D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様63社: 2023/10/10
※2023/10/10 更新
マルウェア感染させると考えられるURLを検知（2023/10/10）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://45[.]66[.]230[.]22/java_done[.]exe
hxxps://45[.]66[.]230[.]22/payload[.]exe
Nanocore RAT


URL
hxxp://192[.]3[.]95[.]131/270/HTMLc[.]exe
hxxps://45[.]66[.]230[.]22/setup[.]exe
hxxp://192[.]3[.]95[.]131/280/HTMLC[.]EXE
hxxp://103[.]182[.]16[.]23/250/1/UFX[.]txt
hxxp://103[.]182[.]16[.]23/250/2/HTMLcc[.]vbs
hxxp://103[.]182[.]16[.]23/250/2/UFG[.]txt
hxxp://103[.]182[.]16[.]23/250/1/html[.]vbs
hxxp://103[.]182[.]16[.]23/250/3/UXO[.]txt
hxxp://103[.]182[.]16[.]23/250/3/HtmlCent[.]vbs
hxxp://103[.]182[.]16[.]23/250/3/ioi0OIOoi0IOIOIoi0OIOIioI0IOioi0000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300ioi0ioiOI0oioiOIOI0ioIOIOI00%23%23%23%23%23%23%23%23%23%23%23%23%23%23000[.]doc
hxxp://103[.]182[.]16[.]23/250/1/IOI0OIOoioi0ooooi00IOIOoi0OoI00IIoioi0000%23%23%23%23%23%23%23%23%23%23%23%23%23%23000oi0ioio0OIOI0ioooI0IOioiOI0ioII%23%23%23%23%23%23%23%23%23%23%23%23%2300000000[.]doc
hxxp://103[.]182[.]16[.]23/250/2/i0ioi0o0IOoiio00I00oOOo0i0I0IOIOI0OIOIo00%23%23%23%23%23%23%23%23%23%23%23%23%23%2300i0ioio0OIOI0iooIO0iiooio0%23%23%23%23%23%23%23%23%23%23%23%23%23%23000000[.]doc
hxxp://193[.]42[.]33[.]63/hhreexploit[.]vbs
hxxp://193[.]42[.]33[.]63/x[.]x[.]x[.]x[.]doc
hxxp://79[.]110[.]48[.]52/bkop[.]vbs
hxxp://81[.]161[.]229[.]226/vacxopl[.]vbs
hxxp://79[.]110[.]48[.]52/nicko[.]vbs
hxxp://185[.]255[.]114[.]43/HZbByPcBFnmt213[.]bin
hxxp://94[.]156[.]161[.]167/tl/eg6667[.]txt
hxxp://94[.]156[.]161[.]167/tl/ig5443[.]txt
hxxp://107[.]175[.]3[.]22/330/audiodgs[.]exe
hxxps://www[.]tt22[.]in/cs
hxxp://107[.]175[.]3[.]22/UHO/1/i0ioiioi0oioioI0IOIOOI0OIOI0i0ioo00%23%23%23%23%23%23%23%23%23%23%23%23%23%2300i0ioii0ioi0oioi0oiooio0000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300000[.]doc
hxxp://107[.]175[.]3[.]22/236/sihost[.]exe
Agent Tesla


URL
hxxp://weaselplacerif[.]fun/api
hxxps://uc2dde06dfda4495703517a59e75[.]dl[.]dropboxusercontent[.]com/cd/0/get/CFBsEw-8VyzEP4r_NtLikSy3Ex4hGsPYLg6Xs96H-bYY5pUmBDLv5xyg3FtcDQSrd52RMssE5yua4_GHP6ouaOh-erLw1Ud6MXeYZLFHkijGES9InMLw-6BTi_bzrcOHB9IKkY8wS65iFLo6BlJaEeuc/file?dl=1
hxxp://noisemakjelly[.]fun/api
hxxp://artificialleath[.]fun/api
hxxp://firmpanacewa[.]fun/api
hxxp://npskudlu[.]com/cllip[.]exe
hxxp://begonblom[.]fun/api
hxxp://thuspulllig[.]fun/api
hxxp://cameponceowa[.]site/api
hxxp://decorhighsa[.]pw/api
hxxp://destroyevensusp[.]fun/api
hxxp://blingaspireojhau[.]online/api
hxxp://81[.]161[.]229[.]219/files/document[.]pdf
hxxp://81[.]161[.]229[.]219/files/deluxe_crypted[.]exe
hxxp://bytecloudasa[.]website/api
hxxp://pedigreeprotone[.]fun/api
hxxp://nursepridespan[.]fun/api
hxxp://orgstekomnw[.]pw/api
hxxps://alwassataimmo[.]com/12/cutchapter[.]exe
hxxp://manguvorpmi[.]pw/api
hxxp://hawsteamjoak[.]fun/api
hxxps://alwassataimmo[.]com/12/formeremploy[.]exe
hxxp://crossmuchscandta[.]pw/api
Lumma Stealer


URL
hxxps://mohasanteck[.]com/am/?08304421
hxxps://shankarmaharaj[.]com/num/?28054421
hxxps://hudaibiahcollege[.]com/eaup/?31234421
hxxps://rawdah-mlhm[.]com/iin/?29134421
hxxps://pineheightsystems[.]com[.]ng/ei/?17204421
hxxps://transmilez[.]com/isup/?47204421
hxxps://med-care[.]co/qoiu/?39104421
hxxps://roexperts[.]in/rep/?06154421
hxxps://florotek[.]com/utat/?43254421
hxxps://mobilefixer[.]in/rat/?23104421
hxxps://kcims[.]org/ua/?12204421
hxxps://taxicentral[.]ir/qll/?72534421
hxxps://mudratherapy[.]in/eqa/?35304421
hxxps://constitutionalsanctuarycity[.]org/eit/?68434421
hxxps://kapaass[.]com/mn/?69634421
hxxps://kevinpharmachem[.]com/su/?96334421
hxxps://med-care[.]co/qoiu/?94334421
hxxps://masterschoolkandana[.]site/sort/?29334421
hxxps://novpara[.]capital/se/?78334421
hxxps://motherteresacharitablesociety[.]com/sati/?00304421
hxxps://arosalmasayif[.]com/rc/?26154421
hxxps://webdesigninhull[.]co[.]uk/tei/?38204421
hxxps://raffaelamarescalco[.]it/uisc/?61104421
hxxps://aliandcompany[.]pk/saii/?09204421
hxxps://nahitahukuk[.]com/qaq/?87234421
hxxps://thenostalgistfilm[.]com/mis/?57304421
hxxps://learnstuffs[.]com/eoun/?07134421
hxxps://jlsangola[.]com/quc/?16104421
hxxps://desarrollosprogramas[.]com/ttsa/?74434421
hxxps://fouredgefm[.]com/iemt/?66134421
hxxps://nexspace[.]co[.]th/uii/?95204421
hxxps://scholarshiplug[.]com/uun/?71254421
hxxps://masterschoolkandana[.]site/sort/?00304421
hxxps://geetabeautyhub[.]in/pt/?39434421
hxxps://flatfeecorp[.]co/or/?78134421
hxxps://rodriyt[.]com/qi/?07304421
hxxps://fit-decor[.]com/fas/?51254421
hxxps://europe-garage-automobile[.]com/atu/?38134421
hxxps://norcantec[.]com[.]ar/umn/?13334421
hxxps://teachenglishonline[.]org/eaom/?00234421
hxxps://technopark[.]com[.]pk/ma/?79034421
hxxps://rodeate[.]com/uee/?53334421
hxxps://mostlynonsensical[.]com/rb/?35034421
hxxps://brandpacker[.]net/oel/?20924421
hxxps://arigopay[.]com/pamr/?71134421
hxxps://spertual[.]site/umd/?67334421
hxxps://nahitahukuk[.]com/qaq/?67734421
hxxps://topdailystory[.]com/ste/?29634421
hxxps://hudaibiahcollege[.]com/eaup/?00134421
hxxps://futurefoodfarms[.]com[.]ng/gmss/?54234421
hxxps://sppflash[.]com[.]ar/utsv/?43334421
hxxps://drmurtazashomoeopathy[.]in/bman/?46034421
hxxps://twingalleria[.]com/ec/?39134421
hxxps://wedoit[.]global/arp/?68334421
hxxps://my-lynk[.]com/niu/?68734421
hxxps://geetabeautyhub[.]in/pt/?90134421
hxxps://fouredgefm[.]com/iemt/?72034421
hxxps://drmurtazashomoeopathy[.]in/bman/?74034421
hxxps://ko2labs[.]com/isa/?03134421
hxxps://miammiam[.]sg/rina/?02334421
hxxps://nahitahukuk[.]com/qaq/?51034421
hxxps://gazisupershop[.]com/ae/?95634421
hxxps://hudaibiahcollege[.]com/eaup/?11034421
hxxps://zeytouni[.]net/dl/?67634421
hxxps://trysupplements[.]online/rr/?66234421
hxxps://kcims[.]org/ua/?42234421
hxxps://adz[.]biz[.]id/rt/?37034421
hxxps://servicecustomercare[.]com/seip/?19634421
hxxps://mweimall[.]co[.]ke/cu/?31234421
hxxps://promediol[.]com/it/?00034421
hxxps://lpexpert[.]site/qtqu/?63924421
hxxps://med-care[.]co/qoiu/?68034421
hxxps://strategy180[.]com[.]au/amsn/?70234421
hxxps://theconsulting[.]io/iidt/?79034421
hxxps://nexspace[.]co[.]th/uii/?63234421
hxxps://trysupplements[.]online/rr/?65134421
hxxps://casagilapizaco[.]mx/it/?13634421
hxxps://mostlynonsensical[.]com/rb/?67924421
hxxps://taxitransferskeri[.]com/rit/?19534421
hxxps://metalfiber[.]com[.]pe/put/?31734421
hxxps://europe-garage-automobile[.]com/atu/?40134421
hxxps://servicecustomercare[.]com/seip/?49924421
hxxps://beseen-bla[.]com/troi/?71824421
hxxps://onlinegratuitycalculator[.]com/eta/?25824421
hxxps://supremeelevator[.]com/msti/?94924421
hxxps://hooverrepairservicecenterauthorized[.]com/mrrs/?61034421
hxxps://antarperu[.]com[.]pe/uqe/?23924421
hxxps://hudaibiahcollege[.]com/eaup/?12034421
hxxps://mortgage-application-form[.]com/bem/?13924421
hxxps://khalimoff[.]com/std/?20924421
hxxps://portleon[.]com/uh/?61924421
hxxps://easyfitautoglass[.]co[.]za/iqat/?16434421
hxxps://geetabeautyhub[.]in/pt/?11924421
hxxps://geetabeautyhub[.]in/pt/?38824421
hxxps://metalfiber[.]com[.]pe/put/?78824421
hxxps://saurcool[.]com/nt/?19924421
hxxps://garimaenterprises[.]co[.]in/se/?65924421
hxxps://desertandbloom[.]com/uq/?64924421
hxxps://lionaiassistant[.]com/vde/?47624421
hxxps://packline[.]org/eoor/?76434421
hxxps://norcantec[.]com[.]ar/umn/?65034421
hxxps://hudaibiahcollege[.]com/eaup/?48134421
hxxps://clinicsmilekraft[.]com/uees/?66034421
hxxps://beautyforwellness[.]com/ti/?34924421
hxxps://teravonsolar[.]com/is/?13134421
hxxps://futurefoodfarms[.]com[.]ng/gmss/?31824421
hxxps://brilliant-solutions[.]ae/it/?24034421
hxxps://i-techsolutions[.]co[.]ke/amr/?56134421
hxxps://ezejiamatufoundation[.]com/etr/?65924421
hxxps://xirconhomes[.]com[.]au/oelu/?09924421
hxxps://culturadireitoesociedade[.]com[.]br/ts/?86334421
hxxps://culturadireitoesociedade[.]com[.]br/ts/?11034421
hxxps://ikhsoyod[.]mn/ums/?03724421
hxxps://futurefoodfarms[.]com[.]ng/gmss/?74824421
hxxps://gfs-ae[.]com/sd/?85334421
hxxps://mostlynonsensical[.]com/rb/?00834421
hxxps://myprojectssydney[.]com[.]au/iest/?18434421
hxxps://europe-garage-automobile[.]com/atu/?62034421
hxxps://metalfiber[.]com[.]pe/put/?78724421
hxxps://hermanaluzangelica[.]com/qe/?20824421
hxxps://arosalmasayif[.]com/rc/?73834421
hxxps://shopnovinplus[.]com/uon/?05924421
hxxps://ezejiamatufoundation[.]com/etr/?34724421
hxxps://naun[.]com[.]br/ur/?69034421
hxxps://beseen-bla[.]com/troi/?44824421
hxxps://vertical-gardener[.]com/cqlu/?06724421
hxxps://i-techsolutions[.]co[.]ke/amr/?24824421
hxxps://twingalleria[.]com/ec/?97624421
hxxps://allazeez[.]in/ue/?21634421
hxxps://pakistanroof[.]com/ps/?76234421
hxxps://ezejiamatufoundation[.]com/etr/?28054421
hxxps://tsmedia[.]id/atso/?63824421
hxxps://adast-alfn[.]com/suai/?22634421
hxxps://nexspace[.]co[.]th/uii/?87824421
hxxps://mostlynonsensical[.]com/rb/?48534421
hxxps://mallasprogalv[.]com/ia/?96924421
hxxps://rshm[.]co[.]in/eaii/?03734421
hxxps://norcantec[.]com[.]ar/umn/?68724421
hxxps://oximedbolivia[.]com/turn/?00034421
hxxps://pakistanroof[.]com/ps/?80434421
hxxps://shriganapathisourses[.]com/cor/?22434421
hxxps://adast-alfn[.]com/suai/?42434421
hxxps://flatfeecorp[.]co/or/?88624421
hxxps://thestandpoint[.]ca/catm/?71134421
hxxps://brasigncertificacao[.]com[.]br/ates/?69634421
hxxps://plawers[.]com/TOA/
Pikabot


URL
hxxps://saurcool[.]com/nt/
hxxps://garimaenterprises[.]co[.]in/se/
hxxps://mallasprogalv[.]com/ia/
hxxps://jobhunt88[.]com/ad/
hxxps://qastoman[.]com/du/
hxxps://englishnet[.]com[.]mx/qe/
hxxps://lavaliosa[.]com[.]mx/di/
hxxps://needzsolutions[.]com/oeiu/
hxxps://agriformexico[.]com/fc/
hxxps://rshm[.]co[.]in/eaii/
hxxps://nowapsiindia[.]com/eoas/
hxxps://alphamgt[.]com[.]ng/solr/
hxxps://onlinegratuitycalculator[.]com/eta/
hxxps://mcbsistemas[.]com[.]br/al/
hxxps://akpoazaagroup[.]com/qnr/
hxxps://clinicsmilekraft[.]com/uees/
hxxps://itscnf[.]com/rs/
hxxps://abouthealthupdates[.]us/atic/
hxxps://wizzardz-solutions[.]com/ar/
hxxps://geetabeautyhub[.]in/pt/
hxxps://antarperu[.]com[.]pe/uqe/
hxxps://novpara[.]capital/se/
hxxps://skillerszone[.]com/eexe/
hxxps://celestialthaispa[.]com/pt/
hxxps://astroheenasharma[.]in/efmr/
hxxps://mobilefixer[.]in/rat/
hxxps://aviorify[.]com/ie/
hxxps://wagonslearning[.]in/uiqq/
hxxps://pehspl[.]co[.]in/td/
hxxps://gazisupershop[.]com/ae/
hxxps://amshesp[.]com/rooe/
hxxps://xirconhomes[.]com[.]au/oelu/
hxxps://bandafourhead[.]com[.]br/oiai/
hxxps://futurefoodfarms[.]com[.]ng/gmss/
hxxps://pseventer[.]com/di/
hxxps://gfs-ae[.]com/sd/
hxxps://ptferubbers[.]com/uua/
hxxps://nexspace[.]co[.]th/uii/
hxxps://broadwayevents[.]co[.]za/oeii/
hxxps://standartbud[.]net/turo/
hxxps://pmsarkarijob[.]com/cm/
hxxps://facturial[.]es/equ/
hxxps://kimandclak-ltd[.]com/lam/
hxxps://naun[.]com[.]br/ur/
hxxps://mortgage-application-form[.]com/bem/
hxxps://drmurtazashomoeopathy[.]in/bman/
hxxps://constitutionalsanctuarycity[.]org/eit/
hxxps://ongoing[.]website/stsa/
hxxps://arigopay[.]com/pamr/
hxxps://4am[.]health/ate/
hxxps://yagneek[.]com/sm/
hxxps://dollar2023[.]com/esd/
hxxps://salaammaharashtra[.]in/mqu/
hxxps://digitalsafecertificadora[.]com[.]br/eeta/
hxxps://freguesiadabeleza[.]com[.]br/auf/
hxxps://loganwritersfestival[.]com[.]au/umco/
hxxps://lpexpert[.]site/qtqu/
hxxps://shriganapathisourses[.]com/cor/
hxxps://excelliaschool[.]edu[.]in/ior/
hxxps://europe-garage-automobile[.]com/atu/
hxxps://provfin[.]com[.]au/ea/
hxxps://i-techsolutions[.]co[.]ke/amr/
hxxps://wagonsskillfoundation[.]com/ameu/
hxxps://vbnexcod[.]co[.]in/ri/
hxxps://conceptloop[.]net/rdm/
hxxps://twafcreative[.]com/iqui/
hxxps://chetanaenterprises-nx[.]com/tide/
hxxps://currylounge[.]ca/rtum/
hxxps://cinecreativofilmschool[.]com/issn/
hxxps://desarrollosprogramas[.]com/ttsa/
hxxps://fouredgefm[.]com/iemt/
hxxps://adast-alfn[.]com/suai/
hxxps://liegefelicio[.]com[.]br/qgl/
hxxps://demandehypothecaire[.]ca/uq/
hxxps://casagilapizaco[.]mx/it/
hxxps://sallybdran[.]co[.]il/uem/
hxxps://want2beme[.]com/acm/
hxxps://jobvortex[.]com/si/
hxxps://learnstuffs[.]com/eoun/
hxxps://bamboom[.]com[.]co/eq/
hxxps://buyshyhub[.]com/tu/
hxxps://zeytouni[.]net/dl/
hxxps://kapaass[.]com/mn/
hxxps://sppflash[.]com[.]ar/utsv/
hxxps://kevinpharmachem[.]com/su/
hxxps://simplyvisit[.]co[.]uk/tpae/
hxxps://casadebill[.]org/it/
hxxps://theconsulting[.]io/iidt/
hxxps://mostlynonsensical[.]com/rb/
hxxps://allazeez[.]in/ue/
hxxps://forextradings[.]net/vt/
hxxps://medrexmedicaltrding[.]tw/taub/
hxxps://technopark[.]com[.]pk/ma/
hxxps://hermanaluzangelica[.]com/qe/
hxxps://cheaptravelservice[.]us/is/
hxxps://nahitahukuk[.]com/qaq/
hxxps://icg-egy[.]net/det/
hxxps://portleon[.]com/uh/
hxxps://angelesescobar[.]cl/uure/
hxxps://lucreindia[.]com/mte/
hxxps://radiancegroup[.]info/teu/
hxxps://bellepreviews[.]com/tute/
hxxps://topdailystory[.]com/ste/
hxxps://kernel-ec[.]com/oore/
hxxps://aakashfertilitycentre[.]in/qsp/
hxxps://radhagobindrefrigeration[.]com/is/
hxxps://aquatickidsglobalschool[.]com/et/
hxxps://zahra-nejati[.]ir/uaq/
hxxps://teravonsolar[.]com/is/
hxxps://funsaef[.]org/ips/
hxxps://beautyforwellness[.]com/ti/
hxxps://psservicesindia[.]com/doet/
hxxps://assuredservice[.]co[.]in/ln/
hxxps://queenbbridals[.]ng/rt/
hxxps://norcantec[.]com[.]ar/umn/
hxxps://shopnovinplus[.]com/uon/
hxxps://mweimall[.]co[.]ke/cu/
hxxps://drawbox[.]pt/etue/
hxxps://poonamcoatings[.]com/tio/
hxxps://alfa-omega-pty[.]com/as/
hxxps://benaamedia[.]com/siui/
hxxps://norvik[.]ug/gteu/
hxxps://medigest[.]in/uaeq/
hxxps://buyproductnow[.]online/dol/
hxxps://urhobodaily[.]com/oue/
hxxps://rawdah-mlhm[.]com/iin/
hxxps://fit-decor[.]com/fas/
hxxps://packline[.]org/eoor/
hxxps://med-care[.]co/qoiu/
hxxps://flatfeecorp[.]co/or/
hxxps://shreekalastudioz[.]com/est/
hxxps://thestandpoint[.]ca/catm/
hxxps://kejriwalyojana[.]com/qoua/
hxxps://uniquemanufacture[.]co[.]in/eo/
hxxps://oximedbolivia[.]com/turn/
hxxps://khalimoff[.]com/std/
hxxps://promediol[.]com/it/
hxxps://pakistanroof[.]com/ps/
hxxps://stjohnsdamoh[.]co[.]in/er/
hxxps://tingolazodeportes[.]com/re/
hxxps://nbsdevelopments[.]com/na/
hxxps://brilliant-solutions[.]ae/it/
hxxps://desertandbloom[.]com/uq/
hxxps://petholickw[.]com/lm/
hxxps://rapidskinandhairclinic[.]com/iaol/
hxxps://realestateimpact[.]us/laoo/
hxxps://sparespace[.]in/lli/
hxxps://saiffastners[.]com/mqdo/
hxxps://ikhsoyod[.]mn/ums/
hxxps://medicionacustica[.]cl/eio/
hxxps://olimartesser[.]com[.]br/iuts/
hxxps://olympicscientific[.]ca/ee/
hxxps://mastersite[.]fun/dsso/
hxxps://technopus[.]com/ate/
hxxps://websfy[.]com/sa/
hxxps://arosalmasayif[.]com/rc/
hxxps://fairwayslogistics[.]org/il/
hxxps://akla[.]com[.]pk/oua/
hxxps://spertual[.]site/umd/
hxxps://metalfiber[.]com[.]pe/put/
hxxps://hooverrepairservicecenterauthorized[.]com/mrrs/
hxxps://newspaperman[.]in/arp/
hxxps://yushanmedia[.]com[.]np/taiq/
hxxps://easyfitautoglass[.]co[.]za/iqat/
hxxps://beseen-bla[.]com/troi/
hxxps://rodeate[.]com/uee/
hxxps://airtaceuropa[.]com/trqa/
hxxps://kcims[.]org/ua/
hxxps://hypothequeswestisland[.]ca/aim/
hxxps://priceclub[.]online/ln/
hxxps://organicfoodslahore[.]com/tsa/
hxxps://adz[.]biz[.]id/rt/
hxxps://servicecustomercare[.]com/seip/
hxxps://miammiam[.]sg/rina/
hxxps://strategy180[.]com[.]au/amsn/
hxxps://jekinformatica[.]com[.]br/pi/
hxxps://gpexpatservices[.]com/ain/
hxxps://buzzbt[.]io/blio/
hxxps://shalife[.]in/luoi/
hxxps://pusadurbanbank[.]com/id/
hxxps://vulturetv[.]com/tau/
hxxps://maxcelulares[.]com[.]br/ie/
hxxps://courageousmefoundation[.]org/tuni/?1
hxxps://ecosing[.]com/qc/?1
hxxps://grocerycorridor[.]com/aso/?1
hxxps://harsiddhindustries[.]com/leo/?1
hxxps://katsuamber[.]site/pg/?1
hxxps://kidsneedsbd[.]com/trs/?1
hxxps://nasa2000[.]com[.]mx/mia/?1
hxxps://owe[.]org[.]af/oled/?1
hxxps://palpa[.]ps/otle/?1
hxxps://rtp-kapuas88[.]com/snr/?1
hxxps://sebifan[.]ro/srti/?1
hxxps://tepor[.]it/lqas/?1
hxxps://therapyhealstrauma[.]com/paqe/?1
hxxps://uniget[.]com[.]br/let/?1
hxxps://wirkaleufu[.]cl/do/?1
hxxps://wpconversionking[.]com/acu/?1
hxxps://xpertmarketing[.]mx/bea/?1
hxxps://babycaresms[.]com/dso/?1
hxxps://camerazone[.]lk/dlv/?1
hxxps://aarzu[.]com[.]pk/rebr/?1
hxxps://xavierliras[.]com/lgtv/?1
hxxps://xavierliras[.]com/lgtv/
DarkGate


URL
hxxps://www[.]alliancegold[.]com[.]ec/download/Uzcfllcvmp[.]vdf
hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/shedremko2[.]1[.]exe
hxxp://193[.]26[.]115[.]174:222/2[.]txt
hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/shekinga2[.]1[.]exe
Remcos


URL
hxxps://legalny[.]com[.]pl/comments[.]php
hxxps://lewispublishing[.]org/comments[.]php
hxxps://local[.]silly-beer[.]com/comments[.]php
hxxps://manfredfohringer[.]de/comments[.]php
hxxps://marketstrategiesmgmt[.]com/comments[.]php
GootLoader


URL
hxxps://gta-fportal[.]com/Game
hxxps://mynameisnull[.]site/config/
hxxps://gta-fportal[.]com/Game/?e=73661
hxxps://mynameisnull[.]site/config/-1001228456341
hxxps://mynameisnull[.]site/api/
hxxps://mynameisnull[.]site/api/-1001228456341
hxxp://edalat-shan[.]com/c/app[.]apk
hxxps://saham-cs[.]skcarriages[.]com/sahamedalat[.]apk
hxxps://saham-b[.]skcarriages[.]com/sahamedalat[.]apk
hxxps://sbijanr[.]xyz/microb2/main[.]php?get=sms
hxxps://sbijanr[.]xyz/microb2/main[.]php
hxxps://sbijanr[.]xyz/microb2
hxxps://hamyar-mahak[.]site/Basic
hxxps://saham-d[.]skcarriages[.]com/sahamedalat[.]apk
hxxps://saham-pa[.]skcarriages[.]com/sahamedalat[.]apk
hxxps://saham-vn[.]skcarriages[.]com/sahamedalat[.]apk
hxxps://ed[.]sahamiru[.]hair/%F0%9D%90%9C%E2%80%8C%E2%80%8C/dex[.]apk
hxxps://remote[.]mynameiszeus[.]site/api/-1001832626536
hxxps://remote[.]mynameiszeus[.]site/api/
hxxps://remote[.]mynameislusi[.]site/api/-1001830809790
hxxps://remote[.]mynameislusi[.]site/config/-1001830809790
hxxps://remote[.]mynameislusi[.]site/api/
hxxps://remote[.]mynameislusi[.]site/config/
hxxps://a[.]mynameisbasil[.]site/api/
hxxps://a[.]mynameisbasil[.]site/api/-1001739572410
hxxps://mmdapks[.]click/dead/web[.]txt
hxxps://mmdapks[.]click/dead/log[.]php
hxxps://mmdapks[.]click/dead
hxxps://remote[.]mynameislusi[.]site/api/-1001921881932
hxxps://remote[.]mynameislusi[.]site/config/-1001921881932
hxxps://sdmbyo[.]xyz/api/-1001942487619
hxxps://sdmbyo[.]xyz/api/
hxxps://connhandle[.]lat/esf/esf[.]php
hxxps://connhandle[.]lat/esf/
hxxps://connhandle[.]lat/esf/esf[.]php?h=
hxxps://cmakeapp[.]com/esf/strawberry[.]php
hxxps://cmakeapp[.]com/[.][.][.]
hxxps://cmakeapp[.]com/esf/
hxxps://cmakeapp[.]com/esf/grape[.]php
hxxps://saeasmekldlkj[.]click/saeed
hxxps://ssd-vip[.]website/matin/log[.]php
hxxps://ssd-vip[.]website/matin/web[.]txt
IRATA


URL
hxxps://residencialcasabrasileira[.]com/111[.]php
hxxps://fablane[.]com/cdn/qzwewmrqqgqnaww[.]php
hxxps://nmbvcxzasedrt[.]com/ZgbN19Mx
hxxps://fablane[.]com/cdn-js/minlen[.]php
hxxps://nmbvcxzasedrt[.]com/vvmd54/
hxxps://nmbvcxzasedrt[.]com/lander/chrome_1695206714/_index[.]php
hxxps://wsexdrcftgyy191[.]com/vvmd54/
hxxps://wsexdrcftgyy191[.]com/ZgbN19Mx
hxxps://wsexdrcftgyy191[.]com/lander/chrome_1695206714/_index[.]php
hxxps://scripts[.]asi[.]services/cX458IXVf9TcXk/nhNa+y0nWDAAY7JxpQFgRZT9/nUk=
hxxps://ghost[.]blueecho88[.]com/O1K1D0Bw1mZfcI89DGCZLUg70S0BZYA8An6XfRlol2FQP9thST3ULUY=
hxxps://ghost[.]blueecho88[.]com/uI+ovsOty9fcrZKMj7uEnMvmzJyCuJmJi7mZkpr9ioSa5cTMwunJxMH8z9fW7c7fwf7DnMU=
hxxps://ghost[.]blueecho88[.]com/9cQh7I7mQoWR5hvewvYNzoatRc7P8hLdxf0TwNe2A9bXo1GPlKdGlJiyU5qNqE+OhrEDkQ==
hxxps://ghost[.]blueecho88[.]com/Ew7j5GgsgI13LNnWJD3PxmBnh8YpOdbRITvSyDF8wd4xeJGWfnyKgn1lho54ZoSDdGHBmQ==
hxxps://ghost[.]blueecho88[.]com/AGh0V3tKFz5kSk5lN1tYdXMBEHU6XkRjMV1HeyIaVm0iEBgkYQUSOHgBBSF6Ag0+Yx0DOWNKCQ==
hxxps://content[.]garretttrails[.]org/mzXaf+AXuRb/F+BNrQf2XekX4F3hXvgC
hxxps://profit[.]3stepsprofit[.]com/w9oh4Eb+nJcoTBIGMhP1HSKoyd5j5dB+uXnmyjIya18=
hxxps://ghost[.]blueecho88[.]com/0WXHA6pHpGq1R/0x5lfrIaIMoyHrU/Qz413+L/MX5TnzDrJ5qRKoZrkVsGywR7o=
hxxp://lfbmjjcanenfllj[.]top/1[.]php?s=515
hxxps://configuratorpro[.]com/cdn-js/minlen[.]php
hxxps://configuratorpro[.]com/cdn/qzwewmrqqgqnaww[.]php
hxxps://antiqueglossary[.]com/111[.]php
hxxps://xfhfv[.]2023[.]ebeenj[.]com/editContent
hxxps://sxsq[.]2023[.]ebeenj[.]com/editContent
hxxps://zhlr[.]2023[.]ebeenj[.]com/editContent
hxxps://lsa[.]2023[.]ebeenj[.]com/editContent
hxxps://poa[.]2023[.]ebeenj[.]com/editContent
hxxps://cbi[.]layout[.]oystergardens[.]us/editContent
hxxps://dmq[.]layout[.]oystergardens[.]us/editContent
hxxps://wwsvf[.]layout[.]oystergardens[.]us/editContent
hxxps://mroqy[.]layout[.]oystergardens[.]us/editContent
hxxps://xtw[.]layout[.]oystergardens[.]us/editContent
FAKEUPDATES


URL
hxxp://91[.]103[.]252[.]146/fafe12c571213745/msvcp140[.]dll
hxxp://91[.]103[.]252[.]146/fafe12c571213745/sqlite3[.]dll
hxxp://91[.]103[.]252[.]146/fafe12c571213745/vcruntime140[.]dll
hxxp://91[.]103[.]252[.]146/fafe12c571213745/softokn3[.]dll
hxxp://91[.]103[.]252[.]146/fafe12c571213745/mozglue[.]dll
hxxp://91[.]103[.]252[.]146/fafe12c571213745/nss3[.]dll
hxxp://91[.]103[.]252[.]146/fafe12c571213745/freebl3[.]dll
hxxp://5[.]42[.]65[.]39/bed95ea4798a5204[.]php
hxxp://5[.]42[.]65[.]80/ship[.]exe
hxxp://95[.]216[.]187[.]218/cf2bf91a3641f615[.]php
hxxp://dominiczachary[.]top/e9c345fc99a4e67e[.]php
hxxp://45[.]9[.]74[.]80/zinda[.]exe
hxxp://79[.]137[.]192[.]18/minda[.]exe
Stealc


URL
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://77[.]91[.]68[.]78/lend/lnstalIer[.]exe
RecordBreaker


URL
hxxp://185[.]225[.]74[.]144/files/get4[.]exe
Coinminer


URL
hxxps://cdn[.]discordapp[.]com/attachments/1138093608747143333/1159527975616790618/fotha0925877[.]exe?ex=65315994&is=651ee494&hm=3ef25bde629919d016980588cc12e912244bb46930e942dd8eb1b373ba687cf7&
Lu0Bot


URL
hxxp://sentrex219[.]xyz/777/mtxrI8N[.]exe
hxxp://sentrex219[.]xyz/777/mtx56po[.]exe
Phobos


URL
hxxp://77[.]91[.]68[.]78/lend/trafico[.]exe
hxxp://77[.]91[.]68[.]52/fuza/nano[.]exe
hxxp://185[.]216[.]70[.]222/two0710[.]exe
hxxp://77[.]91[.]68[.]78/lend/asca1ex123111[.]exe
hxxp://77[.]91[.]68[.]78/lend/buildtest[.]exe
hxxp://77[.]91[.]68[.]78/lend/cats[.]exe
hxxp://185[.]216[.]70[.]222/trafico[.]exe
hxxp://77[.]91[.]68[.]78/lend/build9999[.]exe
hxxp://77[.]91[.]68[.]78/lend/build1111[.]exe
RedLine Stealer


URL
hxxp://146[.]56[.]118[.]82:443/wITI
hxxp://45[.]207[.]27[.]79:8080/ca
hxxp://20[.]237[.]62[.]65:4444/ga[.]js
hxxp://81[.]161[.]229[.]129/match
hxxp://47[.]94[.]130[.]42:88/en_US/all[.]js
hxxp://5[.]101[.]0[.]241/dpixel
hxxp://5[.]101[.]0[.]245/activity
hxxp://5[.]101[.]0[.]241/__utm[.]gif
hxxp://5[.]101[.]0[.]245/pixel[.]gif
hxxps://120[.]25[.]167[.]104/jquery-3[.]3[.]1[.]min[.]js
hxxp://82[.]156[.]161[.]35/load
hxxp://121[.]4[.]154[.]20:81/__utm[.]gif
hxxp://124[.]222[.]149[.]52:9999/cm
hxxp://124[.]220[.]180[.]112:84/pixel[.]gif
hxxps://firefox[.]org[.]cn:8443/jquery-3[.]3[.]1[.]min[.]js
hxxp://119[.]23[.]229[.]180:8090/match
hxxp://82[.]157[.]154[.]247/updates[.]rss
hxxp://43[.]138[.]235[.]42/__utm[.]gif
hxxp://116[.]205[.]241[.]185:50000/updates[.]rss
hxxps://119[.]45[.]188[.]119:8443/jquery-3[.]3[.]1[.]min[.]js
hxxp://47[.]74[.]25[.]100:7777/fwlink
hxxp://101[.]6[.]15[.]130:9090/ga[.]js
hxxp://82[.]156[.]136[.]99:8087/updates[.]rss
hxxp://106[.]75[.]214[.]55/IE9CompatViewList[.]xml
hxxp://123[.]60[.]140[.]76:8000/match
hxxp://118[.]31[.]34[.]136:9988/load
hxxp://101[.]46[.]91[.]89:4444/en_US/all[.]js
hxxp://124[.]223[.]62[.]233/dot[.]gif
hxxp://8[.]140[.]198[.]4/cx
hxxp://8[.]130[.]121[.]136:8888/en_US/all[.]js
hxxp://8[.]134[.]154[.]168:6666/load
hxxp://39[.]107[.]233[.]55/pixel
hxxps://acornservices[.]org/ex4600[.]html
hxxp://82[.]156[.]4[.]204/push
hxxp://101[.]43[.]13[.]21:9999/visit[.]js
hxxp://60[.]204[.]171[.]143/cx
hxxp://43[.]140[.]199[.]163:8090/__utm[.]gif
hxxp://101[.]43[.]70[.]206:8888/ga[.]js
hxxp://139[.]9[.]93[.]128/IE9CompatViewList[.]xml
hxxps://helloone[.]accountants[.]monster:8443/index[.]jsp
hxxps://43[.]138[.]235[.]42/IE9CompatViewList[.]xml
hxxp://185[.]162[.]235[.]241/ptj
hxxp://117[.]72[.]35[.]30:2222/updates[.]rss
hxxp://152[.]136[.]116[.]44:8032/jquery-3[.]3[.]1[.]min[.]js
hxxp://72[.]44[.]69[.]115:8001/ca
hxxp://119[.]23[.]52[.]84:3333/fwlink
hxxps://51[.]250[.]16[.]184/updates[.]rss
hxxp://81[.]71[.]68[.]50:8099/search/
hxxps://79[.]110[.]62[.]156/c/msdownload/update/others/2020/10/29136388_
hxxps://upcls[.]online/c/msdownload/update/others/2020/10/29136388_
hxxp://116[.]205[.]189[.]199:6666/jd/
hxxp://45[.]152[.]64[.]178:8086/j[.]ad
hxxps://211[.]149[.]146[.]23:10443/api/getit
hxxp://103[.]146[.]158[.]207/dpixel
hxxp://165[.]22[.]225[.]110/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://124[.]71[.]130[.]71/fwlink
hxxp://101[.]43[.]13[.]21:9998/IE9CompatViewList[.]xml
hxxp://124[.]222[.]149[.]52:4444/IE9CompatViewList[.]xml
hxxp://175[.]178[.]150[.]86/ca
hxxp://124[.]220[.]224[.]87:5555/ga[.]js
hxxp://1[.]12[.]60[.]132:5555/load
hxxp://121[.]4[.]50[.]245:8010/visit[.]js
hxxp://122[.]9[.]136[.]39:7777/dot[.]gif
hxxps://124[.]70[.]141[.]123/jquery-3[.]3[.]1[.]min[.]js
hxxp://123[.]249[.]115[.]56:8083/updates[.]rss
hxxp://119[.]23[.]52[.]84:8000/j[.]ad
hxxp://1[.]117[.]79[.]251:88/load
hxxp://1[.]117[.]79[.]251:1234/push
hxxp://101[.]42[.]101[.]185:8008/__utm[.]gif
hxxp://110[.]42[.]192[.]76/dpixel
hxxp://60[.]204[.]202[.]16:9090/dpixel
hxxps://8[.]137[.]102[.]137/fwlink
hxxp://162[.]14[.]98[.]165/__utm[.]gif
hxxp://8[.]137[.]102[.]137:8085/pixel[.]gif
hxxp://8[.]137[.]102[.]137:3389/fwlink
hxxps://8[.]137[.]102[.]137:8086/visit[.]js
hxxp://35[.]235[.]86[.]69/cm
hxxp://45[.]207[.]27[.]79:8080/g[.]pixel
hxxps://exchange[.]thestarl[.]com/jquery-3[.]3[.]1[.]min[.]js
hxxps://submit-data[.]com/jquery-3[.]3[.]1[.]min[.]js
hxxp://www[.]wlndows[.]net:8080/jquery-3[.]3[.]1[.]min[.]js
hxxps://120[.]24[.]38[.]217:4433/fwlink
hxxp://147[.]78[.]47[.]134/_/scs/mail-static/_/js/
hxxp://43[.]139[.]107[.]237:10000/__utm[.]gif
hxxps://exchange[.]thestarl[.]com:2096/jquery-3[.]3[.]1[.]min[.]js
hxxp://175[.]178[.]99[.]133/ptj
hxxp://195[.]123[.]242[.]133/Devise/about/DAO9KDE3X
hxxps://195[.]123[.]242[.]133/Devise/about/DAO9KDE3X
hxxps://185[.]196[.]9[.]6/jquery-3[.]3[.]1[.]min[.]js
hxxps://api[.]0nedriveup[.]com/en_US/all[.]js
hxxp://8[.]130[.]128[.]97/ga[.]js
hxxps://103[.]39[.]78[.]153/cx
hxxp://120[.]26[.]46[.]50:8873/match
hxxp://8[.]130[.]128[.]97:8080/cx
hxxp://43[.]138[.]30[.]109:7524/push
hxxps://43[.]138[.]30[.]109:7777/__utm[.]gif
hxxp://124[.]220[.]215[.]247/fwlink
hxxps://139[.]199[.]180[.]136/activity
hxxps://8[.]130[.]125[.]172/__utm[.]gif
hxxp://134[.]209[.]104[.]32:465/bootstrap[.]min[.]js
hxxps://64[.]190[.]113[.]226/dot[.]gif
hxxps://91[.]149[.]237[.]92/en_US/all[.]js
hxxps://120[.]26[.]46[.]50:8879/dpixel
hxxp://8[.]137[.]102[.]137:8085/dpixel
hxxp://162[.]14[.]98[.]165/j[.]ad
hxxp://8[.]137[.]102[.]137:3389/j[.]ad
hxxp://43[.]139[.]107[.]237:10000/load
hxxp://43[.]138[.]30[.]109:8888/IE9CompatViewList[.]xml
hxxp://92[.]63[.]196[.]46:8092/en_US/all[.]js
hxxp://150[.]158[.]212[.]71/visit[.]js
hxxps://8[.]137[.]102[.]137:8086/en_US/all[.]js
hxxps://116[.]198[.]11[.]22/updates[.]rss
hxxp://58[.]144[.]198[.]69:7777/j[.]ad
hxxp://111[.]229[.]163[.]225/ga[.]js
hxxp://94[.]156[.]253[.]138/visit[.]js
hxxp://124[.]70[.]179[.]54:8888/fwlink
hxxp://91[.]149[.]237[.]92:23333/load
hxxp://8[.]130[.]128[.]97/load
hxxp://42[.]192[.]37[.]72:50055/pixel
hxxps://104[.]21[.]37[.]76:8443/pixel
hxxps://awda[.]updatecode[.]xyz:2087/cx
hxxp://91[.]149[.]237[.]92:2086/activity
hxxps://106[.]14[.]141[.]187:8443/match
hxxp://124[.]70[.]179[.]54:8888/match
hxxps://185[.]225[.]75[.]69:8443/IE9CompatViewList[.]xml
hxxp://123[.]207[.]5[.]159:89/push
hxxp://124[.]221[.]76[.]197/load
hxxps://124[.]221[.]76[.]197/activity
hxxps://91[.]149[.]237[.]92/ga[.]js
hxxps://172[.]67[.]191[.]252/ptj
hxxps://104[.]21[.]20[.]81/pixel
hxxps://106[.]15[.]190[.]195/include/template/isx[.]php
hxxp://121[.]36[.]224[.]175:8888/visit[.]js
hxxp://60[.]204[.]135[.]117/dpixel
hxxps://156[.]245[.]19[.]127:8443/j[.]ad
hxxps://165[.]227[.]141[.]64:4433/en_US/all[.]js
hxxps://79[.]110[.]62[.]125/jquery-3[.]3[.]1[.]min[.]js
hxxp://111[.]230[.]15[.]118:8089/push
hxxps://124[.]156[.]163[.]253/fwlink
hxxp://106[.]14[.]149[.]88:4545/fwlink
hxxp://msdn[.]ajax-microsoft[.]com/link/v3[.]22/4EN738VY
hxxps://115[.]159[.]115[.]41/visit[.]js
hxxp://150[.]158[.]161[.]38:8081/cx
Cobalt Strike


URL
hxxp://sentrex219[.]xyz/777/skxODnP[.]exe
hxxp://mkstat227[.]xyz/777/skxr65o[.]exe
hxxps://giyahgostar[.]com/perferendismollitia/i[.]exe
SystemBC


URL
hxxp://23[.]95[.]106[.]3/250/Tugksta[.]exe
hxxp://192[.]3[.]95[.]205/630/htmlc[.]exe
Formbook


URL
hxxp://96[.]9[.]208[.]32/bqCxhqN246[.]bin
hxxp://185[.]255[.]114[.]44/ROiOu148[.]bin
hxxp://103[.]106[.]67[.]20/PbGvXyKcGaJ94[.]bin
hxxp://185[.]255[.]114[.]43/blKLobYknXN39[.]bin
CloudEyE


URL
hxxp://communicalink[.]com/putty[.]exe
hxxp://hdstatusvideos[.]com/codice/Informazioni[.]zip
hxxp://evolve-adv[.]com/codice/Azienda[.]zip
hxxp://lavacolla[.]com/centro/index[.]php
hxxp://www[.]lotuskshetri[.]com[.]np/centro/index[.]php
hxxp://dichvuphanmem[.]net/centro/AiHgsdFWqAuOpkRyK
hxxp://srsorvete[.]com[.]br/centro/index[.]php
hxxp://mobile[.]covid-alzawraa-lab[.]com/centro/CUtJWdFWvzWMS
hxxp://arbitrag38[.]ru/centro/XgYONUGxxFSUsPIGr
hxxp://culinaria-passoapasso[.]artesanatodosucesso[.]com/centro/MWXRnPqWKjpu
hxxp://live[.]com[.]gt/codice/Cliente[.]zip
hxxp://lavacolla[.]com/codice/Documenti[.]zip
hxxp://lawtosuccess[.]com/codice/Documenti[.]zip
hxxp://proaug[.]com/centro/index[.]php
Gozi


URL
hxxp://171[.]22[.]28[.]208/download/rise/StealerClient_Sharp1[.]exe
hxxp://171[.]22[.]28[.]214/PolymodXT[.]exe
hxxp://194[.]169[.]175[.]144:8081/login
RisePro


URL
hxxp://galandskiyher4[.]com/downloads/toolspub2[.]exe
hxxps://onualituyrs[.]org/987123[.]exe
hxxps://admiretourism[.]com/tmp/index[.]php
hxxp://wirtshauspost[.]at/tmp/
hxxp://talesofpirates[.]net/tmp/
hxxp://soetegem[.]com/tmp/
hxxp://msktk[.]ru/tmp/
SmokeLoader


URL
hxxp://103[.]30[.]10[.]177/660/audiodg[.]exe
hxxp://202[.]55[.]134[.]71/sett/kung[.]exe
hxxps://moodelstore[.]tel/user/five/fre[.]php
hxxp://moodelstore[.]tel/user/five/fre[.]php
hxxp://185[.]216[.]71[.]207/_errorpages/evil1/five/fre[.]php
LokiBot


URL
hxxps://79[.]110[.]62[.]189/cafiii[.]jpg
hxxp://193[.]26[.]115[.]174:222/1[.]jpg
hxxp://193[.]26[.]115[.]174:222/1[.]xml
hxxps://upload[.]vina-host[.]com/CQOwGIT7vk/windows[.]exe
AsyncRAT


URL
hxxp://77[.]91[.]68[.]78/lend/Stealer[.]exe
Eternity


URL
hxxp://ji[.]fhauiehgha[.]com/m/ss47[.]exe
hxxp://aa[.]jaoaaoas11[.]com/m/zoeg4a5[.]exe
Fabookie


URL
hxxp://103[.]238[.]234[.]86/x86_64
hxxp://95[.]214[.]25[.]116//Yboats[.]i686
hxxp://95[.]214[.]25[.]116//Yboats[.]arm7
Bashlite


URL
hxxp://cncdevelopment[.]org/b9djs2g/index[.]php
Amadey


URL
hxxp://193[.]37[.]70[.]233/L1nc0In[.]php
hxxps://textbin[.]net/raw/cgeahsl8f7
DCRat


URL
hxxp://179527[.]com/386
hxxp://179527[.]com/mips
hxxp://179527[.]com/aarch64
hxxp://179527[.]com/mips64
hxxp://179527[.]com/mipsel
hxxp://179527[.]com/mips64el
hxxp://179527[.]com/arm7
hxxp://179527[.]com/arm6
hxxp://179527[.]com/arm5
hxxp://179527[.]com/amd64
hxxp://179527[.]com/linux
Kaiji


URL
hxxp://216[.]238[.]110[.]110:8080/downloader[.]vbs
Raccoon


URL
hxxp://zdv[.]life/public/gate
Luca Stealer


URL
hxxp://94[.]228[.]162[.]50/book[.]zip
hxxp://168[.]119[.]115[.]218/archieve[.]zip
hxxp://49[.]13[.]86[.]44:27015/archieve[.]zip
Vidar


URL
hxxps://pasteio[.]com/raw/xZetAwydE0XA
VoidRAT




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://45[.]66[.]230[.]22/java_done[.]exe hxxps://45[.]66[.]230[.]22/payload[.]exe	Nanocore RAT
URL	hxxp://192[.]3[.]95[.]131/270/HTMLc[.]exe hxxps://45[.]66[.]230[.]22/setup[.]exe hxxp://192[.]3[.]95[.]131/280/HTMLC[.]EXE hxxp://103[.]182[.]16[.]23/250/1/UFX[.]txt hxxp://103[.]182[.]16[.]23/250/2/HTMLcc[.]vbs hxxp://103[.]182[.]16[.]23/250/2/UFG[.]txt hxxp://103[.]182[.]16[.]23/250/1/html[.]vbs hxxp://103[.]182[.]16[.]23/250/3/UXO[.]txt hxxp://103[.]182[.]16[.]23/250/3/HtmlCent[.]vbs hxxp://103[.]182[.]16[.]23/250/3/ioi0OIOoi0IOIOIoi0OIOIioI0IOioi0000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300ioi0ioiOI0oioiOIOI0ioIOIOI00%23%23%23%23%23%23%23%23%23%23%23%23%23%23000[.]doc hxxp://103[.]182[.]16[.]23/250/1/IOI0OIOoioi0ooooi00IOIOoi0OoI00IIoioi0000%23%23%23%23%23%23%23%23%23%23%23%23%23%23000oi0ioio0OIOI0ioooI0IOioiOI0ioII%23%23%23%23%23%23%23%23%23%23%23%23%2300000000[.]doc hxxp://103[.]182[.]16[.]23/250/2/i0ioi0o0IOoiio00I00oOOo0i0I0IOIOI0OIOIo00%23%23%23%23%23%23%23%23%23%23%23%23%23%2300i0ioio0OIOI0iooIO0iiooio0%23%23%23%23%23%23%23%23%23%23%23%23%23%23000000[.]doc hxxp://193[.]42[.]33[.]63/hhreexploit[.]vbs hxxp://193[.]42[.]33[.]63/x[.]x[.]x[.]x[.]doc hxxp://79[.]110[.]48[.]52/bkop[.]vbs hxxp://81[.]161[.]229[.]226/vacxopl[.]vbs hxxp://79[.]110[.]48[.]52/nicko[.]vbs hxxp://185[.]255[.]114[.]43/HZbByPcBFnmt213[.]bin hxxp://94[.]156[.]161[.]167/tl/eg6667[.]txt hxxp://94[.]156[.]161[.]167/tl/ig5443[.]txt hxxp://107[.]175[.]3[.]22/330/audiodgs[.]exe hxxps://www[.]tt22[.]in/cs hxxp://107[.]175[.]3[.]22/UHO/1/i0ioiioi0oioioI0IOIOOI0OIOI0i0ioo00%23%23%23%23%23%23%23%23%23%23%23%23%23%2300i0ioii0ioi0oioi0oiooio0000%23%23%23%23%23%23%23%23%23%23%23%23%23%2300000[.]doc hxxp://107[.]175[.]3[.]22/236/sihost[.]exe	Agent Tesla
URL	hxxp://weaselplacerif[.]fun/api hxxps://uc2dde06dfda4495703517a59e75[.]dl[.]dropboxusercontent[.]com/cd/0/get/CFBsEw-8VyzEP4r_NtLikSy3Ex4hGsPYLg6Xs96H-bYY5pUmBDLv5xyg3FtcDQSrd52RMssE5yua4_GHP6ouaOh-erLw1Ud6MXeYZLFHkijGES9InMLw-6BTi_bzrcOHB9IKkY8wS65iFLo6BlJaEeuc/file?dl=1 hxxp://noisemakjelly[.]fun/api hxxp://artificialleath[.]fun/api hxxp://firmpanacewa[.]fun/api hxxp://npskudlu[.]com/cllip[.]exe hxxp://begonblom[.]fun/api hxxp://thuspulllig[.]fun/api hxxp://cameponceowa[.]site/api hxxp://decorhighsa[.]pw/api hxxp://destroyevensusp[.]fun/api hxxp://blingaspireojhau[.]online/api hxxp://81[.]161[.]229[.]219/files/document[.]pdf hxxp://81[.]161[.]229[.]219/files/deluxe_crypted[.]exe hxxp://bytecloudasa[.]website/api hxxp://pedigreeprotone[.]fun/api hxxp://nursepridespan[.]fun/api hxxp://orgstekomnw[.]pw/api hxxps://alwassataimmo[.]com/12/cutchapter[.]exe hxxp://manguvorpmi[.]pw/api hxxp://hawsteamjoak[.]fun/api hxxps://alwassataimmo[.]com/12/formeremploy[.]exe hxxp://crossmuchscandta[.]pw/api	Lumma Stealer
URL	hxxps://mohasanteck[.]com/am/?08304421 hxxps://shankarmaharaj[.]com/num/?28054421 hxxps://hudaibiahcollege[.]com/eaup/?31234421 hxxps://rawdah-mlhm[.]com/iin/?29134421 hxxps://pineheightsystems[.]com[.]ng/ei/?17204421 hxxps://transmilez[.]com/isup/?47204421 hxxps://med-care[.]co/qoiu/?39104421 hxxps://roexperts[.]in/rep/?06154421 hxxps://florotek[.]com/utat/?43254421 hxxps://mobilefixer[.]in/rat/?23104421 hxxps://kcims[.]org/ua/?12204421 hxxps://taxicentral[.]ir/qll/?72534421 hxxps://mudratherapy[.]in/eqa/?35304421 hxxps://constitutionalsanctuarycity[.]org/eit/?68434421 hxxps://kapaass[.]com/mn/?69634421 hxxps://kevinpharmachem[.]com/su/?96334421 hxxps://med-care[.]co/qoiu/?94334421 hxxps://masterschoolkandana[.]site/sort/?29334421 hxxps://novpara[.]capital/se/?78334421 hxxps://motherteresacharitablesociety[.]com/sati/?00304421 hxxps://arosalmasayif[.]com/rc/?26154421 hxxps://webdesigninhull[.]co[.]uk/tei/?38204421 hxxps://raffaelamarescalco[.]it/uisc/?61104421 hxxps://aliandcompany[.]pk/saii/?09204421 hxxps://nahitahukuk[.]com/qaq/?87234421 hxxps://thenostalgistfilm[.]com/mis/?57304421 hxxps://learnstuffs[.]com/eoun/?07134421 hxxps://jlsangola[.]com/quc/?16104421 hxxps://desarrollosprogramas[.]com/ttsa/?74434421 hxxps://fouredgefm[.]com/iemt/?66134421 hxxps://nexspace[.]co[.]th/uii/?95204421 hxxps://scholarshiplug[.]com/uun/?71254421 hxxps://masterschoolkandana[.]site/sort/?00304421 hxxps://geetabeautyhub[.]in/pt/?39434421 hxxps://flatfeecorp[.]co/or/?78134421 hxxps://rodriyt[.]com/qi/?07304421 hxxps://fit-decor[.]com/fas/?51254421 hxxps://europe-garage-automobile[.]com/atu/?38134421 hxxps://norcantec[.]com[.]ar/umn/?13334421 hxxps://teachenglishonline[.]org/eaom/?00234421 hxxps://technopark[.]com[.]pk/ma/?79034421 hxxps://rodeate[.]com/uee/?53334421 hxxps://mostlynonsensical[.]com/rb/?35034421 hxxps://brandpacker[.]net/oel/?20924421 hxxps://arigopay[.]com/pamr/?71134421 hxxps://spertual[.]site/umd/?67334421 hxxps://nahitahukuk[.]com/qaq/?67734421 hxxps://topdailystory[.]com/ste/?29634421 hxxps://hudaibiahcollege[.]com/eaup/?00134421 hxxps://futurefoodfarms[.]com[.]ng/gmss/?54234421 hxxps://sppflash[.]com[.]ar/utsv/?43334421 hxxps://drmurtazashomoeopathy[.]in/bman/?46034421 hxxps://twingalleria[.]com/ec/?39134421 hxxps://wedoit[.]global/arp/?68334421 hxxps://my-lynk[.]com/niu/?68734421 hxxps://geetabeautyhub[.]in/pt/?90134421 hxxps://fouredgefm[.]com/iemt/?72034421 hxxps://drmurtazashomoeopathy[.]in/bman/?74034421 hxxps://ko2labs[.]com/isa/?03134421 hxxps://miammiam[.]sg/rina/?02334421 hxxps://nahitahukuk[.]com/qaq/?51034421 hxxps://gazisupershop[.]com/ae/?95634421 hxxps://hudaibiahcollege[.]com/eaup/?11034421 hxxps://zeytouni[.]net/dl/?67634421 hxxps://trysupplements[.]online/rr/?66234421 hxxps://kcims[.]org/ua/?42234421 hxxps://adz[.]biz[.]id/rt/?37034421 hxxps://servicecustomercare[.]com/seip/?19634421 hxxps://mweimall[.]co[.]ke/cu/?31234421 hxxps://promediol[.]com/it/?00034421 hxxps://lpexpert[.]site/qtqu/?63924421 hxxps://med-care[.]co/qoiu/?68034421 hxxps://strategy180[.]com[.]au/amsn/?70234421 hxxps://theconsulting[.]io/iidt/?79034421 hxxps://nexspace[.]co[.]th/uii/?63234421 hxxps://trysupplements[.]online/rr/?65134421 hxxps://casagilapizaco[.]mx/it/?13634421 hxxps://mostlynonsensical[.]com/rb/?67924421 hxxps://taxitransferskeri[.]com/rit/?19534421 hxxps://metalfiber[.]com[.]pe/put/?31734421 hxxps://europe-garage-automobile[.]com/atu/?40134421 hxxps://servicecustomercare[.]com/seip/?49924421 hxxps://beseen-bla[.]com/troi/?71824421 hxxps://onlinegratuitycalculator[.]com/eta/?25824421 hxxps://supremeelevator[.]com/msti/?94924421 hxxps://hooverrepairservicecenterauthorized[.]com/mrrs/?61034421 hxxps://antarperu[.]com[.]pe/uqe/?23924421 hxxps://hudaibiahcollege[.]com/eaup/?12034421 hxxps://mortgage-application-form[.]com/bem/?13924421 hxxps://khalimoff[.]com/std/?20924421 hxxps://portleon[.]com/uh/?61924421 hxxps://easyfitautoglass[.]co[.]za/iqat/?16434421 hxxps://geetabeautyhub[.]in/pt/?11924421 hxxps://geetabeautyhub[.]in/pt/?38824421 hxxps://metalfiber[.]com[.]pe/put/?78824421 hxxps://saurcool[.]com/nt/?19924421 hxxps://garimaenterprises[.]co[.]in/se/?65924421 hxxps://desertandbloom[.]com/uq/?64924421 hxxps://lionaiassistant[.]com/vde/?47624421 hxxps://packline[.]org/eoor/?76434421 hxxps://norcantec[.]com[.]ar/umn/?65034421 hxxps://hudaibiahcollege[.]com/eaup/?48134421 hxxps://clinicsmilekraft[.]com/uees/?66034421 hxxps://beautyforwellness[.]com/ti/?34924421 hxxps://teravonsolar[.]com/is/?13134421 hxxps://futurefoodfarms[.]com[.]ng/gmss/?31824421 hxxps://brilliant-solutions[.]ae/it/?24034421 hxxps://i-techsolutions[.]co[.]ke/amr/?56134421 hxxps://ezejiamatufoundation[.]com/etr/?65924421 hxxps://xirconhomes[.]com[.]au/oelu/?09924421 hxxps://culturadireitoesociedade[.]com[.]br/ts/?86334421 hxxps://culturadireitoesociedade[.]com[.]br/ts/?11034421 hxxps://ikhsoyod[.]mn/ums/?03724421 hxxps://futurefoodfarms[.]com[.]ng/gmss/?74824421 hxxps://gfs-ae[.]com/sd/?85334421 hxxps://mostlynonsensical[.]com/rb/?00834421 hxxps://myprojectssydney[.]com[.]au/iest/?18434421 hxxps://europe-garage-automobile[.]com/atu/?62034421 hxxps://metalfiber[.]com[.]pe/put/?78724421 hxxps://hermanaluzangelica[.]com/qe/?20824421 hxxps://arosalmasayif[.]com/rc/?73834421 hxxps://shopnovinplus[.]com/uon/?05924421 hxxps://ezejiamatufoundation[.]com/etr/?34724421 hxxps://naun[.]com[.]br/ur/?69034421 hxxps://beseen-bla[.]com/troi/?44824421 hxxps://vertical-gardener[.]com/cqlu/?06724421 hxxps://i-techsolutions[.]co[.]ke/amr/?24824421 hxxps://twingalleria[.]com/ec/?97624421 hxxps://allazeez[.]in/ue/?21634421 hxxps://pakistanroof[.]com/ps/?76234421 hxxps://ezejiamatufoundation[.]com/etr/?28054421 hxxps://tsmedia[.]id/atso/?63824421 hxxps://adast-alfn[.]com/suai/?22634421 hxxps://nexspace[.]co[.]th/uii/?87824421 hxxps://mostlynonsensical[.]com/rb/?48534421 hxxps://mallasprogalv[.]com/ia/?96924421 hxxps://rshm[.]co[.]in/eaii/?03734421 hxxps://norcantec[.]com[.]ar/umn/?68724421 hxxps://oximedbolivia[.]com/turn/?00034421 hxxps://pakistanroof[.]com/ps/?80434421 hxxps://shriganapathisourses[.]com/cor/?22434421 hxxps://adast-alfn[.]com/suai/?42434421 hxxps://flatfeecorp[.]co/or/?88624421 hxxps://thestandpoint[.]ca/catm/?71134421 hxxps://brasigncertificacao[.]com[.]br/ates/?69634421 hxxps://plawers[.]com/TOA/	Pikabot
URL	hxxps://saurcool[.]com/nt/ hxxps://garimaenterprises[.]co[.]in/se/ hxxps://mallasprogalv[.]com/ia/ hxxps://jobhunt88[.]com/ad/ hxxps://qastoman[.]com/du/ hxxps://englishnet[.]com[.]mx/qe/ hxxps://lavaliosa[.]com[.]mx/di/ hxxps://needzsolutions[.]com/oeiu/ hxxps://agriformexico[.]com/fc/ hxxps://rshm[.]co[.]in/eaii/ hxxps://nowapsiindia[.]com/eoas/ hxxps://alphamgt[.]com[.]ng/solr/ hxxps://onlinegratuitycalculator[.]com/eta/ hxxps://mcbsistemas[.]com[.]br/al/ hxxps://akpoazaagroup[.]com/qnr/ hxxps://clinicsmilekraft[.]com/uees/ hxxps://itscnf[.]com/rs/ hxxps://abouthealthupdates[.]us/atic/ hxxps://wizzardz-solutions[.]com/ar/ hxxps://geetabeautyhub[.]in/pt/ hxxps://antarperu[.]com[.]pe/uqe/ hxxps://novpara[.]capital/se/ hxxps://skillerszone[.]com/eexe/ hxxps://celestialthaispa[.]com/pt/ hxxps://astroheenasharma[.]in/efmr/ hxxps://mobilefixer[.]in/rat/ hxxps://aviorify[.]com/ie/ hxxps://wagonslearning[.]in/uiqq/ hxxps://pehspl[.]co[.]in/td/ hxxps://gazisupershop[.]com/ae/ hxxps://amshesp[.]com/rooe/ hxxps://xirconhomes[.]com[.]au/oelu/ hxxps://bandafourhead[.]com[.]br/oiai/ hxxps://futurefoodfarms[.]com[.]ng/gmss/ hxxps://pseventer[.]com/di/ hxxps://gfs-ae[.]com/sd/ hxxps://ptferubbers[.]com/uua/ hxxps://nexspace[.]co[.]th/uii/ hxxps://broadwayevents[.]co[.]za/oeii/ hxxps://standartbud[.]net/turo/ hxxps://pmsarkarijob[.]com/cm/ hxxps://facturial[.]es/equ/ hxxps://kimandclak-ltd[.]com/lam/ hxxps://naun[.]com[.]br/ur/ hxxps://mortgage-application-form[.]com/bem/ hxxps://drmurtazashomoeopathy[.]in/bman/ hxxps://constitutionalsanctuarycity[.]org/eit/ hxxps://ongoing[.]website/stsa/ hxxps://arigopay[.]com/pamr/ hxxps://4am[.]health/ate/ hxxps://yagneek[.]com/sm/ hxxps://dollar2023[.]com/esd/ hxxps://salaammaharashtra[.]in/mqu/ hxxps://digitalsafecertificadora[.]com[.]br/eeta/ hxxps://freguesiadabeleza[.]com[.]br/auf/ hxxps://loganwritersfestival[.]com[.]au/umco/ hxxps://lpexpert[.]site/qtqu/ hxxps://shriganapathisourses[.]com/cor/ hxxps://excelliaschool[.]edu[.]in/ior/ hxxps://europe-garage-automobile[.]com/atu/ hxxps://provfin[.]com[.]au/ea/ hxxps://i-techsolutions[.]co[.]ke/amr/ hxxps://wagonsskillfoundation[.]com/ameu/ hxxps://vbnexcod[.]co[.]in/ri/ hxxps://conceptloop[.]net/rdm/ hxxps://twafcreative[.]com/iqui/ hxxps://chetanaenterprises-nx[.]com/tide/ hxxps://currylounge[.]ca/rtum/ hxxps://cinecreativofilmschool[.]com/issn/ hxxps://desarrollosprogramas[.]com/ttsa/ hxxps://fouredgefm[.]com/iemt/ hxxps://adast-alfn[.]com/suai/ hxxps://liegefelicio[.]com[.]br/qgl/ hxxps://demandehypothecaire[.]ca/uq/ hxxps://casagilapizaco[.]mx/it/ hxxps://sallybdran[.]co[.]il/uem/ hxxps://want2beme[.]com/acm/ hxxps://jobvortex[.]com/si/ hxxps://learnstuffs[.]com/eoun/ hxxps://bamboom[.]com[.]co/eq/ hxxps://buyshyhub[.]com/tu/ hxxps://zeytouni[.]net/dl/ hxxps://kapaass[.]com/mn/ hxxps://sppflash[.]com[.]ar/utsv/ hxxps://kevinpharmachem[.]com/su/ hxxps://simplyvisit[.]co[.]uk/tpae/ hxxps://casadebill[.]org/it/ hxxps://theconsulting[.]io/iidt/ hxxps://mostlynonsensical[.]com/rb/ hxxps://allazeez[.]in/ue/ hxxps://forextradings[.]net/vt/ hxxps://medrexmedicaltrding[.]tw/taub/ hxxps://technopark[.]com[.]pk/ma/ hxxps://hermanaluzangelica[.]com/qe/ hxxps://cheaptravelservice[.]us/is/ hxxps://nahitahukuk[.]com/qaq/ hxxps://icg-egy[.]net/det/ hxxps://portleon[.]com/uh/ hxxps://angelesescobar[.]cl/uure/ hxxps://lucreindia[.]com/mte/ hxxps://radiancegroup[.]info/teu/ hxxps://bellepreviews[.]com/tute/ hxxps://topdailystory[.]com/ste/ hxxps://kernel-ec[.]com/oore/ hxxps://aakashfertilitycentre[.]in/qsp/ hxxps://radhagobindrefrigeration[.]com/is/ hxxps://aquatickidsglobalschool[.]com/et/ hxxps://zahra-nejati[.]ir/uaq/ hxxps://teravonsolar[.]com/is/ hxxps://funsaef[.]org/ips/ hxxps://beautyforwellness[.]com/ti/ hxxps://psservicesindia[.]com/doet/ hxxps://assuredservice[.]co[.]in/ln/ hxxps://queenbbridals[.]ng/rt/ hxxps://norcantec[.]com[.]ar/umn/ hxxps://shopnovinplus[.]com/uon/ hxxps://mweimall[.]co[.]ke/cu/ hxxps://drawbox[.]pt/etue/ hxxps://poonamcoatings[.]com/tio/ hxxps://alfa-omega-pty[.]com/as/ hxxps://benaamedia[.]com/siui/ hxxps://norvik[.]ug/gteu/ hxxps://medigest[.]in/uaeq/ hxxps://buyproductnow[.]online/dol/ hxxps://urhobodaily[.]com/oue/ hxxps://rawdah-mlhm[.]com/iin/ hxxps://fit-decor[.]com/fas/ hxxps://packline[.]org/eoor/ hxxps://med-care[.]co/qoiu/ hxxps://flatfeecorp[.]co/or/ hxxps://shreekalastudioz[.]com/est/ hxxps://thestandpoint[.]ca/catm/ hxxps://kejriwalyojana[.]com/qoua/ hxxps://uniquemanufacture[.]co[.]in/eo/ hxxps://oximedbolivia[.]com/turn/ hxxps://khalimoff[.]com/std/ hxxps://promediol[.]com/it/ hxxps://pakistanroof[.]com/ps/ hxxps://stjohnsdamoh[.]co[.]in/er/ hxxps://tingolazodeportes[.]com/re/ hxxps://nbsdevelopments[.]com/na/ hxxps://brilliant-solutions[.]ae/it/ hxxps://desertandbloom[.]com/uq/ hxxps://petholickw[.]com/lm/ hxxps://rapidskinandhairclinic[.]com/iaol/ hxxps://realestateimpact[.]us/laoo/ hxxps://sparespace[.]in/lli/ hxxps://saiffastners[.]com/mqdo/ hxxps://ikhsoyod[.]mn/ums/ hxxps://medicionacustica[.]cl/eio/ hxxps://olimartesser[.]com[.]br/iuts/ hxxps://olympicscientific[.]ca/ee/ hxxps://mastersite[.]fun/dsso/ hxxps://technopus[.]com/ate/ hxxps://websfy[.]com/sa/ hxxps://arosalmasayif[.]com/rc/ hxxps://fairwayslogistics[.]org/il/ hxxps://akla[.]com[.]pk/oua/ hxxps://spertual[.]site/umd/ hxxps://metalfiber[.]com[.]pe/put/ hxxps://hooverrepairservicecenterauthorized[.]com/mrrs/ hxxps://newspaperman[.]in/arp/ hxxps://yushanmedia[.]com[.]np/taiq/ hxxps://easyfitautoglass[.]co[.]za/iqat/ hxxps://beseen-bla[.]com/troi/ hxxps://rodeate[.]com/uee/ hxxps://airtaceuropa[.]com/trqa/ hxxps://kcims[.]org/ua/ hxxps://hypothequeswestisland[.]ca/aim/ hxxps://priceclub[.]online/ln/ hxxps://organicfoodslahore[.]com/tsa/ hxxps://adz[.]biz[.]id/rt/ hxxps://servicecustomercare[.]com/seip/ hxxps://miammiam[.]sg/rina/ hxxps://strategy180[.]com[.]au/amsn/ hxxps://jekinformatica[.]com[.]br/pi/ hxxps://gpexpatservices[.]com/ain/ hxxps://buzzbt[.]io/blio/ hxxps://shalife[.]in/luoi/ hxxps://pusadurbanbank[.]com/id/ hxxps://vulturetv[.]com/tau/ hxxps://maxcelulares[.]com[.]br/ie/ hxxps://courageousmefoundation[.]org/tuni/?1 hxxps://ecosing[.]com/qc/?1 hxxps://grocerycorridor[.]com/aso/?1 hxxps://harsiddhindustries[.]com/leo/?1 hxxps://katsuamber[.]site/pg/?1 hxxps://kidsneedsbd[.]com/trs/?1 hxxps://nasa2000[.]com[.]mx/mia/?1 hxxps://owe[.]org[.]af/oled/?1 hxxps://palpa[.]ps/otle/?1 hxxps://rtp-kapuas88[.]com/snr/?1 hxxps://sebifan[.]ro/srti/?1 hxxps://tepor[.]it/lqas/?1 hxxps://therapyhealstrauma[.]com/paqe/?1 hxxps://uniget[.]com[.]br/let/?1 hxxps://wirkaleufu[.]cl/do/?1 hxxps://wpconversionking[.]com/acu/?1 hxxps://xpertmarketing[.]mx/bea/?1 hxxps://babycaresms[.]com/dso/?1 hxxps://camerazone[.]lk/dlv/?1 hxxps://aarzu[.]com[.]pk/rebr/?1 hxxps://xavierliras[.]com/lgtv/?1 hxxps://xavierliras[.]com/lgtv/	DarkGate
URL	hxxps://www[.]alliancegold[.]com[.]ec/download/Uzcfllcvmp[.]vdf hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/shedremko2[.]1[.]exe hxxp://193[.]26[.]115[.]174:222/2[.]txt hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/shekinga2[.]1[.]exe	Remcos
URL	hxxps://legalny[.]com[.]pl/comments[.]php hxxps://lewispublishing[.]org/comments[.]php hxxps://local[.]silly-beer[.]com/comments[.]php hxxps://manfredfohringer[.]de/comments[.]php hxxps://marketstrategiesmgmt[.]com/comments[.]php	GootLoader
URL	hxxps://gta-fportal[.]com/Game hxxps://mynameisnull[.]site/config/ hxxps://gta-fportal[.]com/Game/?e=73661 hxxps://mynameisnull[.]site/config/-1001228456341 hxxps://mynameisnull[.]site/api/ hxxps://mynameisnull[.]site/api/-1001228456341 hxxp://edalat-shan[.]com/c/app[.]apk hxxps://saham-cs[.]skcarriages[.]com/sahamedalat[.]apk hxxps://saham-b[.]skcarriages[.]com/sahamedalat[.]apk hxxps://sbijanr[.]xyz/microb2/main[.]php?get=sms hxxps://sbijanr[.]xyz/microb2/main[.]php hxxps://sbijanr[.]xyz/microb2 hxxps://hamyar-mahak[.]site/Basic hxxps://saham-d[.]skcarriages[.]com/sahamedalat[.]apk hxxps://saham-pa[.]skcarriages[.]com/sahamedalat[.]apk hxxps://saham-vn[.]skcarriages[.]com/sahamedalat[.]apk hxxps://ed[.]sahamiru[.]hair/%F0%9D%90%9C%E2%80%8C%E2%80%8C/dex[.]apk hxxps://remote[.]mynameiszeus[.]site/api/-1001832626536 hxxps://remote[.]mynameiszeus[.]site/api/ hxxps://remote[.]mynameislusi[.]site/api/-1001830809790 hxxps://remote[.]mynameislusi[.]site/config/-1001830809790 hxxps://remote[.]mynameislusi[.]site/api/ hxxps://remote[.]mynameislusi[.]site/config/ hxxps://a[.]mynameisbasil[.]site/api/ hxxps://a[.]mynameisbasil[.]site/api/-1001739572410 hxxps://mmdapks[.]click/dead/web[.]txt hxxps://mmdapks[.]click/dead/log[.]php hxxps://mmdapks[.]click/dead hxxps://remote[.]mynameislusi[.]site/api/-1001921881932 hxxps://remote[.]mynameislusi[.]site/config/-1001921881932 hxxps://sdmbyo[.]xyz/api/-1001942487619 hxxps://sdmbyo[.]xyz/api/ hxxps://connhandle[.]lat/esf/esf[.]php hxxps://connhandle[.]lat/esf/ hxxps://connhandle[.]lat/esf/esf[.]php?h= hxxps://cmakeapp[.]com/esf/strawberry[.]php hxxps://cmakeapp[.]com/[.][.][.] hxxps://cmakeapp[.]com/esf/ hxxps://cmakeapp[.]com/esf/grape[.]php hxxps://saeasmekldlkj[.]click/saeed hxxps://ssd-vip[.]website/matin/log[.]php hxxps://ssd-vip[.]website/matin/web[.]txt	IRATA
URL	hxxps://residencialcasabrasileira[.]com/111[.]php hxxps://fablane[.]com/cdn/qzwewmrqqgqnaww[.]php hxxps://nmbvcxzasedrt[.]com/ZgbN19Mx hxxps://fablane[.]com/cdn-js/minlen[.]php hxxps://nmbvcxzasedrt[.]com/vvmd54/ hxxps://nmbvcxzasedrt[.]com/lander/chrome_1695206714/_index[.]php hxxps://wsexdrcftgyy191[.]com/vvmd54/ hxxps://wsexdrcftgyy191[.]com/ZgbN19Mx hxxps://wsexdrcftgyy191[.]com/lander/chrome_1695206714/_index[.]php hxxps://scripts[.]asi[.]services/cX458IXVf9TcXk/nhNa+y0nWDAAY7JxpQFgRZT9/nUk= hxxps://ghost[.]blueecho88[.]com/O1K1D0Bw1mZfcI89DGCZLUg70S0BZYA8An6XfRlol2FQP9thST3ULUY= hxxps://ghost[.]blueecho88[.]com/uI+ovsOty9fcrZKMj7uEnMvmzJyCuJmJi7mZkpr9ioSa5cTMwunJxMH8z9fW7c7fwf7DnMU= hxxps://ghost[.]blueecho88[.]com/9cQh7I7mQoWR5hvewvYNzoatRc7P8hLdxf0TwNe2A9bXo1GPlKdGlJiyU5qNqE+OhrEDkQ== hxxps://ghost[.]blueecho88[.]com/Ew7j5GgsgI13LNnWJD3PxmBnh8YpOdbRITvSyDF8wd4xeJGWfnyKgn1lho54ZoSDdGHBmQ== hxxps://ghost[.]blueecho88[.]com/AGh0V3tKFz5kSk5lN1tYdXMBEHU6XkRjMV1HeyIaVm0iEBgkYQUSOHgBBSF6Ag0+Yx0DOWNKCQ== hxxps://content[.]garretttrails[.]org/mzXaf+AXuRb/F+BNrQf2XekX4F3hXvgC hxxps://profit[.]3stepsprofit[.]com/w9oh4Eb+nJcoTBIGMhP1HSKoyd5j5dB+uXnmyjIya18= hxxps://ghost[.]blueecho88[.]com/0WXHA6pHpGq1R/0x5lfrIaIMoyHrU/Qz413+L/MX5TnzDrJ5qRKoZrkVsGywR7o= hxxp://lfbmjjcanenfllj[.]top/1[.]php?s=515 hxxps://configuratorpro[.]com/cdn-js/minlen[.]php hxxps://configuratorpro[.]com/cdn/qzwewmrqqgqnaww[.]php hxxps://antiqueglossary[.]com/111[.]php hxxps://xfhfv[.]2023[.]ebeenj[.]com/editContent hxxps://sxsq[.]2023[.]ebeenj[.]com/editContent hxxps://zhlr[.]2023[.]ebeenj[.]com/editContent hxxps://lsa[.]2023[.]ebeenj[.]com/editContent hxxps://poa[.]2023[.]ebeenj[.]com/editContent hxxps://cbi[.]layout[.]oystergardens[.]us/editContent hxxps://dmq[.]layout[.]oystergardens[.]us/editContent hxxps://wwsvf[.]layout[.]oystergardens[.]us/editContent hxxps://mroqy[.]layout[.]oystergardens[.]us/editContent hxxps://xtw[.]layout[.]oystergardens[.]us/editContent	FAKEUPDATES
URL	hxxp://91[.]103[.]252[.]146/fafe12c571213745/msvcp140[.]dll hxxp://91[.]103[.]252[.]146/fafe12c571213745/sqlite3[.]dll hxxp://91[.]103[.]252[.]146/fafe12c571213745/vcruntime140[.]dll hxxp://91[.]103[.]252[.]146/fafe12c571213745/softokn3[.]dll hxxp://91[.]103[.]252[.]146/fafe12c571213745/mozglue[.]dll hxxp://91[.]103[.]252[.]146/fafe12c571213745/nss3[.]dll hxxp://91[.]103[.]252[.]146/fafe12c571213745/freebl3[.]dll hxxp://5[.]42[.]65[.]39/bed95ea4798a5204[.]php hxxp://5[.]42[.]65[.]80/ship[.]exe hxxp://95[.]216[.]187[.]218/cf2bf91a3641f615[.]php hxxp://dominiczachary[.]top/e9c345fc99a4e67e[.]php hxxp://45[.]9[.]74[.]80/zinda[.]exe hxxp://79[.]137[.]192[.]18/minda[.]exe	Stealc
URL	hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://85[.]209[.]11[.]78/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://45[.]15[.]156[.]141/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://77[.]91[.]68[.]78/lend/lnstalIer[.]exe	RecordBreaker
URL	hxxp://185[.]225[.]74[.]144/files/get4[.]exe	Coinminer
URL	hxxps://cdn[.]discordapp[.]com/attachments/1138093608747143333/1159527975616790618/fotha0925877[.]exe?ex=65315994&is=651ee494&hm=3ef25bde629919d016980588cc12e912244bb46930e942dd8eb1b373ba687cf7&	Lu0Bot
URL	hxxp://sentrex219[.]xyz/777/mtxrI8N[.]exe hxxp://sentrex219[.]xyz/777/mtx56po[.]exe	Phobos
URL	hxxp://77[.]91[.]68[.]78/lend/trafico[.]exe hxxp://77[.]91[.]68[.]52/fuza/nano[.]exe hxxp://185[.]216[.]70[.]222/two0710[.]exe hxxp://77[.]91[.]68[.]78/lend/asca1ex123111[.]exe hxxp://77[.]91[.]68[.]78/lend/buildtest[.]exe hxxp://77[.]91[.]68[.]78/lend/cats[.]exe hxxp://185[.]216[.]70[.]222/trafico[.]exe hxxp://77[.]91[.]68[.]78/lend/build9999[.]exe hxxp://77[.]91[.]68[.]78/lend/build1111[.]exe	RedLine Stealer
URL	hxxp://146[.]56[.]118[.]82:443/wITI hxxp://45[.]207[.]27[.]79:8080/ca hxxp://20[.]237[.]62[.]65:4444/ga[.]js hxxp://81[.]161[.]229[.]129/match hxxp://47[.]94[.]130[.]42:88/en_US/all[.]js hxxp://5[.]101[.]0[.]241/dpixel hxxp://5[.]101[.]0[.]245/activity hxxp://5[.]101[.]0[.]241/__utm[.]gif hxxp://5[.]101[.]0[.]245/pixel[.]gif hxxps://120[.]25[.]167[.]104/jquery-3[.]3[.]1[.]min[.]js hxxp://82[.]156[.]161[.]35/load hxxp://121[.]4[.]154[.]20:81/__utm[.]gif hxxp://124[.]222[.]149[.]52:9999/cm hxxp://124[.]220[.]180[.]112:84/pixel[.]gif hxxps://firefox[.]org[.]cn:8443/jquery-3[.]3[.]1[.]min[.]js hxxp://119[.]23[.]229[.]180:8090/match hxxp://82[.]157[.]154[.]247/updates[.]rss hxxp://43[.]138[.]235[.]42/__utm[.]gif hxxp://116[.]205[.]241[.]185:50000/updates[.]rss hxxps://119[.]45[.]188[.]119:8443/jquery-3[.]3[.]1[.]min[.]js hxxp://47[.]74[.]25[.]100:7777/fwlink hxxp://101[.]6[.]15[.]130:9090/ga[.]js hxxp://82[.]156[.]136[.]99:8087/updates[.]rss hxxp://106[.]75[.]214[.]55/IE9CompatViewList[.]xml hxxp://123[.]60[.]140[.]76:8000/match hxxp://118[.]31[.]34[.]136:9988/load hxxp://101[.]46[.]91[.]89:4444/en_US/all[.]js hxxp://124[.]223[.]62[.]233/dot[.]gif hxxp://8[.]140[.]198[.]4/cx hxxp://8[.]130[.]121[.]136:8888/en_US/all[.]js hxxp://8[.]134[.]154[.]168:6666/load hxxp://39[.]107[.]233[.]55/pixel hxxps://acornservices[.]org/ex4600[.]html hxxp://82[.]156[.]4[.]204/push hxxp://101[.]43[.]13[.]21:9999/visit[.]js hxxp://60[.]204[.]171[.]143/cx hxxp://43[.]140[.]199[.]163:8090/__utm[.]gif hxxp://101[.]43[.]70[.]206:8888/ga[.]js hxxp://139[.]9[.]93[.]128/IE9CompatViewList[.]xml hxxps://helloone[.]accountants[.]monster:8443/index[.]jsp hxxps://43[.]138[.]235[.]42/IE9CompatViewList[.]xml hxxp://185[.]162[.]235[.]241/ptj hxxp://117[.]72[.]35[.]30:2222/updates[.]rss hxxp://152[.]136[.]116[.]44:8032/jquery-3[.]3[.]1[.]min[.]js hxxp://72[.]44[.]69[.]115:8001/ca hxxp://119[.]23[.]52[.]84:3333/fwlink hxxps://51[.]250[.]16[.]184/updates[.]rss hxxp://81[.]71[.]68[.]50:8099/search/ hxxps://79[.]110[.]62[.]156/c/msdownload/update/others/2020/10/29136388_ hxxps://upcls[.]online/c/msdownload/update/others/2020/10/29136388_ hxxp://116[.]205[.]189[.]199:6666/jd/ hxxp://45[.]152[.]64[.]178:8086/j[.]ad hxxps://211[.]149[.]146[.]23:10443/api/getit hxxp://103[.]146[.]158[.]207/dpixel hxxp://165[.]22[.]225[.]110/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://124[.]71[.]130[.]71/fwlink hxxp://101[.]43[.]13[.]21:9998/IE9CompatViewList[.]xml hxxp://124[.]222[.]149[.]52:4444/IE9CompatViewList[.]xml hxxp://175[.]178[.]150[.]86/ca hxxp://124[.]220[.]224[.]87:5555/ga[.]js hxxp://1[.]12[.]60[.]132:5555/load hxxp://121[.]4[.]50[.]245:8010/visit[.]js hxxp://122[.]9[.]136[.]39:7777/dot[.]gif hxxps://124[.]70[.]141[.]123/jquery-3[.]3[.]1[.]min[.]js hxxp://123[.]249[.]115[.]56:8083/updates[.]rss hxxp://119[.]23[.]52[.]84:8000/j[.]ad hxxp://1[.]117[.]79[.]251:88/load hxxp://1[.]117[.]79[.]251:1234/push hxxp://101[.]42[.]101[.]185:8008/__utm[.]gif hxxp://110[.]42[.]192[.]76/dpixel hxxp://60[.]204[.]202[.]16:9090/dpixel hxxps://8[.]137[.]102[.]137/fwlink hxxp://162[.]14[.]98[.]165/__utm[.]gif hxxp://8[.]137[.]102[.]137:8085/pixel[.]gif hxxp://8[.]137[.]102[.]137:3389/fwlink hxxps://8[.]137[.]102[.]137:8086/visit[.]js hxxp://35[.]235[.]86[.]69/cm hxxp://45[.]207[.]27[.]79:8080/g[.]pixel hxxps://exchange[.]thestarl[.]com/jquery-3[.]3[.]1[.]min[.]js hxxps://submit-data[.]com/jquery-3[.]3[.]1[.]min[.]js hxxp://www[.]wlndows[.]net:8080/jquery-3[.]3[.]1[.]min[.]js hxxps://120[.]24[.]38[.]217:4433/fwlink hxxp://147[.]78[.]47[.]134/_/scs/mail-static/_/js/ hxxp://43[.]139[.]107[.]237:10000/__utm[.]gif hxxps://exchange[.]thestarl[.]com:2096/jquery-3[.]3[.]1[.]min[.]js hxxp://175[.]178[.]99[.]133/ptj hxxp://195[.]123[.]242[.]133/Devise/about/DAO9KDE3X hxxps://195[.]123[.]242[.]133/Devise/about/DAO9KDE3X hxxps://185[.]196[.]9[.]6/jquery-3[.]3[.]1[.]min[.]js hxxps://api[.]0nedriveup[.]com/en_US/all[.]js hxxp://8[.]130[.]128[.]97/ga[.]js hxxps://103[.]39[.]78[.]153/cx hxxp://120[.]26[.]46[.]50:8873/match hxxp://8[.]130[.]128[.]97:8080/cx hxxp://43[.]138[.]30[.]109:7524/push hxxps://43[.]138[.]30[.]109:7777/__utm[.]gif hxxp://124[.]220[.]215[.]247/fwlink hxxps://139[.]199[.]180[.]136/activity hxxps://8[.]130[.]125[.]172/__utm[.]gif hxxp://134[.]209[.]104[.]32:465/bootstrap[.]min[.]js hxxps://64[.]190[.]113[.]226/dot[.]gif hxxps://91[.]149[.]237[.]92/en_US/all[.]js hxxps://120[.]26[.]46[.]50:8879/dpixel hxxp://8[.]137[.]102[.]137:8085/dpixel hxxp://162[.]14[.]98[.]165/j[.]ad hxxp://8[.]137[.]102[.]137:3389/j[.]ad hxxp://43[.]139[.]107[.]237:10000/load hxxp://43[.]138[.]30[.]109:8888/IE9CompatViewList[.]xml hxxp://92[.]63[.]196[.]46:8092/en_US/all[.]js hxxp://150[.]158[.]212[.]71/visit[.]js hxxps://8[.]137[.]102[.]137:8086/en_US/all[.]js hxxps://116[.]198[.]11[.]22/updates[.]rss hxxp://58[.]144[.]198[.]69:7777/j[.]ad hxxp://111[.]229[.]163[.]225/ga[.]js hxxp://94[.]156[.]253[.]138/visit[.]js hxxp://124[.]70[.]179[.]54:8888/fwlink hxxp://91[.]149[.]237[.]92:23333/load hxxp://8[.]130[.]128[.]97/load hxxp://42[.]192[.]37[.]72:50055/pixel hxxps://104[.]21[.]37[.]76:8443/pixel hxxps://awda[.]updatecode[.]xyz:2087/cx hxxp://91[.]149[.]237[.]92:2086/activity hxxps://106[.]14[.]141[.]187:8443/match hxxp://124[.]70[.]179[.]54:8888/match hxxps://185[.]225[.]75[.]69:8443/IE9CompatViewList[.]xml hxxp://123[.]207[.]5[.]159:89/push hxxp://124[.]221[.]76[.]197/load hxxps://124[.]221[.]76[.]197/activity hxxps://91[.]149[.]237[.]92/ga[.]js hxxps://172[.]67[.]191[.]252/ptj hxxps://104[.]21[.]20[.]81/pixel hxxps://106[.]15[.]190[.]195/include/template/isx[.]php hxxp://121[.]36[.]224[.]175:8888/visit[.]js hxxp://60[.]204[.]135[.]117/dpixel hxxps://156[.]245[.]19[.]127:8443/j[.]ad hxxps://165[.]227[.]141[.]64:4433/en_US/all[.]js hxxps://79[.]110[.]62[.]125/jquery-3[.]3[.]1[.]min[.]js hxxp://111[.]230[.]15[.]118:8089/push hxxps://124[.]156[.]163[.]253/fwlink hxxp://106[.]14[.]149[.]88:4545/fwlink hxxp://msdn[.]ajax-microsoft[.]com/link/v3[.]22/4EN738VY hxxps://115[.]159[.]115[.]41/visit[.]js hxxp://150[.]158[.]161[.]38:8081/cx	Cobalt Strike
URL	hxxp://sentrex219[.]xyz/777/skxODnP[.]exe hxxp://mkstat227[.]xyz/777/skxr65o[.]exe hxxps://giyahgostar[.]com/perferendismollitia/i[.]exe	SystemBC
URL	hxxp://23[.]95[.]106[.]3/250/Tugksta[.]exe hxxp://192[.]3[.]95[.]205/630/htmlc[.]exe	Formbook
URL	hxxp://96[.]9[.]208[.]32/bqCxhqN246[.]bin hxxp://185[.]255[.]114[.]44/ROiOu148[.]bin hxxp://103[.]106[.]67[.]20/PbGvXyKcGaJ94[.]bin hxxp://185[.]255[.]114[.]43/blKLobYknXN39[.]bin	CloudEyE
URL	hxxp://communicalink[.]com/putty[.]exe hxxp://hdstatusvideos[.]com/codice/Informazioni[.]zip hxxp://evolve-adv[.]com/codice/Azienda[.]zip hxxp://lavacolla[.]com/centro/index[.]php hxxp://www[.]lotuskshetri[.]com[.]np/centro/index[.]php hxxp://dichvuphanmem[.]net/centro/AiHgsdFWqAuOpkRyK hxxp://srsorvete[.]com[.]br/centro/index[.]php hxxp://mobile[.]covid-alzawraa-lab[.]com/centro/CUtJWdFWvzWMS hxxp://arbitrag38[.]ru/centro/XgYONUGxxFSUsPIGr hxxp://culinaria-passoapasso[.]artesanatodosucesso[.]com/centro/MWXRnPqWKjpu hxxp://live[.]com[.]gt/codice/Cliente[.]zip hxxp://lavacolla[.]com/codice/Documenti[.]zip hxxp://lawtosuccess[.]com/codice/Documenti[.]zip hxxp://proaug[.]com/centro/index[.]php	Gozi
URL	hxxp://171[.]22[.]28[.]208/download/rise/StealerClient_Sharp1[.]exe hxxp://171[.]22[.]28[.]214/PolymodXT[.]exe hxxp://194[.]169[.]175[.]144:8081/login	RisePro
URL	hxxp://galandskiyher4[.]com/downloads/toolspub2[.]exe hxxps://onualituyrs[.]org/987123[.]exe hxxps://admiretourism[.]com/tmp/index[.]php hxxp://wirtshauspost[.]at/tmp/ hxxp://talesofpirates[.]net/tmp/ hxxp://soetegem[.]com/tmp/ hxxp://msktk[.]ru/tmp/	SmokeLoader
URL	hxxp://103[.]30[.]10[.]177/660/audiodg[.]exe hxxp://202[.]55[.]134[.]71/sett/kung[.]exe hxxps://moodelstore[.]tel/user/five/fre[.]php hxxp://moodelstore[.]tel/user/five/fre[.]php hxxp://185[.]216[.]71[.]207/_errorpages/evil1/five/fre[.]php	LokiBot
URL	hxxps://79[.]110[.]62[.]189/cafiii[.]jpg hxxp://193[.]26[.]115[.]174:222/1[.]jpg hxxp://193[.]26[.]115[.]174:222/1[.]xml hxxps://upload[.]vina-host[.]com/CQOwGIT7vk/windows[.]exe	AsyncRAT
URL	hxxp://77[.]91[.]68[.]78/lend/Stealer[.]exe	Eternity
URL	hxxp://ji[.]fhauiehgha[.]com/m/ss47[.]exe hxxp://aa[.]jaoaaoas11[.]com/m/zoeg4a5[.]exe	Fabookie
URL	hxxp://103[.]238[.]234[.]86/x86_64 hxxp://95[.]214[.]25[.]116//Yboats[.]i686 hxxp://95[.]214[.]25[.]116//Yboats[.]arm7	Bashlite
URL	hxxp://cncdevelopment[.]org/b9djs2g/index[.]php	Amadey
URL	hxxp://193[.]37[.]70[.]233/L1nc0In[.]php hxxps://textbin[.]net/raw/cgeahsl8f7	DCRat
URL	hxxp://179527[.]com/386 hxxp://179527[.]com/mips hxxp://179527[.]com/aarch64 hxxp://179527[.]com/mips64 hxxp://179527[.]com/mipsel hxxp://179527[.]com/mips64el hxxp://179527[.]com/arm7 hxxp://179527[.]com/arm6 hxxp://179527[.]com/arm5 hxxp://179527[.]com/amd64 hxxp://179527[.]com/linux	Kaiji
URL	hxxp://216[.]238[.]110[.]110:8080/downloader[.]vbs	Raccoon
URL	hxxp://zdv[.]life/public/gate	Luca Stealer
URL	hxxp://94[.]228[.]162[.]50/book[.]zip hxxp://168[.]119[.]115[.]218/archieve[.]zip hxxp://49[.]13[.]86[.]44:27015/archieve[.]zip	Vidar
URL	hxxps://pasteio[.]com/raw/xZetAwydE0XA	VoidRAT

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております