D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2023/11/06
※2023/11/06 更新
マルウェア感染させると考えられるURLを検知（2023/11/06）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://api[.]telegram[.]org/bot6383637610:AAHXh2kjaDFz_79u35iTmpUlzALXSbv2wjo/
hxxps://api[.]telegram[.]org/bot6646353535:AAG07BhzS1lTNy5XA9Wtyg5uWFHrLMPC2zQ/
hxxp://zang1[.]almashreaq[.]top/_errorpages/yandexzx[.]exe
hxxp://fresh1[.]ironoreprod[.]top/_errorpages/yulzx[.]exe
hxxps://discord[.]com/api/webhooks/1166330603843629078/z8VV9-gHiqS8iYfaat7rDbpQWm9qo6Go4Ubozc545fDeTmsyzDQ2f6PMkNC3qIezvU8U
hxxps://api[.]telegram[.]org/bot6383484083:AAFUpv0pjAP0imvvgeLFanAY7dWALR1XBlA/
hxxps://api[.]telegram[.]org/bot6617514689:AAE3lQRKPCED46-aX0-eYKdZ10gp5AmqoVM/
hxxp://31[.]220[.]2[.]200/~gollpree/4/inc/80c2d1651b23ae[.]php
hxxp://82[.]115[.]209[.]180/serjo[.]vb
hxxp://172[.]245[.]208[.]6/2001/IGCC[.]exe
hxxp://172[.]245[.]208[.]6/2002/IGCC[.]exe
hxxps://api[.]telegram[.]org/bot6970509352:AAHW1bZX_Wm-_F0ZGbZxszyYjDLQ2eFVAmU/
hxxps://api[.]telegram[.]org/bot6544360047:AAHg5eBKiMyprEzAKwEmWL_6OSTuaaiN0Xc/
hxxps://api[.]telegram[.]org/bot6548288330:AAGA-b1ojgiCCinc5YQor8R1kxgez4hPFpM/
hxxps://discordapp[.]com/api/webhooks/1161662401863749774/vkG3_0O8WAPx8R4r7wHuzjoUmoahRpPXtpPk7MFtounFdM7QD-WFYV4DGOCJZWpxQGIp
hxxp://141[.]98[.]10[.]127/5090/JSS/HTMLieBrowserHistoryIE[.]dOC
hxxp://china[.]dhabigroup[.]top/_errorpages/spacezx[.]exe
hxxp://china[.]dhabigroup[.]top/_errorpages/whesilozx[.]exe
hxxp://zang1[.]almashreaq[.]top/_errorpages/defounderzx[.]exe
hxxps://discordapp[.]com/api/webhooks/1164197415147020358/r6DHDEdEVlubS99_mqTR2EYAvLqIPvG1AA9kVN_oApRfIgXgxydFAbvOjcrA0W4bxbuR
Agent Tesla


URL
hxxp://zopte234[.]xyz/777/skxOwb1[.]exe
hxxp://zxmextog23[.]xyz/777/skxTQi1[.]exe
SystemBC


URL
hxxp://zopte234[.]xyz/777/mtxvCZx[.]exe
hxxp://zxmextog23[.]xyz/777/mtxIVXA[.]exe
Phobos


URL
hxxp://94[.]142[.]138[.]147/update[.]zip
hxxp://116[.]202[.]182[.]32:2083/getfiles[.]zip
hxxp://195[.]201[.]255[.]168/upgrade[.]zip
hxxp://157[.]90[.]152[.]131/getfiles[.]zip
hxxp://195[.]201[.]34[.]151:2083/getfiles[.]zip
Vidar


URL
hxxp://124[.]221[.]174[.]192/IE9CompatViewList[.]xml
hxxp://43[.]138[.]187[.]61:6666/j[.]ad
hxxp://webmail[.]gpuxdrv[.]com/uG
hxxp://43[.]138[.]138[.]153:10001/updates
hxxp://68[.]183[.]77[.]192/jquery-3[.]3[.]1[.]min[.]js
hxxp://124[.]71[.]212[.]123:9999/fwlink
hxxp://47[.]94[.]221[.]227/pixel
hxxp://150[.]158[.]161[.]38:8081/dpixel
hxxp://1[.]13[.]158[.]52:8099/IE9CompatViewList[.]xml
hxxp://121[.]40[.]66[.]171:85/dot[.]gif
hxxp://146[.]19[.]170[.]210/idle/1376547834/1
hxxp://179[.]60[.]150[.]57/idle/1376547834/1
hxxp://8[.]219[.]207[.]66:6666/async/newtab_ogb
hxxp://150[.]158[.]50[.]177:7779/g[.]pixel
hxxp://150[.]158[.]181[.]243:8011/ga[.]js
hxxp://47[.]100[.]180[.]123:3003/IE9CompatViewList[.]xml
hxxp://121[.]40[.]250[.]30/ca
hxxp://5[.]8[.]18[.]237/pixel[.]gif
hxxp://54[.]217[.]61[.]189:8080/cx
hxxp://110[.]42[.]222[.]61/match
hxxps://43[.]136[.]38[.]59/www/handle/doc
hxxps://121[.]40[.]66[.]171/cm
hxxps://35[.]171[.]155[.]9/link[.]html
hxxp://47[.]108[.]164[.]9:88/cx
hxxps://47[.]253[.]53[.]122/__utm[.]gif
hxxps://154[.]12[.]26[.]151/cm
hxxps://8[.]137[.]10[.]80/pixel
hxxps://16[.]170[.]143[.]138/push
hxxp://121[.]37[.]215[.]238/en_US/all[.]js
hxxp://116[.]204[.]114[.]199:7001/__utm[.]gif
hxxp://114[.]132[.]74[.]172:8088/en_US/all[.]js
hxxps://103[.]39[.]78[.]153/j[.]ad
hxxp://35[.]171[.]155[.]9/link[.]html
hxxp://110[.]42[.]222[.]61/g[.]pixel
hxxp://114[.]115[.]220[.]199:8089/fwlink
hxxps://114[.]115[.]220[.]199/fwlink
hxxp://13[.]92[.]24[.]109:668/__utm[.]gif
hxxp://150[.]158[.]137[.]72:10010/updates[.]rss
hxxp://47[.]94[.]221[.]227/dot[.]gif
hxxp://92[.]63[.]196[.]45:82/IE9CompatViewList[.]xml
hxxps://120[.]48[.]83[.]89/jquery-3[.]3[.]1[.]min[.]js
hxxps://23[.]234[.]200[.]144:18882/g[.]pixel
hxxps://140[.]210[.]214[.]70/IE9CompatViewList[.]xml
hxxps://139[.]159[.]193[.]98/ga[.]js
hxxps://154[.]90[.]62[.]118/match
hxxp://3[.]137[.]154[.]242/j[.]ad
hxxp://38[.]54[.]115[.]233:8880/pixel[.]gif
hxxp://101[.]35[.]40[.]78/visit[.]js
hxxps://139[.]144[.]113[.]139/c/msdownload/update/others/2018/12/29176388_
hxxps://zhsq[.]ppctech[.]xyz/Microsoft/owa/
hxxp://172[.]245[.]95[.]162:9898/push
hxxp://172[.]245[.]95[.]162:9898/1xOe
hxxp://140[.]210[.]214[.]70:81/ca
hxxp://39[.]100[.]84[.]221/mall_100_100[.]html
hxxp://161[.]35[.]168[.]216:4444/IE9CompatViewList[.]xml
hxxp://38[.]54[.]115[.]233:8880/activity
hxxp://165[.]227[.]141[.]64/ptj
hxxp://81[.]68[.]249[.]97:8090/fwlink
hxxp://106[.]12[.]174[.]99/match
hxxps://8[.]217[.]178[.]80/en_US/all[.]js
hxxp://81[.]68[.]249[.]97:9001/dot[.]gif
hxxp://54[.]217[.]61[.]189:8080/activity
hxxp://5[.]101[.]0[.]241/visit[.]js
hxxp://5[.]101[.]0[.]241/fwlink
hxxps://383f7cf1ffda442d90690ef402bfda02[.]apig[.]cn-east-3[.]huaweicloudapis[.]com/api/x
hxxp://www[.]ymmxc[.]top:10000/IE9CompatViewList[.]xml
hxxp://47[.]99[.]34[.]158/ptj
hxxps://82[.]157[.]149[.]194/__utm[.]gif
hxxp://106[.]52[.]244[.]189:10001/cx
hxxp://104[.]245[.]213[.]48/dot[.]gif
hxxp://42[.]51[.]45[.]98:6666/fwlink
hxxp://43[.]129[.]173[.]60/pixel
hxxp://39[.]105[.]21[.]36/en_US/all[.]js
hxxp://124[.]70[.]187[.]37:7777/cx
hxxp://47[.]100[.]190[.]135:6789/activity
hxxp://47[.]96[.]174[.]24:88/IE9CompatViewList[.]xml
hxxp://42[.]123[.]125[.]151:83/activity
hxxps://www[.]xss[.]mba:10328/match
hxxp://150[.]158[.]50[.]177:7779/cx
hxxp://142[.]93[.]140[.]169/TRAINING-BEACON
hxxp://1[.]12[.]69[.]169/cm
hxxp://47[.]92[.]146[.]116:9999/ptj
hxxp://47[.]94[.]43[.]210:8080/updates
hxxp://185[.]172[.]128[.]97/fwlink
hxxp://118[.]24[.]128[.]204:8087/j[.]ad
hxxp://150[.]158[.]13[.]117:9999/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://139[.]224[.]188[.]139:50000/j[.]ad
hxxp://211[.]159[.]173[.]202:9000/load
hxxp://120[.]79[.]225[.]52/activity
hxxp://142[.]93[.]143[.]86/TRAINING-BEACON
hxxp://43[.]139[.]185[.]135/__utm[.]gif
hxxp://45[.]76[.]160[.]245:8888/owa/
hxxp://154[.]12[.]84[.]90:8080/match
Cobalt Strike


URL
hxxp://45[.]77[.]72[.]139/WVIeUje/overi
hxxp://216[.]128[.]185[.]35/mdh/gunne
hxxps://3inkadvertising[.]com/erds/?1
hxxps://jannaty-charity[.]org/ce/?1
hxxps://fbbazarbd[.]com/uoup/?1
hxxps://gdom[.]org/iit/?1
hxxps://monsteriptv[.]se/iame/?1
hxxp://216[.]128[.]185[.]29/AUMr/unnec
hxxps://kec[.]edu[.]np/srl/
hxxps://solarselling[.]com[.]br/ssnt/
hxxps://dvc[.]edu[.]vn/pnmi/
hxxps://zennajayaabadi[.]com/ec/
hxxps://8888news[.]in/iman/
hxxps://hectorlavarellofoundation[.]org/ioul/
hxxps://tradepay[.]com[.]ng/ut/
hxxps://ttc[.]edu[.]sg/cop/
hxxps://proecompany[.]com/rq/
hxxps://vinatora[.]com/naiq/
hxxps://topaffiliates[.]live/ru/
hxxps://linkingroup[.]com[.]bd/sai/
hxxps://mcsistem[.]com[.]br/ceua/
hxxps://amab-entornodf[.]org[.]br/lq/
hxxps://landmarkgroup[.]com[.]pk/tta/
hxxps://metmani[.]com/qu/
hxxps://3repakistan[.]net/sbte/
hxxps://institutoednatizeu[.]com[.]br/oubo/
hxxps://fynefield[.]com/udpe/
hxxps://agenciadepublicidade[.]app[.]br/etis/
hxxps://siasonline[.]store/siir/
hxxps://rgcapital[.]com[.]mx/ttie/
hxxps://fbbazarbd[.]com/uoup/
hxxps://printcity[.]com[.]co/rre/
hxxps://triplepromise[.]org/snvl/
hxxps://design-kerites[.]hu/ec/
hxxps://pdslltd[.]com/pn/
hxxps://dca[.]rw/strm/
hxxps://colegiosanbenigno[.]cl/el/
hxxps://vivdista[.]com/ue/
hxxps://agde[.]com/trn/
hxxps://prosatecperu[.]com/ta/
hxxps://playervisual[.]com/tom/
hxxps://newlinetechnical[.]com/qa/
hxxps://allsealservices[.]com[.]au/itm/
hxxps://samadhan[.]biz/cn/
hxxps://tthiprojects[.]com/ema/
hxxps://careersit[.]co[.]za/ma/
hxxps://sagorbanik[.]com/lir/
hxxps://gdom[.]org/iit/
hxxps://nithiacapital[.]com/ven/
hxxps://diagnosticamoreno[.]com/xi/
hxxps://generalpublications[.]us/qu/
hxxps://denalan[.]com/mii/
hxxps://bri-shel[.]co[.]za/ea/
hxxps://hospitaldrlima[.]com/ra/
hxxps://janicegodwins[.]com/il/
hxxps://ringadoctor[.]com/eqs/
hxxps://crucialpsicologia[.]cl/ntsu/
hxxps://olxshop[.]com/tm/
hxxps://jaweeds[.]com/pved/
hxxps://globalgujaratifederation[.]org/an/
hxxps://rydevs[.]com/eqt/
hxxps://xirconhomes[.]com[.]au/mu/
hxxps://centuriondstvinstallation[.]com/mea/
hxxps://salmon-guru[.]ae/xuea/
hxxps://jaideemenu[.]com/otv/
hxxps://finmen[.]in/ei/
hxxps://uscorporation[.]com[.]pk/sia/
hxxps://berriesgroupofhotels[.]com/mu/
hxxps://jumatik[.]boutique/dpas/
hxxps://actshoplocal[.]com/td/
hxxps://shaadow[.]net/te/
hxxps://tribunadeparnaiba[.]com/eiee/
hxxps://etanb[.]com/oala/
hxxps://lacastafiore[.]es/rui/
hxxps://aslgroup[.]ae/esn/
hxxps://radiocalienteriobamba[.]com/ta/
hxxps://mtnfs[.]com[.]pk/ui/
hxxps://fabriciocorreia[.]com[.]br/bm/
hxxps://paneldigital[.]space/re/
hxxps://jrcpalladio[.]com/eqal/
hxxps://mohammadigroup[.]com/vel/
hxxps://atechelectricalengr[.]com/ti/
hxxps://unanihealth[.]in/puvs/
hxxps://ravipatel[.]co[.]in/ti/
hxxps://cohenlegalteam[.]com/el/
hxxps://blanchecatfight[.]com/odt/
hxxps://dralbuja[.]com/liu/
hxxps://baisakhihotels[.]com/sam/
hxxps://motexpert[.]org/sque/
hxxps://maesthetics[.]pk/taid/
hxxps://bluelemon[.]ao/tlin/
hxxps://revealmultimediagh[.]com/it/
hxxps://truckslele[.]com/pes/
hxxps://alibabashop[.]pk/ua/
hxxps://splendidlooksofficialwigs[.]com/lptn/
hxxps://traveltoursexperts[.]us/ene/
hxxps://quintadospinheirais[.]pt/oml/
hxxps://annualpost[.]com/qmmu/
hxxps://futuredge[.]co[.]ke/meq/
hxxps://jacksons[.]ie/qse/
hxxps://susandhakal[.]com[.]np/dor/
hxxps://rtplive-raya108[.]xyz/auni/
hxxps://afsharemlak[.]com/baqa/
hxxps://karaoulas[.]gr/nd/
hxxps://madhavbelbase[.]com[.]np/ure/
hxxps://fashionmanya[.]com/ta/
hxxps://dentistaconchal[.]com[.]br/ue/
hxxps://khaithaclothien[.]edu[.]vn/am/
hxxps://constructorarise[.]com/mcue/
hxxps://caumail[.]com/pna/
hxxps://nxtid[.]tv/ipr/
hxxps://dentistapiracicaba[.]com[.]br/gdii/
hxxps://progiarte[.]com[.]br/it/
hxxps://dentistaibate[.]com[.]br/iu/
hxxps://ugelconcepcion[.]gob[.]pe/ietd/
hxxps://dentistalimeira[.]com[.]br/tmcu/
hxxps://orange-ecosolar[.]com/sr/
hxxps://360design[.]in/ttpu/
hxxps://faheemonlinequranacademy[.]com/sp/
hxxps://assignmentsdaddy[.]com/es/
hxxps://3inkadvertising[.]com/erds/
hxxp://45[.]77[.]72[.]139/WVIeUje/Losin
hxxps://memphisexpresseg[.]com/aqa/
hxxps://homeimprovementproject[.]us/oqi/
hxxps://lacastafiore[.]es/rui/?61215841
hxxps://happybirthdaysmeme[.]com/dsur/
hxxps://yongkang[.]vn/nt/
hxxps://shinebytanzila[.]com/si/
hxxps://speednettelecom[.]com[.]br/siin/
hxxps://thesomamind[.]com/de/
hxxps://technologysansar[.]com/oni/
hxxps://texsteelcarports[.]com/oqu/
hxxps://excelon[.]co[.]ke/rt/
hxxps://guiidoo[.]com/tteu/
hxxps://jannaty-charity[.]org/ce/
hxxps://zmelectronique[.]com/ett/
hxxps://liiinq[.]com/ui/
hxxps://veterinarioararas[.]com[.]br/do/
hxxps://talentmashup[.]com/at/
hxxps://timondoo[.]com/cc/
hxxps://savedbyhisgraceinc[.]org/cu/
hxxps://avionmarine[.]com/eacu/
hxxps://venusmanufacturing[.]in/nu/
hxxps://pctoolsbarrancabermeja[.]com[.]co/se/
hxxps://csil[.]edu[.]pe/onqi/
hxxps://sambhavpay[.]com/etr/
hxxps://usinadevendas[.]com[.]br/or/
hxxps://fancyshoppingcenter[.]pk/stee/
hxxps://earlyagelearners[.]com/emax/
hxxps://thiagocampos[.]adv[.]br/movp/
hxxps://ufaf[.]org[.]so/ost/
hxxps://chrg4u[.]com/uro/
hxxps://giltaz[.]ir/ps/
hxxps://unospresso[.]com/ne/
hxxps://carrepairdubai[.]ae/lo/
hxxps://allonlinenewz[.]com/eqe/
hxxps://geburtstagswunsche[.]co/cs/
hxxps://eduearn[.]org/ltas/
hxxps://kf-sarl[.]net/teu/
hxxps://quechique[.]com[.]br/tt/
hxxps://dentistarioclaro[.]com[.]br/aedt/
hxxps://dubaishop[.]site/dsei/
hxxps://casenacasalucci[.]com[.]br/snd/
hxxps://ligavalinhensefutsal[.]com[.]br/uod/
hxxps://techavela[.]com/tuc/
hxxps://aidomain[.]in/au/
hxxps://scproducts[.]co[.]za/modi/
hxxps://rtvpanel[.]com/cont/
hxxps://pearl-medic[.]com/sm/
hxxps://rofe[.]com[.]mx/roer/
hxxps://ghaly-group[.]com/ut/
hxxps://trueecard[.]com/tict/
hxxps://apollolightings[.]com/ib/
hxxps://bestgiftlover[.]com/roed/
hxxps://binoddawadi[.]com[.]np/uqs/
hxxps://lehengascholi[.]in/ll/
hxxps://rozgarmitra[.]site/im/
hxxps://balzac[.]com[.]mx/atm/
hxxps://alliedproperties[.]com[.]pk/pa/
hxxps://onnorup[.]com/doee/
hxxps://marcomexterior[.]com/en/
hxxps://chapterconstruction[.]com/pu/
hxxps://suarapamong[.]com/anuq/
hxxps://cots[.]vn/at/
hxxps://zmelectronique[.]store/be/
hxxps://quickschool[.]net/qtu/
hxxps://dgmda[.]org/uo/
hxxps://lasertime[.]com[.]mx/at/
hxxps://jatoo-ci[.]com/luc/
hxxps://zatel[.]com[.]br/less/
hxxps://editmontage[.]com/ietn/
hxxps://fundacionhectorlavarelloperu[.]org/amm/
hxxps://adminradio[.]net/epn/
hxxps://honorseducation[.]com[.]np/itmu/
hxxps://palanupal[.]in/ltqo/
hxxps://ikirian[.]com/udla/
hxxps://plusbursatil[.]com[.]ec/atam/
hxxps://jpbenterprise[.]com/tep/
hxxps://goodfurnitureworks[.]com/eqe/
hxxps://mktrading[.]co[.]za/ne/
hxxps://tenetservice[.]it/snf/
hxxps://piodeachiniot[.]com/utte/
hxxps://whitehouseline[.]com/ua/
hxxps://computermdsolutions[.]com/essc/
hxxps://quiikly[.]com/um/
hxxps://atlanticosystems[.]com/irtr/
hxxps://seatapps[.]ma/ucpi/
hxxps://grize[.]web[.]id/xap/
hxxps://buahati[.]com/oa/
hxxps://biovacperu[.]com/ut/
hxxps://trudumax[.]ukt[.]co[.]id/ru/
hxxps://lehengascholi[.]in/rr/
hxxps://abdulkhaleque[.]in/ol/
hxxps://momolive[.]work/tvsp/
hxxps://industrialoutlook[.]in/ia/
hxxps://joujaskitchen[.]com/isoi/
hxxps://vitalyplas[.]cl/svet/
hxxps://jafm[.]com[.]mx/iuc/
hxxps://aih-group[.]com/at/
hxxps://predubai[.]com/ii/
hxxps://egii[.]ro/rolu/
hxxps://cdn-tcp[.]online/iubm/
hxxps://app[.]oiu[.]edu[.]sd/uor/
hxxps://drawauto-tr[.]com/nh/
hxxps://coliturcusco[.]com[.]pe/nori/
hxxps://tech101nepal[.]com/ie/
hxxps://floreriayavet[.]com[.]mx/lo/
hxxps://hamam-group[.]com/uoq/
hxxps://sertifikasi[.]co[.]id/eem/
hxxps://rosysgroup[.]com/ta/
hxxps://hitechhomes[.]ca/ax/
hxxps://globalseorim[.]co[.]in/mrqi/
hxxps://waxbill[.]co[.]tz/site/
hxxps://slsofficial[.]co[.]id/use/
hxxps://ceramikaydekorados[.]com/odr/
hxxps://lenguae[.]com/erpu/
hxxps://padl-fms[.]oiu[.]edu[.]sd/ma/
hxxps://magic-nails[.]net/aiti/
hxxps://airmoney9ja[.]com/tnv/
hxxps://skomad[.]com/aa/
hxxps://gitlab[.]oiu[.]edu[.]sd/ip/
hxxps://homework[.]hu/ta/
hxxps://zabeeltower[.]com/idet/
hxxps://pack[.]ma/ttr/
hxxps://cantinaorsago[.]it/meo/
hxxps://horecalab[.]hr/rvl/
hxxps://sivasotoklimaelektrik[.]com[.]tr/do/
hxxps://domiposao[.]com/en/
hxxps://atrox[.]pk/ot/
hxxps://adommroso[.]org/mit/
hxxps://map[.]sys[.]ma/dcmd/
hxxps://taskmills[.]com[.]au/uii/
hxxps://centurionperu[.]com[.]pe/uqui/
hxxps://cloudnineinformatics[.]online/te/
hxxps://dwi-survey[.]stb[.]web[.]id/ipcu/
hxxps://rupbasanjayapura[.]com/vns/
hxxps://inverex[.]com[.]pk/ueai/
hxxps://p-g-technology[.]com/arvt/
hxxps://arihantinfrastructure[.]com/cquq/
hxxps://kogibase[.]com[.]ng/prt/
hxxps://ugsnetwork[.]com[.]my/lti/
hxxps://cantorpeninha[.]com[.]br/du/
hxxps://iskl[.]edu[.]pk/iqdi/
hxxps://implantesdentarios[.]app[.]br/mror/
hxxps://chun-han[.]net/uueq/
hxxps://carolinafm[.]pe/apmi/
hxxps://exetercathay[.]com/tr/
hxxps://harlenhomeimprovementcorp[.]com/nmh/
hxxps://blackhatseoservice[.]com/mur/
hxxps://call[.]sys[.]ma/sme/
hxxps://hareerinitiative[.]com/out/
hxxps://starurileromaniei[.]ro/uqiv/
hxxps://nbrennan[.]com/uesd/
hxxps://liputan68[.]com/lsoe/
hxxps://orsahomes[.]com/ea/
hxxps://f-dfed[.]com/lseo/
hxxps://techstarter[.]com[.]ng/iequ/
hxxps://invermob-game[.]com/ap/
hxxps://shopnochurarooftop[.]com/tacd/
hxxps://transeca[.]mx/aue/
hxxps://visaguide[.]tech/aal/
hxxps://digitalworld27d[.]com/esne/
hxxps://theredchickz[.]com/iu/
hxxps://pykisku[.]com/iv/
hxxps://skmuhibbahraya[.]net/sete/
hxxps://pimpmypooch[.]ie/ri/
hxxps://mb[.]oiu[.]edu[.]sd/dpla/
hxxps://hybridproduction[.]hu/ordu/
hxxps://marcocarola[.]uk/snc/
hxxps://eljennsolutions[.]com/oma/
hxxps://legaltransportes[.]cl/turq/
hxxps://czones[.]in/ediu/
hxxps://maageneralhospital[.]com/mnu/
hxxps://yesslabels[.]ae/rvnt/
hxxps://starpointedu[.]com/iotr/
hxxps://agenciapublicidadesaopaulo[.]com[.]br/oub/
hxxps://bri-shel[.]co[.]za/laue/
hxxps://setuptransportation[.]com/uee/
hxxps://srirgroup[.]in/ai/
hxxps://dentistajundiai[.]app[.]br/esd/
hxxps://pakbutton[.]com[.]pk/mls/
hxxps://jcpaintingcompanyllc[.]com/ul/
hxxps://yugroup[.]dental/eit/
hxxps://californiatraininginstitute[.]com/us/
hxxps://wpinsight[.]in/ctmi/
hxxps://cercmag[.]ro/in/
hxxps://korayustundag[.]com/ubpv/
hxxps://smpitbu[.]sch[.]id/ai/
hxxps://brunolemes[.]com[.]br/uise/
hxxps://hasanmedicalcenter[.]com/autq/
hxxps://accessflcb[.]com/eeaa/
hxxps://mukaspace[.]org[.]my/tuer/
hxxps://plastifikacijametala[.]com/reii/
hxxps://markokarolahair[.]com/eba/
hxxps://panipan[.]ro/ut/
hxxps://techcaresolutions[.]org/ou/
hxxps://bmsacidproof[.]com/sda/
hxxps://nitscomputer[.]com/ru/
hxxps://suarapamong[.]com/vuea/
hxxps://foebgroup[.]com/ai/
hxxps://galerija-boja[.]hr/se/
hxxps://precismed[.]ma/vifa/
hxxps://magicmotors-egham[.]co[.]uk/vlc/
hxxps://ojaxtravel[.]com[.]ng/rpa/
hxxps://globaldream[.]ro/uo/
hxxps://alcaldiaelhatillo[.]gob[.]ve/iu/
hxxps://interal-bo[.]com/soa/
hxxps://apluspestcontrolnj[.]com/icu/
hxxps://social-garden[.]ro/nmp/
hxxps://xtractis[.]us/ess/
hxxps://amzpro[.]com[.]br/mel/
hxxps://jornal[.]oiu[.]edu[.]sd/nu/
hxxps://ivouch[.]com[.]au/iacm/
hxxps://danakildepressiontours[.]com/tet/
hxxps://reutercontabilidade[.]com[.]br/eusi/
hxxps://rdeditingjobs[.]co[.]in/rco/
Pikabot


URL
hxxps://textbin[.]net/raw/butw0ld4oq
hxxp://83[.]137[.]157[.]242/rhnCg200[.]bin
hxxp://83[.]137[.]157[.]242/wsPpXw47[.]bin
Remcos


URL
hxxp://109[.]107[.]182[.]2/race/lom30[.]exe
hxxp://167[.]235[.]20[.]126/bjdm32DP/index[.]php
hxxp://185[.]196[.]8[.]176/7jshasdS/index[.]php
hxxp://185[.]196[.]9[.]171/Amadey[.]exe
hxxp://185[.]46[.]46[.]146/none/vah50[.]exe
hxxp://77[.]91[.]70[.]80/anb[.]exe
hxxp://77[.]91[.]70[.]80/Lncijzzbob[.]exe
hxxp://185[.]196[.]8[.]176/u8v5zeQ/Plugins/cred64[.]dll
hxxp://193[.]3[.]19[.]114/u8v5zeQ/Plugins/clip64[.]dll
hxxp://193[.]3[.]19[.]114/u8v5zeQ/Plugins/cred64[.]dll
hxxp://185[.]172[.]128[.]100/u6vhSc3PPq/index[.]php
hxxp://thehighestinstitut[.]com/amday[.]exe
Amadey


URL
hxxp://enouselr[.]pw/api
hxxp://gursgars[.]pw/api
hxxp://vporanu[.]fun/api
hxxp://nusaproble[.]pw/api
hxxp://oluaskaz[.]pw/api
hxxp://babacloud[.]pw/api
hxxp://zoolboues[.]pw/api
Lumma Stealer


URL
hxxps://jngh[.]result[.]garrettcountygranfondo[.]org/editContent
hxxps://ocy[.]result[.]garrettcountygranfondo[.]org/editContent
hxxps://rmvh[.]result[.]garrettcountygranfondo[.]org/editContent
hxxps://ingenieriainsitu[.]com/temp/WebViewEngine[.]zip
FAKEUPDATES


URL
hxxps://ourladyfatima[.]org/tcfolder/NplrZYzWmvNxYEsMl73[.]bin
CloudEyE


URL
hxxp://ronaldrichards[.]icu/e9c345fc99a4e67e[.]php
hxxp://richardwalker[.]icu/timeSync[.]exe
hxxp://williammoore[.]top/40d570f44e84a454[.]php
hxxp://henryjackson[.]icu/e9c345fc99a4e67e[.]php
hxxp://robertjohnson[.]top/e9c345fc99a4e67e[.]php
hxxp://194[.]49[.]94[.]48/timeSync[.]exe
hxxp://jaimemcgee[.]top/40d570f44e84a454[.]php
Stealc


URL
hxxp://shsukadadyuikmmonk[.]com:2351/msikrxeiths
DarkGate


URL
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://85[.]209[.]11[.]206/download/dll[.]exe
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
RecordBreaker


URL
hxxp://china[.]dhabigroup[.]top/_errorpages/nelfbinzx[.]exe
hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/jujoptics2[.]1[.]exe
hxxp://zang1[.]almashreaq[.]top/_errorpages/nelfbinzx[.]exe
hxxp://zang1[.]almashreaq[.]top/_errorpages/millianozx[.]exe
hxxp://fresh1[.]ironoreprod[.]top/_errorpages/soyazx[.]exe
hxxp://china[.]dhabigroup[.]top/_errorpages/isbinzx[.]exe
Formbook


URL
hxxp://5[.]42[.]65[.]80/latestrock[.]exe
hxxp://nekuritebambuk[.]ru/download11/mstsc[.]exe
hxxp://downloadrezerves[.]ru/download11/mstsc[.]exe
SmokeLoader


URL
hxxp://185[.]162[.]235[.]46:70/53908939210612680/LoveLand[.]apk
hxxps://pointernet[.]info/salehi/
hxxps://pointernet[.]info/salehi/log[.]php
hxxps://pointernet[.]info/salehi/web[.]txt
hxxps://pointernet[.]info/ami/
hxxps://pointernet[.]info/ami/web[.]txt
hxxps://pointernet[.]info/ami/log[.]php
hxxps://victorishere[.]site/config/-1001919722075
hxxps://victorishere[.]site/api/-1001919722075
hxxps://polandishere[.]site/config/-1001830809790
hxxps://polandishere[.]site/api/-1001830809790
hxxps://ap[.]sarpkyo[.]xyz/Sezar/log[.]php
hxxps://ap[.]sarpkyo[.]xyz/Sezar/phone[.]txt
hxxps://ap[.]sarpkyo[.]xyz/Sezar/web[.]txt
hxxps://ap[.]sarpkyo[.]xyz/etanol/phone[.]txt
hxxps://ap[.]sarpkyo[.]xyz/etanol/log[.]php
hxxps://a-y[.]website/mr/log[.]php
hxxps://a-y[.]website/mr/web[.]txt
hxxps://a-y[.]website/mr/phone[.]txt
hxxps://howtofixit[.]pw/api/-1002033294173
hxxps://howtofixit[.]pw/config/-1002033294173
hxxps://howtofixit[.]pw/config/-1001941112825
hxxps://howtofixit[.]pw/api/-1001941112825
hxxps://a-y[.]website/far/phone[.]txt
hxxps://a-y[.]website/far/web[.]txt
hxxps://a-y[.]website/far/log[.]php
hxxps://a-y[.]website/eric/
hxxps://a-y[.]website/eric/web[.]txt
hxxps://a-y[.]website/eric/phone[.]txt
hxxps://a-y[.]website/eric/log[.]php
hxxps://safe[.]fogreir[.]fun/sal/
hxxps://safe[.]fogreir[.]fun/sal/log[.]php
hxxps://safe[.]fogreir[.]fun/sal/web[.]txt
hxxps://safe[.]fogreir[.]fun/tnt/
hxxps://safe[.]fogreir[.]fun/tnt/log[.]php
hxxps://safe[.]fogreir[.]fun/tnt/web[.]txt
hxxps://ap[.]sarpkyo[.]xyz/arsLan/web[.]txt
hxxps://ap[.]sarpkyo[.]xyz/arsLan/phone[.]txt
hxxps://ap[.]sarpkyo[.]xyz/arsLan/
hxxps://ap[.]sarpkyo[.]xyz/arsLan/log[.]php
hxxps://a-y[.]website/sou/
hxxps://a-y[.]website/sou/phone[.]txt
hxxps://a-y[.]website/sou/web[.]txt
hxxps://a-y[.]website/sou/log[.]php
hxxps://safe[.]fogreir[.]fun/hasan/web[.]txt
hxxps://safe[.]fogreir[.]fun/hasan/
hxxps://safe[.]fogreir[.]fun/hasan/log[.]php
hxxps://safe[.]fogreir[.]fun/pou/
hxxps://safe[.]fogreir[.]fun/pou/log[.]php
hxxps://safe[.]fogreir[.]fun/pou/web[.]txt
hxxps://a-y[.]website/sina/
hxxps://a-y[.]website/sina/log[.]php
hxxps://a-y[.]website/sina/web[.]txt
hxxps://a-y[.]website/sina/phone[.]txt
hxxps://howtofixit[.]pw/config/
hxxps://howtofixit[.]pw/api/
hxxps://howtofixit[.]pw/config/-1001970496616
hxxps://howtofixit[.]pw/api/-1001970496616
hxxps://ap[.]ronappig[.]xyz/Arshaya/web[.]txt
hxxps://ap[.]ronappig[.]xyz/Arshaya/phone[.]txt
hxxps://ap[.]ronappig[.]xyz/Arshaya/log[.]php
hxxps://ap[.]ronappig[.]xyz/Arshaya
hxxps://a-y[.]website/may/log[.]php
hxxps://a-y[.]website/may/phone[.]txt
hxxps://a-y[.]website/may/web[.]txt
hxxps://ap[.]sarpkyo[.]xyz/Amin/log[.]php
hxxps://ap[.]sarpkyo[.]xyz/Amin/web[.]txt
hxxps://ap[.]sarpkyo[.]xyz/Amin/phone[.]txt
hxxps://ap[.]sarpkyo[.]xyz/Amin
hxxps://howtofixit[.]pw/config/-1001921881932
hxxps://howtofixit[.]pw/api/-1001921881932
hxxps://a-y[.]website/un/
hxxps://a-y[.]website/un/web[.]txt
hxxps://a-y[.]website/un/phone[.]txt
hxxps://a-y[.]website/un/log[.]php
hxxps://remotiss[.]online/Remot/
hxxps://remotiss[.]online/Remot/contact[.]php?result=ok&action=upload&androidid=
hxxps://remotiss[.]online/Remot/contact[.]php
hxxps://remotiss[.]online/Remot/id[.]txt
hxxps://remotiss[.]online/Remot/requests[.]php
hxxps://remotiss[.]online/Remot/sms[.]php
hxxps://remotiss[.]online/Remot/sms[.]php?result=ok&action=upload&androidid=
hxxps://safe[.]fogreir[.]fun/blord/
hxxps://safe[.]fogreir[.]fun/blord/web[.]txt
hxxps://safe[.]fogreir[.]fun/blord/log[.]php
hxxps://safe[.]fogreir[.]fun/un/
hxxps://safe[.]fogreir[.]fun/un/log[.]php
hxxps://safe[.]fogreir[.]fun/un/web[.]txt
hxxps://a-y[.]website/ano/
hxxps://a-y[.]website/ano/phone[.]txt
hxxps://a-y[.]website/ano/log[.]php
hxxps://a-y[.]website/ano/web[.]txt
hxxps://cvtuiox[.]cloud/Mmd/
hxxps://cvtuiox[.]cloud/Mmd/info[.]php
hxxps://xdpanel[.]cloud/tools/Mmd[.]json
hxxps://cvtuiox[.]cloud/Mmd/grape[.]php
hxxps://cvtuiox[.]cloud/Mmd/strawberry[.]php
hxxps://alureza[.]nl/amin/
hxxps://alureza[.]nl/amin/log[.]php
hxxps://alureza[.]nl/amin/web[.]txt
hxxps://gr1[.]apkyrm[.]pro/Sezar/
hxxps://gr1[.]apkyrm[.]pro/Sezar/log[.]php
hxxps://gr1[.]apkyrm[.]pro/Sezar/web[.]txt
hxxps://gr1[.]apkyrm[.]pro/arsLan/
hxxps://gr1[.]apkyrm[.]pro/arsLan/web[.]txt
hxxps://gr1[.]apkyrm[.]pro/arsLan/log[.]php
IRATA


URL
hxxp://5[.]182[.]86[.]30/TrueCrypt_TwLWoM[.]exe
hxxp://171[.]22[.]28[.]213/TrueCrypt_BcCqcw[.]exe
hxxp://171[.]22[.]28[.]213/TrueCrypt_UeKmSb[.]exe
hxxp://171[.]22[.]28[.]213/TrueCrypt_CQTwbm[.]exe
hxxp://zang1[.]almashreaq[.]top/_errorpages/MMkNn[.]exe
hxxps://devonsounds[.]com/agony[.]exe
RedLine Stealer


URL
hxxps://cnswg1vzx6heh0f[.]com/vvmd54/
hxxps://cnswg1vzx6heh0f[.]com/ZgbN19Mx
hxxps://cnswg1vzx6heh0f[.]com/lander/chrome_1695206714/_index[.]php
hxxps://l0yolufbw5yeabs[.]com/vvmd54/
hxxps://l0yolufbw5yeabs[.]com/ZgbN19Mx
hxxps://l0yolufbw5yeabs[.]com/lander/chrome_1695206714/_index[.]php
hxxps://3ol33lgbrvyjk3d[.]com/ZgbN19Mx
hxxps://4m9q0m87vnmx0d1[.]com/ZgbN19Mx
hxxps://3ol33lgbrvyjk3d[.]com/vvmd54/
hxxps://4m9q0m87vnmx0d1[.]com/vvmd54/
ClearFake


URL
hxxps://api[.]telegram[.]org/bot6783929306:AAFJU35OkwjDMHKdR2FUDQELnw67_grsAts/sendMessage?chat_id=5986156290
hxxps://api[.]telegram[.]org/bot6708141821:AAEG0Dpkj7hEuj6EHpRMMDr5JQOvFGtpnRQ/sendMessage?chat_id=5986156290
Snake Keylogger


URL
hxxps://cdn[.]discordapp[.]com/attachments/1115166443667988513/1117718390656749578/Jnugnbgwlp[.]dat
PureCrypter


URL
hxxp://78[.]47[.]204[.]48/shiro/animation/processordlecentral[.]php
hxxp://78[.]24[.]216[.]97/antidataPythonrule/searcherlogPython/Djangopoolanticut/messagehtopServer/bin/local/searcherDjango/CpuframeCam/rulesearcherPythonprogram/requestpoll[.]php
hxxp://172[.]86[.]66[.]137/L1nc0In[.]php
DCRat


URL
hxxp://seelend[.]com/man/panelnew/gate[.]php
Pony


URL
hxxps://beegolang[.]com/a281346a1e758cd867cdb3229e3bb8fd/ef5b8a35faf67ad8708bbcdfaa0f4ac4[.]exe
Glupteba


URL
hxxp://154[.]211[.]22[.]56:8000/hn-1/
hxxp://202[.]79[.]172[.]241:8000/d-6/
hxxp://27[.]124[.]46[.]157:8000/j-10/
Nitol


URL
hxxp://185[.]196[.]9[.]171/ams[.]exe
hxxp://185[.]196[.]9[.]171/Kuteiisd[.]exe
hxxp://77[.]91[.]70[.]80/LaunchPatch[.]exe
Coinminer


URL
hxxp://5[.]148[.]32[.]222:8443/A56WY
hxxp://5[.]148[.]32[.]222:6789/plink[.]exe
Metasploit


URL
hxxp://robertcook[.]top/timeSync[.]exe
Mars Stealer


URL
hxxp://bagsrad[.]com:8088/sites/eight/paid[.]php
hxxp://bagsrad[.]com/sites/eight/paid[.]php
hxxp://fresh1[.]ironoreprod[.]top/_errorpages/kellyzx[.]exe
LokiBot


URL
hxxp://194[.]87[.]216[.]56/jkjhweoiuh55/Output2[.]exe
PrivateLoader


URL
hxxp://77[.]91[.]70[.]80/amer[.]exe
hxxp://185[.]196[.]9[.]171/Hjohkjkzcgv[.]exe
hxxp://77[.]91[.]70[.]80/Wpqcpff[.]exe
zgRAT


URL
hxxp://136[.]243[.]151[.]123/nord[.]exe
AsyncRAT




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://api[.]telegram[.]org/bot6383637610:AAHXh2kjaDFz_79u35iTmpUlzALXSbv2wjo/ hxxps://api[.]telegram[.]org/bot6646353535:AAG07BhzS1lTNy5XA9Wtyg5uWFHrLMPC2zQ/ hxxp://zang1[.]almashreaq[.]top/_errorpages/yandexzx[.]exe hxxp://fresh1[.]ironoreprod[.]top/_errorpages/yulzx[.]exe hxxps://discord[.]com/api/webhooks/1166330603843629078/z8VV9-gHiqS8iYfaat7rDbpQWm9qo6Go4Ubozc545fDeTmsyzDQ2f6PMkNC3qIezvU8U hxxps://api[.]telegram[.]org/bot6383484083:AAFUpv0pjAP0imvvgeLFanAY7dWALR1XBlA/ hxxps://api[.]telegram[.]org/bot6617514689:AAE3lQRKPCED46-aX0-eYKdZ10gp5AmqoVM/ hxxp://31[.]220[.]2[.]200/~gollpree/4/inc/80c2d1651b23ae[.]php hxxp://82[.]115[.]209[.]180/serjo[.]vb hxxp://172[.]245[.]208[.]6/2001/IGCC[.]exe hxxp://172[.]245[.]208[.]6/2002/IGCC[.]exe hxxps://api[.]telegram[.]org/bot6970509352:AAHW1bZX_Wm-_F0ZGbZxszyYjDLQ2eFVAmU/ hxxps://api[.]telegram[.]org/bot6544360047:AAHg5eBKiMyprEzAKwEmWL_6OSTuaaiN0Xc/ hxxps://api[.]telegram[.]org/bot6548288330:AAGA-b1ojgiCCinc5YQor8R1kxgez4hPFpM/ hxxps://discordapp[.]com/api/webhooks/1161662401863749774/vkG3_0O8WAPx8R4r7wHuzjoUmoahRpPXtpPk7MFtounFdM7QD-WFYV4DGOCJZWpxQGIp hxxp://141[.]98[.]10[.]127/5090/JSS/HTMLieBrowserHistoryIE[.]dOC hxxp://china[.]dhabigroup[.]top/_errorpages/spacezx[.]exe hxxp://china[.]dhabigroup[.]top/_errorpages/whesilozx[.]exe hxxp://zang1[.]almashreaq[.]top/_errorpages/defounderzx[.]exe hxxps://discordapp[.]com/api/webhooks/1164197415147020358/r6DHDEdEVlubS99_mqTR2EYAvLqIPvG1AA9kVN_oApRfIgXgxydFAbvOjcrA0W4bxbuR	Agent Tesla
URL	hxxp://zopte234[.]xyz/777/skxOwb1[.]exe hxxp://zxmextog23[.]xyz/777/skxTQi1[.]exe	SystemBC
URL	hxxp://zopte234[.]xyz/777/mtxvCZx[.]exe hxxp://zxmextog23[.]xyz/777/mtxIVXA[.]exe	Phobos
URL	hxxp://94[.]142[.]138[.]147/update[.]zip hxxp://116[.]202[.]182[.]32:2083/getfiles[.]zip hxxp://195[.]201[.]255[.]168/upgrade[.]zip hxxp://157[.]90[.]152[.]131/getfiles[.]zip hxxp://195[.]201[.]34[.]151:2083/getfiles[.]zip	Vidar
URL	hxxp://124[.]221[.]174[.]192/IE9CompatViewList[.]xml hxxp://43[.]138[.]187[.]61:6666/j[.]ad hxxp://webmail[.]gpuxdrv[.]com/uG hxxp://43[.]138[.]138[.]153:10001/updates hxxp://68[.]183[.]77[.]192/jquery-3[.]3[.]1[.]min[.]js hxxp://124[.]71[.]212[.]123:9999/fwlink hxxp://47[.]94[.]221[.]227/pixel hxxp://150[.]158[.]161[.]38:8081/dpixel hxxp://1[.]13[.]158[.]52:8099/IE9CompatViewList[.]xml hxxp://121[.]40[.]66[.]171:85/dot[.]gif hxxp://146[.]19[.]170[.]210/idle/1376547834/1 hxxp://179[.]60[.]150[.]57/idle/1376547834/1 hxxp://8[.]219[.]207[.]66:6666/async/newtab_ogb hxxp://150[.]158[.]50[.]177:7779/g[.]pixel hxxp://150[.]158[.]181[.]243:8011/ga[.]js hxxp://47[.]100[.]180[.]123:3003/IE9CompatViewList[.]xml hxxp://121[.]40[.]250[.]30/ca hxxp://5[.]8[.]18[.]237/pixel[.]gif hxxp://54[.]217[.]61[.]189:8080/cx hxxp://110[.]42[.]222[.]61/match hxxps://43[.]136[.]38[.]59/www/handle/doc hxxps://121[.]40[.]66[.]171/cm hxxps://35[.]171[.]155[.]9/link[.]html hxxp://47[.]108[.]164[.]9:88/cx hxxps://47[.]253[.]53[.]122/__utm[.]gif hxxps://154[.]12[.]26[.]151/cm hxxps://8[.]137[.]10[.]80/pixel hxxps://16[.]170[.]143[.]138/push hxxp://121[.]37[.]215[.]238/en_US/all[.]js hxxp://116[.]204[.]114[.]199:7001/__utm[.]gif hxxp://114[.]132[.]74[.]172:8088/en_US/all[.]js hxxps://103[.]39[.]78[.]153/j[.]ad hxxp://35[.]171[.]155[.]9/link[.]html hxxp://110[.]42[.]222[.]61/g[.]pixel hxxp://114[.]115[.]220[.]199:8089/fwlink hxxps://114[.]115[.]220[.]199/fwlink hxxp://13[.]92[.]24[.]109:668/__utm[.]gif hxxp://150[.]158[.]137[.]72:10010/updates[.]rss hxxp://47[.]94[.]221[.]227/dot[.]gif hxxp://92[.]63[.]196[.]45:82/IE9CompatViewList[.]xml hxxps://120[.]48[.]83[.]89/jquery-3[.]3[.]1[.]min[.]js hxxps://23[.]234[.]200[.]144:18882/g[.]pixel hxxps://140[.]210[.]214[.]70/IE9CompatViewList[.]xml hxxps://139[.]159[.]193[.]98/ga[.]js hxxps://154[.]90[.]62[.]118/match hxxp://3[.]137[.]154[.]242/j[.]ad hxxp://38[.]54[.]115[.]233:8880/pixel[.]gif hxxp://101[.]35[.]40[.]78/visit[.]js hxxps://139[.]144[.]113[.]139/c/msdownload/update/others/2018/12/29176388_ hxxps://zhsq[.]ppctech[.]xyz/Microsoft/owa/ hxxp://172[.]245[.]95[.]162:9898/push hxxp://172[.]245[.]95[.]162:9898/1xOe hxxp://140[.]210[.]214[.]70:81/ca hxxp://39[.]100[.]84[.]221/mall_100_100[.]html hxxp://161[.]35[.]168[.]216:4444/IE9CompatViewList[.]xml hxxp://38[.]54[.]115[.]233:8880/activity hxxp://165[.]227[.]141[.]64/ptj hxxp://81[.]68[.]249[.]97:8090/fwlink hxxp://106[.]12[.]174[.]99/match hxxps://8[.]217[.]178[.]80/en_US/all[.]js hxxp://81[.]68[.]249[.]97:9001/dot[.]gif hxxp://54[.]217[.]61[.]189:8080/activity hxxp://5[.]101[.]0[.]241/visit[.]js hxxp://5[.]101[.]0[.]241/fwlink hxxps://383f7cf1ffda442d90690ef402bfda02[.]apig[.]cn-east-3[.]huaweicloudapis[.]com/api/x hxxp://www[.]ymmxc[.]top:10000/IE9CompatViewList[.]xml hxxp://47[.]99[.]34[.]158/ptj hxxps://82[.]157[.]149[.]194/__utm[.]gif hxxp://106[.]52[.]244[.]189:10001/cx hxxp://104[.]245[.]213[.]48/dot[.]gif hxxp://42[.]51[.]45[.]98:6666/fwlink hxxp://43[.]129[.]173[.]60/pixel hxxp://39[.]105[.]21[.]36/en_US/all[.]js hxxp://124[.]70[.]187[.]37:7777/cx hxxp://47[.]100[.]190[.]135:6789/activity hxxp://47[.]96[.]174[.]24:88/IE9CompatViewList[.]xml hxxp://42[.]123[.]125[.]151:83/activity hxxps://www[.]xss[.]mba:10328/match hxxp://150[.]158[.]50[.]177:7779/cx hxxp://142[.]93[.]140[.]169/TRAINING-BEACON hxxp://1[.]12[.]69[.]169/cm hxxp://47[.]92[.]146[.]116:9999/ptj hxxp://47[.]94[.]43[.]210:8080/updates hxxp://185[.]172[.]128[.]97/fwlink hxxp://118[.]24[.]128[.]204:8087/j[.]ad hxxp://150[.]158[.]13[.]117:9999/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://139[.]224[.]188[.]139:50000/j[.]ad hxxp://211[.]159[.]173[.]202:9000/load hxxp://120[.]79[.]225[.]52/activity hxxp://142[.]93[.]143[.]86/TRAINING-BEACON hxxp://43[.]139[.]185[.]135/__utm[.]gif hxxp://45[.]76[.]160[.]245:8888/owa/ hxxp://154[.]12[.]84[.]90:8080/match	Cobalt Strike
URL	hxxp://45[.]77[.]72[.]139/WVIeUje/overi hxxp://216[.]128[.]185[.]35/mdh/gunne hxxps://3inkadvertising[.]com/erds/?1 hxxps://jannaty-charity[.]org/ce/?1 hxxps://fbbazarbd[.]com/uoup/?1 hxxps://gdom[.]org/iit/?1 hxxps://monsteriptv[.]se/iame/?1 hxxp://216[.]128[.]185[.]29/AUMr/unnec hxxps://kec[.]edu[.]np/srl/ hxxps://solarselling[.]com[.]br/ssnt/ hxxps://dvc[.]edu[.]vn/pnmi/ hxxps://zennajayaabadi[.]com/ec/ hxxps://8888news[.]in/iman/ hxxps://hectorlavarellofoundation[.]org/ioul/ hxxps://tradepay[.]com[.]ng/ut/ hxxps://ttc[.]edu[.]sg/cop/ hxxps://proecompany[.]com/rq/ hxxps://vinatora[.]com/naiq/ hxxps://topaffiliates[.]live/ru/ hxxps://linkingroup[.]com[.]bd/sai/ hxxps://mcsistem[.]com[.]br/ceua/ hxxps://amab-entornodf[.]org[.]br/lq/ hxxps://landmarkgroup[.]com[.]pk/tta/ hxxps://metmani[.]com/qu/ hxxps://3repakistan[.]net/sbte/ hxxps://institutoednatizeu[.]com[.]br/oubo/ hxxps://fynefield[.]com/udpe/ hxxps://agenciadepublicidade[.]app[.]br/etis/ hxxps://siasonline[.]store/siir/ hxxps://rgcapital[.]com[.]mx/ttie/ hxxps://fbbazarbd[.]com/uoup/ hxxps://printcity[.]com[.]co/rre/ hxxps://triplepromise[.]org/snvl/ hxxps://design-kerites[.]hu/ec/ hxxps://pdslltd[.]com/pn/ hxxps://dca[.]rw/strm/ hxxps://colegiosanbenigno[.]cl/el/ hxxps://vivdista[.]com/ue/ hxxps://agde[.]com/trn/ hxxps://prosatecperu[.]com/ta/ hxxps://playervisual[.]com/tom/ hxxps://newlinetechnical[.]com/qa/ hxxps://allsealservices[.]com[.]au/itm/ hxxps://samadhan[.]biz/cn/ hxxps://tthiprojects[.]com/ema/ hxxps://careersit[.]co[.]za/ma/ hxxps://sagorbanik[.]com/lir/ hxxps://gdom[.]org/iit/ hxxps://nithiacapital[.]com/ven/ hxxps://diagnosticamoreno[.]com/xi/ hxxps://generalpublications[.]us/qu/ hxxps://denalan[.]com/mii/ hxxps://bri-shel[.]co[.]za/ea/ hxxps://hospitaldrlima[.]com/ra/ hxxps://janicegodwins[.]com/il/ hxxps://ringadoctor[.]com/eqs/ hxxps://crucialpsicologia[.]cl/ntsu/ hxxps://olxshop[.]com/tm/ hxxps://jaweeds[.]com/pved/ hxxps://globalgujaratifederation[.]org/an/ hxxps://rydevs[.]com/eqt/ hxxps://xirconhomes[.]com[.]au/mu/ hxxps://centuriondstvinstallation[.]com/mea/ hxxps://salmon-guru[.]ae/xuea/ hxxps://jaideemenu[.]com/otv/ hxxps://finmen[.]in/ei/ hxxps://uscorporation[.]com[.]pk/sia/ hxxps://berriesgroupofhotels[.]com/mu/ hxxps://jumatik[.]boutique/dpas/ hxxps://actshoplocal[.]com/td/ hxxps://shaadow[.]net/te/ hxxps://tribunadeparnaiba[.]com/eiee/ hxxps://etanb[.]com/oala/ hxxps://lacastafiore[.]es/rui/ hxxps://aslgroup[.]ae/esn/ hxxps://radiocalienteriobamba[.]com/ta/ hxxps://mtnfs[.]com[.]pk/ui/ hxxps://fabriciocorreia[.]com[.]br/bm/ hxxps://paneldigital[.]space/re/ hxxps://jrcpalladio[.]com/eqal/ hxxps://mohammadigroup[.]com/vel/ hxxps://atechelectricalengr[.]com/ti/ hxxps://unanihealth[.]in/puvs/ hxxps://ravipatel[.]co[.]in/ti/ hxxps://cohenlegalteam[.]com/el/ hxxps://blanchecatfight[.]com/odt/ hxxps://dralbuja[.]com/liu/ hxxps://baisakhihotels[.]com/sam/ hxxps://motexpert[.]org/sque/ hxxps://maesthetics[.]pk/taid/ hxxps://bluelemon[.]ao/tlin/ hxxps://revealmultimediagh[.]com/it/ hxxps://truckslele[.]com/pes/ hxxps://alibabashop[.]pk/ua/ hxxps://splendidlooksofficialwigs[.]com/lptn/ hxxps://traveltoursexperts[.]us/ene/ hxxps://quintadospinheirais[.]pt/oml/ hxxps://annualpost[.]com/qmmu/ hxxps://futuredge[.]co[.]ke/meq/ hxxps://jacksons[.]ie/qse/ hxxps://susandhakal[.]com[.]np/dor/ hxxps://rtplive-raya108[.]xyz/auni/ hxxps://afsharemlak[.]com/baqa/ hxxps://karaoulas[.]gr/nd/ hxxps://madhavbelbase[.]com[.]np/ure/ hxxps://fashionmanya[.]com/ta/ hxxps://dentistaconchal[.]com[.]br/ue/ hxxps://khaithaclothien[.]edu[.]vn/am/ hxxps://constructorarise[.]com/mcue/ hxxps://caumail[.]com/pna/ hxxps://nxtid[.]tv/ipr/ hxxps://dentistapiracicaba[.]com[.]br/gdii/ hxxps://progiarte[.]com[.]br/it/ hxxps://dentistaibate[.]com[.]br/iu/ hxxps://ugelconcepcion[.]gob[.]pe/ietd/ hxxps://dentistalimeira[.]com[.]br/tmcu/ hxxps://orange-ecosolar[.]com/sr/ hxxps://360design[.]in/ttpu/ hxxps://faheemonlinequranacademy[.]com/sp/ hxxps://assignmentsdaddy[.]com/es/ hxxps://3inkadvertising[.]com/erds/ hxxp://45[.]77[.]72[.]139/WVIeUje/Losin hxxps://memphisexpresseg[.]com/aqa/ hxxps://homeimprovementproject[.]us/oqi/ hxxps://lacastafiore[.]es/rui/?61215841 hxxps://happybirthdaysmeme[.]com/dsur/ hxxps://yongkang[.]vn/nt/ hxxps://shinebytanzila[.]com/si/ hxxps://speednettelecom[.]com[.]br/siin/ hxxps://thesomamind[.]com/de/ hxxps://technologysansar[.]com/oni/ hxxps://texsteelcarports[.]com/oqu/ hxxps://excelon[.]co[.]ke/rt/ hxxps://guiidoo[.]com/tteu/ hxxps://jannaty-charity[.]org/ce/ hxxps://zmelectronique[.]com/ett/ hxxps://liiinq[.]com/ui/ hxxps://veterinarioararas[.]com[.]br/do/ hxxps://talentmashup[.]com/at/ hxxps://timondoo[.]com/cc/ hxxps://savedbyhisgraceinc[.]org/cu/ hxxps://avionmarine[.]com/eacu/ hxxps://venusmanufacturing[.]in/nu/ hxxps://pctoolsbarrancabermeja[.]com[.]co/se/ hxxps://csil[.]edu[.]pe/onqi/ hxxps://sambhavpay[.]com/etr/ hxxps://usinadevendas[.]com[.]br/or/ hxxps://fancyshoppingcenter[.]pk/stee/ hxxps://earlyagelearners[.]com/emax/ hxxps://thiagocampos[.]adv[.]br/movp/ hxxps://ufaf[.]org[.]so/ost/ hxxps://chrg4u[.]com/uro/ hxxps://giltaz[.]ir/ps/ hxxps://unospresso[.]com/ne/ hxxps://carrepairdubai[.]ae/lo/ hxxps://allonlinenewz[.]com/eqe/ hxxps://geburtstagswunsche[.]co/cs/ hxxps://eduearn[.]org/ltas/ hxxps://kf-sarl[.]net/teu/ hxxps://quechique[.]com[.]br/tt/ hxxps://dentistarioclaro[.]com[.]br/aedt/ hxxps://dubaishop[.]site/dsei/ hxxps://casenacasalucci[.]com[.]br/snd/ hxxps://ligavalinhensefutsal[.]com[.]br/uod/ hxxps://techavela[.]com/tuc/ hxxps://aidomain[.]in/au/ hxxps://scproducts[.]co[.]za/modi/ hxxps://rtvpanel[.]com/cont/ hxxps://pearl-medic[.]com/sm/ hxxps://rofe[.]com[.]mx/roer/ hxxps://ghaly-group[.]com/ut/ hxxps://trueecard[.]com/tict/ hxxps://apollolightings[.]com/ib/ hxxps://bestgiftlover[.]com/roed/ hxxps://binoddawadi[.]com[.]np/uqs/ hxxps://lehengascholi[.]in/ll/ hxxps://rozgarmitra[.]site/im/ hxxps://balzac[.]com[.]mx/atm/ hxxps://alliedproperties[.]com[.]pk/pa/ hxxps://onnorup[.]com/doee/ hxxps://marcomexterior[.]com/en/ hxxps://chapterconstruction[.]com/pu/ hxxps://suarapamong[.]com/anuq/ hxxps://cots[.]vn/at/ hxxps://zmelectronique[.]store/be/ hxxps://quickschool[.]net/qtu/ hxxps://dgmda[.]org/uo/ hxxps://lasertime[.]com[.]mx/at/ hxxps://jatoo-ci[.]com/luc/ hxxps://zatel[.]com[.]br/less/ hxxps://editmontage[.]com/ietn/ hxxps://fundacionhectorlavarelloperu[.]org/amm/ hxxps://adminradio[.]net/epn/ hxxps://honorseducation[.]com[.]np/itmu/ hxxps://palanupal[.]in/ltqo/ hxxps://ikirian[.]com/udla/ hxxps://plusbursatil[.]com[.]ec/atam/ hxxps://jpbenterprise[.]com/tep/ hxxps://goodfurnitureworks[.]com/eqe/ hxxps://mktrading[.]co[.]za/ne/ hxxps://tenetservice[.]it/snf/ hxxps://piodeachiniot[.]com/utte/ hxxps://whitehouseline[.]com/ua/ hxxps://computermdsolutions[.]com/essc/ hxxps://quiikly[.]com/um/ hxxps://atlanticosystems[.]com/irtr/ hxxps://seatapps[.]ma/ucpi/ hxxps://grize[.]web[.]id/xap/ hxxps://buahati[.]com/oa/ hxxps://biovacperu[.]com/ut/ hxxps://trudumax[.]ukt[.]co[.]id/ru/ hxxps://lehengascholi[.]in/rr/ hxxps://abdulkhaleque[.]in/ol/ hxxps://momolive[.]work/tvsp/ hxxps://industrialoutlook[.]in/ia/ hxxps://joujaskitchen[.]com/isoi/ hxxps://vitalyplas[.]cl/svet/ hxxps://jafm[.]com[.]mx/iuc/ hxxps://aih-group[.]com/at/ hxxps://predubai[.]com/ii/ hxxps://egii[.]ro/rolu/ hxxps://cdn-tcp[.]online/iubm/ hxxps://app[.]oiu[.]edu[.]sd/uor/ hxxps://drawauto-tr[.]com/nh/ hxxps://coliturcusco[.]com[.]pe/nori/ hxxps://tech101nepal[.]com/ie/ hxxps://floreriayavet[.]com[.]mx/lo/ hxxps://hamam-group[.]com/uoq/ hxxps://sertifikasi[.]co[.]id/eem/ hxxps://rosysgroup[.]com/ta/ hxxps://hitechhomes[.]ca/ax/ hxxps://globalseorim[.]co[.]in/mrqi/ hxxps://waxbill[.]co[.]tz/site/ hxxps://slsofficial[.]co[.]id/use/ hxxps://ceramikaydekorados[.]com/odr/ hxxps://lenguae[.]com/erpu/ hxxps://padl-fms[.]oiu[.]edu[.]sd/ma/ hxxps://magic-nails[.]net/aiti/ hxxps://airmoney9ja[.]com/tnv/ hxxps://skomad[.]com/aa/ hxxps://gitlab[.]oiu[.]edu[.]sd/ip/ hxxps://homework[.]hu/ta/ hxxps://zabeeltower[.]com/idet/ hxxps://pack[.]ma/ttr/ hxxps://cantinaorsago[.]it/meo/ hxxps://horecalab[.]hr/rvl/ hxxps://sivasotoklimaelektrik[.]com[.]tr/do/ hxxps://domiposao[.]com/en/ hxxps://atrox[.]pk/ot/ hxxps://adommroso[.]org/mit/ hxxps://map[.]sys[.]ma/dcmd/ hxxps://taskmills[.]com[.]au/uii/ hxxps://centurionperu[.]com[.]pe/uqui/ hxxps://cloudnineinformatics[.]online/te/ hxxps://dwi-survey[.]stb[.]web[.]id/ipcu/ hxxps://rupbasanjayapura[.]com/vns/ hxxps://inverex[.]com[.]pk/ueai/ hxxps://p-g-technology[.]com/arvt/ hxxps://arihantinfrastructure[.]com/cquq/ hxxps://kogibase[.]com[.]ng/prt/ hxxps://ugsnetwork[.]com[.]my/lti/ hxxps://cantorpeninha[.]com[.]br/du/ hxxps://iskl[.]edu[.]pk/iqdi/ hxxps://implantesdentarios[.]app[.]br/mror/ hxxps://chun-han[.]net/uueq/ hxxps://carolinafm[.]pe/apmi/ hxxps://exetercathay[.]com/tr/ hxxps://harlenhomeimprovementcorp[.]com/nmh/ hxxps://blackhatseoservice[.]com/mur/ hxxps://call[.]sys[.]ma/sme/ hxxps://hareerinitiative[.]com/out/ hxxps://starurileromaniei[.]ro/uqiv/ hxxps://nbrennan[.]com/uesd/ hxxps://liputan68[.]com/lsoe/ hxxps://orsahomes[.]com/ea/ hxxps://f-dfed[.]com/lseo/ hxxps://techstarter[.]com[.]ng/iequ/ hxxps://invermob-game[.]com/ap/ hxxps://shopnochurarooftop[.]com/tacd/ hxxps://transeca[.]mx/aue/ hxxps://visaguide[.]tech/aal/ hxxps://digitalworld27d[.]com/esne/ hxxps://theredchickz[.]com/iu/ hxxps://pykisku[.]com/iv/ hxxps://skmuhibbahraya[.]net/sete/ hxxps://pimpmypooch[.]ie/ri/ hxxps://mb[.]oiu[.]edu[.]sd/dpla/ hxxps://hybridproduction[.]hu/ordu/ hxxps://marcocarola[.]uk/snc/ hxxps://eljennsolutions[.]com/oma/ hxxps://legaltransportes[.]cl/turq/ hxxps://czones[.]in/ediu/ hxxps://maageneralhospital[.]com/mnu/ hxxps://yesslabels[.]ae/rvnt/ hxxps://starpointedu[.]com/iotr/ hxxps://agenciapublicidadesaopaulo[.]com[.]br/oub/ hxxps://bri-shel[.]co[.]za/laue/ hxxps://setuptransportation[.]com/uee/ hxxps://srirgroup[.]in/ai/ hxxps://dentistajundiai[.]app[.]br/esd/ hxxps://pakbutton[.]com[.]pk/mls/ hxxps://jcpaintingcompanyllc[.]com/ul/ hxxps://yugroup[.]dental/eit/ hxxps://californiatraininginstitute[.]com/us/ hxxps://wpinsight[.]in/ctmi/ hxxps://cercmag[.]ro/in/ hxxps://korayustundag[.]com/ubpv/ hxxps://smpitbu[.]sch[.]id/ai/ hxxps://brunolemes[.]com[.]br/uise/ hxxps://hasanmedicalcenter[.]com/autq/ hxxps://accessflcb[.]com/eeaa/ hxxps://mukaspace[.]org[.]my/tuer/ hxxps://plastifikacijametala[.]com/reii/ hxxps://markokarolahair[.]com/eba/ hxxps://panipan[.]ro/ut/ hxxps://techcaresolutions[.]org/ou/ hxxps://bmsacidproof[.]com/sda/ hxxps://nitscomputer[.]com/ru/ hxxps://suarapamong[.]com/vuea/ hxxps://foebgroup[.]com/ai/ hxxps://galerija-boja[.]hr/se/ hxxps://precismed[.]ma/vifa/ hxxps://magicmotors-egham[.]co[.]uk/vlc/ hxxps://ojaxtravel[.]com[.]ng/rpa/ hxxps://globaldream[.]ro/uo/ hxxps://alcaldiaelhatillo[.]gob[.]ve/iu/ hxxps://interal-bo[.]com/soa/ hxxps://apluspestcontrolnj[.]com/icu/ hxxps://social-garden[.]ro/nmp/ hxxps://xtractis[.]us/ess/ hxxps://amzpro[.]com[.]br/mel/ hxxps://jornal[.]oiu[.]edu[.]sd/nu/ hxxps://ivouch[.]com[.]au/iacm/ hxxps://danakildepressiontours[.]com/tet/ hxxps://reutercontabilidade[.]com[.]br/eusi/ hxxps://rdeditingjobs[.]co[.]in/rco/	Pikabot
URL	hxxps://textbin[.]net/raw/butw0ld4oq hxxp://83[.]137[.]157[.]242/rhnCg200[.]bin hxxp://83[.]137[.]157[.]242/wsPpXw47[.]bin	Remcos
URL	hxxp://109[.]107[.]182[.]2/race/lom30[.]exe hxxp://167[.]235[.]20[.]126/bjdm32DP/index[.]php hxxp://185[.]196[.]8[.]176/7jshasdS/index[.]php hxxp://185[.]196[.]9[.]171/Amadey[.]exe hxxp://185[.]46[.]46[.]146/none/vah50[.]exe hxxp://77[.]91[.]70[.]80/anb[.]exe hxxp://77[.]91[.]70[.]80/Lncijzzbob[.]exe hxxp://185[.]196[.]8[.]176/u8v5zeQ/Plugins/cred64[.]dll hxxp://193[.]3[.]19[.]114/u8v5zeQ/Plugins/clip64[.]dll hxxp://193[.]3[.]19[.]114/u8v5zeQ/Plugins/cred64[.]dll hxxp://185[.]172[.]128[.]100/u6vhSc3PPq/index[.]php hxxp://thehighestinstitut[.]com/amday[.]exe	Amadey
URL	hxxp://enouselr[.]pw/api hxxp://gursgars[.]pw/api hxxp://vporanu[.]fun/api hxxp://nusaproble[.]pw/api hxxp://oluaskaz[.]pw/api hxxp://babacloud[.]pw/api hxxp://zoolboues[.]pw/api	Lumma Stealer
URL	hxxps://jngh[.]result[.]garrettcountygranfondo[.]org/editContent hxxps://ocy[.]result[.]garrettcountygranfondo[.]org/editContent hxxps://rmvh[.]result[.]garrettcountygranfondo[.]org/editContent hxxps://ingenieriainsitu[.]com/temp/WebViewEngine[.]zip	FAKEUPDATES
URL	hxxps://ourladyfatima[.]org/tcfolder/NplrZYzWmvNxYEsMl73[.]bin	CloudEyE
URL	hxxp://ronaldrichards[.]icu/e9c345fc99a4e67e[.]php hxxp://richardwalker[.]icu/timeSync[.]exe hxxp://williammoore[.]top/40d570f44e84a454[.]php hxxp://henryjackson[.]icu/e9c345fc99a4e67e[.]php hxxp://robertjohnson[.]top/e9c345fc99a4e67e[.]php hxxp://194[.]49[.]94[.]48/timeSync[.]exe hxxp://jaimemcgee[.]top/40d570f44e84a454[.]php	Stealc
URL	hxxp://shsukadadyuikmmonk[.]com:2351/msikrxeiths	DarkGate
URL	hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://45[.]61[.]138[.]198/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://85[.]209[.]11[.]206/download/dll[.]exe hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://176[.]113[.]115[.]213/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://195[.]10[.]205[.]31/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll	RecordBreaker
URL	hxxp://china[.]dhabigroup[.]top/_errorpages/nelfbinzx[.]exe hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/jujoptics2[.]1[.]exe hxxp://zang1[.]almashreaq[.]top/_errorpages/nelfbinzx[.]exe hxxp://zang1[.]almashreaq[.]top/_errorpages/millianozx[.]exe hxxp://fresh1[.]ironoreprod[.]top/_errorpages/soyazx[.]exe hxxp://china[.]dhabigroup[.]top/_errorpages/isbinzx[.]exe	Formbook
URL	hxxp://5[.]42[.]65[.]80/latestrock[.]exe hxxp://nekuritebambuk[.]ru/download11/mstsc[.]exe hxxp://downloadrezerves[.]ru/download11/mstsc[.]exe	SmokeLoader
URL	hxxp://185[.]162[.]235[.]46:70/53908939210612680/LoveLand[.]apk hxxps://pointernet[.]info/salehi/ hxxps://pointernet[.]info/salehi/log[.]php hxxps://pointernet[.]info/salehi/web[.]txt hxxps://pointernet[.]info/ami/ hxxps://pointernet[.]info/ami/web[.]txt hxxps://pointernet[.]info/ami/log[.]php hxxps://victorishere[.]site/config/-1001919722075 hxxps://victorishere[.]site/api/-1001919722075 hxxps://polandishere[.]site/config/-1001830809790 hxxps://polandishere[.]site/api/-1001830809790 hxxps://ap[.]sarpkyo[.]xyz/Sezar/log[.]php hxxps://ap[.]sarpkyo[.]xyz/Sezar/phone[.]txt hxxps://ap[.]sarpkyo[.]xyz/Sezar/web[.]txt hxxps://ap[.]sarpkyo[.]xyz/etanol/phone[.]txt hxxps://ap[.]sarpkyo[.]xyz/etanol/log[.]php hxxps://a-y[.]website/mr/log[.]php hxxps://a-y[.]website/mr/web[.]txt hxxps://a-y[.]website/mr/phone[.]txt hxxps://howtofixit[.]pw/api/-1002033294173 hxxps://howtofixit[.]pw/config/-1002033294173 hxxps://howtofixit[.]pw/config/-1001941112825 hxxps://howtofixit[.]pw/api/-1001941112825 hxxps://a-y[.]website/far/phone[.]txt hxxps://a-y[.]website/far/web[.]txt hxxps://a-y[.]website/far/log[.]php hxxps://a-y[.]website/eric/ hxxps://a-y[.]website/eric/web[.]txt hxxps://a-y[.]website/eric/phone[.]txt hxxps://a-y[.]website/eric/log[.]php hxxps://safe[.]fogreir[.]fun/sal/ hxxps://safe[.]fogreir[.]fun/sal/log[.]php hxxps://safe[.]fogreir[.]fun/sal/web[.]txt hxxps://safe[.]fogreir[.]fun/tnt/ hxxps://safe[.]fogreir[.]fun/tnt/log[.]php hxxps://safe[.]fogreir[.]fun/tnt/web[.]txt hxxps://ap[.]sarpkyo[.]xyz/arsLan/web[.]txt hxxps://ap[.]sarpkyo[.]xyz/arsLan/phone[.]txt hxxps://ap[.]sarpkyo[.]xyz/arsLan/ hxxps://ap[.]sarpkyo[.]xyz/arsLan/log[.]php hxxps://a-y[.]website/sou/ hxxps://a-y[.]website/sou/phone[.]txt hxxps://a-y[.]website/sou/web[.]txt hxxps://a-y[.]website/sou/log[.]php hxxps://safe[.]fogreir[.]fun/hasan/web[.]txt hxxps://safe[.]fogreir[.]fun/hasan/ hxxps://safe[.]fogreir[.]fun/hasan/log[.]php hxxps://safe[.]fogreir[.]fun/pou/ hxxps://safe[.]fogreir[.]fun/pou/log[.]php hxxps://safe[.]fogreir[.]fun/pou/web[.]txt hxxps://a-y[.]website/sina/ hxxps://a-y[.]website/sina/log[.]php hxxps://a-y[.]website/sina/web[.]txt hxxps://a-y[.]website/sina/phone[.]txt hxxps://howtofixit[.]pw/config/ hxxps://howtofixit[.]pw/api/ hxxps://howtofixit[.]pw/config/-1001970496616 hxxps://howtofixit[.]pw/api/-1001970496616 hxxps://ap[.]ronappig[.]xyz/Arshaya/web[.]txt hxxps://ap[.]ronappig[.]xyz/Arshaya/phone[.]txt hxxps://ap[.]ronappig[.]xyz/Arshaya/log[.]php hxxps://ap[.]ronappig[.]xyz/Arshaya hxxps://a-y[.]website/may/log[.]php hxxps://a-y[.]website/may/phone[.]txt hxxps://a-y[.]website/may/web[.]txt hxxps://ap[.]sarpkyo[.]xyz/Amin/log[.]php hxxps://ap[.]sarpkyo[.]xyz/Amin/web[.]txt hxxps://ap[.]sarpkyo[.]xyz/Amin/phone[.]txt hxxps://ap[.]sarpkyo[.]xyz/Amin hxxps://howtofixit[.]pw/config/-1001921881932 hxxps://howtofixit[.]pw/api/-1001921881932 hxxps://a-y[.]website/un/ hxxps://a-y[.]website/un/web[.]txt hxxps://a-y[.]website/un/phone[.]txt hxxps://a-y[.]website/un/log[.]php hxxps://remotiss[.]online/Remot/ hxxps://remotiss[.]online/Remot/contact[.]php?result=ok&action=upload&androidid= hxxps://remotiss[.]online/Remot/contact[.]php hxxps://remotiss[.]online/Remot/id[.]txt hxxps://remotiss[.]online/Remot/requests[.]php hxxps://remotiss[.]online/Remot/sms[.]php hxxps://remotiss[.]online/Remot/sms[.]php?result=ok&action=upload&androidid= hxxps://safe[.]fogreir[.]fun/blord/ hxxps://safe[.]fogreir[.]fun/blord/web[.]txt hxxps://safe[.]fogreir[.]fun/blord/log[.]php hxxps://safe[.]fogreir[.]fun/un/ hxxps://safe[.]fogreir[.]fun/un/log[.]php hxxps://safe[.]fogreir[.]fun/un/web[.]txt hxxps://a-y[.]website/ano/ hxxps://a-y[.]website/ano/phone[.]txt hxxps://a-y[.]website/ano/log[.]php hxxps://a-y[.]website/ano/web[.]txt hxxps://cvtuiox[.]cloud/Mmd/ hxxps://cvtuiox[.]cloud/Mmd/info[.]php hxxps://xdpanel[.]cloud/tools/Mmd[.]json hxxps://cvtuiox[.]cloud/Mmd/grape[.]php hxxps://cvtuiox[.]cloud/Mmd/strawberry[.]php hxxps://alureza[.]nl/amin/ hxxps://alureza[.]nl/amin/log[.]php hxxps://alureza[.]nl/amin/web[.]txt hxxps://gr1[.]apkyrm[.]pro/Sezar/ hxxps://gr1[.]apkyrm[.]pro/Sezar/log[.]php hxxps://gr1[.]apkyrm[.]pro/Sezar/web[.]txt hxxps://gr1[.]apkyrm[.]pro/arsLan/ hxxps://gr1[.]apkyrm[.]pro/arsLan/web[.]txt hxxps://gr1[.]apkyrm[.]pro/arsLan/log[.]php	IRATA
URL	hxxp://5[.]182[.]86[.]30/TrueCrypt_TwLWoM[.]exe hxxp://171[.]22[.]28[.]213/TrueCrypt_BcCqcw[.]exe hxxp://171[.]22[.]28[.]213/TrueCrypt_UeKmSb[.]exe hxxp://171[.]22[.]28[.]213/TrueCrypt_CQTwbm[.]exe hxxp://zang1[.]almashreaq[.]top/_errorpages/MMkNn[.]exe hxxps://devonsounds[.]com/agony[.]exe	RedLine Stealer
URL	hxxps://cnswg1vzx6heh0f[.]com/vvmd54/ hxxps://cnswg1vzx6heh0f[.]com/ZgbN19Mx hxxps://cnswg1vzx6heh0f[.]com/lander/chrome_1695206714/_index[.]php hxxps://l0yolufbw5yeabs[.]com/vvmd54/ hxxps://l0yolufbw5yeabs[.]com/ZgbN19Mx hxxps://l0yolufbw5yeabs[.]com/lander/chrome_1695206714/_index[.]php hxxps://3ol33lgbrvyjk3d[.]com/ZgbN19Mx hxxps://4m9q0m87vnmx0d1[.]com/ZgbN19Mx hxxps://3ol33lgbrvyjk3d[.]com/vvmd54/ hxxps://4m9q0m87vnmx0d1[.]com/vvmd54/	ClearFake
URL	hxxps://api[.]telegram[.]org/bot6783929306:AAFJU35OkwjDMHKdR2FUDQELnw67_grsAts/sendMessage?chat_id=5986156290 hxxps://api[.]telegram[.]org/bot6708141821:AAEG0Dpkj7hEuj6EHpRMMDr5JQOvFGtpnRQ/sendMessage?chat_id=5986156290	Snake Keylogger
URL	hxxps://cdn[.]discordapp[.]com/attachments/1115166443667988513/1117718390656749578/Jnugnbgwlp[.]dat	PureCrypter
URL	hxxp://78[.]47[.]204[.]48/shiro/animation/processordlecentral[.]php hxxp://78[.]24[.]216[.]97/antidataPythonrule/searcherlogPython/Djangopoolanticut/messagehtopServer/bin/local/searcherDjango/CpuframeCam/rulesearcherPythonprogram/requestpoll[.]php hxxp://172[.]86[.]66[.]137/L1nc0In[.]php	DCRat
URL	hxxp://seelend[.]com/man/panelnew/gate[.]php	Pony
URL	hxxps://beegolang[.]com/a281346a1e758cd867cdb3229e3bb8fd/ef5b8a35faf67ad8708bbcdfaa0f4ac4[.]exe	Glupteba
URL	hxxp://154[.]211[.]22[.]56:8000/hn-1/ hxxp://202[.]79[.]172[.]241:8000/d-6/ hxxp://27[.]124[.]46[.]157:8000/j-10/	Nitol
URL	hxxp://185[.]196[.]9[.]171/ams[.]exe hxxp://185[.]196[.]9[.]171/Kuteiisd[.]exe hxxp://77[.]91[.]70[.]80/LaunchPatch[.]exe	Coinminer
URL	hxxp://5[.]148[.]32[.]222:8443/A56WY hxxp://5[.]148[.]32[.]222:6789/plink[.]exe	Metasploit
URL	hxxp://robertcook[.]top/timeSync[.]exe	Mars Stealer
URL	hxxp://bagsrad[.]com:8088/sites/eight/paid[.]php hxxp://bagsrad[.]com/sites/eight/paid[.]php hxxp://fresh1[.]ironoreprod[.]top/_errorpages/kellyzx[.]exe	LokiBot
URL	hxxp://194[.]87[.]216[.]56/jkjhweoiuh55/Output2[.]exe	PrivateLoader
URL	hxxp://77[.]91[.]70[.]80/amer[.]exe hxxp://185[.]196[.]9[.]171/Hjohkjkzcgv[.]exe hxxp://77[.]91[.]70[.]80/Wpqcpff[.]exe	zgRAT
URL	hxxp://136[.]243[.]151[.]123/nord[.]exe	AsyncRAT

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております