D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様52社: 2023/11/13
※2023/11/13 更新
マルウェア感染させると考えられるURLを検知（2023/11/13）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://merchentusindiajute[.]com/Goblin[.]exe
hxxp://194[.]169[.]175[.]118/1111[.]exe
hxxps://lycheepanel[.]info/download/?cid=client7
hxxps://cdn[.]discordapp[.]com/attachments/1144349834749427775/1173307792656973844/PulsarCheat[.]zip?ex=65637b08&is=65510608&hm=9e9fb663c160cfe551763cffc054ec26177e02cbe0ef3e2e075699b7ff15d14c&
hxxps://cdn[.]discordapp[.]com/attachments/1144349834749427775/1173306851643887706/PulsarCheat[.]zip?ex=65637a28&is=65510528&hm=6b1e97966b906d32be68440bc042dc39cd5e684e169a9bbe1924a57aceb37e33&
hxxps://cdn[.]discordapp[.]com/attachments/1144349834749427775/1173308334158401586/PulsarCheat[.]zip?ex=65637b89&is=65510689&hm=dc7ff21fc7b9870ab5d58043b83d943bb86c2931fea1e02b84a460dee9d75064&
RedLine Stealer


URL
hxxps://cdn[.]discordapp[.]com/attachments/1172387276374941750/1172390076945285190/AWB_150322019650021pdf[.]gz
hxxp://103[.]253[.]17[.]249/3788/audiodgs[.]exe
hxxp://equiticoy[.]top/vasity/afkjo[.]vbs
hxxp://ethaket[.]info/tanku/wezg[.]vbs
hxxp://154[.]127[.]53[.]24/Hmt/GMOV[.]txt
hxxp://154[.]127[.]53[.]24/Hmt/HTMLirbrowserChromeHistory[.]vbs
hxxp://154[.]127[.]53[.]24/Hmt/hml/HtmlIEbrowserChromehistorycleanup[.]dOC
hxxp://91[.]92[.]247[.]154/secured/wp/Adobe[.]zip
hxxps://api[.]telegram[.]org/bot6727677236:AAGHP_BleEnSUysyTiDaL4nHeC_PtlP9EZ8/
hxxp://94[.]156[.]71[.]232/tl/pa8888[.]txt
hxxps://api[.]telegram[.]org/bot6456767094:AAFwFyV4hC9-L8utvaaqjh5DMZoiJ_q-1Fo/
hxxps://discord[.]com/api/webhooks/1164855027031093310/I1phDmY_W6F-L4KQtyxYLDKcW0dCWkY9ceJgZ8TOcvUDFzdrV1CkMTYF9OP1XiyyY8WL
Agent Tesla


URL
hxxp://gobo13fc[.]top/build[.]exe
hxxp://54[.]90[.]216[.]100/icochange2[.]exe
Emotet


URL
hxxps://discount44today[.]online/NTQ2ZDEzM2FjMjY2/
hxxps://mobile0team0stat[.]shop/NTQ2ZDEzM2FjMjY2/
hxxps://jnukikmna5125[.]live/MTU2OWE0NzJjNGY5/
hxxps://aganimsharse671x[.]live/MTU2OWE0NzJjNGY5/
hxxps://kijuolobtreshu31[.]pro/MTU2OWE0NzJjNGY5/
hxxps://194[.]33[.]191[.]41/OGY2YWU5OTM4OTQ3/
hxxps://abisdumore[.]com/OGY2YWU5OTM4OTQ3/
hxxps://abiciisswwee[.]com/OGY2YWU5OTM4OTQ3/
hxxps://babacimmnapiyosun[.]com/OGY2YWU5OTM4OTQ3/
hxxps://ekmeka232kmek[.]com/OGY2YWU5OTM4OTQ3/
hxxps://94[.]156[.]65[.]160/ODRiMzk3Njg3ZThk/
hxxps://scorpionxxxtention[.]net/ODRiMzk3Njg3ZThk/
hxxps://scorpionxxxtention[.]com/ODRiMzk3Njg3ZThk/
hxxps://scorpionxxxtention[.]xyz/ODRiMzk3Njg3ZThk/
hxxps://scorpionxxxtentionss[.]net/ODRiMzk3Njg3ZThk/
hxxps://gokilllahhhh[.]top/ZmU2YzQ2NjZlNjc2/
hxxps://bobnoopopo[.]org/ZmU2YzQ2NjZlNjc2/
hxxps://junggvrebvqqpo[.]org/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvqqnetokpo[.]com/ZmU2YzQ2NjZlNjc2/
hxxps://junggpervbvqqqqqqpo[.]com/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvqqgrouppo[.]com/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvq[.]top/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvq5656[.]top/ZmU2YzQ2NjZlNjc2/
hxxps://jungjunjunggvbvq[.]top/ZmU2YzQ2NjZlNjc2/
hxxps://easyforpro901002[.]pro/NTQ2ZDEzM2FjMjY2/
hxxps://xxxpakunatationclass5[.]net/MTQ4MmUxODBhMTVi/
hxxps://xxxpakunatationclass6[.]net/MTQ4MmUxODBhMTVi/
hxxps://xxxpakunatationclass2[.]net/MTQ4MmUxODBhMTVi/
hxxps://xxxpakunatationclass3[.]net/MTQ4MmUxODBhMTVi/
hxxps://xxxpakunatationclass4[.]net/MTQ4MmUxODBhMTVi/
hxxps://185[.]196[.]9[.]197/MTQ4MmUxODBhMTVi/
hxxps://xxxpakunatationclass[.]net/MTQ4MmUxODBhMTVi/
hxxps://beresihbtgrs5ewtr[.]info/YWFiM2VkMmFmNWFh/
hxxps://certbreu45nagbierty[.]com/YWFiM2VkMmFmNWFh/
hxxps://berionderh6figer[.]com/YWFiM2VkMmFmNWFh/
hxxps://adetero6orlher[.]com/YWFiM2VkMmFmNWFh/
hxxps://supersafer6[.]net/YWFiM2VkMmFmNWFh/
hxxps://barbriki76782[.]info/MTU2OWE0NzJjNGY5/
hxxps://oelikixanni14[.]live/MTU2OWE0NzJjNGY5/
hxxps://bonjoorvipacz[.]pro/MTU2OWE0NzJjNGY5/
hxxps://loliternakond[.]com/YWFiM2VkMmFmNWFh/
hxxps://chrownna[.]top/ZmU2YzQ2NjZlNjc2/
hxxps://lauytropo[.]net/ZmU2YzQ2NjZlNjc2/
hxxps://bobnoopo[.]org/ZmU2YzQ2NjZlNjc2/
hxxps://junggvrebvqq[.]org/ZmU2YzQ2NjZlNjc2/
hxxps://junggpervbvqqqqqq[.]com/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvqqgroup[.]com/ZmU2YzQ2NjZlNjc2/
hxxps://junggvbvqqnetok[.]com/ZmU2YzQ2NjZlNjc2/
hxxps://basdbjabsjdbas[.]pw/NzFjMDI3MjVkNzdi/
hxxps://hausdhuashdauhs[.]biz/NzFjMDI3MjVkNzdi/
hxxps://mkmakmakamka[.]online/NzFjMDI3MjVkNzdi/
hxxps://asdhkasjhdkajhs[.]co[.]uk/NzFjMDI3MjVkNzdi/
hxxps://jahsdhaskdjaskjh[.]hk/NzFjMDI3MjVkNzdi/
hxxps://iohaihsodihasoihdao[.]hk/NzFjMDI3MjVkNzdi/
hxxps://194[.]33[.]191[.]62/Y2M5MmRhMWMwODg3/
hxxps://senliksizmakek[.]net/Y2M5MmRhMWMwODg3/
hxxps://senliksizmakek62[.]net/Y2M5MmRhMWMwODg3/
Coper


URL
hxxp://bagsrad[.]com:8091/aorry/server1[.]exe
hxxp://bagsrad[.]com:5055/sloptu/rigktjy/paid[.]php
LokiBot


URL
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]arm5
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]arm7
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]ppc
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]spc
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]mpsl
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]arm
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]x86
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]mips
hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]sh4
hxxp://93[.]123[.]85[.]6/FBI[.]x86_64
hxxp://93[.]123[.]85[.]6/FBI[.]arm7
hxxp://93[.]123[.]85[.]6/FBI[.]x86
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]arm5
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]x86
hxxp://194[.]87[.]68[.]108/gummy[.]arm7
hxxp://194[.]87[.]68[.]108/gummy[.]i686
hxxp://194[.]87[.]68[.]108/gummy[.]sparc
hxxp://194[.]87[.]68[.]108/gummy[.]m68k
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]arm
hxxp://194[.]87[.]68[.]108/gummy[.]i586
hxxp://194[.]87[.]68[.]108/gummy[.]x86
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]spc
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]mpsl
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]sh4
hxxp://194[.]87[.]68[.]108/gummy[.]sh4
hxxp://194[.]87[.]68[.]108/gummy[.]arm5
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]mips
hxxp://194[.]87[.]68[.]108/gummy[.]arm6
hxxp://194[.]87[.]68[.]108/gummy[.]arm4
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]ppc
hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]arm7
hxxp://194[.]87[.]68[.]108/gummy[.]mipsel
hxxp://89[.]190[.]156[.]159/camp/x86
hxxp://141[.]98[.]10[.]82/FBI[.]x86_64
Bashlite


URL
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
RecordBreaker


URL
hxxps://pueyrredonmotos[.]com/oter/
hxxps://mthgps[.]com/xet/
hxxps://techsuka[.]com/auee/
hxxps://windmillgardens[.]com[.]au/tsnm/
hxxps://missionforex[.]com/pi/
hxxps://sherchans[.]com/catu/
hxxps://sdsdryliningandpaintingsolutions[.]com/uc/
hxxps://protocolosclinicos[.]mx/miro/
hxxps://netpro[.]africa/cu/
hxxps://vitapropertysolutions[.]com/mor/
hxxps://irmaosaobra[.]com[.]br/dx/
hxxps://vclrendering[.]co[.]uk/tqi/
hxxps://whgs[.]edu[.]pk/ps/
hxxps://hotelanamurter[.]com/pet/
hxxps://italianplanters[.]com/te/
hxxps://iris-corp[.]com/hts/
hxxps://htsolusi[.]com/qt/
hxxps://twintrick[.]com/eru/
hxxps://wishisland[.]pk/ite/
hxxps://innovaexpress[.]co/lea/
hxxps://mujerimpulsaturiquezalibro[.]com/lulm/
hxxps://instantdata[.]com[.]ng/tuid/
hxxps://powercomputer[.]net[.]co/ia/
hxxps://hopewater[.]co/unt/
hxxps://trimblesoft[.]com/uic/
hxxps://innovativeksa[.]com/qua/
hxxps://kahiv[.]com/sip/
hxxps://thoibaodulich[.]com/aet/
hxxps://sempana[.]co[.]id/nop/
hxxps://kuwalla[.]band/qt/
hxxps://livework[.]in/srnt/
hxxps://clalontechs[.]co[.]tz/alp/
hxxps://gymsolution[.]net/aauu/
hxxps://maternarse[.]com[.]uy/to/
hxxps://ladimedical[.]com/uodq/
hxxps://wahseaharowana[.]com[.]my/steu/
hxxps://superiorairpurification[.]com/hnic/
hxxps://iaqqav[.]com/cc/
hxxps://onyebinimefoundation[.]com/lot/
hxxps://masriasteel[.]com/aol/
hxxps://onesols[.]com/isrv/
hxxps://iwanttoknow[.]live/aup/
hxxps://seyma[.]co/anlh/
hxxps://manglagroup[.]in/mlie/
hxxps://servivirtuales[.]com[.]co/epqs/
hxxps://udakurtani[.]com/aci/
hxxps://hassannisar[.]pk/au/
hxxps://skillxglobal[.]com/aqi/
hxxps://spirituallake[.]com/al/
hxxps://maitamadh[.]com[.]ng/ecus/
hxxps://midad-adv[.]com/ut/
hxxps://tienda[.]hst[.]com[.]ec/vteu/
hxxps://travelstarama[.]com/slui/
hxxps://salemcorporation[.]gov[.]in/ua/
hxxps://screeninghive[.]com/qu/
hxxps://thepsychcentre[.]com[.]au/fof/
hxxps://seguridaduls[.]cl/du/
hxxps://sheepangroup[.]com/aat/
hxxps://visionlightscapes[.]com/ic/
hxxps://pbotpages[.]com/tnad/
hxxps://prodamp[.]com[.]au/eefi/
hxxps://ringadoctor[.]com/uic/
hxxps://dgmobilewelding[.]co[.]uk/eti/
hxxps://citycentredubai[.]com/eebe/?36166451
hxxps://alzein-m[.]com/eldq/?57476451
hxxp://149[.]28[.]104[.]11/1HLHCc/Redem
hxxp://168[.]119[.]154[.]12/PVugr/scyph
hxxp://49[.]13[.]6[.]174/zei/pyrol
hxxp://137[.]220[.]52[.]180/sYSVb/metap
hxxp://128[.]140[.]59[.]162/WaS/Forec
Pikabot


URL
hxxp://79[.]137[.]198[.]102/nstream2up[.]exe
hxxp://163[.]123[.]142[.]171:8080/file/1699458184-explorer(1)[.]exe
hxxp://185[.]229[.]66[.]219/Irhxiqv[.]exe
hxxp://185[.]196[.]9[.]161/Nfwwamql[.]exe
zgRAT


URL
hxxps://api[.]telegram[.]org/bot6791427761:AAEq2ybkfsfQ4vvX1WVwRKr-rekQ-dk6jcM/sendMessage?chat_id=6443825857
hxxps://api[.]telegram[.]org/bot6812788177:AAGkIGRh-hqEtxCxIbq-Dbm2V68_RxIRo8c/sendMessage?chat_id=5007084465
Snake Keylogger


URL
hxxps://yahayahtuta[.]com/app[.]apk
hxxps://ed[.]irtc[.]space/saham[.]apk
hxxps://es[.]irtc[.]space/saham[.]apk
hxxps://www[.]udrop[.]com/L6Hy/App[.]apk?download_token=f17f61e06aeddc750565dedec6d856929aaa0d66752e20dfc444b60fbfddcff1
hxxps://ed[.]sarltma[.]rest/%F0%9D%90%9C%E2%80%8C%E2%80%8C/app[.]apk
hxxps://cembec[.]pics/saham[.]apk
IRATA


URL
hxxp://202[.]79[.]172[.]110:8000/j-3/
hxxp://202[.]79[.]172[.]93:8000/j-5/
hxxp://202[.]79[.]172[.]222:8000/j-10/
hxxp://216[.]83[.]53[.]161:8000/j-13/
hxxp://154[.]39[.]239[.]56:8000/j-25/
hxxp://134[.]122[.]184[.]37:8000/j-20/
hxxp://134[.]122[.]184[.]3:8000/j-18/
hxxp://154[.]39[.]250[.]33:8000/j-8/
hxxp://122[.]10[.]27[.]116:7800/r-3/
hxxp://202[.]79[.]172[.]107:8000/j-1/
Nitol


URL
hxxps://drive[.]google[.]com/uc?export=download&confirm=no_antivirus&id=1Py1147vn2eo4NkBV5HmCA7hxzWbvlq9g
hxxp://gons14fc[.]top/build[.]exe
hxxps://thre03bb[.]top/build[.]exe
Mars Stealer


URL
hxxp://163[.]5[.]169[.]23/checnow[.]exe
SmokeLoader


URL
hxxp://194[.]87[.]216[.]56/jkjhweoiuh55/Output[.]exe
hxxps://etiquetaspiura[.]com/server/gate3[.]exe
PrivateLoader


URL
hxxp://n0tion[.]link/api/3
hxxp://114[.]132[.]56[.]13:8080/dot[.]gif
hxxp://121[.]40[.]243[.]103:8080/updates[.]rss
hxxp://175[.]178[.]14[.]59:8088/dot[.]gif
hxxp://123[.]207[.]20[.]16:7777/activity
hxxp://5[.]8[.]18[.]237/visit[.]js
hxxp://45[.]152[.]67[.]31/en_US/all[.]js
hxxp://47[.]99[.]34[.]158/ca
hxxp://92[.]63[.]196[.]45:81/ga[.]js
hxxp://176[.]113[.]115[.]99/match
hxxp://115[.]159[.]221[.]202:10000/updates
hxxp://123[.]207[.]20[.]16:6666/fwlink
hxxp://154[.]213[.]65[.]25/__utm[.]gif
hxxp://47[.]94[.]221[.]227/fwlink
hxxp://119[.]45[.]250[.]39/__utm[.]gif
hxxp://139[.]224[.]188[.]165/j[.]ad
hxxp://175[.]178[.]14[.]59:9002/pixel
hxxp://82[.]156[.]136[.]99:8087/ca
hxxp://192[.]144[.]231[.]110/ptj
hxxps://124[.]71[.]5[.]199/__utm[.]gif
hxxp://112[.]126[.]71[.]239/g[.]pixel
hxxp://43[.]130[.]70[.]58:8003/cx
hxxp://microsoft[.]updatestore[.]live/metro91/admin/1/ppptp[.]jpg
hxxp://15[.]168[.]63[.]98:8066/ga[.]js
hxxp://91[.]92[.]246[.]43/owa/
hxxp://60[.]204[.]243[.]217:8080/IE9CompatViewList[.]xml
hxxp://134[.]209[.]164[.]110/en_US/all[.]js
hxxps://91[.]92[.]246[.]43/owa/
hxxp://62[.]234[.]54[.]38:8089/js[.]js
hxxp://microsofts[.]live/__utm[.]gif
hxxp://101[.]35[.]104[.]211:9876/jquery-3[.]3[.]1[.]min[.]js
hxxp://82[.]157[.]44[.]254/visit[.]js
hxxp://124[.]221[.]50[.]168:801/push
hxxp://101[.]43[.]49[.]244:8080/g[.]pixel
hxxp://116[.]62[.]164[.]213/push
hxxp://194[.]116[.]215[.]112:8000/pixel
hxxp://120[.]78[.]206[.]231/pixel[.]gif
hxxp://95[.]214[.]25[.]121/__utm[.]gif
hxxp://124[.]71[.]46[.]93:8080/ptj
hxxp://106[.]75[.]2[.]57:7000/en_US/all[.]js
hxxps://121[.]40[.]66[.]171/dot[.]gif
hxxp://8[.]219[.]207[.]66:6666/async/newtab_promos
hxxp://20[.]51[.]226[.]216/VLeNAth
hxxp://110[.]41[.]131[.]105:6666/cm
hxxp://123[.]207[.]5[.]159:89/__utm[.]gif
hxxp://95[.]214[.]25[.]121/dot[.]gif
hxxp://101[.]43[.]96[.]246/j[.]ad
hxxp://85[.]175[.]101[.]203/updates[.]rss
hxxps://volkswagenvansuk[.]com/jquery-3[.]3[.]1[.]min[.]js
hxxp://103[.]234[.]72[.]147/ptj
hxxp://43[.]198[.]248[.]158/jquery-3[.]3[.]1[.]min[.]js
hxxp://194[.]156[.]98[.]178:3737/P9qc
Cobalt Strike


URL
hxxp://bernardofata[.]icu/40d570f44e84a454[.]php
hxxp://77[.]91[.]68[.]247/c36258786fdc16da[.]php
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/softokn3[.]dll
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/nss3[.]dll
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/freebl3[.]dll
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/sqlite3[.]dll
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/mozglue[.]dll
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/msvcp140[.]dll
hxxp://77[.]91[.]68[.]247/a5a762673348bc06/vcruntime140[.]dll
hxxp://193[.]233[.]232[.]54/e5f9db40aa1d5c5c[.]php
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/nss3[.]dll
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/sqlite3[.]dll
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/freebl3[.]dll
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/mozglue[.]dll
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/vcruntime140[.]dll
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/softokn3[.]dll
hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/msvcp140[.]dll
Stealc


URL
hxxps://microtrimsltd[.]com[.]bd/etveniam/i[.]exe
SystemBC


URL
hxxp://163[.]123[.]142[.]171:8080/file/1699457954-Mhfahqwyu[.]exe
Coinminer


URL
hxxp://dayzilons[.]pw/api
hxxp://killredls[.]pw/api
hxxp://hoooldanos[.]pw/api
hxxp://bobbycloud[.]pw/api
hxxp://keewoolas[.]pw/api
hxxp://mouskules[.]pw/api
hxxp://consoles[.]pw/api
hxxp://moskhoods[.]pw/api
hxxp://plengreg[.]fun/api
hxxps://5[.]42[.]64[.]16/TrueCrypt_EKouAd[.]exe
hxxps://5[.]42[.]64[.]16/TrueCrypt_ZSSvJy[.]exe
hxxp://taretool[.]pw/api
hxxp://jomjolse[.]pw/api
hxxp://moonsterd[.]pw/api
hxxp://doooldues[.]pw/api
Lumma Stealer


URL
hxxps://serchmonkeyboss[.]com/0311[.]dll
Brute Ratel C4


URL
hxxp://5[.]181[.]159[.]32/Downloads/e91874c5d8c2[.]zip
hxxps://posicionamientonatural[.]es/wp-content/uploads/2023/11/2/3/P757DS2612-nv[.]url
DarkGate


URL
hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/kongaby2[.]1[.]exe
Formbook


URL
hxxp://retro-golf[.]com/MyBot[.]exe
Quasar RAT


URL
hxxps://longlakeweb[.]com/fEOV2v/
hxxps://longlakeweb[.]com/a3A7qLVn
hxxps://longlakeweb[.]com/lander/chrome_1695206714/_cf[.]php
hxxps://jonathanbonnici[.]com/lander/chrome_1695206714/_cf[.]php
hxxps://jonathanbonnici[.]com/a3A7qLVn
hxxps://jonathanbonnici[.]com/lander/chrome_1695206714/_index[.]php
ClearFake


URL
hxxp://54[.]90[.]216[.]100/XWorm%20V3[.]1[.]zip
hxxp://54[.]90[.]216[.]100/XClient2[.]exe
hxxp://54[.]90[.]216[.]100/XClientvm[.]exe
hxxp://54[.]90[.]216[.]100/XClient[.]exe
XWorm


URL
hxxps://cdn[.]discordapp[.]com/attachments/1171697435362476054/1171697465800532008/8[.]EKIM[.]CARSAMBA_SIPARISLER[.]DOCX[.]jar
hxxps://cdn[.]discordapp[.]com/attachments/1171729048175640662/1171729149472280576/SIPARIS_08[.]11[.]2023[.]PDF[.]jar
hxxps://cdn[.]discordapp[.]com/attachments/1172836215263862847/1172836322109562930/11[.]11[.]2023_URUN_LISTESI[.]CSV[.]jar
AdWind


URL
hxxp://5[.]42[.]92[.]43/loghub/master
Mystic Stealer


URL
hxxp://639538cm[.]nyashcrack[.]top/nyashsupport[.]php
DCRat


URL
hxxp://188[.]127[.]249[.]32/cvg/HCLcleanupcachecookiebacupcleanall[.]doc
Remcos


URL
hxxp://193[.]109[.]85[.]77/server[.]php
StrelaStealer


URL
hxxps://budgienation[.]net/8be3e6ba43dab8455330b5b959edd110/2cba948feb9c53fce4409f0079aec61c[.]exe
Glupteba


URL
hxxps://ykwv[.]caching[.]oysterfloats[.]com/editContent
FAKEUPDATES




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://merchentusindiajute[.]com/Goblin[.]exe hxxp://194[.]169[.]175[.]118/1111[.]exe hxxps://lycheepanel[.]info/download/?cid=client7 hxxps://cdn[.]discordapp[.]com/attachments/1144349834749427775/1173307792656973844/PulsarCheat[.]zip?ex=65637b08&is=65510608&hm=9e9fb663c160cfe551763cffc054ec26177e02cbe0ef3e2e075699b7ff15d14c& hxxps://cdn[.]discordapp[.]com/attachments/1144349834749427775/1173306851643887706/PulsarCheat[.]zip?ex=65637a28&is=65510528&hm=6b1e97966b906d32be68440bc042dc39cd5e684e169a9bbe1924a57aceb37e33& hxxps://cdn[.]discordapp[.]com/attachments/1144349834749427775/1173308334158401586/PulsarCheat[.]zip?ex=65637b89&is=65510689&hm=dc7ff21fc7b9870ab5d58043b83d943bb86c2931fea1e02b84a460dee9d75064&	RedLine Stealer
URL	hxxps://cdn[.]discordapp[.]com/attachments/1172387276374941750/1172390076945285190/AWB_150322019650021pdf[.]gz hxxp://103[.]253[.]17[.]249/3788/audiodgs[.]exe hxxp://equiticoy[.]top/vasity/afkjo[.]vbs hxxp://ethaket[.]info/tanku/wezg[.]vbs hxxp://154[.]127[.]53[.]24/Hmt/GMOV[.]txt hxxp://154[.]127[.]53[.]24/Hmt/HTMLirbrowserChromeHistory[.]vbs hxxp://154[.]127[.]53[.]24/Hmt/hml/HtmlIEbrowserChromehistorycleanup[.]dOC hxxp://91[.]92[.]247[.]154/secured/wp/Adobe[.]zip hxxps://api[.]telegram[.]org/bot6727677236:AAGHP_BleEnSUysyTiDaL4nHeC_PtlP9EZ8/ hxxp://94[.]156[.]71[.]232/tl/pa8888[.]txt hxxps://api[.]telegram[.]org/bot6456767094:AAFwFyV4hC9-L8utvaaqjh5DMZoiJ_q-1Fo/ hxxps://discord[.]com/api/webhooks/1164855027031093310/I1phDmY_W6F-L4KQtyxYLDKcW0dCWkY9ceJgZ8TOcvUDFzdrV1CkMTYF9OP1XiyyY8WL	Agent Tesla
URL	hxxp://gobo13fc[.]top/build[.]exe hxxp://54[.]90[.]216[.]100/icochange2[.]exe	Emotet
URL	hxxps://discount44today[.]online/NTQ2ZDEzM2FjMjY2/ hxxps://mobile0team0stat[.]shop/NTQ2ZDEzM2FjMjY2/ hxxps://jnukikmna5125[.]live/MTU2OWE0NzJjNGY5/ hxxps://aganimsharse671x[.]live/MTU2OWE0NzJjNGY5/ hxxps://kijuolobtreshu31[.]pro/MTU2OWE0NzJjNGY5/ hxxps://194[.]33[.]191[.]41/OGY2YWU5OTM4OTQ3/ hxxps://abisdumore[.]com/OGY2YWU5OTM4OTQ3/ hxxps://abiciisswwee[.]com/OGY2YWU5OTM4OTQ3/ hxxps://babacimmnapiyosun[.]com/OGY2YWU5OTM4OTQ3/ hxxps://ekmeka232kmek[.]com/OGY2YWU5OTM4OTQ3/ hxxps://94[.]156[.]65[.]160/ODRiMzk3Njg3ZThk/ hxxps://scorpionxxxtention[.]net/ODRiMzk3Njg3ZThk/ hxxps://scorpionxxxtention[.]com/ODRiMzk3Njg3ZThk/ hxxps://scorpionxxxtention[.]xyz/ODRiMzk3Njg3ZThk/ hxxps://scorpionxxxtentionss[.]net/ODRiMzk3Njg3ZThk/ hxxps://gokilllahhhh[.]top/ZmU2YzQ2NjZlNjc2/ hxxps://bobnoopopo[.]org/ZmU2YzQ2NjZlNjc2/ hxxps://junggvrebvqqpo[.]org/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvqqnetokpo[.]com/ZmU2YzQ2NjZlNjc2/ hxxps://junggpervbvqqqqqqpo[.]com/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvqqgrouppo[.]com/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvq[.]top/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvq5656[.]top/ZmU2YzQ2NjZlNjc2/ hxxps://jungjunjunggvbvq[.]top/ZmU2YzQ2NjZlNjc2/ hxxps://easyforpro901002[.]pro/NTQ2ZDEzM2FjMjY2/ hxxps://xxxpakunatationclass5[.]net/MTQ4MmUxODBhMTVi/ hxxps://xxxpakunatationclass6[.]net/MTQ4MmUxODBhMTVi/ hxxps://xxxpakunatationclass2[.]net/MTQ4MmUxODBhMTVi/ hxxps://xxxpakunatationclass3[.]net/MTQ4MmUxODBhMTVi/ hxxps://xxxpakunatationclass4[.]net/MTQ4MmUxODBhMTVi/ hxxps://185[.]196[.]9[.]197/MTQ4MmUxODBhMTVi/ hxxps://xxxpakunatationclass[.]net/MTQ4MmUxODBhMTVi/ hxxps://beresihbtgrs5ewtr[.]info/YWFiM2VkMmFmNWFh/ hxxps://certbreu45nagbierty[.]com/YWFiM2VkMmFmNWFh/ hxxps://berionderh6figer[.]com/YWFiM2VkMmFmNWFh/ hxxps://adetero6orlher[.]com/YWFiM2VkMmFmNWFh/ hxxps://supersafer6[.]net/YWFiM2VkMmFmNWFh/ hxxps://barbriki76782[.]info/MTU2OWE0NzJjNGY5/ hxxps://oelikixanni14[.]live/MTU2OWE0NzJjNGY5/ hxxps://bonjoorvipacz[.]pro/MTU2OWE0NzJjNGY5/ hxxps://loliternakond[.]com/YWFiM2VkMmFmNWFh/ hxxps://chrownna[.]top/ZmU2YzQ2NjZlNjc2/ hxxps://lauytropo[.]net/ZmU2YzQ2NjZlNjc2/ hxxps://bobnoopo[.]org/ZmU2YzQ2NjZlNjc2/ hxxps://junggvrebvqq[.]org/ZmU2YzQ2NjZlNjc2/ hxxps://junggpervbvqqqqqq[.]com/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvqqgroup[.]com/ZmU2YzQ2NjZlNjc2/ hxxps://junggvbvqqnetok[.]com/ZmU2YzQ2NjZlNjc2/ hxxps://basdbjabsjdbas[.]pw/NzFjMDI3MjVkNzdi/ hxxps://hausdhuashdauhs[.]biz/NzFjMDI3MjVkNzdi/ hxxps://mkmakmakamka[.]online/NzFjMDI3MjVkNzdi/ hxxps://asdhkasjhdkajhs[.]co[.]uk/NzFjMDI3MjVkNzdi/ hxxps://jahsdhaskdjaskjh[.]hk/NzFjMDI3MjVkNzdi/ hxxps://iohaihsodihasoihdao[.]hk/NzFjMDI3MjVkNzdi/ hxxps://194[.]33[.]191[.]62/Y2M5MmRhMWMwODg3/ hxxps://senliksizmakek[.]net/Y2M5MmRhMWMwODg3/ hxxps://senliksizmakek62[.]net/Y2M5MmRhMWMwODg3/	Coper
URL	hxxp://bagsrad[.]com:8091/aorry/server1[.]exe hxxp://bagsrad[.]com:5055/sloptu/rigktjy/paid[.]php	LokiBot
URL	hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]arm5 hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]arm7 hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]ppc hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]spc hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]mpsl hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]arm hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]x86 hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]mips hxxp://45[.]86[.]155[.]249/bestone/[.]nekoisdaddy[.]sh4 hxxp://93[.]123[.]85[.]6/FBI[.]x86_64 hxxp://93[.]123[.]85[.]6/FBI[.]arm7 hxxp://93[.]123[.]85[.]6/FBI[.]x86 hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]arm5 hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]x86 hxxp://194[.]87[.]68[.]108/gummy[.]arm7 hxxp://194[.]87[.]68[.]108/gummy[.]i686 hxxp://194[.]87[.]68[.]108/gummy[.]sparc hxxp://194[.]87[.]68[.]108/gummy[.]m68k hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]arm hxxp://194[.]87[.]68[.]108/gummy[.]i586 hxxp://194[.]87[.]68[.]108/gummy[.]x86 hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]spc hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]mpsl hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]sh4 hxxp://194[.]87[.]68[.]108/gummy[.]sh4 hxxp://194[.]87[.]68[.]108/gummy[.]arm5 hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]mips hxxp://194[.]87[.]68[.]108/gummy[.]arm6 hxxp://194[.]87[.]68[.]108/gummy[.]arm4 hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]ppc hxxp://37[.]44[.]238[.]94/bestone/[.]nekoisdaddy[.]arm7 hxxp://194[.]87[.]68[.]108/gummy[.]mipsel hxxp://89[.]190[.]156[.]159/camp/x86 hxxp://141[.]98[.]10[.]82/FBI[.]x86_64	Bashlite
URL	hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://91[.]103[.]252[.]114/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://31[.]192[.]237[.]23/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll	RecordBreaker
URL	hxxps://pueyrredonmotos[.]com/oter/ hxxps://mthgps[.]com/xet/ hxxps://techsuka[.]com/auee/ hxxps://windmillgardens[.]com[.]au/tsnm/ hxxps://missionforex[.]com/pi/ hxxps://sherchans[.]com/catu/ hxxps://sdsdryliningandpaintingsolutions[.]com/uc/ hxxps://protocolosclinicos[.]mx/miro/ hxxps://netpro[.]africa/cu/ hxxps://vitapropertysolutions[.]com/mor/ hxxps://irmaosaobra[.]com[.]br/dx/ hxxps://vclrendering[.]co[.]uk/tqi/ hxxps://whgs[.]edu[.]pk/ps/ hxxps://hotelanamurter[.]com/pet/ hxxps://italianplanters[.]com/te/ hxxps://iris-corp[.]com/hts/ hxxps://htsolusi[.]com/qt/ hxxps://twintrick[.]com/eru/ hxxps://wishisland[.]pk/ite/ hxxps://innovaexpress[.]co/lea/ hxxps://mujerimpulsaturiquezalibro[.]com/lulm/ hxxps://instantdata[.]com[.]ng/tuid/ hxxps://powercomputer[.]net[.]co/ia/ hxxps://hopewater[.]co/unt/ hxxps://trimblesoft[.]com/uic/ hxxps://innovativeksa[.]com/qua/ hxxps://kahiv[.]com/sip/ hxxps://thoibaodulich[.]com/aet/ hxxps://sempana[.]co[.]id/nop/ hxxps://kuwalla[.]band/qt/ hxxps://livework[.]in/srnt/ hxxps://clalontechs[.]co[.]tz/alp/ hxxps://gymsolution[.]net/aauu/ hxxps://maternarse[.]com[.]uy/to/ hxxps://ladimedical[.]com/uodq/ hxxps://wahseaharowana[.]com[.]my/steu/ hxxps://superiorairpurification[.]com/hnic/ hxxps://iaqqav[.]com/cc/ hxxps://onyebinimefoundation[.]com/lot/ hxxps://masriasteel[.]com/aol/ hxxps://onesols[.]com/isrv/ hxxps://iwanttoknow[.]live/aup/ hxxps://seyma[.]co/anlh/ hxxps://manglagroup[.]in/mlie/ hxxps://servivirtuales[.]com[.]co/epqs/ hxxps://udakurtani[.]com/aci/ hxxps://hassannisar[.]pk/au/ hxxps://skillxglobal[.]com/aqi/ hxxps://spirituallake[.]com/al/ hxxps://maitamadh[.]com[.]ng/ecus/ hxxps://midad-adv[.]com/ut/ hxxps://tienda[.]hst[.]com[.]ec/vteu/ hxxps://travelstarama[.]com/slui/ hxxps://salemcorporation[.]gov[.]in/ua/ hxxps://screeninghive[.]com/qu/ hxxps://thepsychcentre[.]com[.]au/fof/ hxxps://seguridaduls[.]cl/du/ hxxps://sheepangroup[.]com/aat/ hxxps://visionlightscapes[.]com/ic/ hxxps://pbotpages[.]com/tnad/ hxxps://prodamp[.]com[.]au/eefi/ hxxps://ringadoctor[.]com/uic/ hxxps://dgmobilewelding[.]co[.]uk/eti/ hxxps://citycentredubai[.]com/eebe/?36166451 hxxps://alzein-m[.]com/eldq/?57476451 hxxp://149[.]28[.]104[.]11/1HLHCc/Redem hxxp://168[.]119[.]154[.]12/PVugr/scyph hxxp://49[.]13[.]6[.]174/zei/pyrol hxxp://137[.]220[.]52[.]180/sYSVb/metap hxxp://128[.]140[.]59[.]162/WaS/Forec	Pikabot
URL	hxxp://79[.]137[.]198[.]102/nstream2up[.]exe hxxp://163[.]123[.]142[.]171:8080/file/1699458184-explorer(1)[.]exe hxxp://185[.]229[.]66[.]219/Irhxiqv[.]exe hxxp://185[.]196[.]9[.]161/Nfwwamql[.]exe	zgRAT
URL	hxxps://api[.]telegram[.]org/bot6791427761:AAEq2ybkfsfQ4vvX1WVwRKr-rekQ-dk6jcM/sendMessage?chat_id=6443825857 hxxps://api[.]telegram[.]org/bot6812788177:AAGkIGRh-hqEtxCxIbq-Dbm2V68_RxIRo8c/sendMessage?chat_id=5007084465	Snake Keylogger
URL	hxxps://yahayahtuta[.]com/app[.]apk hxxps://ed[.]irtc[.]space/saham[.]apk hxxps://es[.]irtc[.]space/saham[.]apk hxxps://www[.]udrop[.]com/L6Hy/App[.]apk?download_token=f17f61e06aeddc750565dedec6d856929aaa0d66752e20dfc444b60fbfddcff1 hxxps://ed[.]sarltma[.]rest/%F0%9D%90%9C%E2%80%8C%E2%80%8C/app[.]apk hxxps://cembec[.]pics/saham[.]apk	IRATA
URL	hxxp://202[.]79[.]172[.]110:8000/j-3/ hxxp://202[.]79[.]172[.]93:8000/j-5/ hxxp://202[.]79[.]172[.]222:8000/j-10/ hxxp://216[.]83[.]53[.]161:8000/j-13/ hxxp://154[.]39[.]239[.]56:8000/j-25/ hxxp://134[.]122[.]184[.]37:8000/j-20/ hxxp://134[.]122[.]184[.]3:8000/j-18/ hxxp://154[.]39[.]250[.]33:8000/j-8/ hxxp://122[.]10[.]27[.]116:7800/r-3/ hxxp://202[.]79[.]172[.]107:8000/j-1/	Nitol
URL	hxxps://drive[.]google[.]com/uc?export=download&confirm=no_antivirus&id=1Py1147vn2eo4NkBV5HmCA7hxzWbvlq9g hxxp://gons14fc[.]top/build[.]exe hxxps://thre03bb[.]top/build[.]exe	Mars Stealer
URL	hxxp://163[.]5[.]169[.]23/checnow[.]exe	SmokeLoader
URL	hxxp://194[.]87[.]216[.]56/jkjhweoiuh55/Output[.]exe hxxps://etiquetaspiura[.]com/server/gate3[.]exe	PrivateLoader
URL	hxxp://n0tion[.]link/api/3 hxxp://114[.]132[.]56[.]13:8080/dot[.]gif hxxp://121[.]40[.]243[.]103:8080/updates[.]rss hxxp://175[.]178[.]14[.]59:8088/dot[.]gif hxxp://123[.]207[.]20[.]16:7777/activity hxxp://5[.]8[.]18[.]237/visit[.]js hxxp://45[.]152[.]67[.]31/en_US/all[.]js hxxp://47[.]99[.]34[.]158/ca hxxp://92[.]63[.]196[.]45:81/ga[.]js hxxp://176[.]113[.]115[.]99/match hxxp://115[.]159[.]221[.]202:10000/updates hxxp://123[.]207[.]20[.]16:6666/fwlink hxxp://154[.]213[.]65[.]25/__utm[.]gif hxxp://47[.]94[.]221[.]227/fwlink hxxp://119[.]45[.]250[.]39/__utm[.]gif hxxp://139[.]224[.]188[.]165/j[.]ad hxxp://175[.]178[.]14[.]59:9002/pixel hxxp://82[.]156[.]136[.]99:8087/ca hxxp://192[.]144[.]231[.]110/ptj hxxps://124[.]71[.]5[.]199/__utm[.]gif hxxp://112[.]126[.]71[.]239/g[.]pixel hxxp://43[.]130[.]70[.]58:8003/cx hxxp://microsoft[.]updatestore[.]live/metro91/admin/1/ppptp[.]jpg hxxp://15[.]168[.]63[.]98:8066/ga[.]js hxxp://91[.]92[.]246[.]43/owa/ hxxp://60[.]204[.]243[.]217:8080/IE9CompatViewList[.]xml hxxp://134[.]209[.]164[.]110/en_US/all[.]js hxxps://91[.]92[.]246[.]43/owa/ hxxp://62[.]234[.]54[.]38:8089/js[.]js hxxp://microsofts[.]live/__utm[.]gif hxxp://101[.]35[.]104[.]211:9876/jquery-3[.]3[.]1[.]min[.]js hxxp://82[.]157[.]44[.]254/visit[.]js hxxp://124[.]221[.]50[.]168:801/push hxxp://101[.]43[.]49[.]244:8080/g[.]pixel hxxp://116[.]62[.]164[.]213/push hxxp://194[.]116[.]215[.]112:8000/pixel hxxp://120[.]78[.]206[.]231/pixel[.]gif hxxp://95[.]214[.]25[.]121/__utm[.]gif hxxp://124[.]71[.]46[.]93:8080/ptj hxxp://106[.]75[.]2[.]57:7000/en_US/all[.]js hxxps://121[.]40[.]66[.]171/dot[.]gif hxxp://8[.]219[.]207[.]66:6666/async/newtab_promos hxxp://20[.]51[.]226[.]216/VLeNAth hxxp://110[.]41[.]131[.]105:6666/cm hxxp://123[.]207[.]5[.]159:89/__utm[.]gif hxxp://95[.]214[.]25[.]121/dot[.]gif hxxp://101[.]43[.]96[.]246/j[.]ad hxxp://85[.]175[.]101[.]203/updates[.]rss hxxps://volkswagenvansuk[.]com/jquery-3[.]3[.]1[.]min[.]js hxxp://103[.]234[.]72[.]147/ptj hxxp://43[.]198[.]248[.]158/jquery-3[.]3[.]1[.]min[.]js hxxp://194[.]156[.]98[.]178:3737/P9qc	Cobalt Strike
URL	hxxp://bernardofata[.]icu/40d570f44e84a454[.]php hxxp://77[.]91[.]68[.]247/c36258786fdc16da[.]php hxxp://77[.]91[.]68[.]247/a5a762673348bc06/softokn3[.]dll hxxp://77[.]91[.]68[.]247/a5a762673348bc06/nss3[.]dll hxxp://77[.]91[.]68[.]247/a5a762673348bc06/freebl3[.]dll hxxp://77[.]91[.]68[.]247/a5a762673348bc06/sqlite3[.]dll hxxp://77[.]91[.]68[.]247/a5a762673348bc06/mozglue[.]dll hxxp://77[.]91[.]68[.]247/a5a762673348bc06/msvcp140[.]dll hxxp://77[.]91[.]68[.]247/a5a762673348bc06/vcruntime140[.]dll hxxp://193[.]233[.]232[.]54/e5f9db40aa1d5c5c[.]php hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/nss3[.]dll hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/sqlite3[.]dll hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/freebl3[.]dll hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/mozglue[.]dll hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/vcruntime140[.]dll hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/softokn3[.]dll hxxp://193[.]233[.]232[.]54/aca6587e25bb68e3/msvcp140[.]dll	Stealc
URL	hxxps://microtrimsltd[.]com[.]bd/etveniam/i[.]exe	SystemBC
URL	hxxp://163[.]123[.]142[.]171:8080/file/1699457954-Mhfahqwyu[.]exe	Coinminer
URL	hxxp://dayzilons[.]pw/api hxxp://killredls[.]pw/api hxxp://hoooldanos[.]pw/api hxxp://bobbycloud[.]pw/api hxxp://keewoolas[.]pw/api hxxp://mouskules[.]pw/api hxxp://consoles[.]pw/api hxxp://moskhoods[.]pw/api hxxp://plengreg[.]fun/api hxxps://5[.]42[.]64[.]16/TrueCrypt_EKouAd[.]exe hxxps://5[.]42[.]64[.]16/TrueCrypt_ZSSvJy[.]exe hxxp://taretool[.]pw/api hxxp://jomjolse[.]pw/api hxxp://moonsterd[.]pw/api hxxp://doooldues[.]pw/api	Lumma Stealer
URL	hxxps://serchmonkeyboss[.]com/0311[.]dll	Brute Ratel C4
URL	hxxp://5[.]181[.]159[.]32/Downloads/e91874c5d8c2[.]zip hxxps://posicionamientonatural[.]es/wp-content/uploads/2023/11/2/3/P757DS2612-nv[.]url	DarkGate
URL	hxxp://mail[.]treeoflifeadventures[.]com/wp-content/plugins/70d5e28f51c1438d94e3e6dc84b95311/xt/mmd/shell/kongaby2[.]1[.]exe	Formbook
URL	hxxp://retro-golf[.]com/MyBot[.]exe	Quasar RAT
URL	hxxps://longlakeweb[.]com/fEOV2v/ hxxps://longlakeweb[.]com/a3A7qLVn hxxps://longlakeweb[.]com/lander/chrome_1695206714/_cf[.]php hxxps://jonathanbonnici[.]com/lander/chrome_1695206714/_cf[.]php hxxps://jonathanbonnici[.]com/a3A7qLVn hxxps://jonathanbonnici[.]com/lander/chrome_1695206714/_index[.]php	ClearFake
URL	hxxp://54[.]90[.]216[.]100/XWorm%20V3[.]1[.]zip hxxp://54[.]90[.]216[.]100/XClient2[.]exe hxxp://54[.]90[.]216[.]100/XClientvm[.]exe hxxp://54[.]90[.]216[.]100/XClient[.]exe	XWorm
URL	hxxps://cdn[.]discordapp[.]com/attachments/1171697435362476054/1171697465800532008/8[.]EKIM[.]CARSAMBA_SIPARISLER[.]DOCX[.]jar hxxps://cdn[.]discordapp[.]com/attachments/1171729048175640662/1171729149472280576/SIPARIS_08[.]11[.]2023[.]PDF[.]jar hxxps://cdn[.]discordapp[.]com/attachments/1172836215263862847/1172836322109562930/11[.]11[.]2023_URUN_LISTESI[.]CSV[.]jar	AdWind
URL	hxxp://5[.]42[.]92[.]43/loghub/master	Mystic Stealer
URL	hxxp://639538cm[.]nyashcrack[.]top/nyashsupport[.]php	DCRat
URL	hxxp://188[.]127[.]249[.]32/cvg/HCLcleanupcachecookiebacupcleanall[.]doc	Remcos
URL	hxxp://193[.]109[.]85[.]77/server[.]php	StrelaStealer
URL	hxxps://budgienation[.]net/8be3e6ba43dab8455330b5b959edd110/2cba948feb9c53fce4409f0079aec61c[.]exe	Glupteba
URL	hxxps://ykwv[.]caching[.]oysterfloats[.]com/editContent	FAKEUPDATES

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております