D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2025/03/27
※2025/03/27 更新
マルウェア感染させると考えられるURLを検知（2025/03/27）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://92[.]255[.]85[.]2/cmd[.]bat
hxxp://92[.]255[.]57[.]221/0p[.]exe
hxxp://92[.]255[.]85[.]2/Fox[.]exe
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/PhotoshopSetup[.]exe
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/system[.]exe
hxxps://bitbucket[.]org/xeno-executor-/malumn-meno-au/downloads/Xeno[.]exe
AsyncRAT


URL
hxxps://api[.]telegram[.]org/bot7835278469:AAGF5_NMraTLjuJJtDp20z1IPRxT8CDKsWQ/sendMessage?chat_id=6306771742
hxxps://api[.]telegram[.]org/bot7858190666:AAH3TQJpjHWLQM8Hnw49utus5m8AJ-Pb6g0/sendMessage?chat_id=7989371553
hxxps://api[.]telegram[.]org/bot7332888932:AAEd0xO46FUg-eZu8OorYiVnZ_y4D9P2pCE/sendMessage?chat_id=7128988401
hxxps://api[.]telegram[.]org/bot8148839075:AAEt-VESzO0dFqwZKVCRElhLkcbnoJJbv3I/sendMessage?chat_id=5913849875
hxxps://api[.]telegram[.]org/bot7566199192:AAEZR25tLXQHCmCvfMLztJOs9b7nm-RWGV4/sendMessage?chat_id=7128988401
hxxps://api[.]telegram[.]org/bot7880695616:AAENozN8WOdwjoCVV_2D6rKFh3wITQQLD2U/sendMessage?chat_id=8163760674
hxxps://api[.]telegram[.]org/bot7799726434:AAGRjfrC276N2rayyfaCdkbAxQzV1EWA37c/sendMessage?chat_id=7286478455
hxxps://api[.]telegram[.]org/bot8000050701:AAEJBvjRhxSqKWTgaK4YmK-Np2TekVDfHfY/sendMessage?chat_id=6750192797
Snake Keylogger


URL
hxxp://92[.]255[.]85[.]2/k[.]exe
NjRAT


URL
hxxp://103[.]144[.]2[.]73:19490/spread[.]txt
hxxps://raw[.]githubusercontent[.]com/kammywammyman/boyboy/main/ChromeUpdate[.]exe
Coinminer


URL
hxxps://check[.]viqon[.]icu/gkcxv[.]google
hxxps://u1[.]juryvarious[.]shop/xlqu1pnghc[.]mp3
hxxps://check[.]gytat[.]icu/gkcxv[.]google
hxxps://u1[.]juryvarious[.]shop/405p6ub5oi[.]mp3
hxxps://u1[.]juryvarious[.]shop/8cnl6z0a8h[.]mp3
hxxps://check[.]lipog[.]icu/gkcxv[.]google
hxxps://u1[.]juryvarious[.]shop/yi3ggrw0uq[.]mp3
hxxps://u1[.]juryvarious[.]shop/4viottvkya[.]mp3
hxxps://check[.]helij[.]icu/gkcxv[.]google
hxxps://u1[.]juryvarious[.]shop/ak6avv6n1p[.]mp3
hxxps://u1[.]juryvarious[.]shop/mvvoppevsy[.]mp3
hxxps://check[.]vased[.]icu/gkcxv[.]google
hxxps://u1[.]juryvarious[.]shop/4edmsg4off[.]mp3
hxxps://check[.]quzis[.]icu/gkcxv[.]google
hxxps://check[.]higuh[.]icu/gkcxv[.]google
hxxps://u1[.]juryvarious[.]shop/2kp21zf8p4[.]mp3
hxxps://u1[.]juryvarious[.]shop/0dyn3ztvbx[.]mp3
hxxps://u1[.]juryvarious[.]shop/qz2p8ep8g1[.]mp3
hxxps://u1[.]juryvarious[.]shop/zbgfke7glu[.]mp3
hxxps://u1[.]juryvarious[.]shop/cmfjy8mren[.]mp3
hxxps://u1[.]juryvarious[.]shop/pfzdz4es0a[.]mp3
hxxps://u1[.]juryvarious[.]shop/70el774tlm[.]mp3
hxxps://u1[.]juryvarious[.]shop/edo34vz81u[.]mp3
hxxps://u1[.]juryvarious[.]shop/tnz2fpi4go[.]mp3
hxxps://u1[.]juryvarious[.]shop/0g7lvnoe9d[.]mp3
hxxps://u1[.]juryvarious[.]shop/i79cioea2r[.]mp3
hxxps://u1[.]juryvarious[.]shop/a6607372yu[.]mp3
hxxps://u1[.]juryvarious[.]shop/25eayqh6lg[.]mp3
ClearFake


URL
hxxps://45[.]91[.]201[.]142/e344542ca4922af9[.]php
hxxps://95[.]215[.]204[.]182/4d3324bde875e159[.]php
hxxps://62[.]204[.]41[.]159/edd20096ecef326d[.]php
hxxps://171[.]22[.]28[.]221/5c06c05b7b34e8e6[.]php
hxxps://193[.]233[.]254[.]53/278c2fb3d8583f0e[.]php
hxxps://91[.]202[.]233[.]158/e96ea2db21fa9a1b[.]php
hxxps://104[.]245[.]240[.]18/d7f85cd3e24a4757[.]php
hxxps://93[.]233[.]254[.]53/278c2fb3d8583f0e[.]php
hxxps://146[.]70[.]161[.]51/273d9c8034a95cb4[.]php
hxxps://179[.]43[.]162[.]2/d8ab11e9f7bc9c13[.]php
hxxps://176[.]124[.]192[.]200/bef7fb05c9ef6540[.]php
hxxps://185[.]5[.]248[.]95/c1377b94d43eacea[.]php
hxxps://95[.]216[.]112[.]83/413a030d85acf448[.]php
hxxps://213[.]209[.]150[.]220/d7f85cd3e24a4757[.]php
hxxps://195[.]10[.]205[.]117/3d3d9476182c2057[.]php
hxxps://93[.]123[.]39[.]135/129edec4272dc2c8[.]php
hxxps://185[.]215[.]113[.]115/c4becf79229cb002[.]php
hxxps://62[.]204[.]41[.]177/edd20096ecef326d[.]php
hxxps://95[.]182[.]97[.]58/84b7b6f977dd1c65[.]php
hxxps://45[.]93[.]20[.]28/85a1cacf11314eb8[.]php
hxxps://45[.]93[.]20[.]64/96d56f5c90701384[.]php
hxxps://185[.]215[.]113[.]37/e2b1563c6670f193[.]php
hxxps://193[.]233[.]74[.]31/13cecbdad86667b0[.]php
hxxps://176[.]65[.]142[.]161/f698bbaeef359c28[.]php
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/mozglue[.]dll
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/freebl3[.]dll
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/msvcp140[.]dll
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/softokn3[.]dll
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/vcruntime140[.]dll
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/nss3[.]dll
hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/sqlite3[.]dll
Stealc


URL
hxxps://ronsamuel[.]com/js[.]php
hxxps://ronsamuel[.]com/4r4r[.]js
hxxps://inteklabs[.]com/2g6n[.]js
hxxps://inteklabs[.]com/js[.]php
hxxps://music[.]homesalemedia[.]com/profileLayout
FAKEUPDATES


URL
hxxps://larisantiara[.]com/File/freak[.]txt
hxxps://larisantiara[.]com/File/DAC[.]txt
hxxps://larisantiara[.]com/File/DDAC[.]ps1
Agent Tesla


URL
hxxp://88[.]151[.]192[.]52/code1/code
Emmenhtal


URL
hxxps://cosmicov[.]live/api
hxxps://pixtreev[.]run/LkaUz
hxxps://skynetxc[.]live/AksoPA
hxxps://sparkiob[.]digital/KeASUp
hxxps://ferrousz[.]digital/gsapz
hxxps://hacknestm[.]run/NbdHA
Lumma Stealer


URL
hxxp://115[.]233[.]60[.]197:8001/gkd[.]exe
hxxp://115[.]233[.]60[.]197:8001/de[.]exe
hxxp://115[.]233[.]60[.]197:8001/temp[.]exe
hxxp://115[.]233[.]60[.]197:8001/FilelessPELoader86[.]exe
hxxp://146[.]196[.]52[.]51:7777/pixel
hxxp://115[.]233[.]60[.]197:8081/jquery-3[.]3[.]2[.]slim[.]min[.]js
hxxp://47[.]99[.]169[.]201:82/02[.]08[.]2022[.]exe
hxxp://107[.]189[.]2[.]38:8888/02[.]08[.]2022[.]exe
hxxp://129[.]211[.]28[.]15:7000/02[.]08[.]2022[.]exe
hxxp://113[.]44[.]90[.]0:8846/02[.]08[.]2022[.]exe
hxxp://47[.]253[.]165[.]251:7777/02[.]08[.]2022[.]exe
hxxp://47[.]116[.]208[.]81:8001/02[.]08[.]2022[.]exe
hxxp://110[.]41[.]76[.]82:9999/02[.]08[.]2022[.]exe
hxxp://121[.]37[.]134[.]174:8080/02[.]08[.]2022[.]exe
hxxp://113[.]44[.]151[.]118:8088/02[.]08[.]2022[.]exe
hxxp://121[.]37[.]6[.]252/02[.]08[.]2022[.]exe
hxxp://111[.]229[.]78[.]104:4444/02[.]08[.]2022[.]exe
hxxp://39[.]108[.]176[.]121:8888/02[.]08[.]2022[.]exe
hxxp://150[.]158[.]46[.]102/02[.]08[.]2022[.]exe
hxxp://103[.]82[.]53[.]18:61234/02[.]08[.]2022[.]exe
hxxp://149[.]88[.]84[.]102:10086/02[.]08[.]2022[.]exe
hxxp://115[.]120[.]251[.]188:28080/02[.]08[.]2022[.]exe
hxxp://113[.]45[.]7[.]54:9999/02[.]08[.]2022[.]exe
hxxp://114[.]55[.]234[.]138:50051/02[.]08[.]2022[.]exe
hxxp://8[.]129[.]233[.]201:8888/02[.]08[.]2022[.]exe
hxxp://47[.]92[.]71[.]92/02[.]08[.]2022[.]exe
hxxp://150[.]158[.]77[.]31/02[.]08[.]2022[.]exe
hxxp://121[.]41[.]63[.]119/02[.]08[.]2022[.]exe
hxxp://123[.]57[.]146[.]124:12345/02[.]08[.]2022[.]exe
hxxp://165[.]154[.]203[.]220/02[.]08[.]2022[.]exe
hxxp://101[.]42[.]18[.]6:9898/02[.]08[.]2022[.]exe
hxxp://8[.]141[.]166[.]236:8888/02[.]08[.]2022[.]exe
hxxp://101[.]133[.]156[.]69:18888/02[.]08[.]2022[.]exe
hxxp://120[.]24[.]64[.]74:63211/02[.]08[.]2022[.]exe
hxxp://47[.]93[.]25[.]72:82/02[.]08[.]2022[.]exe
hxxp://118[.]25[.]85[.]198:2222/02[.]08[.]2022[.]exe
hxxp://101[.]126[.]87[.]67:8005/02[.]08[.]2022[.]exe
hxxp://47[.]116[.]181[.]251:1111/02[.]08[.]2022[.]exe
hxxp://8[.]155[.]1[.]95/02[.]08[.]2022[.]exe
hxxp://43[.]138[.]54[.]95:4477/02[.]08[.]2022[.]exe
hxxp://118[.]25[.]94[.]61:8443/02[.]08[.]2022[.]exe
hxxp://118[.]31[.]223[.]19/02[.]08[.]2022[.]exe
hxxp://47[.]97[.]73[.]88:7777/02[.]08[.]2022[.]exe
hxxp://116[.]205[.]188[.]204:8080/02[.]08[.]2022[.]exe
hxxp://101[.]43[.]135[.]44/02[.]08[.]2022[.]exe
Cobalt Strike


URL
hxxps://jpkinki[.]com/fjugm
Kimsuky


URL
hxxps://safetguard[.]mosco[.]cc/load/XClient[.]vbs
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/windows[.]bat
hxxps://raw[.]githubusercontent[.]com/ruthmooregmuax/ruthmooregmuax/refs/heads/main/windows[.]bat
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfulpayment[.]pif
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfullpayment[.]exe
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfullpaymentts[.]exe
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfullpaymenttt[.]pdf[.]pif
hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfulpayment[.]exe
XWorm


URL
hxxp://209[.]46[.]124[.]102/xampp/comi/creatingbestthingsforhisbeststepstotakehim[.]hta
hxxp://209[.]46[.]124[.]102/xampp/nicehome/goodgirlwithbestbattingwithgoodthings[.]hta
Remcos


URL
hxxp://95[.]211[.]44[.]250/ZBrJAPvfDYgwxYsq171[.]bin
CloudEyE


URL
hxxp://104[.]168[.]28[.]10/001[.]exe
DarkVision RAT


URL
hxxp://www[.]nawatbsc[.]com/file/loader[.]exe
DBatLoader


URL
hxxp://156[.]225[.]31[.]175:808/win[.]exe
Chaos


URL
hxxp://89[.]197[.]154[.]116:7810/3YZTBQ0GC8KnG6YawPl6Mgz0SxPZaRsi_90j21JnLh06BUCTxqSYQSXq2kUtERpN-N0gOu_rEQPmJD0K2aYCURoIcsBtBmn9lNaP2BTIV0Qjrn_Q3PNQu4TgvDjF2TK1ORITX7MdyZp277NZKK3EZ0q-lrqP
hxxp://89[.]197[.]154[.]115:7700/ih4cyGecAj0duhy7eltmzQo4WCxwpVTVdgyRKZrcT-IZi-ykXLZvMxz4IGCUvaiR0wrVtAp0fWkwIACV8TVd4z2_DHbSHQVjIToJhqAol9MrnN4FksZWgFlxarU1GZ
Metasploit


URL
hxxp://172[.]245[.]123[.]32/70/smss[.]exe
hxxp://172[.]245[.]123[.]32/xampp/nmo/givemebestthingsforgivemebest[.]hta
hxxp://192[.]3[.]216[.]141/bestkissingdayswithgreatnicebeautygirlsareound[.]hta
hxxp://www[.]ubyqtbzs7i6n[.]buzz/kk18/
hxxp://www[.]unas[.]shop/kk18/
hxxp://www[.]wqo[.]xyz/kk18/
hxxp://www[.]ykbai[.]website/kk18/
hxxp://www[.]zfah[.]agency/kk18/
hxxp://www[.]zzicasino-21[.]buzz/kk18/
hxxp://www[.]riwh[.]bid/kk18/
hxxp://www[.]roblemclassified[.]online/kk18/
hxxp://www[.]robuzj[.]property/kk18/
hxxp://www[.]roperty4tshwane[.]online/kk18/
hxxp://www[.]rttherapies[.]art/kk18/
hxxp://www[.]temwork[.]info/kk18/
hxxp://www[.]trahlkraft[.]pro/kk18/
hxxp://www[.]omovremont[.]store/kk18/
hxxp://www[.]onfitdentwithkat[.]net/kk18/
hxxp://www[.]oodwar[.]shop/kk18/
hxxp://www[.]ophackerkampala256[.]store/kk18/
hxxp://www[.]oymcfaddin[.]art/kk18/
hxxp://www[.]plate[.]online/kk18/
hxxp://www[.]ransitplus[.]biz/kk18/
hxxp://www[.]rick-mason-jobs-27365[.]bond/kk18/
hxxp://www[.]iuzhou15[.]top/kk18/
hxxp://www[.]lobelifecom[.]net/kk18/
hxxp://www[.]lowfy1[.]store/kk18/
hxxp://www[.]luxfyxerflow[.]info/kk18/
hxxp://www[.]lzgwcxlgtrf[.]sbs/kk18/
hxxp://www[.]name[.]vip/kk18/
hxxp://www[.]nxezvnjtk[.]xyz/kk18/
hxxp://www[.]ogel[.]kim/kk18/
hxxp://www[.]ogel[.]loan/kk18/
hxxp://www[.]ibdobreva[.]art/kk18/
hxxp://www[.]ideosha[.]vip/kk18/
hxxp://www[.]igna[.]store/kk18/
hxxp://www[.]ikskp[.]top/kk18/
hxxp://www[.]inetask[.]net/kk18/
hxxp://www[.]inlinwangziyi[.]fun/kk18/
hxxp://www[.]ipcity[.]net/kk18/
hxxp://www[.]itchen-design-57211[.]bond/kk18/
hxxp://www[.]ennyandpearljewellery[.]net/kk18/
hxxp://www[.]ental-insurance-us-631[.]xyz/kk18/
hxxp://www[.]ertbz[.]xyz/kk18/
hxxp://www[.]essonsandblessings[.]shop/kk18/
hxxp://www[.]ewdq[.]top/kk18/
hxxp://www[.]ewssphere[.]one/kk18/
hxxp://www[.]gtttttt224[.]top/kk18/
hxxp://www[.]haiyaoder[.]top/kk18/
hxxp://www[.]hrgreret[.]online/kk18/
hxxp://www[.]ampbelltx[.]info/kk18/
hxxp://www[.]antappecah001[.]mom/kk18/
hxxp://www[.]arrisseedse[.]shop/kk18/
hxxp://www[.]avidhost[.]site/kk18/
hxxp://www[.]bvljoe[.]solutions/kk18/
hxxp://www[.]dc-gmbh[.]net/kk18/
hxxp://www[.]dinara[.]best/kk18/
hxxp://www[.]eddings-56794[.]bond/kk18/
hxxp://www[.]efundee[.]help/kk18/
hxxp://www[.]249[.]top/kk18/
hxxp://www[.]24kzty991r[.]shop/kk18/
hxxp://www[.]67frmu442r[.]shop/kk18/
hxxp://www[.]6851044[.]vip/kk18/
hxxp://www[.]86r5[.]info/kk18/
hxxp://www[.]ajbke[.]shop/kk18/
hxxp://www[.]alo4d[.]net/kk18/
hxxp://www[.]amilianm[.]store/kk18/
hxxp://www[.]18y6s32s[.]top/kk18/
Formbook


URL
hxxp://107[.]174[.]231[.]211/xampp/kno/globalshippingservice[.]hta
MASS Logger


URL
hxxp://45[.]11[.]229[.]181/a-r[.]m-4[.]Sakura
hxxp://45[.]11[.]229[.]181/a-r[.]m-6[.]Sakura
hxxp://45[.]11[.]229[.]181/Sakura[.]sh
hxxp://45[.]11[.]229[.]181/a-r[.]m-5[.]Sakura
hxxp://45[.]11[.]229[.]181/m-6[.]8-k[.]Sakura
hxxp://45[.]11[.]229[.]181/s-h[.]4-[.]Sakura
hxxp://45[.]11[.]229[.]181/p-p[.]c-[.]Sakura
hxxp://45[.]11[.]229[.]181/m-p[.]s-l[.]Sakura
hxxp://45[.]11[.]229[.]181/x-8[.]6-[.]Sakura
hxxp://45[.]11[.]229[.]181/x-3[.]2-[.]Sakura
hxxp://45[.]11[.]229[.]181/i-5[.]8-6[.]Sakura
hxxp://45[.]11[.]229[.]181/a-r[.]m-7[.]Sakura
hxxp://45[.]11[.]229[.]181/m-i[.]p-s[.]Sakura
Bashlite


URL
hxxps://github[.]com/Marcin2123/actualka/raw/refs/heads/main/roblox_protected[.]exe
hxxps://github[.]com/Marcin2123/actualka/raw/refs/heads/main/crypted[.]exe
PureLogs Stealer


URL
hxxps://visasecurity[.]net/VISA%20Secured[.]apk
SpyNote


URL
hxxps://xiolewarentiom[.]com/test/
Latrodectus


URL
hxxp://59[.]88[.]23[.]194:49027/Mozi[.]m
Mozi


URL
hxxps://bitbucket[.]org/xeno-executor-/malumn-meno-au/downloads/RamCleaner[.]exe
BlankGrabber


URL
hxxp://92[.]118[.]112[.]135:8080/part/setup0321_or[.]msi
hxxp://92[.]118[.]112[.]135:8080/parts/manual[.]pdf[.]lnk
MetaStealer


URL
hxxps://github[.]com/00094/String-Remover/raw/refs/heads/main/rah[.]exe
hxxps://github[.]com/00094/String-Remover/raw/refs/heads/main/Realtek%20HD%20Audio%20Manager[.]exe
hxxps://github[.]com/00094/String-Remover/raw/refs/heads/main/Final[.]exe
Quasar RAT




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://92[.]255[.]85[.]2/cmd[.]bat hxxp://92[.]255[.]57[.]221/0p[.]exe hxxp://92[.]255[.]85[.]2/Fox[.]exe hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/PhotoshopSetup[.]exe hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/system[.]exe hxxps://bitbucket[.]org/xeno-executor-/malumn-meno-au/downloads/Xeno[.]exe	AsyncRAT
URL	hxxps://api[.]telegram[.]org/bot7835278469:AAGF5_NMraTLjuJJtDp20z1IPRxT8CDKsWQ/sendMessage?chat_id=6306771742 hxxps://api[.]telegram[.]org/bot7858190666:AAH3TQJpjHWLQM8Hnw49utus5m8AJ-Pb6g0/sendMessage?chat_id=7989371553 hxxps://api[.]telegram[.]org/bot7332888932:AAEd0xO46FUg-eZu8OorYiVnZ_y4D9P2pCE/sendMessage?chat_id=7128988401 hxxps://api[.]telegram[.]org/bot8148839075:AAEt-VESzO0dFqwZKVCRElhLkcbnoJJbv3I/sendMessage?chat_id=5913849875 hxxps://api[.]telegram[.]org/bot7566199192:AAEZR25tLXQHCmCvfMLztJOs9b7nm-RWGV4/sendMessage?chat_id=7128988401 hxxps://api[.]telegram[.]org/bot7880695616:AAENozN8WOdwjoCVV_2D6rKFh3wITQQLD2U/sendMessage?chat_id=8163760674 hxxps://api[.]telegram[.]org/bot7799726434:AAGRjfrC276N2rayyfaCdkbAxQzV1EWA37c/sendMessage?chat_id=7286478455 hxxps://api[.]telegram[.]org/bot8000050701:AAEJBvjRhxSqKWTgaK4YmK-Np2TekVDfHfY/sendMessage?chat_id=6750192797	Snake Keylogger
URL	hxxp://92[.]255[.]85[.]2/k[.]exe	NjRAT
URL	hxxp://103[.]144[.]2[.]73:19490/spread[.]txt hxxps://raw[.]githubusercontent[.]com/kammywammyman/boyboy/main/ChromeUpdate[.]exe	Coinminer
URL	hxxps://check[.]viqon[.]icu/gkcxv[.]google hxxps://u1[.]juryvarious[.]shop/xlqu1pnghc[.]mp3 hxxps://check[.]gytat[.]icu/gkcxv[.]google hxxps://u1[.]juryvarious[.]shop/405p6ub5oi[.]mp3 hxxps://u1[.]juryvarious[.]shop/8cnl6z0a8h[.]mp3 hxxps://check[.]lipog[.]icu/gkcxv[.]google hxxps://u1[.]juryvarious[.]shop/yi3ggrw0uq[.]mp3 hxxps://u1[.]juryvarious[.]shop/4viottvkya[.]mp3 hxxps://check[.]helij[.]icu/gkcxv[.]google hxxps://u1[.]juryvarious[.]shop/ak6avv6n1p[.]mp3 hxxps://u1[.]juryvarious[.]shop/mvvoppevsy[.]mp3 hxxps://check[.]vased[.]icu/gkcxv[.]google hxxps://u1[.]juryvarious[.]shop/4edmsg4off[.]mp3 hxxps://check[.]quzis[.]icu/gkcxv[.]google hxxps://check[.]higuh[.]icu/gkcxv[.]google hxxps://u1[.]juryvarious[.]shop/2kp21zf8p4[.]mp3 hxxps://u1[.]juryvarious[.]shop/0dyn3ztvbx[.]mp3 hxxps://u1[.]juryvarious[.]shop/qz2p8ep8g1[.]mp3 hxxps://u1[.]juryvarious[.]shop/zbgfke7glu[.]mp3 hxxps://u1[.]juryvarious[.]shop/cmfjy8mren[.]mp3 hxxps://u1[.]juryvarious[.]shop/pfzdz4es0a[.]mp3 hxxps://u1[.]juryvarious[.]shop/70el774tlm[.]mp3 hxxps://u1[.]juryvarious[.]shop/edo34vz81u[.]mp3 hxxps://u1[.]juryvarious[.]shop/tnz2fpi4go[.]mp3 hxxps://u1[.]juryvarious[.]shop/0g7lvnoe9d[.]mp3 hxxps://u1[.]juryvarious[.]shop/i79cioea2r[.]mp3 hxxps://u1[.]juryvarious[.]shop/a6607372yu[.]mp3 hxxps://u1[.]juryvarious[.]shop/25eayqh6lg[.]mp3	ClearFake
URL	hxxps://45[.]91[.]201[.]142/e344542ca4922af9[.]php hxxps://95[.]215[.]204[.]182/4d3324bde875e159[.]php hxxps://62[.]204[.]41[.]159/edd20096ecef326d[.]php hxxps://171[.]22[.]28[.]221/5c06c05b7b34e8e6[.]php hxxps://193[.]233[.]254[.]53/278c2fb3d8583f0e[.]php hxxps://91[.]202[.]233[.]158/e96ea2db21fa9a1b[.]php hxxps://104[.]245[.]240[.]18/d7f85cd3e24a4757[.]php hxxps://93[.]233[.]254[.]53/278c2fb3d8583f0e[.]php hxxps://146[.]70[.]161[.]51/273d9c8034a95cb4[.]php hxxps://179[.]43[.]162[.]2/d8ab11e9f7bc9c13[.]php hxxps://176[.]124[.]192[.]200/bef7fb05c9ef6540[.]php hxxps://185[.]5[.]248[.]95/c1377b94d43eacea[.]php hxxps://95[.]216[.]112[.]83/413a030d85acf448[.]php hxxps://213[.]209[.]150[.]220/d7f85cd3e24a4757[.]php hxxps://195[.]10[.]205[.]117/3d3d9476182c2057[.]php hxxps://93[.]123[.]39[.]135/129edec4272dc2c8[.]php hxxps://185[.]215[.]113[.]115/c4becf79229cb002[.]php hxxps://62[.]204[.]41[.]177/edd20096ecef326d[.]php hxxps://95[.]182[.]97[.]58/84b7b6f977dd1c65[.]php hxxps://45[.]93[.]20[.]28/85a1cacf11314eb8[.]php hxxps://45[.]93[.]20[.]64/96d56f5c90701384[.]php hxxps://185[.]215[.]113[.]37/e2b1563c6670f193[.]php hxxps://193[.]233[.]74[.]31/13cecbdad86667b0[.]php hxxps://176[.]65[.]142[.]161/f698bbaeef359c28[.]php hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/mozglue[.]dll hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/freebl3[.]dll hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/msvcp140[.]dll hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/softokn3[.]dll hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/vcruntime140[.]dll hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/nss3[.]dll hxxp://45[.]93[.]20[.]28/c66c0eade263c9a8/sqlite3[.]dll	Stealc
URL	hxxps://ronsamuel[.]com/js[.]php hxxps://ronsamuel[.]com/4r4r[.]js hxxps://inteklabs[.]com/2g6n[.]js hxxps://inteklabs[.]com/js[.]php hxxps://music[.]homesalemedia[.]com/profileLayout	FAKEUPDATES
URL	hxxps://larisantiara[.]com/File/freak[.]txt hxxps://larisantiara[.]com/File/DAC[.]txt hxxps://larisantiara[.]com/File/DDAC[.]ps1	Agent Tesla
URL	hxxp://88[.]151[.]192[.]52/code1/code	Emmenhtal
URL	hxxps://cosmicov[.]live/api hxxps://pixtreev[.]run/LkaUz hxxps://skynetxc[.]live/AksoPA hxxps://sparkiob[.]digital/KeASUp hxxps://ferrousz[.]digital/gsapz hxxps://hacknestm[.]run/NbdHA	Lumma Stealer
URL	hxxp://115[.]233[.]60[.]197:8001/gkd[.]exe hxxp://115[.]233[.]60[.]197:8001/de[.]exe hxxp://115[.]233[.]60[.]197:8001/temp[.]exe hxxp://115[.]233[.]60[.]197:8001/FilelessPELoader86[.]exe hxxp://146[.]196[.]52[.]51:7777/pixel hxxp://115[.]233[.]60[.]197:8081/jquery-3[.]3[.]2[.]slim[.]min[.]js hxxp://47[.]99[.]169[.]201:82/02[.]08[.]2022[.]exe hxxp://107[.]189[.]2[.]38:8888/02[.]08[.]2022[.]exe hxxp://129[.]211[.]28[.]15:7000/02[.]08[.]2022[.]exe hxxp://113[.]44[.]90[.]0:8846/02[.]08[.]2022[.]exe hxxp://47[.]253[.]165[.]251:7777/02[.]08[.]2022[.]exe hxxp://47[.]116[.]208[.]81:8001/02[.]08[.]2022[.]exe hxxp://110[.]41[.]76[.]82:9999/02[.]08[.]2022[.]exe hxxp://121[.]37[.]134[.]174:8080/02[.]08[.]2022[.]exe hxxp://113[.]44[.]151[.]118:8088/02[.]08[.]2022[.]exe hxxp://121[.]37[.]6[.]252/02[.]08[.]2022[.]exe hxxp://111[.]229[.]78[.]104:4444/02[.]08[.]2022[.]exe hxxp://39[.]108[.]176[.]121:8888/02[.]08[.]2022[.]exe hxxp://150[.]158[.]46[.]102/02[.]08[.]2022[.]exe hxxp://103[.]82[.]53[.]18:61234/02[.]08[.]2022[.]exe hxxp://149[.]88[.]84[.]102:10086/02[.]08[.]2022[.]exe hxxp://115[.]120[.]251[.]188:28080/02[.]08[.]2022[.]exe hxxp://113[.]45[.]7[.]54:9999/02[.]08[.]2022[.]exe hxxp://114[.]55[.]234[.]138:50051/02[.]08[.]2022[.]exe hxxp://8[.]129[.]233[.]201:8888/02[.]08[.]2022[.]exe hxxp://47[.]92[.]71[.]92/02[.]08[.]2022[.]exe hxxp://150[.]158[.]77[.]31/02[.]08[.]2022[.]exe hxxp://121[.]41[.]63[.]119/02[.]08[.]2022[.]exe hxxp://123[.]57[.]146[.]124:12345/02[.]08[.]2022[.]exe hxxp://165[.]154[.]203[.]220/02[.]08[.]2022[.]exe hxxp://101[.]42[.]18[.]6:9898/02[.]08[.]2022[.]exe hxxp://8[.]141[.]166[.]236:8888/02[.]08[.]2022[.]exe hxxp://101[.]133[.]156[.]69:18888/02[.]08[.]2022[.]exe hxxp://120[.]24[.]64[.]74:63211/02[.]08[.]2022[.]exe hxxp://47[.]93[.]25[.]72:82/02[.]08[.]2022[.]exe hxxp://118[.]25[.]85[.]198:2222/02[.]08[.]2022[.]exe hxxp://101[.]126[.]87[.]67:8005/02[.]08[.]2022[.]exe hxxp://47[.]116[.]181[.]251:1111/02[.]08[.]2022[.]exe hxxp://8[.]155[.]1[.]95/02[.]08[.]2022[.]exe hxxp://43[.]138[.]54[.]95:4477/02[.]08[.]2022[.]exe hxxp://118[.]25[.]94[.]61:8443/02[.]08[.]2022[.]exe hxxp://118[.]31[.]223[.]19/02[.]08[.]2022[.]exe hxxp://47[.]97[.]73[.]88:7777/02[.]08[.]2022[.]exe hxxp://116[.]205[.]188[.]204:8080/02[.]08[.]2022[.]exe hxxp://101[.]43[.]135[.]44/02[.]08[.]2022[.]exe	Cobalt Strike
URL	hxxps://jpkinki[.]com/fjugm	Kimsuky
URL	hxxps://safetguard[.]mosco[.]cc/load/XClient[.]vbs hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/windows[.]bat hxxps://raw[.]githubusercontent[.]com/ruthmooregmuax/ruthmooregmuax/refs/heads/main/windows[.]bat hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfulpayment[.]pif hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfullpayment[.]exe hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfullpaymentts[.]exe hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfullpaymenttt[.]pdf[.]pif hxxps://github[.]com/ruthmooregmuax/ruthmooregmuax/raw/refs/heads/main/successfulpayment[.]exe	XWorm
URL	hxxp://209[.]46[.]124[.]102/xampp/comi/creatingbestthingsforhisbeststepstotakehim[.]hta hxxp://209[.]46[.]124[.]102/xampp/nicehome/goodgirlwithbestbattingwithgoodthings[.]hta	Remcos
URL	hxxp://95[.]211[.]44[.]250/ZBrJAPvfDYgwxYsq171[.]bin	CloudEyE
URL	hxxp://104[.]168[.]28[.]10/001[.]exe	DarkVision RAT
URL	hxxp://www[.]nawatbsc[.]com/file/loader[.]exe	DBatLoader
URL	hxxp://156[.]225[.]31[.]175:808/win[.]exe	Chaos
URL	hxxp://89[.]197[.]154[.]116:7810/3YZTBQ0GC8KnG6YawPl6Mgz0SxPZaRsi_90j21JnLh06BUCTxqSYQSXq2kUtERpN-N0gOu_rEQPmJD0K2aYCURoIcsBtBmn9lNaP2BTIV0Qjrn_Q3PNQu4TgvDjF2TK1ORITX7MdyZp277NZKK3EZ0q-lrqP hxxp://89[.]197[.]154[.]115:7700/ih4cyGecAj0duhy7eltmzQo4WCxwpVTVdgyRKZrcT-IZi-ykXLZvMxz4IGCUvaiR0wrVtAp0fWkwIACV8TVd4z2_DHbSHQVjIToJhqAol9MrnN4FksZWgFlxarU1GZ	Metasploit
URL	hxxp://172[.]245[.]123[.]32/70/smss[.]exe hxxp://172[.]245[.]123[.]32/xampp/nmo/givemebestthingsforgivemebest[.]hta hxxp://192[.]3[.]216[.]141/bestkissingdayswithgreatnicebeautygirlsareound[.]hta hxxp://www[.]ubyqtbzs7i6n[.]buzz/kk18/ hxxp://www[.]unas[.]shop/kk18/ hxxp://www[.]wqo[.]xyz/kk18/ hxxp://www[.]ykbai[.]website/kk18/ hxxp://www[.]zfah[.]agency/kk18/ hxxp://www[.]zzicasino-21[.]buzz/kk18/ hxxp://www[.]riwh[.]bid/kk18/ hxxp://www[.]roblemclassified[.]online/kk18/ hxxp://www[.]robuzj[.]property/kk18/ hxxp://www[.]roperty4tshwane[.]online/kk18/ hxxp://www[.]rttherapies[.]art/kk18/ hxxp://www[.]temwork[.]info/kk18/ hxxp://www[.]trahlkraft[.]pro/kk18/ hxxp://www[.]omovremont[.]store/kk18/ hxxp://www[.]onfitdentwithkat[.]net/kk18/ hxxp://www[.]oodwar[.]shop/kk18/ hxxp://www[.]ophackerkampala256[.]store/kk18/ hxxp://www[.]oymcfaddin[.]art/kk18/ hxxp://www[.]plate[.]online/kk18/ hxxp://www[.]ransitplus[.]biz/kk18/ hxxp://www[.]rick-mason-jobs-27365[.]bond/kk18/ hxxp://www[.]iuzhou15[.]top/kk18/ hxxp://www[.]lobelifecom[.]net/kk18/ hxxp://www[.]lowfy1[.]store/kk18/ hxxp://www[.]luxfyxerflow[.]info/kk18/ hxxp://www[.]lzgwcxlgtrf[.]sbs/kk18/ hxxp://www[.]name[.]vip/kk18/ hxxp://www[.]nxezvnjtk[.]xyz/kk18/ hxxp://www[.]ogel[.]kim/kk18/ hxxp://www[.]ogel[.]loan/kk18/ hxxp://www[.]ibdobreva[.]art/kk18/ hxxp://www[.]ideosha[.]vip/kk18/ hxxp://www[.]igna[.]store/kk18/ hxxp://www[.]ikskp[.]top/kk18/ hxxp://www[.]inetask[.]net/kk18/ hxxp://www[.]inlinwangziyi[.]fun/kk18/ hxxp://www[.]ipcity[.]net/kk18/ hxxp://www[.]itchen-design-57211[.]bond/kk18/ hxxp://www[.]ennyandpearljewellery[.]net/kk18/ hxxp://www[.]ental-insurance-us-631[.]xyz/kk18/ hxxp://www[.]ertbz[.]xyz/kk18/ hxxp://www[.]essonsandblessings[.]shop/kk18/ hxxp://www[.]ewdq[.]top/kk18/ hxxp://www[.]ewssphere[.]one/kk18/ hxxp://www[.]gtttttt224[.]top/kk18/ hxxp://www[.]haiyaoder[.]top/kk18/ hxxp://www[.]hrgreret[.]online/kk18/ hxxp://www[.]ampbelltx[.]info/kk18/ hxxp://www[.]antappecah001[.]mom/kk18/ hxxp://www[.]arrisseedse[.]shop/kk18/ hxxp://www[.]avidhost[.]site/kk18/ hxxp://www[.]bvljoe[.]solutions/kk18/ hxxp://www[.]dc-gmbh[.]net/kk18/ hxxp://www[.]dinara[.]best/kk18/ hxxp://www[.]eddings-56794[.]bond/kk18/ hxxp://www[.]efundee[.]help/kk18/ hxxp://www[.]249[.]top/kk18/ hxxp://www[.]24kzty991r[.]shop/kk18/ hxxp://www[.]67frmu442r[.]shop/kk18/ hxxp://www[.]6851044[.]vip/kk18/ hxxp://www[.]86r5[.]info/kk18/ hxxp://www[.]ajbke[.]shop/kk18/ hxxp://www[.]alo4d[.]net/kk18/ hxxp://www[.]amilianm[.]store/kk18/ hxxp://www[.]18y6s32s[.]top/kk18/	Formbook
URL	hxxp://107[.]174[.]231[.]211/xampp/kno/globalshippingservice[.]hta	MASS Logger
URL	hxxp://45[.]11[.]229[.]181/a-r[.]m-4[.]Sakura hxxp://45[.]11[.]229[.]181/a-r[.]m-6[.]Sakura hxxp://45[.]11[.]229[.]181/Sakura[.]sh hxxp://45[.]11[.]229[.]181/a-r[.]m-5[.]Sakura hxxp://45[.]11[.]229[.]181/m-6[.]8-k[.]Sakura hxxp://45[.]11[.]229[.]181/s-h[.]4-[.]Sakura hxxp://45[.]11[.]229[.]181/p-p[.]c-[.]Sakura hxxp://45[.]11[.]229[.]181/m-p[.]s-l[.]Sakura hxxp://45[.]11[.]229[.]181/x-8[.]6-[.]Sakura hxxp://45[.]11[.]229[.]181/x-3[.]2-[.]Sakura hxxp://45[.]11[.]229[.]181/i-5[.]8-6[.]Sakura hxxp://45[.]11[.]229[.]181/a-r[.]m-7[.]Sakura hxxp://45[.]11[.]229[.]181/m-i[.]p-s[.]Sakura	Bashlite
URL	hxxps://github[.]com/Marcin2123/actualka/raw/refs/heads/main/roblox_protected[.]exe hxxps://github[.]com/Marcin2123/actualka/raw/refs/heads/main/crypted[.]exe	PureLogs Stealer
URL	hxxps://visasecurity[.]net/VISA%20Secured[.]apk	SpyNote
URL	hxxps://xiolewarentiom[.]com/test/	Latrodectus
URL	hxxp://59[.]88[.]23[.]194:49027/Mozi[.]m	Mozi
URL	hxxps://bitbucket[.]org/xeno-executor-/malumn-meno-au/downloads/RamCleaner[.]exe	BlankGrabber
URL	hxxp://92[.]118[.]112[.]135:8080/part/setup0321_or[.]msi hxxp://92[.]118[.]112[.]135:8080/parts/manual[.]pdf[.]lnk	MetaStealer
URL	hxxps://github[.]com/00094/String-Remover/raw/refs/heads/main/rah[.]exe hxxps://github[.]com/00094/String-Remover/raw/refs/heads/main/Realtek%20HD%20Audio%20Manager[.]exe hxxps://github[.]com/00094/String-Remover/raw/refs/heads/main/Final[.]exe	Quasar RAT

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております