxxp://80[.]76[.]51[.]248/azzo[.]txt
hxxp://80[.]76[.]51[.]248/azzo[.]vbs
hxxp://103[.]16[.]225[.]211/F118S/wininit[.]exe
hxxp://103[.]16[.]225[.]211/W098T/wininit[.]exe
Formbook


URL
hxxp://5[.]255[.]107[.]172/forum/images/159[.]exe
hxxps://www[.]medichiccenter[.]com/wp-content/plugins/polylang/include/djdffvj[.]exe
hxxp://193[.]109[.]85[.]112/djdffvj[.]exe
Rhadamanthys


URL
hxxps://www[.]apex[.]ps/public/old[.]exe
hxxps://apex[.]ps/public/old[.]exe
Meterpreter


URL
hxxp://onedirve[.]info/wis2war[.]vbs
WSHRAT


URL
hxxp://94[.]156[.]6[.]203/Downloads/drop-updater[.]lnk
hxxps://sterlingfundinginc[.]com/wp-content/uploads/2022/01/local-upd[.]url
hxxp://sterlingfundinginc[.]com/wp-content/uploads/2023/03/en-local(downloader-upd)silent[.]zip
hxxp://sterlingfundinginc[.]com/wp-content/uploads/2022/03/en-win-update[.]msi
hxxp://irenosolutions[.]com/wp-content/uploads/wpcode/cache/files/en-local(download(upd-chr-mz-ed)[.]zip
hxxp://81[.]161[.]229[.]138/Downloads/Install%20Updater%20(win-stable)-compatibility(mac)[.]lnk
hxxps://irenosolutions[.]com/wp-content/uploads/wpcode/cache/twilighttwilight[.]hta
hxxps://irenosolutions[.]com/wp-content/uploads/wpcode/secretion[.]zip
hxxps://www[.]redconsultora[.]com/campus/portfolio/relaxation[.]hta
hxxps://www[.]redconsultora[.]com/campus/portfolio/download/download-update(silent)[.]url
hxxp://81[.]161[.]229[.]138/Downloads/drop-updater[.]lnk
hxxps://www[.]redconsultora[.]com/campus/forestry[.]zip
hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/05/SquirellApp[.]zip
hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/06/coverage[.]hta
hxxp://81[.]161[.]229[.]138/Downloads/building-packer[.]lnk
hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/07/download-package(win)[.]url
hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/05/client32[.]exe
hxxps://xcelcareers[.]com/wp-content/uploads/2019/04/downloader-V[.]url
hxxps://xcelcareers[.]com/wp-content/uploads/2014/09/Environment[.]zip
hxxps://xcelcareers[.]com/wp-content/uploads/2018/12/miracle[.]hta
hxxp://81[.]161[.]229[.]138/Downloads/representative[.]lnk
hxxps://xcelcareers[.]com/wp-content/uploads/2014/09/client32[.]exe
hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/05/xcvcxvxcvv[.]hta
hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/07/en-win-local(up-download)[.]url
hxxp://81[.]161[.]229[.]138/Downloads/bld-upd-stbl[.]lnk
hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/04/FilanCorp[.]zip
hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/04/client32[.]exe
NetSupportManager RAT


URL
hxxp://gcl-page[.]biz/check[.]php
hxxp://gcl-page[.]biz/stats/save[.]php
CCleaner Backdoor


URL
hxxp://209[.]250[.]242[.]222:3003/file[.]exe
hxxp://199[.]247[.]24[.]9:3002/file[.]exe
hxxp://194[.]169[.]175[.]233:3002/file[.]exe
hxxp://194[.]169[.]175[.]233:3003/file[.]exe
RedLine Stealer


URL
hxxp://193[.]233[.]255[.]9/lend/build32[.]exe
Coinminer


URL
hxxp://193[.]233[.]255[.]9/lend/EpilogStrongyls[.]exe
Quasar RAT


URL
hxxp://npskudlu[.]com/x64win[.]dll
SystemBC


URL
hxxps://lightyearsaheads[.]com/sui[.]exe
Fabookie


URL
hxxp://5[.]42[.]66[.]1/l/getReasonData
Emotet


URL
hxxp://45[.]9[.]74[.]70/2BfwEn6KgTm/index[.]php
hxxp://77[.]91[.]68[.]18/nice/index[.]php
hxxp://77[.]91[.]124[.]231/info/photo551[.]exe
hxxp://77[.]91[.]68[.]18/nice/Plugins/clip64[.]dll
hxxp://45[.]9[.]74[.]70/2BfwEn6KgTm/Plugins/cred64[.]dll
hxxp://45[.]9[.]74[.]70/2BfwEn6KgTm/Plugins/clip64[.]dll
hxxp://smz-llc[.]net/2BfwEnWXSKj6KgTm/index[.]php
hxxp://smz-llc[.]net/2BfwEnWXSKj6KgTm/Plugins/cred64[.]dll
hxxp://smz-llc[.]net/2BfwEnWXSKj6KgTm/Plugins/clip64[.]dll
hxxp://3[.]0[.]0[.]88/2BfwEn6KgTm/index[.]php
Amadey


URL
hxxp://162[.]240[.]100[.]114/x-8[.]6-[.]Sakura
hxxp://162[.]240[.]100[.]114/x-3[.]2-[.]Sakura
hxxp://162[.]240[.]100[.]114/s-h[.]4-[.]Sakura
hxxp://162[.]240[.]100[.]114/i-5[.]8-6[.]Sakura
hxxp://162[.]240[.]100[.]114/a-r[.]m-5[.]Sakura
hxxp://162[.]240[.]100[.]114/m-i[.]p-s[.]Sakura
hxxp://162[.]240[.]100[.]114/a-r[.]m-7[.]Sakura
hxxp://162[.]240[.]100[.]114/a-r[.]m-6[.]Sakura
hxxp://162[.]240[.]100[.]114/m-p[.]s-l[.]Sakura
hxxp://162[.]240[.]100[.]114/a-r[.]m-4[.]Sakura
hxxp://162[.]240[.]100[.]114/p-p[.]c-[.]Sakura
hxxp://162[.]240[.]100[.]114/m-6[.]8-k[.]Sakura
hxxp://94[.]156[.]102[.]166/x-8[.]6[.]blaze
Bashlite


URL
hxxp://216[.]128[.]145[.]196/~wellseconds/?p=529497154189253
hxxp://216[.]128[.]145[.]196/~wellseconds/?p=060773029
hxxp://136[.]243[.]159[.]53/~element/page[.]php?id=172
LokiBot


URL
hxxp://103[.]74[.]104[.]213/W098T/YV8xEFq6858Firy[.]exe
hxxp://103[.]74[.]104[.]213/W098T/smss[.]exe
neshta


URL
hxxp://79[.]137[.]192[.]18/toolspub2[.]exe
hxxp://moknex158[.]xyz/rh111[.]exe
SmokeLoader


URL
hxxp://79[.]137[.]192[.]18/31839b57a4f11171d6abc8bbc4451ee4[.]exe
hxxp://45[.]9[.]74[.]80/31839b57a4f11171d6abc8bbc4451ee4[.]exe
Glupteba


URL
hxxp://5[.]42[.]64[.]12/4e815d9f1ec482dd[.]php
hxxp://193[.]233[.]255[.]9/lend/oncestatistic[.]exe
Stealc


URL
hxxp://onedirve[.]info//11111[.]exe
hxxp://onedirve[.]info/11111[.]exe
hxxp://23[.]94[.]239[.]89/test/iii[.]exe
Remcos


URL
hxxps://storage[.]webfiledata[.]com/ui_static[.]js?ver=uimskczl1yrgokj8hzcmju
Parrot TDS


URL
hxxp://onedirve[.]info/2222222[.]exe
Warzone RAT


URL
hxxps://bripst[.]com/32[.]exe
hxxp://193[.]233[.]255[.]9/lend/build666[.]exe
Arkei Stealer


URL
hxxp://csbo1[.]shop/MSB01/index[.]php
Azorult




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://194[.]180[.]48[.]72/SDR[.]exe hxxp://5[.]255[.]107[.]172/forum/images/158[.]exe	Lumma Stealer
URL	hxxp://198[.]23[.]187[.]135/180/AdobeSettings[.]exe hxxp://194[.]55[.]224[.]13/_errorpages/koob7[.]doc hxxp://194[.]55[.]224[.]13/_errorpages/koob7[.]exe hxxp://104[.]168[.]46[.]25/890/oj/hkcmds[.]exe hxxp://66[.]154[.]113[.]5/YcnXUmeAnjrR38[.]bin	CloudEyE
URL	hxxp://318145cm[.]nyashkoon[.]top/nyashsupport[.]php hxxp://185[.]161[.]251[.]195/7BaseDbPoll/1/Test/provider/processorDefault[.]php hxxp://860618cm[.]nyashkoon[.]top/nyashsupport[.]php hxxp://857224cm[.]nyashkoon[.]top/nyashsupport[.]php hxxp://933858cm[.]nyashkoon[.]top/nyashsupport[.]php hxxp://188[.]120[.]224[.]186/7datalifeTest/JsMultiauthVideo/78/processorLocal/Sql/DleSqlProvidersecure/8gamePrivate/Apiphpuniversal/Server_video/serverTest5Public/7Testasync/dumpUploads7/Temp8/video/js3multi/Central1/cpuProviderJs/Dbserver3/9Pipe/Javascriptdle[.]php hxxp://185[.]182[.]111[.]66/JavascriptLow[.]php	DCRat
URL	hxxps://ndrjb[.]timeline[.]transversallearning[.]com/editContent hxxps://qpq[.]plan[.]gemmadeealexander[.]com/editContent hxxps://jjrdv[.]timeline[.]transversallearning[.]com/editContent hxxps://lbq[.]timeline[.]transversallearning[.]com/editContent hxxps://bejlc[.]timeline[.]transversallearning[.]com/editContent hxxps://fxhwx[.]timeline[.]transversallearning[.]com/editContent hxxps://sgsr[.]timeline[.]transversallearning[.]com/editContent hxxps://cin[.]timeline[.]transversallearning[.]com/editContent hxxps://qdx[.]timeline[.]transversallearning[.]com/editContent hxxps://nkh[.]timeline[.]transversallearning[.]com/editContent hxxps://pkho[.]timeline[.]transversallearning[.]com/editContent hxxps://gstatick[.]com/tFvG7M hxxps://nnvic[.]timeline[.]transversallearning[.]com/editContent hxxps://x64[.]nvize[.]com/MHp2C0tYFWJUWEw5BU9aKUJYTClIHBt6Vh8ffhIH hxxps://x64[.]nvize[.]com/4expF5rOCn6FzlMl1NlFNZKYDGfD1kt2j40FbpuJNnGRzkU1k85TNZaGS2o=	FAKEUPDATES
URL	hxxps://62[.]234[.]206[.]247:8888/www/handle/doc hxxps://210[.]209[.]125[.]194/www/handle/doc hxxp://138[.]197[.]10[.]20/pixel hxxp://121[.]127[.]249[.]136/fwlink hxxp://124[.]70[.]129[.]64:9090/pixel hxxp://43[.]134[.]114[.]253/updates[.]rss hxxps://198[.]46[.]226[.]96/IE9CompatViewList[.]xml hxxp://42[.]192[.]86[.]94:8888/IE9CompatViewList[.]xml hxxp://77[.]105[.]146[.]38/cx hxxp://152[.]136[.]35[.]240/j[.]ad hxxp://120[.]46[.]187[.]180:6666/g[.]pixel hxxp://cs-go[.]btpanel[.]asia/c/msdownload/update/others/2016/12/29136388_ hxxp://144[.]202[.]44[.]90:4444/g[.]pixel hxxp://94[.]156[.]253[.]25:8081/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://2[.]59[.]254[.]192:8081/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxps://94[.]156[.]253[.]25/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://image[.]baiduu[.]org/load hxxps://107[.]172[.]190[.]126/g[.]pixel hxxps://118[.]195[.]157[.]85/pixel[.]gif hxxp://101[.]43[.]103[.]253:8008/ptj hxxp://45[.]95[.]172[.]83/ptj hxxp://62[.]234[.]182[.]35:7003/en_US/all[.]js hxxp://154[.]90[.]57[.]70/match hxxp://94[.]156[.]253[.]25/en_US/all[.]js hxxps://vps[.]cpple[.]tk:4433/match hxxps://23[.]234[.]254[.]155:4433/g[.]pixel hxxp://154[.]90[.]57[.]70/load hxxp://nesanocige[.]us:443/files/favicon[.]ico hxxp://149[.]129[.]72[.]37:8880/g[.]pixel hxxp://36[.]140[.]61[.]132:8080/IE9CompatViewList[.]xml hxxps://103[.]44[.]244[.]230/pixel hxxps://198[.]46[.]226[.]96/visit[.]js hxxps://154[.]9[.]253[.]54/api/3 hxxps://23[.]92[.]208[.]51/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://175[.]178[.]80[.]121:8001/ga[.]js hxxps://farulig[.]us/kj[.]html hxxps://43[.]134[.]114[.]253/match hxxp://20[.]106[.]253[.]207/cm hxxps://94[.]131[.]113[.]69/updates[.]rss hxxps://128[.]1[.]134[.]49/IE9CompatViewList[.]xml hxxp://42[.]51[.]45[.]187:8888/match hxxps://149[.]129[.]72[.]37:8142/ptj hxxps://64[.]94[.]211[.]20/en_US/all[.]js hxxps://ys035[.]tv/jquery-3[.]3[.]1[.]min[.]js hxxp://128[.]1[.]134[.]49:50001/jquery-3[.]3[.]1[.]min[.]js hxxps://182[.]92[.]77[.]74/recite/v9[.]52/6FCQ3UVD9 hxxps://stela-artua[.]xyz/c/msdownload/update/others/2020/10/29136388_ hxxps://45[.]85[.]77[.]189/pixel hxxp://45[.]85[.]77[.]189:8080/fwlink hxxps://37[.]139[.]129[.]44:1433/jquery-3[.]3[.]1[.]min[.]js hxxp://139[.]196[.]47[.]225:8023/api/3 hxxp://23[.]234[.]200[.]144:18882/i5Vi hxxp://23[.]234[.]200[.]144:18882/activity hxxps://182[.]92[.]77[.]74:8443/recite/v9[.]52/6FCQ3UVD9 hxxp://42[.]51[.]40[.]232:8086/match hxxp://124[.]220[.]182[.]36/ptj hxxps://37[.]139[.]129[.]44/jquery-3[.]3[.]1[.]min[.]js hxxps://1[.]117[.]176[.]254/pixel hxxp://1[.]117[.]176[.]254/IE9CompatViewList[.]xml	Cobalt Strike
URL	hxxp://23[.]94[.]148[.]61/978/gucc[.]exe hxxp://2[.]59[.]254[.]18/_errorpages/stanzx[.]exe hxxp://94[.]156[.]161[.]167/tl/izs45[.]txt hxxp://94[.]156[.]161[.]167/IFB[.]vbs hxxp://23[.]94[.]148[.]61/450/msedge[.]exe hxxp://23[.]94[.]148[.]61/977/gucc[.]exe hxxp://193[.]233[.]255[.]9/lend/blackfridaydiscount[.]exe hxxp://94[.]156[.]253[.]108/exe/aaao[.]exe hxxps://emojied[.]net/%F0%9F%98%82%F0%9F%98%A1%F0%9F%99%82%F0%9F%99%8A%F0%9F%98%A7%F0%9F%99%82 hxxp://23[.]94[.]148[.]61/wii/2/000000000000000%23%23%23%23%23%23%23%23%23%23%23%23%23%23000000000000000000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300000000000[.]doc	Agent Tesla
URL	hxxp://80[.]76[.]51[.]248/azzo[.]txt hxxp://80[.]76[.]51[.]248/azzo[.]vbs hxxp://103[.]16[.]225[.]211/F118S/wininit[.]exe hxxp://103[.]16[.]225[.]211/W098T/wininit[.]exe	Formbook
URL	hxxp://5[.]255[.]107[.]172/forum/images/159[.]exe hxxps://www[.]medichiccenter[.]com/wp-content/plugins/polylang/include/djdffvj[.]exe hxxp://193[.]109[.]85[.]112/djdffvj[.]exe	Rhadamanthys
URL	hxxps://www[.]apex[.]ps/public/old[.]exe hxxps://apex[.]ps/public/old[.]exe	Meterpreter
URL	hxxp://onedirve[.]info/wis2war[.]vbs	WSHRAT
URL	hxxp://94[.]156[.]6[.]203/Downloads/drop-updater[.]lnk hxxps://sterlingfundinginc[.]com/wp-content/uploads/2022/01/local-upd[.]url hxxp://sterlingfundinginc[.]com/wp-content/uploads/2023/03/en-local(downloader-upd)silent[.]zip hxxp://sterlingfundinginc[.]com/wp-content/uploads/2022/03/en-win-update[.]msi hxxp://irenosolutions[.]com/wp-content/uploads/wpcode/cache/files/en-local(download(upd-chr-mz-ed)[.]zip hxxp://81[.]161[.]229[.]138/Downloads/Install%20Updater%20(win-stable)-compatibility(mac)[.]lnk hxxps://irenosolutions[.]com/wp-content/uploads/wpcode/cache/twilighttwilight[.]hta hxxps://irenosolutions[.]com/wp-content/uploads/wpcode/secretion[.]zip hxxps://www[.]redconsultora[.]com/campus/portfolio/relaxation[.]hta hxxps://www[.]redconsultora[.]com/campus/portfolio/download/download-update(silent)[.]url hxxp://81[.]161[.]229[.]138/Downloads/drop-updater[.]lnk hxxps://www[.]redconsultora[.]com/campus/forestry[.]zip hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/05/SquirellApp[.]zip hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/06/coverage[.]hta hxxp://81[.]161[.]229[.]138/Downloads/building-packer[.]lnk hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/07/download-package(win)[.]url hxxps://www[.]monroefmc[.]com/wp-content/uploads/2014/05/client32[.]exe hxxps://xcelcareers[.]com/wp-content/uploads/2019/04/downloader-V[.]url hxxps://xcelcareers[.]com/wp-content/uploads/2014/09/Environment[.]zip hxxps://xcelcareers[.]com/wp-content/uploads/2018/12/miracle[.]hta hxxp://81[.]161[.]229[.]138/Downloads/representative[.]lnk hxxps://xcelcareers[.]com/wp-content/uploads/2014/09/client32[.]exe hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/05/xcvcxvxcvv[.]hta hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/07/en-win-local(up-download)[.]url hxxp://81[.]161[.]229[.]138/Downloads/bld-upd-stbl[.]lnk hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/04/FilanCorp[.]zip hxxps://www[.]cinthyarochafotografia[.]com[.]br/wp-content/uploads/2021/04/client32[.]exe	NetSupportManager RAT
URL	hxxp://gcl-page[.]biz/check[.]php hxxp://gcl-page[.]biz/stats/save[.]php	CCleaner Backdoor
URL	hxxp://209[.]250[.]242[.]222:3003/file[.]exe hxxp://199[.]247[.]24[.]9:3002/file[.]exe hxxp://194[.]169[.]175[.]233:3002/file[.]exe hxxp://194[.]169[.]175[.]233:3003/file[.]exe	RedLine Stealer
URL	hxxp://193[.]233[.]255[.]9/lend/build32[.]exe	Coinminer
URL	hxxp://193[.]233[.]255[.]9/lend/EpilogStrongyls[.]exe	Quasar RAT
URL	hxxp://npskudlu[.]com/x64win[.]dll	SystemBC
URL	hxxps://lightyearsaheads[.]com/sui[.]exe	Fabookie
URL	hxxp://5[.]42[.]66[.]1/l/getReasonData	Emotet
URL	hxxp://45[.]9[.]74[.]70/2BfwEn6KgTm/index[.]php hxxp://77[.]91[.]68[.]18/nice/index[.]php hxxp://77[.]91[.]124[.]231/info/photo551[.]exe hxxp://77[.]91[.]68[.]18/nice/Plugins/clip64[.]dll hxxp://45[.]9[.]74[.]70/2BfwEn6KgTm/Plugins/cred64[.]dll hxxp://45[.]9[.]74[.]70/2BfwEn6KgTm/Plugins/clip64[.]dll hxxp://smz-llc[.]net/2BfwEnWXSKj6KgTm/index[.]php hxxp://smz-llc[.]net/2BfwEnWXSKj6KgTm/Plugins/cred64[.]dll hxxp://smz-llc[.]net/2BfwEnWXSKj6KgTm/Plugins/clip64[.]dll hxxp://3[.]0[.]0[.]88/2BfwEn6KgTm/index[.]php	Amadey
URL	hxxp://162[.]240[.]100[.]114/x-8[.]6-[.]Sakura hxxp://162[.]240[.]100[.]114/x-3[.]2-[.]Sakura hxxp://162[.]240[.]100[.]114/s-h[.]4-[.]Sakura hxxp://162[.]240[.]100[.]114/i-5[.]8-6[.]Sakura hxxp://162[.]240[.]100[.]114/a-r[.]m-5[.]Sakura hxxp://162[.]240[.]100[.]114/m-i[.]p-s[.]Sakura hxxp://162[.]240[.]100[.]114/a-r[.]m-7[.]Sakura hxxp://162[.]240[.]100[.]114/a-r[.]m-6[.]Sakura hxxp://162[.]240[.]100[.]114/m-p[.]s-l[.]Sakura hxxp://162[.]240[.]100[.]114/a-r[.]m-4[.]Sakura hxxp://162[.]240[.]100[.]114/p-p[.]c-[.]Sakura hxxp://162[.]240[.]100[.]114/m-6[.]8-k[.]Sakura hxxp://94[.]156[.]102[.]166/x-8[.]6[.]blaze	Bashlite
URL	hxxp://216[.]128[.]145[.]196/~wellseconds/?p=529497154189253 hxxp://216[.]128[.]145[.]196/~wellseconds/?p=060773029 hxxp://136[.]243[.]159[.]53/~element/page[.]php?id=172	LokiBot
URL	hxxp://103[.]74[.]104[.]213/W098T/YV8xEFq6858Firy[.]exe hxxp://103[.]74[.]104[.]213/W098T/smss[.]exe	neshta
URL	hxxp://79[.]137[.]192[.]18/toolspub2[.]exe hxxp://moknex158[.]xyz/rh111[.]exe	SmokeLoader
URL	hxxp://79[.]137[.]192[.]18/31839b57a4f11171d6abc8bbc4451ee4[.]exe hxxp://45[.]9[.]74[.]80/31839b57a4f11171d6abc8bbc4451ee4[.]exe	Glupteba
URL	hxxp://5[.]42[.]64[.]12/4e815d9f1ec482dd[.]php hxxp://193[.]233[.]255[.]9/lend/oncestatistic[.]exe	Stealc
URL	hxxp://onedirve[.]info//11111[.]exe hxxp://onedirve[.]info/11111[.]exe hxxp://23[.]94[.]239[.]89/test/iii[.]exe	Remcos
URL	hxxps://storage[.]webfiledata[.]com/ui_static[.]js?ver=uimskczl1yrgokj8hzcmju	Parrot TDS
URL	hxxp://onedirve[.]info/2222222[.]exe	Warzone RAT
URL	hxxps://bripst[.]com/32[.]exe hxxp://193[.]233[.]255[.]9/lend/build666[.]exe	Arkei Stealer
URL	hxxp://csbo1[.]shop/MSB01/index[.]php	Azorult

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております