D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様17社: 2023/11/27
※2023/11/27 更新
マルウェア感染させると考えられるURLを検知（2023/11/27）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://zang1[.]almashreaq[.]top/_errorpages/assadzx[.]exe
hxxp://zang1[.]almashreaq[.]top/_errorpages/EJbinzx[.]exe
hxxp://172[.]245[.]208[.]19/450/asusns[.]exe
hxxp://172[.]245[.]208[.]19/380/sihost[.]exe
Formbook


URL
hxxp://217196cm[.]nyashcrack[.]top/ToPythonGameasynctemporary[.]php
hxxp://598194cm[.]nyashland[.]top/VideoPipepacketProtectWindowsFlowerdlecentral[.]php
hxxp://82[.]146[.]59[.]131/binsupport/recordsearchercutCpu/Django/poolpluginServer/cut/game/recordhtopscreen/scriptpoolrecord/local/Cpu/Django/Auto/systemPrefdemo/ruleCpulocal/processorwpprivate[.]php
hxxp://77[.]91[.]124[.]202/Public4Pipe/javascriptlinuxCentralGeo/protect/4/geoPacketphpImage/4Videowordpress4/Gameserver/5/PythonWordpress/To3/9/ProviderUniversal/Voiddb/CentralDatalife4Default/0php/downloadsTest3/flower4Video/535Linux/VmprivateTemporary[.]php
hxxp://078301cm[.]nyashland[.]top/geoUpdatelinuxgeneratorTestWp[.]php
hxxp://83[.]147[.]245[.]42/sqlpacketProcessor/5/1low/Apiwindows/Geo/pythonPollLinux/HttpJavascript/Http_7/apiasync/voiddbDb/VoiddbprocessorPhp4/VmlinejspollpacketauthBigloadServercdnDownloads[.]php
DCRat


URL
hxxps://cdn[.]discordapp[.]com/attachments/1155767206974595093/1176469801414168626/eleciipicl[.]exe
hxxps://cdn[.]discordapp[.]com/attachments/1155767206974595093/1176469893319774208/jhsd[.]exe
hxxps://cdn[.]discordapp[.]com/attachments/1155767206974595093/1176469903260270602/Winlogon[.]exe
hxxps://185[.]117[.]91[.]202/n[.]jpg
hxxp://91[.]92[.]244[.]84/gd-index[.]hta
hxxp://91[.]92[.]244[.]84/gg[.]hta
AsyncRAT


URL
hxxps://www[.]rakishevkenes[.]com/yohoster/square[.]exe
hxxps://tungphamblog[.]com/Kolodi[.]exe
hxxp://213[.]248[.]43[.]71/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://213[.]248[.]43[.]71/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://213[.]248[.]43[.]68/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://213[.]248[.]43[.]68/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://91[.]92[.]245[.]23/otrab/sdfdsfdfssd[.]exe
hxxp://91[.]92[.]253[.]128/winrar[.]exe
RedLine Stealer


URL
hxxps://zang1[.]almashreaq[.]top/_errorpages/plugmanzx[.]exe
Nanocore RAT


URL
hxxp://103[.]106[.]104[.]240:37644/download/multi[.]sh
hxxp://92[.]170[.]23[.]212:10920/download/multi[.]sh
hxxp://72[.]167[.]37[.]90:11726/download/multi[.]sh
hxxp://185[.]16[.]61[.]124:34212/download/multi[.]sh
hxxp://213[.]132[.]213[.]122:38434/download/multi[.]sh
hxxp://202[.]1[.]200[.]246:15052/download/multi[.]sh
hxxp://200[.]201[.]202[.]66:31065/download/multi[.]sh
hxxp://165[.]22[.]83[.]182:54023/download/multi[.]sh
hxxp://23[.]88[.]116[.]133:30635/download/multi[.]sh
XMRig


URL
hxxps://qdzzg[.]sync[.]oystergardens[.]club/editContent
hxxps://ywaaa[.]sync[.]oystergardens[.]club/editContent
hxxps://oyjgq[.]sync[.]oystergardens[.]club/editContent
hxxps://ropft[.]sync[.]oystergardens[.]club/editContent
hxxps://xvuz[.]sync[.]oystergardens[.]club/editContent
hxxps://lzv[.]sync[.]oystergardens[.]club/editContent
hxxps://hbm[.]sync[.]oystergardens[.]club/editContent
hxxps://caxc[.]sync[.]oystergardens[.]club/editContent
FAKEUPDATES


URL
hxxps://logisticspierias[.]com/wp-admin/PLmp[.]exe
hxxp://galandskiyher5[.]com/downloads/toolspub2[.]exe
hxxps://galandskiyher5[.]com/downloads/toolspub1[.]exe
hxxp://weareelight[.]com/tmp/index[.]php
hxxp://trunk-co[.]ru/tmp/index[.]php
hxxp://piratia[.]pw/tmp/index[.]php
hxxp://pirateking[.]online/tmp/index[.]php
hxxp://humydrole[.]com/tmp/index[.]php
hxxp://go-piratia[.]ru/tmp/index[.]php
hxxp://uohhunkmnfhbimtagizqgwpmv[.]to/mvpuspgqwk[.]exe
hxxp://194[.]49[.]94[.]120/TrueCrypt_gHOteF[.]exe
SmokeLoader


URL
hxxps://excellentpatterns[.]com/lander/hyk7789hgd/_cf[.]php
hxxps://excellentpatterns[.]com/a3A7qLVn
hxxps://excellentpatterns[.]com/fEOV2v/
hxxps://dfjoiners[.]com/fEOV2v/
hxxps://dfjoiners[.]com/a3A7qLVn
ClearFake


URL
hxxps://angoraveteriner[.]com/sitemap/3157555319[.]png
Rhadamanthys


URL
hxxp://tenselwhoevery[.]pw/api
hxxp://athwartchannelly[.]pw/api
hxxp://194[.]49[.]94[.]97/ww/installation_speed[.]exe
hxxp://whethergaseoatra[.]pw/api
hxxp://ritzytaxypigefow[.]pw/api
hxxps://tungphamblog[.]com/fortune[.]exe
hxxp://musicallyageop[.]pw/api
hxxp://realinghuhuhmund[.]pw/api
hxxp://tirechinecarpett[.]pw/api
hxxps://cdn[.]discordapp[.]com/attachments/1164122344516767794/1175155322143379617/ZXCLOADER[.]zip
hxxp://109[.]107[.]182[.]45/i/smo[.]exe
Lumma Stealer


URL
hxxp://194[.]49[.]94[.]97/ww/ffs[.]exe
Eternity


URL
hxxp://64[.]188[.]12[.]78/RlBSdYdefZZIBx172[.]bin
hxxp://64[.]188[.]12[.]78/rPeFDhjkuesZ36[.]bin
hxxp://64[.]188[.]12[.]78/ZBmHzOzcfIU231[.]bin
hxxp://64[.]188[.]12[.]78/aPpILXhtUKtyAtfr66[.]bin
hxxp://dl[.]qishia[.]com/softs/ck8[.]exe
hxxp://172[.]93[.]164[.]28/ZrNzbmpwLJyEC112[.]bin
hxxp://172[.]93[.]164[.]28/YOZeAnuxQqDslbUcnPiUib225[.]bin
hxxp://172[.]93[.]164[.]28/qUKuUQhzyLL7[.]bin
hxxp://172[.]93[.]164[.]28/qWuSOlNkGqN116[.]bin
hxxp://172[.]93[.]164[.]28/hvHltlYouWPfj96[.]bin
hxxp://172[.]93[.]164[.]28/DXDdrtiPS60[.]bin
hxxp://172[.]93[.]164[.]28/iJyKnbMmQdOXAPt76[.]bin
hxxp://172[.]93[.]164[.]28/tIutbMjeUrl232[.]bin
hxxp://172[.]93[.]164[.]28/fnfCvDD219[.]bin
hxxp://172[.]93[.]164[.]28/RpIbCwReWOyxnJqwaOq94[.]bin
hxxp://172[.]93[.]164[.]28/UkYJWKSl212[.]bin
hxxp://172[.]93[.]164[.]28/heFLocRSCyeKqpsSmK150[.]bin
hxxp://46[.]183[.]222[.]19/NAOTy168[.]bin
hxxp://46[.]183[.]222[.]19/yXGifdw90[.]bin
hxxp://185[.]255[.]114[.]41/xyKuETptCAff111[.]bin
hxxp://46[.]183[.]222[.]19/RBwqB59[.]bin
hxxp://46[.]183[.]222[.]19/lkAoELrQcnhpiyfXOgUGXr210[.]bin
hxxp://185[.]255[.]114[.]41/wQfjDkQCfVcefodYUW219[.]bin
hxxp://64[.]188[.]12[.]82/FlDlINlKd50[.]bin
hxxp://64[.]188[.]12[.]82/fONZm79[.]bin
hxxp://64[.]188[.]12[.]82/wGapRZqx15[.]bin
hxxp://69[.]174[.]100[.]3/EevHsnSVg122[.]bin
hxxp://69[.]174[.]100[.]3/GNGjnhMgLjHHOr171[.]bin
CloudEyE


URL
hxxp://82[.]147[.]85[.]169/server/blockhost[.]exe
N-W0rm


URL
hxxp://118[.]89[.]124[.]242:2121/match
hxxp://8[.]141[.]81[.]51:7777/j[.]ad
hxxp://147[.]78[.]47[.]184:13247/cx
hxxp://95[.]214[.]25[.]121/g[.]pixel
hxxp://118[.]89[.]124[.]242:1234/activity
hxxp://60[.]204[.]223[.]119/dpixel
hxxp://47[.]113[.]204[.]90:8080/cm
hxxp://121[.]40[.]151[.]228:4444/visit[.]js
hxxps://3[.]72[.]24[.]250/watch
hxxp://1[.]94[.]10[.]2:8080/pixel
hxxp://43[.]156[.]2[.]29/owa/
hxxp://103[.]116[.]245[.]130:8087/cx
hxxp://51[.]79[.]230[.]42/ddm/fls/i/src
hxxp://43[.]153[.]206[.]194:1111/ptj
hxxp://1[.]116[.]144[.]253/ga[.]js
hxxp://101[.]43[.]165[.]220/cx
hxxp://8[.]141[.]81[.]51:7777/activity
hxxp://8[.]141[.]81[.]51:6666/push
hxxp://95[.]214[.]25[.]121/updates[.]rss
hxxp://124[.]71[.]46[.]93:8080/en_US/all[.]js
hxxps://159[.]203[.]120[.]79/ca
hxxp://62[.]234[.]54[.]38:8089/avatars
hxxps://195[.]25[.]243[.]89/api/v1/getLast
hxxp://60[.]204[.]227[.]242/ca
hxxps://51[.]250[.]16[.]184/load
hxxp://1[.]94[.]98[.]79/updates[.]rss
hxxp://47[.]94[.]221[.]227/ca
hxxp://50[.]114[.]242[.]15/ptj
hxxps://114[.]115[.]159[.]80/cm
hxxp://85[.]175[.]101[.]203/dpixel
hxxp://116[.]211[.]148[.]181:8000/pixel[.]gif
hxxp://104[.]143[.]46[.]178/jquery-3[.]3[.]1[.]min[.]js
hxxp://8[.]141[.]81[.]51:6666/ptj
hxxp://121[.]43[.]55[.]16/ptj
hxxp://103[.]176[.]178[.]88:8080/ga[.]js
hxxp://116[.]204[.]122[.]201/pixel
hxxp://52[.]198[.]192[.]145:7777/en_US/all[.]js
hxxp://156[.]251[.]31[.]75/pixel[.]gif
hxxp://139[.]159[.]203[.]44:8003/cx
hxxp://1[.]94[.]97[.]137:8000/axx[.]exe
hxxps://139[.]162[.]187[.]166/pixel[.]gif
hxxps://45[.]207[.]58[.]152/dpixel
Cobalt Strike


URL
hxxp://80[.]66[.]77[.]235/arm7
hxxp://93[.]123[.]85[.]6/project01[.]x86_64
Bashlite


URL
hxxp://sl[.]himanfast[.]com/order/tuc5[.]exe
Socks5 Systemz


URL
hxxps://todoistproject[.]com/Todoist-Project[.]zip
DUCKTAIL


URL
hxxps://pasteio[.]com/raw/xpKemuNsr6Zc
hxxps://pasteio[.]com/raw/x4vHvrR5KfYz
hxxps://sirinatpetrol[.]com/data[.]txt
Remcos


URL
hxxps://api[.]telegram[.]org/bot6899220110:AAEhS6HDsWPgi27wKN8gxlKUKVJ8RH74u0w/
hxxps://cdn[.]discordapp[.]com/attachments/1177514950583914549/1177521096870858792/AWB_Ref150322623947039pdf[.]7z
hxxps://api[.]telegram[.]org/bot6678776995:AAEAoWrzwNuEV6yRG8nHbn2U1uquoGmL67s/
hxxps://api[.]telegram[.]org/bot5675187021:AAES5DqvheiUxSVD-5oA19-jndWD8LB3Fqg/
Agent Tesla


URL
hxxp://finnmanninger[.]icu/40d570f44e84a454[.]php
hxxp://noahhausner[.]icu/timeSync[.]exe
hxxp://5[.]42[.]64[.]35/timeSync[.]exe
hxxp://tomwallner[.]icu/syncUpd[.]exe
hxxp://raphaelbischoff[.]icu/3886d2276f6914c4[.]php
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
hxxp://janmorath[.]icu/40d570f44e84a454[.]php
hxxp://florianhabeler[.]icu/3886d2276f6914c4[.]php
Stealc


URL
hxxp://5[.]42[.]92[.]190/trend/home[.]exe
hxxp://109[.]107[.]182[.]45/trend/home[.]exe
PrivateLoader


URL
hxxp://185[.]196[.]9[.]161/Jqjfw[.]exe
hxxp://176[.]123[.]171[.]210/pOVxaw24d/Plugins/clip[.]dll
hxxps://panel[.]ceo-reputation[.]ru/login/login[.]php
hxxp://cynshare[.]com/amd[.]exe
hxxp://185[.]172[.]128[.]19/Fineone[.]exe
Amadey


URL
hxxp://officeman[.]tk/images/gate[.]php
Pony


URL
hxxp://159[.]223[.]189[.]221/Server[.]exe
NjRAT


URL
hxxp://159[.]223[.]189[.]221/test[.]exe
Quasar RAT


URL
hxxp://159[.]223[.]189[.]221/update[.]exe
hxxp://159[.]223[.]189[.]221/updates[.]exe
NetWire


URL
hxxp://focus2[.]minhacasa[.]tv:6656/Vre
Vjw0rm


URL
hxxp://sev1-thaihometown[.]com/login[.]php
QakBot


URL
hxxps://terierkorn[.]top/ZTZkNTJjNTkwYzk3/
hxxps://bobnoopopo[.]org/ZTZkNTJjNTkwYzk3/
hxxps://junggvrebvqqpo[.]org/ZTZkNTJjNTkwYzk3/
hxxps://junggpervbvqqqqqqpo[.]com/ZTZkNTJjNTkwYzk3/
hxxps://junggvbvqqgrouppo[.]com/ZTZkNTJjNTkwYzk3/
hxxps://junggvbvqqnetokpo[.]com/ZTZkNTJjNTkwYzk3/
hxxps://junggvbvq[.]top/ZTZkNTJjNTkwYzk3/
hxxps://junggvbvq5656[.]top/ZTZkNTJjNTkwYzk3/
hxxps://jungjunjunggvbvq[.]top/ZTZkNTJjNTkwYzk3/
hxxps://91[.]92[.]244[.]80/CfK3ulGypS7Nns81/
hxxps://rootocto[.]com[.]tr/CfK3ulGypS7Nns81/
hxxps://toorocto[.]com[.]tr/CfK3ulGypS7Nns81/
Coper


URL
hxxps://gons27cl[.]top/build[.]exe
hxxps://gobo25cl[.]top/build[.]exe
hxxps://gons26cl[.]top/build[.]exe
hxxps://gons28cl[.]top/build[.]exe
hxxp://185[.]196[.]9[.]161/Opesi[.]exe
hxxp://185[.]196[.]8[.]238/Xxxpykzevor[.]exe
hxxps://gons30cl[.]top/build[.]exe
Vidar


URL
hxxps://github[.]com/Narutasku/Dll-Injector-Eac-Be-Work-All-Games-Fast-LoadLibrary/raw/main/Dll%20injector%20V5/Dll%20Injector%20V5%20Full%E2%80%AEnls[.][.]scr
hxxps://github[.]com/diablol2/SentinelSync-DLL-Injector/raw/main/SentinelSync/DLL%20Injector%20Resou%E2%80%AEnls[.][.]scr
hxxps://raw[.]githubusercontent[.]com/Narutasku/Dll-Injector-Eac-Be-Work-All-Games-Fast-LoadLibrary/main/Dll%20injector%20V5/Dll%20Injector%20V5%20Full%E2%80%AEnls[.][.]scr
hxxp://185[.]196[.]9[.]161/hvupdater12[.]exe
hxxp://82[.]147[.]85[.]169/server/services[.]exe
hxxps://github[.]com/XCoderB/DLL-Injector-C-Sharp/raw/main/DLL%20Injector/Loader%20Resou%E2%80%AEnls[.]scr
hxxps://raw[.]githubusercontent[.]com/XCoderB/DLL-Injector-C-Sharp/main/DLL%20Injector/Loader%20Resou%E2%80%AEnls[.]scr
hxxp://185[.]196[.]9[.]161/Wlssejinnvz[.]exe
hxxp://185[.]196[.]8[.]238/LauncherPatchv2[.]exe
hxxp://185[.]81[.]157[.]152:555/7777/777[.]jpg
zgRAT


URL
hxxps://suad[.]group/Lypqx[.]mp3
PureCrypter


URL
hxxps://livmesilovess[.]pro/downloads/update[.]exe
BumbleBee


URL
hxxp://45[.]15[.]156[.]116/conhost[.]exe
hxxp://141[.]98[.]7[.]18:81/xx
Coinminer


URL
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll
hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll
RecordBreaker


URL
hxxp://5[.]42[.]65[.]80/decord[.]exe
hxxp://185[.]172[.]128[.]69/brandumma[.]exe
Glupteba


URL
hxxp://1[.]94[.]97[.]137:8000/64_6666[.]exe
Meterpreter


URL
hxxp://159[.]65[.]215[.]80:81/demon[.]dll
Havoc


URL
hxxps://api[.]telegram[.]org/bot6582190069:AAEOxo2omzivwf1WBdz3Db1ZJCRSMBWbgoQ/sendMessage?chat_id=5262627523
Snake Keylogger


URL
hxxp://47[.]110[.]247[.]171/chdyz/chdyz[.]dll
Raccoon


URL
hxxp://gqc4[.]shop/C4341/index[.]php
Azorult




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://zang1[.]almashreaq[.]top/_errorpages/assadzx[.]exe hxxp://zang1[.]almashreaq[.]top/_errorpages/EJbinzx[.]exe hxxp://172[.]245[.]208[.]19/450/asusns[.]exe hxxp://172[.]245[.]208[.]19/380/sihost[.]exe	Formbook
URL	hxxp://217196cm[.]nyashcrack[.]top/ToPythonGameasynctemporary[.]php hxxp://598194cm[.]nyashland[.]top/VideoPipepacketProtectWindowsFlowerdlecentral[.]php hxxp://82[.]146[.]59[.]131/binsupport/recordsearchercutCpu/Django/poolpluginServer/cut/game/recordhtopscreen/scriptpoolrecord/local/Cpu/Django/Auto/systemPrefdemo/ruleCpulocal/processorwpprivate[.]php hxxp://77[.]91[.]124[.]202/Public4Pipe/javascriptlinuxCentralGeo/protect/4/geoPacketphpImage/4Videowordpress4/Gameserver/5/PythonWordpress/To3/9/ProviderUniversal/Voiddb/CentralDatalife4Default/0php/downloadsTest3/flower4Video/535Linux/VmprivateTemporary[.]php hxxp://078301cm[.]nyashland[.]top/geoUpdatelinuxgeneratorTestWp[.]php hxxp://83[.]147[.]245[.]42/sqlpacketProcessor/5/1low/Apiwindows/Geo/pythonPollLinux/HttpJavascript/Http_7/apiasync/voiddbDb/VoiddbprocessorPhp4/VmlinejspollpacketauthBigloadServercdnDownloads[.]php	DCRat
URL	hxxps://cdn[.]discordapp[.]com/attachments/1155767206974595093/1176469801414168626/eleciipicl[.]exe hxxps://cdn[.]discordapp[.]com/attachments/1155767206974595093/1176469893319774208/jhsd[.]exe hxxps://cdn[.]discordapp[.]com/attachments/1155767206974595093/1176469903260270602/Winlogon[.]exe hxxps://185[.]117[.]91[.]202/n[.]jpg hxxp://91[.]92[.]244[.]84/gd-index[.]hta hxxp://91[.]92[.]244[.]84/gg[.]hta	AsyncRAT
URL	hxxps://www[.]rakishevkenes[.]com/yohoster/square[.]exe hxxps://tungphamblog[.]com/Kolodi[.]exe hxxp://213[.]248[.]43[.]71/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://213[.]248[.]43[.]71/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://213[.]248[.]43[.]68/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://213[.]248[.]43[.]68/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://91[.]92[.]245[.]23/otrab/sdfdsfdfssd[.]exe hxxp://91[.]92[.]253[.]128/winrar[.]exe	RedLine Stealer
URL	hxxps://zang1[.]almashreaq[.]top/_errorpages/plugmanzx[.]exe	Nanocore RAT
URL	hxxp://103[.]106[.]104[.]240:37644/download/multi[.]sh hxxp://92[.]170[.]23[.]212:10920/download/multi[.]sh hxxp://72[.]167[.]37[.]90:11726/download/multi[.]sh hxxp://185[.]16[.]61[.]124:34212/download/multi[.]sh hxxp://213[.]132[.]213[.]122:38434/download/multi[.]sh hxxp://202[.]1[.]200[.]246:15052/download/multi[.]sh hxxp://200[.]201[.]202[.]66:31065/download/multi[.]sh hxxp://165[.]22[.]83[.]182:54023/download/multi[.]sh hxxp://23[.]88[.]116[.]133:30635/download/multi[.]sh	XMRig
URL	hxxps://qdzzg[.]sync[.]oystergardens[.]club/editContent hxxps://ywaaa[.]sync[.]oystergardens[.]club/editContent hxxps://oyjgq[.]sync[.]oystergardens[.]club/editContent hxxps://ropft[.]sync[.]oystergardens[.]club/editContent hxxps://xvuz[.]sync[.]oystergardens[.]club/editContent hxxps://lzv[.]sync[.]oystergardens[.]club/editContent hxxps://hbm[.]sync[.]oystergardens[.]club/editContent hxxps://caxc[.]sync[.]oystergardens[.]club/editContent	FAKEUPDATES
URL	hxxps://logisticspierias[.]com/wp-admin/PLmp[.]exe hxxp://galandskiyher5[.]com/downloads/toolspub2[.]exe hxxps://galandskiyher5[.]com/downloads/toolspub1[.]exe hxxp://weareelight[.]com/tmp/index[.]php hxxp://trunk-co[.]ru/tmp/index[.]php hxxp://piratia[.]pw/tmp/index[.]php hxxp://pirateking[.]online/tmp/index[.]php hxxp://humydrole[.]com/tmp/index[.]php hxxp://go-piratia[.]ru/tmp/index[.]php hxxp://uohhunkmnfhbimtagizqgwpmv[.]to/mvpuspgqwk[.]exe hxxp://194[.]49[.]94[.]120/TrueCrypt_gHOteF[.]exe	SmokeLoader
URL	hxxps://excellentpatterns[.]com/lander/hyk7789hgd/_cf[.]php hxxps://excellentpatterns[.]com/a3A7qLVn hxxps://excellentpatterns[.]com/fEOV2v/ hxxps://dfjoiners[.]com/fEOV2v/ hxxps://dfjoiners[.]com/a3A7qLVn	ClearFake
URL	hxxps://angoraveteriner[.]com/sitemap/3157555319[.]png	Rhadamanthys
URL	hxxp://tenselwhoevery[.]pw/api hxxp://athwartchannelly[.]pw/api hxxp://194[.]49[.]94[.]97/ww/installation_speed[.]exe hxxp://whethergaseoatra[.]pw/api hxxp://ritzytaxypigefow[.]pw/api hxxps://tungphamblog[.]com/fortune[.]exe hxxp://musicallyageop[.]pw/api hxxp://realinghuhuhmund[.]pw/api hxxp://tirechinecarpett[.]pw/api hxxps://cdn[.]discordapp[.]com/attachments/1164122344516767794/1175155322143379617/ZXCLOADER[.]zip hxxp://109[.]107[.]182[.]45/i/smo[.]exe	Lumma Stealer
URL	hxxp://194[.]49[.]94[.]97/ww/ffs[.]exe	Eternity
URL	hxxp://64[.]188[.]12[.]78/RlBSdYdefZZIBx172[.]bin hxxp://64[.]188[.]12[.]78/rPeFDhjkuesZ36[.]bin hxxp://64[.]188[.]12[.]78/ZBmHzOzcfIU231[.]bin hxxp://64[.]188[.]12[.]78/aPpILXhtUKtyAtfr66[.]bin hxxp://dl[.]qishia[.]com/softs/ck8[.]exe hxxp://172[.]93[.]164[.]28/ZrNzbmpwLJyEC112[.]bin hxxp://172[.]93[.]164[.]28/YOZeAnuxQqDslbUcnPiUib225[.]bin hxxp://172[.]93[.]164[.]28/qUKuUQhzyLL7[.]bin hxxp://172[.]93[.]164[.]28/qWuSOlNkGqN116[.]bin hxxp://172[.]93[.]164[.]28/hvHltlYouWPfj96[.]bin hxxp://172[.]93[.]164[.]28/DXDdrtiPS60[.]bin hxxp://172[.]93[.]164[.]28/iJyKnbMmQdOXAPt76[.]bin hxxp://172[.]93[.]164[.]28/tIutbMjeUrl232[.]bin hxxp://172[.]93[.]164[.]28/fnfCvDD219[.]bin hxxp://172[.]93[.]164[.]28/RpIbCwReWOyxnJqwaOq94[.]bin hxxp://172[.]93[.]164[.]28/UkYJWKSl212[.]bin hxxp://172[.]93[.]164[.]28/heFLocRSCyeKqpsSmK150[.]bin hxxp://46[.]183[.]222[.]19/NAOTy168[.]bin hxxp://46[.]183[.]222[.]19/yXGifdw90[.]bin hxxp://185[.]255[.]114[.]41/xyKuETptCAff111[.]bin hxxp://46[.]183[.]222[.]19/RBwqB59[.]bin hxxp://46[.]183[.]222[.]19/lkAoELrQcnhpiyfXOgUGXr210[.]bin hxxp://185[.]255[.]114[.]41/wQfjDkQCfVcefodYUW219[.]bin hxxp://64[.]188[.]12[.]82/FlDlINlKd50[.]bin hxxp://64[.]188[.]12[.]82/fONZm79[.]bin hxxp://64[.]188[.]12[.]82/wGapRZqx15[.]bin hxxp://69[.]174[.]100[.]3/EevHsnSVg122[.]bin hxxp://69[.]174[.]100[.]3/GNGjnhMgLjHHOr171[.]bin	CloudEyE
URL	hxxp://82[.]147[.]85[.]169/server/blockhost[.]exe	N-W0rm
URL	hxxp://118[.]89[.]124[.]242:2121/match hxxp://8[.]141[.]81[.]51:7777/j[.]ad hxxp://147[.]78[.]47[.]184:13247/cx hxxp://95[.]214[.]25[.]121/g[.]pixel hxxp://118[.]89[.]124[.]242:1234/activity hxxp://60[.]204[.]223[.]119/dpixel hxxp://47[.]113[.]204[.]90:8080/cm hxxp://121[.]40[.]151[.]228:4444/visit[.]js hxxps://3[.]72[.]24[.]250/watch hxxp://1[.]94[.]10[.]2:8080/pixel hxxp://43[.]156[.]2[.]29/owa/ hxxp://103[.]116[.]245[.]130:8087/cx hxxp://51[.]79[.]230[.]42/ddm/fls/i/src hxxp://43[.]153[.]206[.]194:1111/ptj hxxp://1[.]116[.]144[.]253/ga[.]js hxxp://101[.]43[.]165[.]220/cx hxxp://8[.]141[.]81[.]51:7777/activity hxxp://8[.]141[.]81[.]51:6666/push hxxp://95[.]214[.]25[.]121/updates[.]rss hxxp://124[.]71[.]46[.]93:8080/en_US/all[.]js hxxps://159[.]203[.]120[.]79/ca hxxp://62[.]234[.]54[.]38:8089/avatars hxxps://195[.]25[.]243[.]89/api/v1/getLast hxxp://60[.]204[.]227[.]242/ca hxxps://51[.]250[.]16[.]184/load hxxp://1[.]94[.]98[.]79/updates[.]rss hxxp://47[.]94[.]221[.]227/ca hxxp://50[.]114[.]242[.]15/ptj hxxps://114[.]115[.]159[.]80/cm hxxp://85[.]175[.]101[.]203/dpixel hxxp://116[.]211[.]148[.]181:8000/pixel[.]gif hxxp://104[.]143[.]46[.]178/jquery-3[.]3[.]1[.]min[.]js hxxp://8[.]141[.]81[.]51:6666/ptj hxxp://121[.]43[.]55[.]16/ptj hxxp://103[.]176[.]178[.]88:8080/ga[.]js hxxp://116[.]204[.]122[.]201/pixel hxxp://52[.]198[.]192[.]145:7777/en_US/all[.]js hxxp://156[.]251[.]31[.]75/pixel[.]gif hxxp://139[.]159[.]203[.]44:8003/cx hxxp://1[.]94[.]97[.]137:8000/axx[.]exe hxxps://139[.]162[.]187[.]166/pixel[.]gif hxxps://45[.]207[.]58[.]152/dpixel	Cobalt Strike
URL	hxxp://80[.]66[.]77[.]235/arm7 hxxp://93[.]123[.]85[.]6/project01[.]x86_64	Bashlite
URL	hxxp://sl[.]himanfast[.]com/order/tuc5[.]exe	Socks5 Systemz
URL	hxxps://todoistproject[.]com/Todoist-Project[.]zip	DUCKTAIL
URL	hxxps://pasteio[.]com/raw/xpKemuNsr6Zc hxxps://pasteio[.]com/raw/x4vHvrR5KfYz hxxps://sirinatpetrol[.]com/data[.]txt	Remcos
URL	hxxps://api[.]telegram[.]org/bot6899220110:AAEhS6HDsWPgi27wKN8gxlKUKVJ8RH74u0w/ hxxps://cdn[.]discordapp[.]com/attachments/1177514950583914549/1177521096870858792/AWB_Ref150322623947039pdf[.]7z hxxps://api[.]telegram[.]org/bot6678776995:AAEAoWrzwNuEV6yRG8nHbn2U1uquoGmL67s/ hxxps://api[.]telegram[.]org/bot5675187021:AAES5DqvheiUxSVD-5oA19-jndWD8LB3Fqg/	Agent Tesla
URL	hxxp://finnmanninger[.]icu/40d570f44e84a454[.]php hxxp://noahhausner[.]icu/timeSync[.]exe hxxp://5[.]42[.]64[.]35/timeSync[.]exe hxxp://tomwallner[.]icu/syncUpd[.]exe hxxp://raphaelbischoff[.]icu/3886d2276f6914c4[.]php hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://195[.]20[.]16[.]40/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://janmorath[.]icu/40d570f44e84a454[.]php hxxp://florianhabeler[.]icu/3886d2276f6914c4[.]php	Stealc
URL	hxxp://5[.]42[.]92[.]190/trend/home[.]exe hxxp://109[.]107[.]182[.]45/trend/home[.]exe	PrivateLoader
URL	hxxp://185[.]196[.]9[.]161/Jqjfw[.]exe hxxp://176[.]123[.]171[.]210/pOVxaw24d/Plugins/clip[.]dll hxxps://panel[.]ceo-reputation[.]ru/login/login[.]php hxxp://cynshare[.]com/amd[.]exe hxxp://185[.]172[.]128[.]19/Fineone[.]exe	Amadey
URL	hxxp://officeman[.]tk/images/gate[.]php	Pony
URL	hxxp://159[.]223[.]189[.]221/Server[.]exe	NjRAT
URL	hxxp://159[.]223[.]189[.]221/test[.]exe	Quasar RAT
URL	hxxp://159[.]223[.]189[.]221/update[.]exe hxxp://159[.]223[.]189[.]221/updates[.]exe	NetWire
URL	hxxp://focus2[.]minhacasa[.]tv:6656/Vre	Vjw0rm
URL	hxxp://sev1-thaihometown[.]com/login[.]php	QakBot
URL	hxxps://terierkorn[.]top/ZTZkNTJjNTkwYzk3/ hxxps://bobnoopopo[.]org/ZTZkNTJjNTkwYzk3/ hxxps://junggvrebvqqpo[.]org/ZTZkNTJjNTkwYzk3/ hxxps://junggpervbvqqqqqqpo[.]com/ZTZkNTJjNTkwYzk3/ hxxps://junggvbvqqgrouppo[.]com/ZTZkNTJjNTkwYzk3/ hxxps://junggvbvqqnetokpo[.]com/ZTZkNTJjNTkwYzk3/ hxxps://junggvbvq[.]top/ZTZkNTJjNTkwYzk3/ hxxps://junggvbvq5656[.]top/ZTZkNTJjNTkwYzk3/ hxxps://jungjunjunggvbvq[.]top/ZTZkNTJjNTkwYzk3/ hxxps://91[.]92[.]244[.]80/CfK3ulGypS7Nns81/ hxxps://rootocto[.]com[.]tr/CfK3ulGypS7Nns81/ hxxps://toorocto[.]com[.]tr/CfK3ulGypS7Nns81/	Coper
URL	hxxps://gons27cl[.]top/build[.]exe hxxps://gobo25cl[.]top/build[.]exe hxxps://gons26cl[.]top/build[.]exe hxxps://gons28cl[.]top/build[.]exe hxxp://185[.]196[.]9[.]161/Opesi[.]exe hxxp://185[.]196[.]8[.]238/Xxxpykzevor[.]exe hxxps://gons30cl[.]top/build[.]exe	Vidar
URL	hxxps://github[.]com/Narutasku/Dll-Injector-Eac-Be-Work-All-Games-Fast-LoadLibrary/raw/main/Dll%20injector%20V5/Dll%20Injector%20V5%20Full%E2%80%AEnls[.][.]scr hxxps://github[.]com/diablol2/SentinelSync-DLL-Injector/raw/main/SentinelSync/DLL%20Injector%20Resou%E2%80%AEnls[.][.]scr hxxps://raw[.]githubusercontent[.]com/Narutasku/Dll-Injector-Eac-Be-Work-All-Games-Fast-LoadLibrary/main/Dll%20injector%20V5/Dll%20Injector%20V5%20Full%E2%80%AEnls[.][.]scr hxxp://185[.]196[.]9[.]161/hvupdater12[.]exe hxxp://82[.]147[.]85[.]169/server/services[.]exe hxxps://github[.]com/XCoderB/DLL-Injector-C-Sharp/raw/main/DLL%20Injector/Loader%20Resou%E2%80%AEnls[.]scr hxxps://raw[.]githubusercontent[.]com/XCoderB/DLL-Injector-C-Sharp/main/DLL%20Injector/Loader%20Resou%E2%80%AEnls[.]scr hxxp://185[.]196[.]9[.]161/Wlssejinnvz[.]exe hxxp://185[.]196[.]8[.]238/LauncherPatchv2[.]exe hxxp://185[.]81[.]157[.]152:555/7777/777[.]jpg	zgRAT
URL	hxxps://suad[.]group/Lypqx[.]mp3	PureCrypter
URL	hxxps://livmesilovess[.]pro/downloads/update[.]exe	BumbleBee
URL	hxxp://45[.]15[.]156[.]116/conhost[.]exe hxxp://141[.]98[.]7[.]18:81/xx	Coinminer
URL	hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll hxxp://5[.]42[.]65[.]58/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll	RecordBreaker
URL	hxxp://5[.]42[.]65[.]80/decord[.]exe hxxp://185[.]172[.]128[.]69/brandumma[.]exe	Glupteba
URL	hxxp://1[.]94[.]97[.]137:8000/64_6666[.]exe	Meterpreter
URL	hxxp://159[.]65[.]215[.]80:81/demon[.]dll	Havoc
URL	hxxps://api[.]telegram[.]org/bot6582190069:AAEOxo2omzivwf1WBdz3Db1ZJCRSMBWbgoQ/sendMessage?chat_id=5262627523	Snake Keylogger
URL	hxxp://47[.]110[.]247[.]171/chdyz/chdyz[.]dll	Raccoon
URL	hxxp://gqc4[.]shop/C4341/index[.]php	Azorult

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております