D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様2社: 2024/01/05
※2024/01/05 更新
マルウェア感染させると考えられるURLを検知（2024/01/05）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://23[.]88[.]35[.]65/i686
hxxp://176[.]105[.]227[.]244/gummy[.]arm7
hxxp://176[.]105[.]227[.]244/gummy[.]sparc
hxxp://176[.]105[.]227[.]244/gummy[.]sh4
hxxp://176[.]105[.]227[.]244/gummy[.]arm4
hxxp://176[.]105[.]227[.]244/gummy[.]x86
hxxp://176[.]105[.]227[.]244/gummy[.]arm5
hxxp://176[.]105[.]227[.]244/gummy[.]mipsel
hxxp://176[.]105[.]227[.]244/gummy[.]arm6
hxxp://176[.]105[.]227[.]244/gummy[.]m68k
hxxp://176[.]105[.]227[.]244/gummy[.]i686
hxxp://176[.]105[.]227[.]244/gummy[.]i586
hxxp://23[.]88[.]35[.]65/armv5l
hxxp://23[.]88[.]35[.]65/sh4
hxxp://23[.]88[.]35[.]65/i586
hxxp://23[.]88[.]35[.]65/mipsel
hxxp://23[.]88[.]35[.]65/armv4l
hxxp://23[.]88[.]35[.]65/sparc
hxxp://23[.]88[.]35[.]65/powerpc
hxxp://23[.]88[.]35[.]65/mips
hxxp://23[.]88[.]35[.]65/armv6l
hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]mpsl
hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]ppc
hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]sparc
hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]arm7
hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]x86
hxxp://45[.]95[.]147[.]172/skid[.]arm5
hxxp://45[.]95[.]147[.]172/skid[.]arm6
hxxp://91[.]92[.]246[.]170/skid[.]sh4
hxxp://91[.]92[.]246[.]170/skid[.]arm7
hxxps://mnoger[.]cf/fuckjewishpeople[.]sparc
hxxps://mnoger[.]cf/fuckjewishpeople[.]ppc
hxxps://mnoger[.]cf/fuckjewishpeople[.]mpsl
hxxps://mnoger[.]cf/mnoger[.]sh
hxxps://mnoger[.]cf/fuckjewishpeople[.]arm7
hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]sparc
hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]mpsl
hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]arm7
hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]ppc
hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]x86
Bashlite


URL
hxxp://193[.]25[.]214[.]212/YviVdglqtT239[.]bin
hxxp://193[.]25[.]214[.]212/EpLYgGfP242[.]bin
hxxps://cdn[.]discordapp[.]com/attachments/707209984655753268/1189673489662218240/Scanned_Documents_export-039383-Tiltrkn[.]vbs
hxxp://193[.]25[.]214[.]212/zEnot127[.]bin
hxxp://146[.]70[.]79[.]52/SbkCcrP134[.]bin
hxxp://85[.]209[.]176[.]46/jgzllCMhMzQzlIFwN152[.]bin
CloudEyE


URL
hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/ColourDamo[.]zip
hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/grwas[.]exe
hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/new/HDMR1[.]zip
hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/new/freas[.]exe
NetSupportManager RAT


URL
hxxps://www[.]bakirkoynakliyat[.]gen[.]tr/temp/Klassikas[.]exe
hxxps://falsifydisappearsoaeka[.]pw/api
hxxps://politefrightenpowoa[.]pw/api
hxxps://recessionconceptjetwe[.]pw/api
hxxps://fitnescivilianquesw[.]pw/api
hxxps://playerweighmailydailew[.]pw/api
hxxps://opposesicknessopw[.]pw/api
hxxps://carstirgapcheatdeposwte[.]pw/api
hxxps://blastechohackopeower[.]pw/api
hxxps://representrecyclere[.]pw/api
hxxps://reviveincapablewew[.]pw/api
hxxps://mountainlegislaturel[.]pw/api
hxxps://insertrichdedicatewa[.]pw/api
hxxp://91[.]92[.]242[.]146/files/MIXTWO[.]file
hxxp://91[.]92[.]242[.]34/files/MIXTWO[.]file
Lumma Stealer


URL
hxxps://ruuuajajs122[.]ru/ZjQ5NDRmZmVlNDI4/
hxxps://ccuaayay2[.]com/ZjQ5NDRmZmVlNDI4/
hxxps://essmeel1ccc[.]ru/ZjQ5NDRmZmVlNDI4/
hxxps://194[.]33[.]191[.]34/ZjQ5NDRmZmVlNDI4/
hxxps://babawwe2aa[.]com/ZjQ5NDRmZmVlNDI4/
hxxps://pasaoglu48abc[.]ru/OGY2YWU5OTM4OTQ3/
hxxps://bapasagkk33[.]ru/OGY2YWU5OTM4OTQ3/
hxxps://potasus000[.]top/ZTZkNTJjNTkwYzk3/
hxxps://85[.]209[.]176[.]160/sbffpth/
hxxps://85[.]209[.]176[.]190/sbffpth/
hxxps://alinmamisd0main1[.]net/sbffpth/
hxxps://alinmamisd0main2[.]net/sbffpth/
hxxps://kinonlisplazmaoplayor[.]net/Ct93YnSiPAKlQbK2/
hxxps://kinonlisplazmaoplayor[.]com/Ct93YnSiPAKlQbK2/
hxxps://kinonlisplazmaoplayor[.]xyz/Ct93YnSiPAKlQbK2/
hxxps://kinonlisplazmaoplayor[.]site/Ct93YnSiPAKlQbK2/
hxxps://83[.]97[.]73[.]246/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies[.]net/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies[.]com/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies[.]xyz/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies9[.]com/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies9[.]xyz/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies9[.]net/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies10[.]net/YjI0ZTQxMWI2ZjMw/
hxxps://hppynweyreadaddies10[.]xyz/YjI0ZTQxMWI2ZjMw/
hxxps://62[.]233[.]50[.]113/Ct93YnSiPAKlQbK2/
Coper


URL
hxxps://proexbit[.]com/cdn-vs/get[.]php
hxxps://proexbit[.]com/cache/news[.]php?3144
hxxps://proexbit[.]com/qzwewmrqqgqnaww[.]php
hxxps://xrhs[.]scheme[.]corycabana[.]net/editContent
hxxps://dxe[.]scheme[.]corycabana[.]net/editContent
hxxps://ratingsentry[.]com/cdn-vs/get[.]php
hxxps://wxnxm[.]scheme[.]corycabana[.]net/editContent
hxxps://ratingsentry[.]com/cache/qzwewmrqqgqnaww[.]php
hxxps://hdiw[.]scheme[.]corycabana[.]net/editContent
hxxps://gko[.]scheme[.]corycabana[.]net/editContent
hxxps://bosur[.]sync[.]oystergardens[.]club/editContent
hxxps://ntg[.]scheme[.]corycabana[.]net/editContent
hxxps://jsrb[.]scheme[.]corycabana[.]net/editContent
hxxps://wvmnz[.]scheme[.]corycabana[.]net/editContent
hxxps://jennifergalvin[.]com/cdn-vs/get[.]php
hxxps://jennifergalvin[.]com/cache/qzwewmrqqgqnaww[.]php
hxxps://jesusanaya[.]com/GetData[.]php
hxxps://zbkn[.]settings[.]oysterfloats[.]org/editContent
hxxps://nkfxt[.]scheme[.]corycabana[.]net/editContent
hxxps://ciqcy[.]scheme[.]corycabana[.]net/editContent
hxxps://kzu[.]settings[.]oysterfloats[.]org/editContent
hxxps://kineticwing[.]com/cdn-vs/get[.]php
hxxps://kineticwing[.]com/cache/qzwewmrqqgqnaww[.]php
hxxps://cggq[.]scheme[.]corycabana[.]net/editContent
hxxps://sfh[.]scheme[.]corycabana[.]net/editContent
hxxps://her[.]scheme[.]corycabana[.]net/editContent
FAKEUPDATES


URL
hxxps://log-c9f407[.]biiibiiii[.]com/api/3
hxxp://107[.]151[.]244[.]121:4444/ga[.]js
hxxp://107[.]151[.]244[.]121:4444/j[.]ad
hxxps://119[.]91[.]145[.]178/www/handle/doc
hxxps://172[.]203[.]164[.]86/safebrowsing/fp/VCSWOWebnWKE13PBNDSKUVEe8lHx54
hxxp://124[.]71[.]130[.]71/dot[.]gif
hxxps://42[.]51[.]45[.]241/ca
hxxp://154[.]204[.]60[.]179/__utm[.]gif
hxxp://106[.]55[.]186[.]215:81/pixel[.]gif
hxxps://124[.]223[.]189[.]175:6666/IE9CompatViewList[.]xml
hxxps://116[.]205[.]161[.]207/cx
hxxp://47[.]103[.]20[.]98:803/IE9CompatViewList[.]xml
hxxp://91[.]149[.]236[.]82:60053/cx
hxxp://m[.]dwb789[.]com:60053/cx
hxxp://23[.]95[.]197[.]194/__utm[.]gif
hxxp://47[.]120[.]50[.]234:57777/j[.]ad
hxxp://43[.]138[.]41[.]32:7000/push
hxxp://82[.]157[.]153[.]184:61124/cm
hxxps://110[.]42[.]213[.]232/load
hxxps://80[.]66[.]75[.]53/functionalStatus/MwKRu-HyToYcqt-hF63baudHjRkwrqBGPdF
hxxps://111[.]229[.]187[.]212/cm
hxxp://47[.]109[.]104[.]24/jquery-3[.]3[.]1[.]min[.]js
hxxp://110[.]42[.]214[.]238:5555/pixel[.]gif
hxxp://110[.]42[.]214[.]238:55555/cx
hxxps://rhcsa[.]linux-shared-pkgs[.]de/en_US/all[.]js
hxxps://rhcsa[.]linux-shared-pkgs[.]de/j[.]ad
hxxps://91[.]92[.]245[.]54/compare/v1[.]44/VXK7P0GBE8
hxxp://45[.]207[.]47[.]21:10011/g[.]pixel
hxxp://45[.]207[.]47[.]21:10011/ptj
hxxp://103[.]143[.]248[.]179/ga[.]js
hxxp://103[.]143[.]248[.]179:81/j[.]ad
hxxp://47[.]108[.]137[.]190:50050/g[.]pixel
hxxp://103[.]36[.]196[.]60:1233/dpixel
hxxp://118[.]31[.]114[.]23/updates[.]rss
hxxp://79[.]124[.]40[.]106:82/ptj
hxxp://79[.]124[.]40[.]106:81/j[.]ad
hxxps://58[.]218[.]215[.]156/jquery-3[.]3[.]1[.]min[.]js
hxxps://124[.]238[.]243[.]239/jquery-3[.]3[.]1[.]min[.]js
hxxps://58[.]218[.]215[.]148/jquery-3[.]3[.]1[.]min[.]js
hxxps://140[.]207[.]247[.]233/jquery-3[.]3[.]1[.]min[.]js
hxxps://117[.]135[.]134[.]82/jquery-3[.]3[.]1[.]min[.]js
hxxps://124[.]238[.]243[.]237/jquery-3[.]3[.]1[.]min[.]js
hxxps://220[.]181[.]164[.]253/jquery-3[.]3[.]1[.]min[.]js
hxxps://list[.]xcb[.]one/visit[.]js
hxxps://188[.]116[.]22[.]196/IE9CompatViewList[.]xml
hxxps://47[.]100[.]99[.]191/c/msdownload/update/others/2023/12/21/update-2f2gfio2fj208fugi3g3[.]cab
hxxp://121[.]41[.]0[.]213:4444/ptj
hxxps://bac[.]acs551[.]top/pixel[.]gif
hxxps://bac[.]acs551[.]top/g[.]pixel
hxxps://152[.]136[.]55[.]237/jquery-3[.]3[.]1[.]min[.]js
hxxp://213[.]252[.]246[.]175:24413/ptj
hxxp://216[.]128[.]149[.]75/push
hxxp://213[.]252[.]246[.]175:24413/cm
hxxp://45[.]134[.]225[.]243:54141/dot[.]gif
hxxp://45[.]134[.]225[.]243:54141/dpixel
hxxp://45[.]134[.]225[.]243:48520/g[.]pixel
hxxp://45[.]134[.]225[.]243:48520/ca
hxxp://140[.]83[.]59[.]220:802/pixel[.]gif
hxxp://140[.]83[.]59[.]220:802/load
hxxp://149[.]88[.]66[.]173:2788/push
hxxp://149[.]88[.]66[.]173:2788/ca
hxxp://114[.]115[.]220[.]199:7711/visit[.]js
hxxp://114[.]115[.]220[.]199:7711/pixel
hxxp://106[.]14[.]83[.]3/en_US/all[.]js
hxxp://194[.]87[.]218[.]132/dpixel
hxxps://www[.]yingmala[.]top/push
hxxps://www[.]yingmala[.]top/visit[.]js
hxxp://updates[.]adobe-soft[.]net:8000/visit[.]js
hxxp://updates[.]adobe-soft[.]net:8000/cm
hxxps://23[.]105[.]214[.]104/en_US/all[.]js
hxxps://20[.]196[.]198[.]116:53/Level/printenv/D2UDLM17
hxxps://cs[.]xcb[.]one:53/Level/printenv/D2UDLM17
hxxps://47[.]100[.]249[.]61:57800/cm
hxxps://47[.]100[.]249[.]61:57800/load
hxxp://154[.]204[.]60[.]179:81/updates[.]rss
hxxp://154[.]204[.]60[.]179:81/ca
hxxps://139[.]180[.]191[.]240/download/20/ZO2XY7A4BOWU
hxxps://lagrcloud[.]link/ga[.]js
hxxps://js[.]msedgeupdate[.]com/cm
hxxps://api[.]taipowers[.]com/login[.]gif
hxxps://api[.]taipowers[.]com/code[.]gif
hxxps://api[.]upgrad3[.]cc/ca
hxxps://ccs[.]zz9[.]mom/en_US/all[.]js
hxxps://ccs[.]zz9[.]mom/ca
hxxps://epsonupdate[.]uk/activity
hxxps://cdn-014[.]epsonupdate[.]uk/en_US/all[.]js
hxxps://101[.]43[.]165[.]220/fwlink
hxxp://59[.]110[.]172[.]50/j[.]ad
hxxps://101[.]43[.]165[.]220/j[.]ad
hxxp://142[.]171[.]42[.]174:7890/g[.]pixel
hxxps://103[.]199[.]16[.]143:3443/dpixel
hxxps://103[.]199[.]16[.]143:3443/ptj
hxxp://124[.]71[.]184[.]133/ca
hxxp://124[.]71[.]184[.]133/visit[.]js
hxxp://91[.]92[.]254[.]204:772/cx
hxxp://8[.]138[.]104[.]161:88/load
hxxp://91[.]92[.]254[.]204:772/IE9CompatViewList[.]xml
hxxp://8[.]138[.]104[.]161:88/g[.]pixel
hxxp://124[.]221[.]171[.]136:4445/fwlink
hxxps://107[.]148[.]49[.]58/g[.]pixel
hxxp://124[.]221[.]171[.]136:4445/visit[.]js
hxxps://107[.]148[.]49[.]58/en_US/all[.]js
hxxps://146[.]70[.]87[.]134:8443/j[.]ad
hxxps://146[.]70[.]87[.]134:8443/load
hxxp://116[.]198[.]46[.]64:6666/IE9CompatViewList[.]xml
hxxp://163[.]5[.]169[.]2/dot[.]gif
hxxp://137[.]175[.]19[.]153:8088/pixel
hxxp://202[.]103[.]198[.]67:8080/info__testge
hxxp://117[.]72[.]36[.]189:6666/dot[.]gif
hxxp://101[.]43[.]49[.]244:808/ca
hxxp://122[.]51[.]68[.]179/cm
hxxps://cs[.]xcb[.]one/jquery-3[.]3[.]1[.]min[.]js
hxxps://20[.]196[.]198[.]116/jquery-3[.]3[.]1[.]min[.]js
hxxps://167[.]172[.]86[.]60/Level/aol/5PN095PYE
hxxp://43[.]139[.]235[.]226:8089/match
hxxp://103[.]143[.]248[.]179:81/updates[.]rss
hxxp://103[.]143[.]248[.]179/fwlink
hxxp://47[.]108[.]175[.]149:8888/IE9CompatViewList[.]xml
hxxp://47[.]108[.]175[.]149/ca
hxxps://43[.]138[.]72[.]70:4431/push
hxxps://124[.]71[.]165[.]5:18433/cm
hxxps://35[.]240[.]254[.]70:9443/jquery-3[.]3[.]1[.]min[.]js
hxxps://43[.]138[.]72[.]70:8012/updates[.]rss
hxxps://124[.]71[.]165[.]5:18433/load
hxxps://43[.]138[.]72[.]70:8012/match
hxxps://91[.]92[.]254[.]115:2001/IE9CompatViewList[.]xml
hxxps://91[.]92[.]254[.]115:2001/cm
hxxps://152[.]70[.]80[.]120/pixel[.]gif
hxxps://152[.]70[.]80[.]120/g[.]pixel
hxxp://149[.]88[.]75[.]218:8077/match
hxxp://149[.]88[.]75[.]218:8077/pixel
hxxps://43[.]138[.]72[.]70:4431/ga[.]js
hxxps://192[.]3[.]255[.]42:8443/jquery-3[.]3[.]1[.]min[.]js
hxxps://101[.]35[.]141[.]80:8443/cx
hxxps://101[.]35[.]141[.]80:8443/dpixel
hxxps://107[.]148[.]163[.]83:4430/g[.]pixel
hxxps://107[.]148[.]163[.]83:4430/match
hxxps://vilscloud[.]link/g[.]pixel
hxxps://vilscloud[.]link/match
hxxps://js[.]yalafix[.]com/checkin
hxxps://3se9ewodke339f0e83[.]connectivitytests[.]com/dot[.]gif
hxxps://3se9ewodke339f0e83[.]connectivitytests[.]com/IE9CompatViewList[.]xml
hxxps://www[.]goodljlagfhssss[.]live/owa/
hxxps://45[.]14[.]66[.]194/j[.]ad
hxxp://103[.]143[.]248[.]179/g[.]pixel
hxxp://120[.]46[.]132[.]197/ptj
hxxps://lindacolor[.]com/Test/v3[.]56/NJ4PFEOSIGF
hxxp://38[.]181[.]2[.]11/pixel
hxxp://124[.]71[.]205[.]116:802/dot[.]gif
hxxp://septcntr[.]com:81/annotate/project/48Q040IJC
hxxps://septcntr[.]com:444/annotate/project/48Q040IJC
hxxps://erihudeg[.]com:444/Validate/Account/KDIKPCOYWU
hxxps://erihudeg[.]com:8081/Validate/Account/KDIKPCOYWU
hxxps://conectmeto[.]net:444/reactivate/robotics/6JMNBRXRQKFK
hxxps://lindacolor[.]com:444/Test/v3[.]56/NJ4PFEOSIGF
hxxps://lindacolor[.]com:8081/Test/v3[.]56/NJ4PFEOSIGF
hxxp://124[.]223[.]6[.]67:9000/load
hxxp://45[.]93[.]20[.]242/match
hxxp://147[.]78[.]47[.]183:81/ca
hxxp://198[.]44[.]166[.]213:2222/IE9CompatViewList[.]xml
hxxp://local[.]navybd-gov[.]info/jquery-3[.]3[.]1[.]min[.]js
hxxp://148[.]135[.]67[.]47:8081/www/handle/doc
hxxp://116[.]205[.]161[.]207/ga[.]js
hxxp://124[.]220[.]224[.]87:9090/push
hxxp://150[.]158[.]139[.]244:7788/ca
hxxp://1[.]15[.]189[.]30/cx
hxxp://47[.]90[.]247[.]182/visit[.]js
hxxp://147[.]78[.]47[.]183:82/updates[.]rss
hxxp://101[.]37[.]14[.]112:8989/cm
hxxps://106[.]54[.]209[.]36/pixel[.]gif
hxxp://88[.]214[.]27[.]53:8000/en_US/all[.]js
hxxp://39[.]105[.]31[.]188/push
hxxp://110[.]42[.]213[.]232/j[.]ad
hxxp://43[.]153[.]206[.]194:1111/g[.]pixel
hxxp://47[.]236[.]19[.]63:8989/updates[.]rss
hxxp://110[.]42[.]213[.]232:6666/dpixel
hxxp://service-pgxnje5g-1307231181[.]gz[.]tencentapigw[.]com:9999/visit[.]js
hxxp://47[.]116[.]17[.]169:5001/push
hxxp://chaojimanyi[.]com/pixel
hxxp://111[.]231[.]22[.]61/push
hxxps://39[.]100[.]128[.]2/split/d/7473220OP
hxxps://120[.]48[.]58[.]156/ga[.]js
hxxp://79[.]124[.]40[.]106:81/push
hxxp://79[.]124[.]40[.]106:82/en_US/all[.]js
hxxp://45[.]155[.]249[.]164/DoFor/v7[.]66/LKCFCEUYZ8J3
hxxp://110[.]42[.]213[.]232:6666/cm
hxxp://47[.]108[.]137[.]190:50050/push
hxxp://118[.]31[.]114[.]23/en_US/all[.]js
hxxp://47[.]90[.]247[.]182/dot[.]gif
hxxp://124[.]71[.]222[.]33:8088/ptj
hxxp://124[.]71[.]46[.]93:8080/pixel
hxxp://43[.]136[.]218[.]157:5555/__utm[.]gif
hxxp://43[.]136[.]218[.]157:4444/g[.]pixel
hxxps://service-18c6z8nb-1303896379[.]sh[.]tencentapigw[.]cn/api/x
hxxps://120[.]76[.]174[.]208/Del/lockout/Q56SZ0MJI3
hxxps://101[.]132[.]148[.]46/Del/lockout/Q56SZ0MJI3
hxxps://47[.]93[.]222[.]32/Del/lockout/Q56SZ0MJI3
hxxp://170[.]130[.]55[.]84/jquery-3[.]3[.]1[.]min[.]js
hxxps://94[.]74[.]105[.]131:8888/metro91/admin/1/ppptp[.]jpg
hxxp://114[.]115[.]210[.]125:8880/IE9CompatViewList[.]xml
hxxp://154[.]3[.]2[.]253/dpixel
hxxp://39[.]105[.]4[.]90/g[.]pixel
hxxp://43[.]139[.]74[.]167/dpixel
hxxp://206[.]119[.]171[.]125/__utm[.]gif
hxxp://23[.]26[.]147[.]185/en_US/all[.]js
hxxp://47[.]93[.]216[.]2:8055/__utm[.]gif
hxxp://23[.]95[.]197[.]194/activity
hxxps://101[.]43[.]58[.]176/pixel[.]gif
Cobalt Strike


URL
hxxp://cbinr[.]com/forum/Login[.]php
hxxp://5[.]42[.]66[.]0/newbuild[.]exe
hxxp://109[.]107[.]182[.]3/love/bongo[.]exe
Amadey


URL
hxxps://cdn[.]discordapp[.]com/attachments/1189435373085020294/1189835445194997781/28-12-2023-SIPARISLER[.]PDF[.]jar
AdWind


URL
hxxp://80[.]66[.]89[.]157/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://80[.]66[.]89[.]157/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://213[.]248[.]43[.]100/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://213[.]248[.]43[.]100/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://80[.]66[.]89[.]68/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://80[.]66[.]89[.]68/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms
hxxp://109[.]107[.]182[.]3/test/valid[.]exe
hxxp://77[.]91[.]68[.]21/lend/flesh[.]exe
hxxp://77[.]91[.]68[.]21/lend/test2[.]exe
hxxp://77[.]91[.]68[.]21/lend/pixelguy[.]exe
RedLine Stealer


URL
hxxp://101[.]99[.]93[.]85/external2dumpLinux/HttppacketServerProtectAsyncLocal[.]php
hxxp://79[.]174[.]94[.]220/videoPipecpuWindowsAsyncwordpressDatalife[.]php
hxxp://010532cm[.]nyashcrack[.]top/nyashsupport[.]php
hxxp://80[.]87[.]199[.]249/43protect4/9Httpprovider/to2WindowsProtect/Pollpipe/cpupublicPublic/generatorSqlExternalVideo/_Javascript2bigload/DleLinuxHttp/phpPrivateWpprotect/dleGeneratorBaselongpoll/external4Dump/3External/Processwordpress[.]php
hxxp://847702cm[.]nyashtech[.]top/PythonauthProtectUploads[.]php
hxxp://890113cm[.]nyashland[.]top/Pipejs_UpdateBaseTestTrack[.]php
hxxp://89[.]104[.]66[.]62/Temporary5/Request/PacketLongpollPoll/Providerexternal/CdnBigloadWordpress/ProtonUpdateDbVideo/7TestPipe/0/Poll/Protect/6Central3bigload/Downloads5/0imageExternalAsync/MultidatalifeSql/uploads5/Processor7processor/pythonBigloadlinux[.]php
hxxp://37[.]220[.]86[.]148/cpu/flower7/Cdnrequest_downloads/Geo/datalife7Packetuploads/Packet4linuxexternal/DatalifepipeDefault/1WindowsTo/process/universalPrivateHttp/EternalvideoSecureFlowerpublic[.]php
hxxp://718146m[.]dccrk[.]top/ExternalEternalSecureAuthGameapilinuxasynctest[.]php
hxxp://212[.]60[.]21[.]225/Linux0/Line3Processor/async3process/7bigload/Uploads/Generatorvideosql/flowerjavascriptProtonExternal/js9JavascriptWp/tempSecurelinux/Auth/1tempMariadb/1Traffic/6/Windows2Windows/eternalVideoCpuProcessAsyncpublictempCdntemporary[.]php
hxxp://882584cm[.]nyashtech[.]top/eternalrequestGeoBaseFlowerTrack[.]php
hxxp://185[.]106[.]94[.]86/basepollimage/3_/requestPacket2/TempDb/7Pipe2/temporaryPipe/ProviderVideolinephprequestprocessLinuxTrafficTemp[.]php
DCRat


URL
hxxp://79[.]137[.]203[.]12/auth/login
Meduza Stealer


URL
hxxp://couriercare[.]in/2/gate[.]php
Arkei Stealer


URL
hxxp://5[.]42[.]66[.]57/3886d2276f6914c4[.]php
hxxps://baitek-dz[.]com/readme[.]txt
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/nss3[.]dll
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/mozglue[.]dll
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/freebl3[.]dll
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/vcruntime140[.]dll
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/softokn3[.]dll
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/msvcp140[.]dll
hxxps://amotel[.]xyz/s[.]zip
hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/sqlite3[.]dll
hxxp://176[.]124[.]198[.]17/1da263bff25c8346[.]php
hxxp://185[.]172[.]128[.]53/syncUpd[.]exe
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/vcruntime140[.]dll
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/softokn3[.]dll
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/mozglue[.]dll
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/msvcp140[.]dll
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/freebl3[.]dll
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/nss3[.]dll
hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/sqlite3[.]dll
hxxp://185[.]172[.]128[.]79/3886d2276f6914c4[.]php
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/nss3[.]dll
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/vcruntime140[.]dll
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/msvcp140[.]dll
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/freebl3[.]dll
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/mozglue[.]dll
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/sqlite3[.]dll
hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/softokn3[.]dll
hxxp://77[.]105[.]132[.]216/56f47e918c5386bf[.]php
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/mozglue[.]dll
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/nss3[.]dll
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/msvcp140[.]dll
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/vcruntime140[.]dll
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/freebl3[.]dll
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/sqlite3[.]dll
hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/softokn3[.]dll
hxxp://5[.]42[.]66[.]0/288c47bbc187111b439df19ff4df68f076[.]exe
hxxp://77[.]91[.]124[.]172/files/lodir[.]exe
Stealc


URL
hxxp://45[.]227[.]253[.]62:33231/aX5n
Metasploit


URL
hxxp://45[.]95[.]147[.]236/download/redtail[.]arm8
hxxp://45[.]95[.]147[.]236/download/redtail[.]arm7
hxxp://45[.]95[.]147[.]236/download/redtail[.]x86_64
hxxp://45[.]95[.]147[.]236/download/redtail[.]i686
Coinminer


URL
hxxp://fvia[.]id[.]vn/bypass/bypass[.]bat
hxxps://fvia[.]id[.]vn/bypass/bypass[.]bat
hxxps://fvia[.]id[.]vn/update[.]exe
XWorm


URL
hxxp://loop[.]topteamlife[.]com/order/tuc7[.]exe
hxxp://lang[.]topteamlife[.]com/order/tuc4[.]exe
hxxp://zen[.]topteamlife[.]com/order/tuc5[.]exe
hxxps://zen[.]topteamlife[.]com/order/tuc6[.]exe
hxxps://lang[.]topteamlife[.]com/order/tuc6[.]exe
hxxps://zen[.]topteamlife[.]com/order/tuc7[.]exe
hxxps://lang[.]topteamlife[.]com/order/tuc5[.]exe
hxxps://lang[.]topteamlife[.]com/order/tuc3[.]exe
hxxps://zen[.]topteamlife[.]com/order/tuc2[.]exe
hxxps://zen[.]topteamlife[.]com/order/tuc3[.]exe
hxxps://still[.]topteamlife[.]com/order/tuc7[.]exe
hxxps://lang[.]topteamlife[.]com/order/tuc4[.]exe
hxxp://lang[.]topteamlife[.]com/order/tuc7[.]exe
hxxps://lang[.]topteamlife[.]com/order/tuc7[.]exe
hxxps://lang[.]topteamlife[.]com/order/tuc2[.]exe
hxxp://lang[.]topteamlife[.]com/order/tuc6[.]exe
hxxp://zen[.]topteamlife[.]com/order/tuc7[.]exe
hxxp://lang[.]topteamlife[.]com/order/tuc5[.]exe
hxxp://zen[.]topteamlife[.]com/order/tuc3[.]exe
hxxp://zen[.]topteamlife[.]com/order/tuc4[.]exe
hxxp://lang[.]topteamlife[.]com/order/tuc2[.]exe
hxxp://lang[.]topteamlife[.]com/order/tuc3[.]exe
hxxp://zen[.]topteamlife[.]com/order/tuc6[.]exe
hxxp://zen[.]topteamlife[.]com/order/tuc2[.]exe
hxxps://zen[.]topteamlife[.]com/order/tuc5[.]exe
hxxps://zen[.]topteamlife[.]com/order/tuc4[.]exe
hxxp://loop[.]topteamlife[.]com/order/tuc5[.]exe
hxxp://loop[.]topteamlife[.]com/order/tuc3[.]exe
hxxps://still[.]topteamlife[.]com/order/tuc2[.]exe
hxxp://still[.]topteamlife[.]com/order/tuc6[.]exe
hxxp://loop[.]topteamlife[.]com/order/tuc2[.]exe
hxxp://still[.]topteamlife[.]com/order/tuc7[.]exe
hxxp://still[.]topteamlife[.]com/order/tuc4[.]exe
hxxps://loop[.]topteamlife[.]com/order/tuc2[.]exe
hxxps://still[.]topteamlife[.]com/order/tuc6[.]exe
hxxps://loop[.]topteamlife[.]com/order/tuc4[.]exe
hxxps://loop[.]topteamlife[.]com/order/tuc3[.]exe
hxxps://still[.]topteamlife[.]com/order/tuc3[.]exe
hxxps://still[.]topteamlife[.]com/order/tuc5[.]exe
hxxp://loop[.]topteamlife[.]com/order/tuc6[.]exe
hxxps://loop[.]topteamlife[.]com/order/tuc7[.]exe
hxxps://still[.]topteamlife[.]com/order/tuc4[.]exe
hxxp://still[.]topteamlife[.]com/order/tuc2[.]exe
hxxp://still[.]topteamlife[.]com/order/tuc5[.]exe
hxxp://loop[.]topteamlife[.]com/order/tuc4[.]exe
hxxp://still[.]topteamlife[.]com/order/tuc3[.]exe
hxxps://loop[.]topteamlife[.]com/order/tuc5[.]exe
hxxps://loop[.]topteamlife[.]com/order/tuc6[.]exe
Socks5 Systemz


URL
hxxp://lahwgu64[.]top/gate[.]php
CryptBot


URL
hxxp://154[.]39[.]239[.]56/mm[.]txt
hxxp://154[.]91[.]227[.]10/mm[.]txt
hxxp://156[.]237[.]223[.]4:3668/xqbai[.]txt
Ghost RAT


URL
hxxp://88[.]151[.]192[.]77/sl97_2[.]exe
hxxp://88[.]151[.]192[.]77/382498393934ena-rr[.]exe
BazarBackdoor


URL
hxxp://45[.]15[.]156[.]2/HomepageReverse[.]exe
hxxp://45[.]15[.]156[.]2/settings[.]exe
hxxp://45[.]15[.]156[.]2/JourneyHotelscom[.]exe
hxxp://45[.]15[.]156[.]2/Wordcreator[.]exe
hxxp://45[.]15[.]156[.]2/WordExetions[.]exe
Rhadamanthys


URL
hxxp://dsoi[.]info/downloads/chrmeziIIa[.]exe
Crimson RAT


URL
hxxps://185[.]81[.]157[.]123/ddd[.]jpg
hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813622403665981/3CXVSRWR[.]exe
hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813635275989072/4FGREX[.]exe
hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813614254137415/2DSFVCXVCX[.]exe
hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813607220297849/1DSFEWRWE[.]exe
hxxps://api[.]telegram[.]org/bot6889241853:AAHAa8eUBd5h6tWRG0OvgDx7o1_LKQJi-y8/sendMessage?chat_id=6367688286
hxxps://payment-restriction[.]com/sol[.]jpg
AsyncRAT


URL
hxxp://45[.]61[.]169[.]3/1[.]txt
XOR DDoS


URL
hxxp://91[.]92[.]244[.]19/a101[.]apk
hxxp://91[.]92[.]244[.]19/bahislion[.]apk
hxxp://91[.]92[.]244[.]19/ready[.]apk
SpyNote


URL
hxxp://91[.]92[.]254[.]223/sweet[.]exe
Formbook


URL
hxxp://91[.]92[.]254[.]223/A[.]exe
hxxps://api[.]telegram[.]org/bot6334555107:AAHjkXdGw4FaaaH1kHZyxe86XPdggmZYH1Y/
hxxps://discord[.]com/api/webhooks/1147528752235024505/bvxKImZLMnQuC-ci0Tz609LQqo2rPe9W_3bVe5pcfaLXBir04mA3_Qa31Qu5lZdGm1FZ
hxxp://91[.]92[.]253[.]253/ertyuilkuyt][.]exe
Agent Tesla


URL
hxxp://proekt8[.]ru/tmp/index[.]php
hxxp://mth[.]com[.]ua/tmp/index[.]php
hxxp://gxutc2c[.]com/tmp/index[.]php
SmokeLoader


URL
hxxps://github[.]com/sdtam2/Game-Vone-Dll-Injector-Vanguard-Eac-Be/raw/main/Injector/injector%20Resou%E2%80%AEnls[.][.]scr
hxxps://github[.]com/Remixson2/DEPSHOP-Rust-Spoofer-Eac-Be-Vanguard-Hwid-Changer/raw/main/Hwid%20Spoofer%20RUST/Hwid%20Spoofer%20Resou%E2%80%AEnls[.][.]scr
hxxps://github[.]com/Sharukamasak/DLL-Injector-EAC-BAC-Vanguard/raw/main/injector/injector%20resou%E2%80%AEnls[.][.]scr
hxxps://github[.]com/Lastikosta/ElusiveCheats-Temporary-Hwid-Spoofer-Eac-Be-More/raw/main/HWID%20Evasion/HWID%20Evasion%20Resou%E2%80%AEnls[.][.]scr
hxxps://github[.]com/WarTimes/SpectrumForce-Injector-Dll-Eac-Vanguard/raw/main/SpectrumForceInjector/DLL%20Injector%20Resou%E2%80%AEnls[.][.]scr
zgRAT


URL
hxxps://cdn[.]discordapp[.]com/attachments/1190731109747675166/1190731142337417387/8HDFED[.]exe
IRATA


URL
hxxps://cdn[.]discordapp[.]com/attachments/1191725317891555423/1192052099584888934/FLOAT_LIQUIDITY_REPORT_-_December_MTD[.]xlsx[.]js
Vjw0rm


URL
hxxps://pasteio[.]com/raw/xF3ztkmovH5a
hxxps://pasteio[.]com/raw/xwzJVx2tzVzH
Remcos


URL
hxxp://91[.]92[.]241[.]168/batushka/twointe
GCleaner




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://23[.]88[.]35[.]65/i686 hxxp://176[.]105[.]227[.]244/gummy[.]arm7 hxxp://176[.]105[.]227[.]244/gummy[.]sparc hxxp://176[.]105[.]227[.]244/gummy[.]sh4 hxxp://176[.]105[.]227[.]244/gummy[.]arm4 hxxp://176[.]105[.]227[.]244/gummy[.]x86 hxxp://176[.]105[.]227[.]244/gummy[.]arm5 hxxp://176[.]105[.]227[.]244/gummy[.]mipsel hxxp://176[.]105[.]227[.]244/gummy[.]arm6 hxxp://176[.]105[.]227[.]244/gummy[.]m68k hxxp://176[.]105[.]227[.]244/gummy[.]i686 hxxp://176[.]105[.]227[.]244/gummy[.]i586 hxxp://23[.]88[.]35[.]65/armv5l hxxp://23[.]88[.]35[.]65/sh4 hxxp://23[.]88[.]35[.]65/i586 hxxp://23[.]88[.]35[.]65/mipsel hxxp://23[.]88[.]35[.]65/armv4l hxxp://23[.]88[.]35[.]65/sparc hxxp://23[.]88[.]35[.]65/powerpc hxxp://23[.]88[.]35[.]65/mips hxxp://23[.]88[.]35[.]65/armv6l hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]mpsl hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]ppc hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]sparc hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]arm7 hxxp://93[.]123[.]85[.]79/fuckjewishpeople[.]x86 hxxp://45[.]95[.]147[.]172/skid[.]arm5 hxxp://45[.]95[.]147[.]172/skid[.]arm6 hxxp://91[.]92[.]246[.]170/skid[.]sh4 hxxp://91[.]92[.]246[.]170/skid[.]arm7 hxxps://mnoger[.]cf/fuckjewishpeople[.]sparc hxxps://mnoger[.]cf/fuckjewishpeople[.]ppc hxxps://mnoger[.]cf/fuckjewishpeople[.]mpsl hxxps://mnoger[.]cf/mnoger[.]sh hxxps://mnoger[.]cf/fuckjewishpeople[.]arm7 hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]sparc hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]mpsl hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]arm7 hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]ppc hxxp://213[.]255[.]246[.]81/fuckjewishpeople[.]x86	Bashlite
URL	hxxp://193[.]25[.]214[.]212/YviVdglqtT239[.]bin hxxp://193[.]25[.]214[.]212/EpLYgGfP242[.]bin hxxps://cdn[.]discordapp[.]com/attachments/707209984655753268/1189673489662218240/Scanned_Documents_export-039383-Tiltrkn[.]vbs hxxp://193[.]25[.]214[.]212/zEnot127[.]bin hxxp://146[.]70[.]79[.]52/SbkCcrP134[.]bin hxxp://85[.]209[.]176[.]46/jgzllCMhMzQzlIFwN152[.]bin	CloudEyE
URL	hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/ColourDamo[.]zip hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/grwas[.]exe hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/new/HDMR1[.]zip hxxps://fastactionmedicalbilling[.]com/wp-content/uploads/dra/new/freas[.]exe	NetSupportManager RAT
URL	hxxps://www[.]bakirkoynakliyat[.]gen[.]tr/temp/Klassikas[.]exe hxxps://falsifydisappearsoaeka[.]pw/api hxxps://politefrightenpowoa[.]pw/api hxxps://recessionconceptjetwe[.]pw/api hxxps://fitnescivilianquesw[.]pw/api hxxps://playerweighmailydailew[.]pw/api hxxps://opposesicknessopw[.]pw/api hxxps://carstirgapcheatdeposwte[.]pw/api hxxps://blastechohackopeower[.]pw/api hxxps://representrecyclere[.]pw/api hxxps://reviveincapablewew[.]pw/api hxxps://mountainlegislaturel[.]pw/api hxxps://insertrichdedicatewa[.]pw/api hxxp://91[.]92[.]242[.]146/files/MIXTWO[.]file hxxp://91[.]92[.]242[.]34/files/MIXTWO[.]file	Lumma Stealer
URL	hxxps://ruuuajajs122[.]ru/ZjQ5NDRmZmVlNDI4/ hxxps://ccuaayay2[.]com/ZjQ5NDRmZmVlNDI4/ hxxps://essmeel1ccc[.]ru/ZjQ5NDRmZmVlNDI4/ hxxps://194[.]33[.]191[.]34/ZjQ5NDRmZmVlNDI4/ hxxps://babawwe2aa[.]com/ZjQ5NDRmZmVlNDI4/ hxxps://pasaoglu48abc[.]ru/OGY2YWU5OTM4OTQ3/ hxxps://bapasagkk33[.]ru/OGY2YWU5OTM4OTQ3/ hxxps://potasus000[.]top/ZTZkNTJjNTkwYzk3/ hxxps://85[.]209[.]176[.]160/sbffpth/ hxxps://85[.]209[.]176[.]190/sbffpth/ hxxps://alinmamisd0main1[.]net/sbffpth/ hxxps://alinmamisd0main2[.]net/sbffpth/ hxxps://kinonlisplazmaoplayor[.]net/Ct93YnSiPAKlQbK2/ hxxps://kinonlisplazmaoplayor[.]com/Ct93YnSiPAKlQbK2/ hxxps://kinonlisplazmaoplayor[.]xyz/Ct93YnSiPAKlQbK2/ hxxps://kinonlisplazmaoplayor[.]site/Ct93YnSiPAKlQbK2/ hxxps://83[.]97[.]73[.]246/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies[.]net/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies[.]com/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies[.]xyz/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies9[.]com/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies9[.]xyz/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies9[.]net/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies10[.]net/YjI0ZTQxMWI2ZjMw/ hxxps://hppynweyreadaddies10[.]xyz/YjI0ZTQxMWI2ZjMw/ hxxps://62[.]233[.]50[.]113/Ct93YnSiPAKlQbK2/	Coper
URL	hxxps://proexbit[.]com/cdn-vs/get[.]php hxxps://proexbit[.]com/cache/news[.]php?3144 hxxps://proexbit[.]com/qzwewmrqqgqnaww[.]php hxxps://xrhs[.]scheme[.]corycabana[.]net/editContent hxxps://dxe[.]scheme[.]corycabana[.]net/editContent hxxps://ratingsentry[.]com/cdn-vs/get[.]php hxxps://wxnxm[.]scheme[.]corycabana[.]net/editContent hxxps://ratingsentry[.]com/cache/qzwewmrqqgqnaww[.]php hxxps://hdiw[.]scheme[.]corycabana[.]net/editContent hxxps://gko[.]scheme[.]corycabana[.]net/editContent hxxps://bosur[.]sync[.]oystergardens[.]club/editContent hxxps://ntg[.]scheme[.]corycabana[.]net/editContent hxxps://jsrb[.]scheme[.]corycabana[.]net/editContent hxxps://wvmnz[.]scheme[.]corycabana[.]net/editContent hxxps://jennifergalvin[.]com/cdn-vs/get[.]php hxxps://jennifergalvin[.]com/cache/qzwewmrqqgqnaww[.]php hxxps://jesusanaya[.]com/GetData[.]php hxxps://zbkn[.]settings[.]oysterfloats[.]org/editContent hxxps://nkfxt[.]scheme[.]corycabana[.]net/editContent hxxps://ciqcy[.]scheme[.]corycabana[.]net/editContent hxxps://kzu[.]settings[.]oysterfloats[.]org/editContent hxxps://kineticwing[.]com/cdn-vs/get[.]php hxxps://kineticwing[.]com/cache/qzwewmrqqgqnaww[.]php hxxps://cggq[.]scheme[.]corycabana[.]net/editContent hxxps://sfh[.]scheme[.]corycabana[.]net/editContent hxxps://her[.]scheme[.]corycabana[.]net/editContent	FAKEUPDATES
URL	hxxps://log-c9f407[.]biiibiiii[.]com/api/3 hxxp://107[.]151[.]244[.]121:4444/ga[.]js hxxp://107[.]151[.]244[.]121:4444/j[.]ad hxxps://119[.]91[.]145[.]178/www/handle/doc hxxps://172[.]203[.]164[.]86/safebrowsing/fp/VCSWOWebnWKE13PBNDSKUVEe8lHx54 hxxp://124[.]71[.]130[.]71/dot[.]gif hxxps://42[.]51[.]45[.]241/ca hxxp://154[.]204[.]60[.]179/__utm[.]gif hxxp://106[.]55[.]186[.]215:81/pixel[.]gif hxxps://124[.]223[.]189[.]175:6666/IE9CompatViewList[.]xml hxxps://116[.]205[.]161[.]207/cx hxxp://47[.]103[.]20[.]98:803/IE9CompatViewList[.]xml hxxp://91[.]149[.]236[.]82:60053/cx hxxp://m[.]dwb789[.]com:60053/cx hxxp://23[.]95[.]197[.]194/__utm[.]gif hxxp://47[.]120[.]50[.]234:57777/j[.]ad hxxp://43[.]138[.]41[.]32:7000/push hxxp://82[.]157[.]153[.]184:61124/cm hxxps://110[.]42[.]213[.]232/load hxxps://80[.]66[.]75[.]53/functionalStatus/MwKRu-HyToYcqt-hF63baudHjRkwrqBGPdF hxxps://111[.]229[.]187[.]212/cm hxxp://47[.]109[.]104[.]24/jquery-3[.]3[.]1[.]min[.]js hxxp://110[.]42[.]214[.]238:5555/pixel[.]gif hxxp://110[.]42[.]214[.]238:55555/cx hxxps://rhcsa[.]linux-shared-pkgs[.]de/en_US/all[.]js hxxps://rhcsa[.]linux-shared-pkgs[.]de/j[.]ad hxxps://91[.]92[.]245[.]54/compare/v1[.]44/VXK7P0GBE8 hxxp://45[.]207[.]47[.]21:10011/g[.]pixel hxxp://45[.]207[.]47[.]21:10011/ptj hxxp://103[.]143[.]248[.]179/ga[.]js hxxp://103[.]143[.]248[.]179:81/j[.]ad hxxp://47[.]108[.]137[.]190:50050/g[.]pixel hxxp://103[.]36[.]196[.]60:1233/dpixel hxxp://118[.]31[.]114[.]23/updates[.]rss hxxp://79[.]124[.]40[.]106:82/ptj hxxp://79[.]124[.]40[.]106:81/j[.]ad hxxps://58[.]218[.]215[.]156/jquery-3[.]3[.]1[.]min[.]js hxxps://124[.]238[.]243[.]239/jquery-3[.]3[.]1[.]min[.]js hxxps://58[.]218[.]215[.]148/jquery-3[.]3[.]1[.]min[.]js hxxps://140[.]207[.]247[.]233/jquery-3[.]3[.]1[.]min[.]js hxxps://117[.]135[.]134[.]82/jquery-3[.]3[.]1[.]min[.]js hxxps://124[.]238[.]243[.]237/jquery-3[.]3[.]1[.]min[.]js hxxps://220[.]181[.]164[.]253/jquery-3[.]3[.]1[.]min[.]js hxxps://list[.]xcb[.]one/visit[.]js hxxps://188[.]116[.]22[.]196/IE9CompatViewList[.]xml hxxps://47[.]100[.]99[.]191/c/msdownload/update/others/2023/12/21/update-2f2gfio2fj208fugi3g3[.]cab hxxp://121[.]41[.]0[.]213:4444/ptj hxxps://bac[.]acs551[.]top/pixel[.]gif hxxps://bac[.]acs551[.]top/g[.]pixel hxxps://152[.]136[.]55[.]237/jquery-3[.]3[.]1[.]min[.]js hxxp://213[.]252[.]246[.]175:24413/ptj hxxp://216[.]128[.]149[.]75/push hxxp://213[.]252[.]246[.]175:24413/cm hxxp://45[.]134[.]225[.]243:54141/dot[.]gif hxxp://45[.]134[.]225[.]243:54141/dpixel hxxp://45[.]134[.]225[.]243:48520/g[.]pixel hxxp://45[.]134[.]225[.]243:48520/ca hxxp://140[.]83[.]59[.]220:802/pixel[.]gif hxxp://140[.]83[.]59[.]220:802/load hxxp://149[.]88[.]66[.]173:2788/push hxxp://149[.]88[.]66[.]173:2788/ca hxxp://114[.]115[.]220[.]199:7711/visit[.]js hxxp://114[.]115[.]220[.]199:7711/pixel hxxp://106[.]14[.]83[.]3/en_US/all[.]js hxxp://194[.]87[.]218[.]132/dpixel hxxps://www[.]yingmala[.]top/push hxxps://www[.]yingmala[.]top/visit[.]js hxxp://updates[.]adobe-soft[.]net:8000/visit[.]js hxxp://updates[.]adobe-soft[.]net:8000/cm hxxps://23[.]105[.]214[.]104/en_US/all[.]js hxxps://20[.]196[.]198[.]116:53/Level/printenv/D2UDLM17 hxxps://cs[.]xcb[.]one:53/Level/printenv/D2UDLM17 hxxps://47[.]100[.]249[.]61:57800/cm hxxps://47[.]100[.]249[.]61:57800/load hxxp://154[.]204[.]60[.]179:81/updates[.]rss hxxp://154[.]204[.]60[.]179:81/ca hxxps://139[.]180[.]191[.]240/download/20/ZO2XY7A4BOWU hxxps://lagrcloud[.]link/ga[.]js hxxps://js[.]msedgeupdate[.]com/cm hxxps://api[.]taipowers[.]com/login[.]gif hxxps://api[.]taipowers[.]com/code[.]gif hxxps://api[.]upgrad3[.]cc/ca hxxps://ccs[.]zz9[.]mom/en_US/all[.]js hxxps://ccs[.]zz9[.]mom/ca hxxps://epsonupdate[.]uk/activity hxxps://cdn-014[.]epsonupdate[.]uk/en_US/all[.]js hxxps://101[.]43[.]165[.]220/fwlink hxxp://59[.]110[.]172[.]50/j[.]ad hxxps://101[.]43[.]165[.]220/j[.]ad hxxp://142[.]171[.]42[.]174:7890/g[.]pixel hxxps://103[.]199[.]16[.]143:3443/dpixel hxxps://103[.]199[.]16[.]143:3443/ptj hxxp://124[.]71[.]184[.]133/ca hxxp://124[.]71[.]184[.]133/visit[.]js hxxp://91[.]92[.]254[.]204:772/cx hxxp://8[.]138[.]104[.]161:88/load hxxp://91[.]92[.]254[.]204:772/IE9CompatViewList[.]xml hxxp://8[.]138[.]104[.]161:88/g[.]pixel hxxp://124[.]221[.]171[.]136:4445/fwlink hxxps://107[.]148[.]49[.]58/g[.]pixel hxxp://124[.]221[.]171[.]136:4445/visit[.]js hxxps://107[.]148[.]49[.]58/en_US/all[.]js hxxps://146[.]70[.]87[.]134:8443/j[.]ad hxxps://146[.]70[.]87[.]134:8443/load hxxp://116[.]198[.]46[.]64:6666/IE9CompatViewList[.]xml hxxp://163[.]5[.]169[.]2/dot[.]gif hxxp://137[.]175[.]19[.]153:8088/pixel hxxp://202[.]103[.]198[.]67:8080/info__testge hxxp://117[.]72[.]36[.]189:6666/dot[.]gif hxxp://101[.]43[.]49[.]244:808/ca hxxp://122[.]51[.]68[.]179/cm hxxps://cs[.]xcb[.]one/jquery-3[.]3[.]1[.]min[.]js hxxps://20[.]196[.]198[.]116/jquery-3[.]3[.]1[.]min[.]js hxxps://167[.]172[.]86[.]60/Level/aol/5PN095PYE hxxp://43[.]139[.]235[.]226:8089/match hxxp://103[.]143[.]248[.]179:81/updates[.]rss hxxp://103[.]143[.]248[.]179/fwlink hxxp://47[.]108[.]175[.]149:8888/IE9CompatViewList[.]xml hxxp://47[.]108[.]175[.]149/ca hxxps://43[.]138[.]72[.]70:4431/push hxxps://124[.]71[.]165[.]5:18433/cm hxxps://35[.]240[.]254[.]70:9443/jquery-3[.]3[.]1[.]min[.]js hxxps://43[.]138[.]72[.]70:8012/updates[.]rss hxxps://124[.]71[.]165[.]5:18433/load hxxps://43[.]138[.]72[.]70:8012/match hxxps://91[.]92[.]254[.]115:2001/IE9CompatViewList[.]xml hxxps://91[.]92[.]254[.]115:2001/cm hxxps://152[.]70[.]80[.]120/pixel[.]gif hxxps://152[.]70[.]80[.]120/g[.]pixel hxxp://149[.]88[.]75[.]218:8077/match hxxp://149[.]88[.]75[.]218:8077/pixel hxxps://43[.]138[.]72[.]70:4431/ga[.]js hxxps://192[.]3[.]255[.]42:8443/jquery-3[.]3[.]1[.]min[.]js hxxps://101[.]35[.]141[.]80:8443/cx hxxps://101[.]35[.]141[.]80:8443/dpixel hxxps://107[.]148[.]163[.]83:4430/g[.]pixel hxxps://107[.]148[.]163[.]83:4430/match hxxps://vilscloud[.]link/g[.]pixel hxxps://vilscloud[.]link/match hxxps://js[.]yalafix[.]com/checkin hxxps://3se9ewodke339f0e83[.]connectivitytests[.]com/dot[.]gif hxxps://3se9ewodke339f0e83[.]connectivitytests[.]com/IE9CompatViewList[.]xml hxxps://www[.]goodljlagfhssss[.]live/owa/ hxxps://45[.]14[.]66[.]194/j[.]ad hxxp://103[.]143[.]248[.]179/g[.]pixel hxxp://120[.]46[.]132[.]197/ptj hxxps://lindacolor[.]com/Test/v3[.]56/NJ4PFEOSIGF hxxp://38[.]181[.]2[.]11/pixel hxxp://124[.]71[.]205[.]116:802/dot[.]gif hxxp://septcntr[.]com:81/annotate/project/48Q040IJC hxxps://septcntr[.]com:444/annotate/project/48Q040IJC hxxps://erihudeg[.]com:444/Validate/Account/KDIKPCOYWU hxxps://erihudeg[.]com:8081/Validate/Account/KDIKPCOYWU hxxps://conectmeto[.]net:444/reactivate/robotics/6JMNBRXRQKFK hxxps://lindacolor[.]com:444/Test/v3[.]56/NJ4PFEOSIGF hxxps://lindacolor[.]com:8081/Test/v3[.]56/NJ4PFEOSIGF hxxp://124[.]223[.]6[.]67:9000/load hxxp://45[.]93[.]20[.]242/match hxxp://147[.]78[.]47[.]183:81/ca hxxp://198[.]44[.]166[.]213:2222/IE9CompatViewList[.]xml hxxp://local[.]navybd-gov[.]info/jquery-3[.]3[.]1[.]min[.]js hxxp://148[.]135[.]67[.]47:8081/www/handle/doc hxxp://116[.]205[.]161[.]207/ga[.]js hxxp://124[.]220[.]224[.]87:9090/push hxxp://150[.]158[.]139[.]244:7788/ca hxxp://1[.]15[.]189[.]30/cx hxxp://47[.]90[.]247[.]182/visit[.]js hxxp://147[.]78[.]47[.]183:82/updates[.]rss hxxp://101[.]37[.]14[.]112:8989/cm hxxps://106[.]54[.]209[.]36/pixel[.]gif hxxp://88[.]214[.]27[.]53:8000/en_US/all[.]js hxxp://39[.]105[.]31[.]188/push hxxp://110[.]42[.]213[.]232/j[.]ad hxxp://43[.]153[.]206[.]194:1111/g[.]pixel hxxp://47[.]236[.]19[.]63:8989/updates[.]rss hxxp://110[.]42[.]213[.]232:6666/dpixel hxxp://service-pgxnje5g-1307231181[.]gz[.]tencentapigw[.]com:9999/visit[.]js hxxp://47[.]116[.]17[.]169:5001/push hxxp://chaojimanyi[.]com/pixel hxxp://111[.]231[.]22[.]61/push hxxps://39[.]100[.]128[.]2/split/d/7473220OP hxxps://120[.]48[.]58[.]156/ga[.]js hxxp://79[.]124[.]40[.]106:81/push hxxp://79[.]124[.]40[.]106:82/en_US/all[.]js hxxp://45[.]155[.]249[.]164/DoFor/v7[.]66/LKCFCEUYZ8J3 hxxp://110[.]42[.]213[.]232:6666/cm hxxp://47[.]108[.]137[.]190:50050/push hxxp://118[.]31[.]114[.]23/en_US/all[.]js hxxp://47[.]90[.]247[.]182/dot[.]gif hxxp://124[.]71[.]222[.]33:8088/ptj hxxp://124[.]71[.]46[.]93:8080/pixel hxxp://43[.]136[.]218[.]157:5555/__utm[.]gif hxxp://43[.]136[.]218[.]157:4444/g[.]pixel hxxps://service-18c6z8nb-1303896379[.]sh[.]tencentapigw[.]cn/api/x hxxps://120[.]76[.]174[.]208/Del/lockout/Q56SZ0MJI3 hxxps://101[.]132[.]148[.]46/Del/lockout/Q56SZ0MJI3 hxxps://47[.]93[.]222[.]32/Del/lockout/Q56SZ0MJI3 hxxp://170[.]130[.]55[.]84/jquery-3[.]3[.]1[.]min[.]js hxxps://94[.]74[.]105[.]131:8888/metro91/admin/1/ppptp[.]jpg hxxp://114[.]115[.]210[.]125:8880/IE9CompatViewList[.]xml hxxp://154[.]3[.]2[.]253/dpixel hxxp://39[.]105[.]4[.]90/g[.]pixel hxxp://43[.]139[.]74[.]167/dpixel hxxp://206[.]119[.]171[.]125/__utm[.]gif hxxp://23[.]26[.]147[.]185/en_US/all[.]js hxxp://47[.]93[.]216[.]2:8055/__utm[.]gif hxxp://23[.]95[.]197[.]194/activity hxxps://101[.]43[.]58[.]176/pixel[.]gif	Cobalt Strike
URL	hxxp://cbinr[.]com/forum/Login[.]php hxxp://5[.]42[.]66[.]0/newbuild[.]exe hxxp://109[.]107[.]182[.]3/love/bongo[.]exe	Amadey
URL	hxxps://cdn[.]discordapp[.]com/attachments/1189435373085020294/1189835445194997781/28-12-2023-SIPARISLER[.]PDF[.]jar	AdWind
URL	hxxp://80[.]66[.]89[.]157/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://80[.]66[.]89[.]157/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://213[.]248[.]43[.]100/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://213[.]248[.]43[.]100/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://80[.]66[.]89[.]68/loader/screen/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://80[.]66[.]89[.]68/task/OWYsN2YsN2YsYTAsOWUsODYsOGMsOTYsNjQsN2Ms hxxp://109[.]107[.]182[.]3/test/valid[.]exe hxxp://77[.]91[.]68[.]21/lend/flesh[.]exe hxxp://77[.]91[.]68[.]21/lend/test2[.]exe hxxp://77[.]91[.]68[.]21/lend/pixelguy[.]exe	RedLine Stealer
URL	hxxp://101[.]99[.]93[.]85/external2dumpLinux/HttppacketServerProtectAsyncLocal[.]php hxxp://79[.]174[.]94[.]220/videoPipecpuWindowsAsyncwordpressDatalife[.]php hxxp://010532cm[.]nyashcrack[.]top/nyashsupport[.]php hxxp://80[.]87[.]199[.]249/43protect4/9Httpprovider/to2WindowsProtect/Pollpipe/cpupublicPublic/generatorSqlExternalVideo/_Javascript2bigload/DleLinuxHttp/phpPrivateWpprotect/dleGeneratorBaselongpoll/external4Dump/3External/Processwordpress[.]php hxxp://847702cm[.]nyashtech[.]top/PythonauthProtectUploads[.]php hxxp://890113cm[.]nyashland[.]top/Pipejs_UpdateBaseTestTrack[.]php hxxp://89[.]104[.]66[.]62/Temporary5/Request/PacketLongpollPoll/Providerexternal/CdnBigloadWordpress/ProtonUpdateDbVideo/7TestPipe/0/Poll/Protect/6Central3bigload/Downloads5/0imageExternalAsync/MultidatalifeSql/uploads5/Processor7processor/pythonBigloadlinux[.]php hxxp://37[.]220[.]86[.]148/cpu/flower7/Cdnrequest_downloads/Geo/datalife7Packetuploads/Packet4linuxexternal/DatalifepipeDefault/1WindowsTo/process/universalPrivateHttp/EternalvideoSecureFlowerpublic[.]php hxxp://718146m[.]dccrk[.]top/ExternalEternalSecureAuthGameapilinuxasynctest[.]php hxxp://212[.]60[.]21[.]225/Linux0/Line3Processor/async3process/7bigload/Uploads/Generatorvideosql/flowerjavascriptProtonExternal/js9JavascriptWp/tempSecurelinux/Auth/1tempMariadb/1Traffic/6/Windows2Windows/eternalVideoCpuProcessAsyncpublictempCdntemporary[.]php hxxp://882584cm[.]nyashtech[.]top/eternalrequestGeoBaseFlowerTrack[.]php hxxp://185[.]106[.]94[.]86/basepollimage/3_/requestPacket2/TempDb/7Pipe2/temporaryPipe/ProviderVideolinephprequestprocessLinuxTrafficTemp[.]php	DCRat
URL	hxxp://79[.]137[.]203[.]12/auth/login	Meduza Stealer
URL	hxxp://couriercare[.]in/2/gate[.]php	Arkei Stealer
URL	hxxp://5[.]42[.]66[.]57/3886d2276f6914c4[.]php hxxps://baitek-dz[.]com/readme[.]txt hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/nss3[.]dll hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/mozglue[.]dll hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/freebl3[.]dll hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/vcruntime140[.]dll hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/softokn3[.]dll hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/msvcp140[.]dll hxxps://amotel[.]xyz/s[.]zip hxxp://176[.]124[.]198[.]17/e9a594e54a3d4ced/sqlite3[.]dll hxxp://176[.]124[.]198[.]17/1da263bff25c8346[.]php hxxp://185[.]172[.]128[.]53/syncUpd[.]exe hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/vcruntime140[.]dll hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/softokn3[.]dll hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/mozglue[.]dll hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/msvcp140[.]dll hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/freebl3[.]dll hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/nss3[.]dll hxxp://5[.]42[.]66[.]57/f059ec3d7eb90876/sqlite3[.]dll hxxp://185[.]172[.]128[.]79/3886d2276f6914c4[.]php hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/nss3[.]dll hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/vcruntime140[.]dll hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/msvcp140[.]dll hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/freebl3[.]dll hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/mozglue[.]dll hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/sqlite3[.]dll hxxp://185[.]172[.]128[.]79/f059ec3d7eb90876/softokn3[.]dll hxxp://77[.]105[.]132[.]216/56f47e918c5386bf[.]php hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/mozglue[.]dll hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/nss3[.]dll hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/msvcp140[.]dll hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/vcruntime140[.]dll hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/freebl3[.]dll hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/sqlite3[.]dll hxxp://77[.]105[.]132[.]216/6bd88e242500a40e/softokn3[.]dll hxxp://5[.]42[.]66[.]0/288c47bbc187111b439df19ff4df68f076[.]exe hxxp://77[.]91[.]124[.]172/files/lodir[.]exe	Stealc
URL	hxxp://45[.]227[.]253[.]62:33231/aX5n	Metasploit
URL	hxxp://45[.]95[.]147[.]236/download/redtail[.]arm8 hxxp://45[.]95[.]147[.]236/download/redtail[.]arm7 hxxp://45[.]95[.]147[.]236/download/redtail[.]x86_64 hxxp://45[.]95[.]147[.]236/download/redtail[.]i686	Coinminer
URL	hxxp://fvia[.]id[.]vn/bypass/bypass[.]bat hxxps://fvia[.]id[.]vn/bypass/bypass[.]bat hxxps://fvia[.]id[.]vn/update[.]exe	XWorm
URL	hxxp://loop[.]topteamlife[.]com/order/tuc7[.]exe hxxp://lang[.]topteamlife[.]com/order/tuc4[.]exe hxxp://zen[.]topteamlife[.]com/order/tuc5[.]exe hxxps://zen[.]topteamlife[.]com/order/tuc6[.]exe hxxps://lang[.]topteamlife[.]com/order/tuc6[.]exe hxxps://zen[.]topteamlife[.]com/order/tuc7[.]exe hxxps://lang[.]topteamlife[.]com/order/tuc5[.]exe hxxps://lang[.]topteamlife[.]com/order/tuc3[.]exe hxxps://zen[.]topteamlife[.]com/order/tuc2[.]exe hxxps://zen[.]topteamlife[.]com/order/tuc3[.]exe hxxps://still[.]topteamlife[.]com/order/tuc7[.]exe hxxps://lang[.]topteamlife[.]com/order/tuc4[.]exe hxxp://lang[.]topteamlife[.]com/order/tuc7[.]exe hxxps://lang[.]topteamlife[.]com/order/tuc7[.]exe hxxps://lang[.]topteamlife[.]com/order/tuc2[.]exe hxxp://lang[.]topteamlife[.]com/order/tuc6[.]exe hxxp://zen[.]topteamlife[.]com/order/tuc7[.]exe hxxp://lang[.]topteamlife[.]com/order/tuc5[.]exe hxxp://zen[.]topteamlife[.]com/order/tuc3[.]exe hxxp://zen[.]topteamlife[.]com/order/tuc4[.]exe hxxp://lang[.]topteamlife[.]com/order/tuc2[.]exe hxxp://lang[.]topteamlife[.]com/order/tuc3[.]exe hxxp://zen[.]topteamlife[.]com/order/tuc6[.]exe hxxp://zen[.]topteamlife[.]com/order/tuc2[.]exe hxxps://zen[.]topteamlife[.]com/order/tuc5[.]exe hxxps://zen[.]topteamlife[.]com/order/tuc4[.]exe hxxp://loop[.]topteamlife[.]com/order/tuc5[.]exe hxxp://loop[.]topteamlife[.]com/order/tuc3[.]exe hxxps://still[.]topteamlife[.]com/order/tuc2[.]exe hxxp://still[.]topteamlife[.]com/order/tuc6[.]exe hxxp://loop[.]topteamlife[.]com/order/tuc2[.]exe hxxp://still[.]topteamlife[.]com/order/tuc7[.]exe hxxp://still[.]topteamlife[.]com/order/tuc4[.]exe hxxps://loop[.]topteamlife[.]com/order/tuc2[.]exe hxxps://still[.]topteamlife[.]com/order/tuc6[.]exe hxxps://loop[.]topteamlife[.]com/order/tuc4[.]exe hxxps://loop[.]topteamlife[.]com/order/tuc3[.]exe hxxps://still[.]topteamlife[.]com/order/tuc3[.]exe hxxps://still[.]topteamlife[.]com/order/tuc5[.]exe hxxp://loop[.]topteamlife[.]com/order/tuc6[.]exe hxxps://loop[.]topteamlife[.]com/order/tuc7[.]exe hxxps://still[.]topteamlife[.]com/order/tuc4[.]exe hxxp://still[.]topteamlife[.]com/order/tuc2[.]exe hxxp://still[.]topteamlife[.]com/order/tuc5[.]exe hxxp://loop[.]topteamlife[.]com/order/tuc4[.]exe hxxp://still[.]topteamlife[.]com/order/tuc3[.]exe hxxps://loop[.]topteamlife[.]com/order/tuc5[.]exe hxxps://loop[.]topteamlife[.]com/order/tuc6[.]exe	Socks5 Systemz
URL	hxxp://lahwgu64[.]top/gate[.]php	CryptBot
URL	hxxp://154[.]39[.]239[.]56/mm[.]txt hxxp://154[.]91[.]227[.]10/mm[.]txt hxxp://156[.]237[.]223[.]4:3668/xqbai[.]txt	Ghost RAT
URL	hxxp://88[.]151[.]192[.]77/sl97_2[.]exe hxxp://88[.]151[.]192[.]77/382498393934ena-rr[.]exe	BazarBackdoor
URL	hxxp://45[.]15[.]156[.]2/HomepageReverse[.]exe hxxp://45[.]15[.]156[.]2/settings[.]exe hxxp://45[.]15[.]156[.]2/JourneyHotelscom[.]exe hxxp://45[.]15[.]156[.]2/Wordcreator[.]exe hxxp://45[.]15[.]156[.]2/WordExetions[.]exe	Rhadamanthys
URL	hxxp://dsoi[.]info/downloads/chrmeziIIa[.]exe	Crimson RAT
URL	hxxps://185[.]81[.]157[.]123/ddd[.]jpg hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813622403665981/3CXVSRWR[.]exe hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813635275989072/4FGREX[.]exe hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813614254137415/2DSFVCXVCX[.]exe hxxps://cdn[.]discordapp[.]com/attachments/1188808971440627732/1188813607220297849/1DSFEWRWE[.]exe hxxps://api[.]telegram[.]org/bot6889241853:AAHAa8eUBd5h6tWRG0OvgDx7o1_LKQJi-y8/sendMessage?chat_id=6367688286 hxxps://payment-restriction[.]com/sol[.]jpg	AsyncRAT
URL	hxxp://45[.]61[.]169[.]3/1[.]txt	XOR DDoS
URL	hxxp://91[.]92[.]244[.]19/a101[.]apk hxxp://91[.]92[.]244[.]19/bahislion[.]apk hxxp://91[.]92[.]244[.]19/ready[.]apk	SpyNote
URL	hxxp://91[.]92[.]254[.]223/sweet[.]exe	Formbook
URL	hxxp://91[.]92[.]254[.]223/A[.]exe hxxps://api[.]telegram[.]org/bot6334555107:AAHjkXdGw4FaaaH1kHZyxe86XPdggmZYH1Y/ hxxps://discord[.]com/api/webhooks/1147528752235024505/bvxKImZLMnQuC-ci0Tz609LQqo2rPe9W_3bVe5pcfaLXBir04mA3_Qa31Qu5lZdGm1FZ hxxp://91[.]92[.]253[.]253/ertyuilkuyt][.]exe	Agent Tesla
URL	hxxp://proekt8[.]ru/tmp/index[.]php hxxp://mth[.]com[.]ua/tmp/index[.]php hxxp://gxutc2c[.]com/tmp/index[.]php	SmokeLoader
URL	hxxps://github[.]com/sdtam2/Game-Vone-Dll-Injector-Vanguard-Eac-Be/raw/main/Injector/injector%20Resou%E2%80%AEnls[.][.]scr hxxps://github[.]com/Remixson2/DEPSHOP-Rust-Spoofer-Eac-Be-Vanguard-Hwid-Changer/raw/main/Hwid%20Spoofer%20RUST/Hwid%20Spoofer%20Resou%E2%80%AEnls[.][.]scr hxxps://github[.]com/Sharukamasak/DLL-Injector-EAC-BAC-Vanguard/raw/main/injector/injector%20resou%E2%80%AEnls[.][.]scr hxxps://github[.]com/Lastikosta/ElusiveCheats-Temporary-Hwid-Spoofer-Eac-Be-More/raw/main/HWID%20Evasion/HWID%20Evasion%20Resou%E2%80%AEnls[.][.]scr hxxps://github[.]com/WarTimes/SpectrumForce-Injector-Dll-Eac-Vanguard/raw/main/SpectrumForceInjector/DLL%20Injector%20Resou%E2%80%AEnls[.][.]scr	zgRAT
URL	hxxps://cdn[.]discordapp[.]com/attachments/1190731109747675166/1190731142337417387/8HDFED[.]exe	IRATA
URL	hxxps://cdn[.]discordapp[.]com/attachments/1191725317891555423/1192052099584888934/FLOAT_LIQUIDITY_REPORT_-_December_MTD[.]xlsx[.]js	Vjw0rm
URL	hxxps://pasteio[.]com/raw/xF3ztkmovH5a hxxps://pasteio[.]com/raw/xwzJVx2tzVzH	Remcos
URL	hxxp://91[.]92[.]241[.]168/batushka/twointe	GCleaner

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております