D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2025/09/16
※2025/09/16 更新
マルウェア感染させると考えられるURLを検知（2025/09/16）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxps://qd[.]fa6eq[.]ru/w9od0f60mx[.]pdf
hxxps://qd[.]fa6eq[.]ru/hi35g5c5p7[.]pdf
hxxps://tne[.]we4ex[.]ru/pe[.]google?t=fbb6t95d
hxxps://qd[.]fa6eq[.]ru/i5gwsl7ep4[.]pdf
hxxps://qd[.]fa6eq[.]ru/9jhqsqt00g[.]pdf
hxxps://du[.]xe3ax[.]ru/zo[.]check?t=46lc6a49
hxxps://yn[.]fa6eq[.]ru/ihu4ciep58[.]pdf
hxxps://va[.]xe3ax[.]ru/vim[.]check?t=3dwdg5eg
hxxps://yn[.]fa6eq[.]ru/x2cngs88bc[.]pdf
hxxps://yn[.]fa6eq[.]ru/cvnmztbf1d[.]pdf
hxxps://yn[.]fa6eq[.]ru/jfjze20ko3[.]pdf
hxxps://kri[.]xe3ax[.]ru/lq[.]google?t=57bpvr2x
hxxps://yn[.]fa6eq[.]ru/fvf9p0lh0f[.]pdf
hxxps://pne[.]xe3ax[.]ru/tx[.]google?t=ftfdq2pa
hxxps://yn[.]fa6eq[.]ru/8fclquuhh0[.]pdf
hxxps://tr[.]ji1im[.]ru/dewcbe2l8j[.]pdf
hxxps://rq[.]fo1od[.]ru/ir[.]google?t=lwdw536g
hxxps://tr[.]ji1im[.]ru/cmlbs5anf3[.]pdf
hxxps://tr[.]ji1im[.]ru/qy6de4b2no[.]pdf
hxxps://xal[.]fo1od[.]ru/sna[.]check?t=txus0s6j
hxxps://tr[.]ji1im[.]ru/gz3ywtjlpb[.]pdf
hxxps://lx[.]ji1im[.]ru/2n0gnzlc84[.]pdf
hxxps://lx[.]ji1im[.]ru/dy7cppwtbb[.]pdf
hxxps://me[.]fo1od[.]ru/qd[.]google?t=19hcsfk8
hxxps://lx[.]ji1im[.]ru/4qzbfo0nr9[.]pdf
hxxps://lx[.]ji1im[.]ru/f0esvmakxn[.]pdf
hxxps://by[.]xe3ax[.]ru/oga[.]check?t=zvgjjf7s
hxxps://mv[.]mo5un[.]ru/suf9b0isem[.]pdf
hxxps://mv[.]mo5un[.]ru/67mftjant1[.]pdf
hxxps://bti[.]fo1od[.]ru/wq[.]check?t=ffhhhpjc
hxxps://pc[.]mo5un[.]ru/lllsg0we1n[.]pdf
hxxps://pc[.]mo5un[.]ru/6dpoogx3ju[.]pdf
hxxps://jo[.]qe3yn[.]ru/em[.]check?t=jzfwdg4a
hxxps://pc[.]mo5un[.]ru/qsuqdqfcay[.]pdf
hxxps://pc[.]mo5un[.]ru/pxnznuzs35[.]pdf
hxxps://cy[.]fo1od[.]ru/lmi[.]google?t=2lo09sc8
hxxps://hb[.]wi9ik[.]ru/vfluivasw4[.]pdf
hxxps://pru[.]qe3yn[.]ru/rv[.]google?t=lkpx59j9
hxxps://hb[.]wi9ik[.]ru/cubklm7dy4[.]pdf
hxxps://pc[.]mo5un[.]ru/alschv5tmi[.]pdf
hxxps://pc[.]mo5un[.]ru/qd8ufk4ehw[.]pdf
hxxps://ta[.]qe3yn[.]ru/dna[.]check?t=jrne2acr
hxxps://pc[.]mo5un[.]ru/27zgdnwd78[.]pdf
hxxps://pc[.]mo5un[.]ru/4wmrahb8wp[.]pdf
hxxps://vex[.]qe3yn[.]ru/yq[.]google?t=knes1jvx
hxxps://ha[.]bi3ux[.]ru/tc[.]google?t=r0qec4jb
hxxps://zu[.]wi9ik[.]ru/yg8q325xf4[.]pdf
hxxps://zu[.]wi9ik[.]ru/4xj7canhaa[.]pdf
hxxps://hb[.]wi9ik[.]ru/p3fbrsl0mr[.]pdf
hxxps://hb[.]wi9ik[.]ru/tow8zuaulc[.]pdf
hxxps://nl[.]qe3yn[.]ru/oza[.]check?t=m29pmldn
hxxps://as[.]boku0[.]ru/to[.]google?t=ds3dfcnz
hxxps://wo[.]by3iq[.]ru/0qp7k1d6d9[.]pdf
hxxps://wo[.]by3iq[.]ru/nh429o82fj[.]pdf
hxxps://kj[.]by3iq[.]ru/y9lu4dw2vh[.]pdf
hxxps://kj[.]by3iq[.]ru/jksqqi2x5d[.]pdf
hxxps://an[.]boku0[.]ru/on[.]check?t=q7uj2an6
hxxps://kj[.]by3iq[.]ru/4v968fzkwo[.]pdf
hxxps://kj[.]by3iq[.]ru/sb1vjxptp1[.]pdf
hxxps://l[.]bi3ux[.]ru/pgni[.]google?t=iw6dznk9
hxxps://kj[.]by3iq[.]ru/0s7r99da23[.]pdf
hxxps://kj[.]by3iq[.]ru/ehbnmomcea[.]pdf
hxxps://zpa[.]bi3ux[.]ru/em[.]check?t=qpbkosd3
hxxps://zu[.]wi9ik[.]ru/4rj6xpghub[.]pdf
hxxps://zu[.]wi9ik[.]ru/ktod0q8iya[.]pdf
hxxps://mri[.]bi3ux[.]ru/oya[.]check?t=kuk5l77c
hxxps://wo[.]by3iq[.]ru/6qmkhgu845[.]pdf
hxxps://wo[.]by3iq[.]ru/00q6y97omm[.]pdf
hxxps://by[.]boku0[.]ru/at[.]check?t=vxsmyxqn
hxxps://wo[.]by3iq[.]ru/ss5wqmhzah[.]pdf
hxxps://wo[.]by3iq[.]ru/nbzd08i35z[.]pdf
hxxps://be[.]boku0[.]ru/of[.]google?t=budm053w
hxxps://at[.]boku0[.]ru/in[.]check?t=8kk1mc2q
hxxps://wo[.]by3iq[.]ru/71h9srsa0h[.]pdf
hxxps://wo[.]by3iq[.]ru/aygl42g34j[.]pdf
hxxps://wo[.]by3iq[.]ru/wba4ybxpkz[.]pdf
hxxps://he[.]boku-0[.]ru/is[.]google?t=r8z5g1zu
hxxps://wo[.]by3iq[.]ru/i3qp0225wc[.]pdf
hxxps://wo[.]by3iq[.]ru/tiin6h32k0[.]pdf
hxxps://go[.]boku-0[.]ru/no[.]check?t=mdq10tqi
hxxps://wo[.]by3iq[.]ru/w3o2clqtxg[.]pdf
hxxps://wo[.]by3iq[.]ru/qskba601p7[.]pdf
hxxps://do[.]boku-0[.]ru/up[.]google?t=b20sster
hxxps://wo[.]by3iq[.]ru/ww6viyjgja[.]pdf
hxxps://as[.]ty1un[.]ru/qok5aqzizi[.]pdf
hxxps://as[.]ty1un[.]ru/ssrnmwl2h0[.]pdf
hxxps://wo[.]by3iq[.]ru/dpvhdd88wh[.]pdf
hxxps://wo[.]by3iq[.]ru/1rbvroleww[.]pdf
hxxps://if[.]boku-0[.]ru/am[.]check?t=lwbcwxvc
hxxps://as[.]ty1un[.]ru/xeky7a4dws[.]pdf
hxxps://as[.]ty1un[.]ru/nus6ynb88t[.]pdf
hxxps://it[.]buno8[.]ru/so[.]google?t=dfmz9gdz
hxxps://as[.]ty1un[.]ru/0b5xytebpm[.]pdf
hxxps://as[.]ty1un[.]ru/7jxderwyw4[.]pdf
hxxps://is[.]buno8[.]ru/or[.]check?t=3ehwi9al
hxxps://in[.]boku-0[.]ru/it[.]google?t=pwp2deab
hxxps://by[.]ty1un[.]ru/hp7jc8fg4s[.]pdf
hxxps://md[.]cykugeu[.]ru/2dc065f62ee8774c2517bf4c4d2c1211
hxxps://me[.]buno8[.]ru/we[.]check?t=uwznwzpm
hxxps://by[.]ty1un[.]ru/0jdecoznxo[.]pdf
hxxps://by[.]ty1un[.]ru/wl7xnd1r4z[.]pdf
hxxps://by[.]ty1un[.]ru/dermiiwvgd[.]pdf
hxxps://no[.]buno8[.]ru/an[.]google?t=luev5mkc
hxxps://by[.]ty1un[.]ru/cy8md4rfli[.]pdf
hxxps://by[.]ty1un[.]ru/5xasmnpu3e[.]pdf
hxxps://of[.]buno8[.]ru/as[.]check?t=g1qh2i1p
hxxps://go[.]fe1it[.]ru/hvho0t18ib[.]pdf
hxxps://or[.]ciqe8[.]ru/by[.]check?t=gdz85h31
hxxps://go[.]fe1it[.]ru/ofzqjizdeo[.]pdf
hxxps://go[.]fe1it[.]ru/t67jv3bw9y[.]pdf
hxxps://on[.]ciqe8[.]ru/be[.]google?t=boxz3oa4
hxxps://go[.]fe1it[.]ru/hye7zhw1if[.]pdf
hxxps://go[.]fe1it[.]ru/63cmrihpui[.]pdf
hxxps://so[.]ciqe8[.]ru/do[.]google?t=kkzoyrje
hxxps://go[.]fe1it[.]ru/v6qakdiuyc[.]pdf
hxxps://1[.]fe1it[.]ru/o2tpms84jw[.]pdf
hxxps://1[.]fe1it[.]ru/h6f8zp76pd[.]pdf
hxxps://to[.]ciqe8[.]ru/go[.]check?t=v3c9wiun
hxxps://1[.]fe1it[.]ru/icm2804xnk[.]pdf
hxxps://1[.]fe1it[.]ru/5y1wjll5wy[.]pdf
hxxps://up[.]ciqe8[.]ru/he[.]google?t=n85yksa1
hxxps://1[.]fe1it[.]ru/ja8u8ujjex[.]pdf
hxxps://1[.]fe1it[.]ru/xq8db58pll[.]pdf
hxxps://we[.]devy3[.]ru/if[.]check?t=a4mkj12c
hxxps://1[.]fe1it[.]ru/c9o3x4vgfo[.]pdf
hxxps://am[.]devy3[.]ru/in[.]google?t=jru1fyha
hxxps://1[.]fe1it[.]ru/9f68ps6swg[.]pdf
hxxps://q[.]bi0ic[.]ru/mgkgejpszt[.]pdf
hxxps://q[.]bi0ic[.]ru/w9w37vlpex[.]pdf
hxxps://as[.]devy3[.]ru/it[.]google?t=hdpl92go
hxxps://an[.]devy3[.]ru/is[.]check?t=834te5n3
hxxps://1[.]fe1it[.]ru/t0z7d6d82g[.]pdf
hxxps://1[.]fe1it[.]ru/2elu6gmr4p[.]pdf
hxxps://hv[.]bi0ic[.]ru/sh8js8tft6[.]pdf
hxxps://hv[.]bi0ic[.]ru/wy91nwnd8j[.]pdf
hxxps://at[.]devy3[.]ru/me[.]check?t=ejewiv2l
hxxps://m[.]zo1ah[.]ru/3kersyq7ge[.]pdf
hxxps://by[.]devy-3[.]ru/of[.]check?t=7zaoye8s
hxxps://m[.]zo1ah[.]ru/i0zalklrjn[.]pdf
hxxps://hv[.]bi0ic[.]ru/ixh9ktmvze[.]pdf
hxxps://hv[.]bi0ic[.]ru/8tw2fcqh4u[.]pdf
hxxps://be[.]devy-3[.]ru/no[.]google?t=7p0j4co5
hxxps://q[.]m074[.]ru/8v98shdv9r[.]webm
hxxps://q[.]m074[.]ru/ruon1p898m[.]webm
hxxps://b9c[.]m074[.]ru/7kzkzo0gtb[.]webm
hxxps://b9c[.]m074[.]ru/e5aum8u25e[.]webm
hxxps://u[.]v-9542[.]ru/q1[.]google?t=gpgqarvo
hxxps://b9c[.]m074[.]ru/lk0n9165n4[.]webm
hxxps://b9c[.]m074[.]ru/fjz16lv4zx[.]webm
hxxps://y7[.]t408[.]ru/g3u9[.]google?t=ihfidlno
hxxps://md[.]gazecoe[.]ru/2dc065f62ee8774c2517bf4c4d2c1211
hxxps://t[.]k002[.]ru/q4d6j0s3lu[.]webm
hxxps://m[.]kdesu[.]ru/vx[.]google?t=z9q7vv56
hxxps://t[.]k002[.]ru/3p5l9zvmf7[.]webm
hxxps://r5[.]k002[.]ru/19tmyscrpq[.]webm
hxxps://c2[.]kdesu[.]ru/1k4[.]check?t=z05z49ba
hxxps://r5[.]k002[.]ru/lkjkq699gs[.]webm
hxxps://r5[.]k002[.]ru/qpe1ruabzx[.]webm
hxxps://4m[.]v-9542[.]ru/zn7[.]check?t=o98mvvtk
hxxps://r5[.]k002[.]ru/3pbk3tkmsv[.]webm
hxxps://d1[.]h934[.]ru/ts[.]check?t=vchth5ki
hxxps://n[.]j220[.]ru/r298iq4pvn[.]webm
hxxps://n[.]j220[.]ru/xj7rhm2pw3[.]webm
hxxps://z[.]h934[.]ru/9b1[.]google?t=5s8ncxn2
hxxps://t[.]k002[.]ru/witjgzjbgj[.]webm
hxxps://t[.]k002[.]ru/1yq3qqwu5s[.]webm
hxxps://s6[.]b340[.]ru/47o2ulr36b[.]webm
hxxps://aq[.]b5x1g[.]ru/n52[.]google?t=zqb5k2q1
hxxps://s6[.]b340[.]ru/t131hv7tmf[.]webm
hxxps://e[.]b340[.]ru/hkgrp5j1ca[.]webm
hxxps://ap[.]b5x1g[.]ru/ef[.]check?t=x6pn62nd
hxxps://e[.]b340[.]ru/bjnescjsae[.]webm
hxxps://k3p[.]j220[.]ru/mul8x8cbbv[.]webm
hxxps://af[.]b5x1g[.]ru/5du[.]check?t=f00n62gx
hxxps://k3p[.]j220[.]ru/hezj0ythzk[.]webm
hxxps://m9[.]r274[.]ru/olq9dkcaul[.]webm
hxxps://m9[.]r274[.]ru/320gx2gfvu[.]webm
hxxps://md[.]hecynya[.]ru/2dc065f62ee8774c2517bf4c4d2c1211
hxxps://bv[.]f0z1n[.]ru/7k[.]google?t=o0cd653v
hxxps://bi[.]f0z1n[.]ru/jo[.]google?t=nnorjwx1
hxxps://d[.]r274[.]ru/dcivnrmqj3[.]webm
hxxps://d[.]r274[.]ru/jevv1am0rz[.]webm
hxxps://aa1[.]l134[.]ru/ktrh3ft324[.]webm
hxxps://aa1[.]l134[.]ru/1774pp7s3u[.]webm
hxxps://bh[.]f0z1n[.]ru/bp[.]google?t=yeii8ho1
hxxps://p7[.]l134[.]ru/5tqnrw1sh8[.]webm
hxxps://p7[.]l134[.]ru/ng2tt81ho0[.]webm
hxxps://bc[.]b5x1g[.]ru/u7[.]check?t=gq8d0cjr
hxxps://br[.]g3w2p[.]ru/1iv[.]check?t=k7cckfzg
hxxps://lst[.]n50e[.]ru/vd962v09t6[.]webm
hxxps://lst[.]n50e[.]ru/7wg0ewl2jl[.]webm
hxxps://lst[.]n50e[.]ru/hlz418tg86[.]webm
hxxps://lst[.]n50e[.]ru/kgzldm4v3m[.]webm
hxxps://b[.]g3w2p[.]ru/a3h[.]google?t=nchdn3i5
hxxps://lst[.]n50e[.]ru/4pdl5gsklv[.]webm
hxxps://bl[.]f8t6m[.]ru/pm3[.]google?t=32ox8phc
hxxps://lst[.]n50e[.]ru/cdg20bhxsm[.]webm
hxxps://fcx[.]n50e[.]ru/hqnbf1mhwn[.]webm
hxxps://md[.]hecynya[.]ru/5cf7aca4edcec33f5cc014b25dfff547
hxxps://fcx[.]n50e[.]ru/5ya45r64e6[.]webm
hxxps://bg[.]f8t6m[.]ru/3j[.]check?t=51m9gq5c
hxxps://fck[.]n50e[.]ru/ffde8vorv2[.]webm
hxxps://fck[.]n50e[.]ru/z5bfc7c68o[.]webm
hxxps://ao[.]f8t6m[.]ru/6kj[.]check?t=hctv43xw
hxxps://u[.]b704[.]ru/hud6la4aul[.]webm
hxxps://g5[.]f969[.]ru/2ut9ro6hlv[.]webm
hxxps://al[.]f8t6m[.]ru/23a[.]check?t=2bx3je95
hxxps://g5[.]f969[.]ru/g047rbeenm[.]webm
hxxps://g5[.]f969[.]ru/xo526o7c2f[.]webm
hxxps://s[.]f0z1n[.]ru/hn[.]check?t=z6lgq89s
ClearFake


URL
hxxps://leauab[.]asia/xakd
hxxps://suctso[.]asia/xoza
hxxp://178[.]16[.]54[.]200/files/plug/BerkeleyLots[.]exe
hxxps://repzzm[.]asia/takz
hxxps://tmpfiles[.]org/api
hxxp://178[.]16[.]54[.]200/files/8233681234/rrr2ITl[.]exe
hxxp://178[.]16[.]54[.]200/files/8322977947/NGWevNl[.]exe
hxxp://178[.]16[.]54[.]200/files/5418417533/gZ3dBvj[.]exe
hxxps://genuysf[.]bet/xsak
hxxps://eleccqt[.]bet/tiod
hxxps://brusfnk[.]top/qpza
hxxps://turrgql[.]bet/zamt
hxxps://tortodyq[.]xin/xakj
hxxps://subtehi[.]bet/tpel
hxxps://somefed[.]top/siuo
hxxps://battpnd[.]top/xoai
hxxps://homemdks[.]top/eoix
hxxps://flagump[.]top/tqow
hxxps://poisoha[.]top/zqow
hxxps://complve[.]top/zldl
hxxps://stepwxv[.]top/wiqx
hxxps://sociiud[.]top/atkd
hxxps://rutxnm[.]top/wqed
hxxps://kenyafu[.]top/zajh
hxxps://nonckucg[.]top/xkzn
hxxps://lingzvl[.]top/zdgt
hxxps://secrequ[.]top/tieq
hxxps://jocospt[.]shop/gjai
hxxps://masmbv[.]asia/xdao
hxxps://tarakmb[.]asia/tawt
hxxp://178[.]16[.]54[.]200/files/2013029379/5mzrCmG[.]exe
hxxps://hoobow[.]asia/aooz
hxxp://178[.]16[.]54[.]200/files/8283443171/6VDcuAI[.]exe
hxxp://178[.]16[.]54[.]200/files/6629342726/vgXMNSY[.]exe
hxxps://jackaw[.]asia/xjao
hxxps://genpyb[.]asia/qweo
hxxps://nexoramods[.]net/nexora[.]zip
hxxps://rhusdniw[.]shop/teyg
hxxp://178[.]16[.]54[.]200/files/1013240947/lASvHyD[.]exe
hxxps://morticmbnr[.]run/gako
hxxps://github[.]com/maddiousc/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe
hxxps://github[.]com/k0ntessy/FortniteSpoofer/raw/refs/heads/main/TempSpoofer[.]exe
hxxps://github[.]com/sweerd/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe
hxxps://github[.]com/cuncherry/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe
hxxps://github[.]com/shanney-png/Temp-Spoofer-LifeTime/raw/refs/heads/main/TempSpoofer[.]exe
hxxps://github[.]com/davveyl/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe
hxxps://github[.]com/operrtha/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe
hxxps://www[.]4sync[.]com/web/directDownload/yFKITjwD/4W5DbszB[.]eec54fd06d0698a4369a51e98735ffc1
hxxps://github[.]com/clariesy/FortniteSpoofer/raw/refs/heads/main/TempSpoofer[.]exe
hxxps://github[.]com/achelly7/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe
hxxps://github[.]com/m0lleroys/Temp-Spoofer-LifeTime/raw/refs/heads/main/TempSpoofer[.]exe
hxxps://github[.]com/ddenair/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe
hxxps://github[.]com/nuerrty/FortniteSpoofer/raw/refs/heads/main/TempSpoofer[.]exe
hxxps://github[.]com/naerlydd/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe
hxxps://github[.]com/mad1eel/Temp-Spoofer-LifeTime/raw/refs/heads/main/TempSpoofer[.]exe
hxxps://github[.]com/dddvh/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe
hxxps://wasxhawg[.]shop/twxz
hxxps://permanz[.]qpon/talx
hxxps://dropphef[.]shop/iuxd
hxxps://yunded[.]com/uwuz
Lumma Stealer


URL
hxxp://microsoft-telemetry[.]cc/iddr/lool[.]exe
hxxp://178[.]16[.]54[.]200/test/amnew[.]exe
hxxp://92[.]118[.]235[.]112/uyBuqsrm[.]txt
hxxp://178[.]16[.]54[.]200/du4ko7hd/index[.]php
hxxp://178[.]16[.]54[.]200/du4ko7hd/Login[.]php
hxxp://microsoft-telemetry[.]at/cvdfnaFJBmC0/index[.]php
Amadey


URL
hxxps://anythingcanbethissub[.]chat1[.]store/update/3[.]pdf
hxxps://anythingcanbethissub[.]chat1[.]store/update/6[.]pdf
hxxps://anythingcanbethissub[.]chat1[.]store/update/2[.]pdf
hxxps://anythingcanbethissub[.]chat1[.]store/update/5[.]pdf
hxxps://anythingcanbethissub[.]chat1[.]store/update/1[.]pdf
hxxps://anythingcanbethissub[.]chat1[.]store/update/4[.]pdf
hxxp://info-ups[.]com/file/sw[.]msi
MetaStealer


URL
hxxp://141[.]98[.]10[.]164/upl04d/cl13ent/edu[.]mpsl
hxxp://141[.]98[.]10[.]164/upl04d/cl13ent/edu[.]mips
hxxp://141[.]98[.]10[.]164/vv/mips
hxxp://141[.]98[.]10[.]164/upl04d/cl13ent/edu[.]sh4
hxxp://141[.]98[.]10[.]164/vv/mipsel
hxxp://67[.]159[.]18[.]115/dc
hxxp://67[.]159[.]18[.]115/sex[.]sh
hxxp://67[.]159[.]18[.]115/m-6[.]8-k[.]Sakura
hxxp://67[.]159[.]18[.]115/s-h[.]4-[.]Sakura
hxxp://67[.]159[.]18[.]115/x-3[.]2-[.]Sakura
hxxp://67[.]159[.]18[.]115/a-r[.]m-6[.]Sakura
hxxp://67[.]159[.]18[.]115/i-5[.]8-6[.]Sakura
hxxp://67[.]159[.]18[.]115/m-p[.]s-l[.]Sakura
hxxp://67[.]159[.]18[.]115/p-p[.]c-[.]Sakura
hxxp://67[.]159[.]18[.]115/a-r[.]m-5[.]Sakura
hxxp://67[.]159[.]18[.]115/a-r[.]m-4[.]Sakura
hxxp://67[.]159[.]18[.]115/m-i[.]p-s[.]Sakura
hxxp://67[.]159[.]18[.]115/a-r[.]m-7[.]Sakura
hxxp://67[.]159[.]18[.]115/x-8[.]6-[.]Sakura
hxxp://196[.]251[.]71[.]207/armv4l
hxxp://196[.]251[.]71[.]207/armv5l
hxxp://176[.]65[.]132[.]70/bot[.]mips
hxxp://176[.]65[.]132[.]70/bot[.]mipsel
hxxp://158[.]94[.]209[.]216/lmips
hxxp://158[.]94[.]209[.]216/umpsl
hxxp://158[.]94[.]209[.]216/lmpsl
hxxp://158[.]94[.]209[.]216/emips
hxxp://158[.]94[.]209[.]216/mpsl
hxxp://158[.]94[.]209[.]216/umips
hxxp://158[.]94[.]209[.]216/nmips
hxxp://67[.]159[.]18[.]115/Sakura[.]sh
hxxp://158[.]94[.]209[.]216/poc
Bashlite


URL
hxxps://realty[.]yourpgcountyliving[.]com/pixel[.]png
hxxps://secure[.]happyhatterreviews[.]com/pixel[.]png
FAKEUPDATES


URL
hxxp://96[.]44[.]159[.]216/arquivo_20250909231221[.]txt
hxxp://107[.]172[.]132[.]42/arquivo_20250910082944[.]txt
hxxp://96[.]44[.]159[.]216/122/verybestfeelingseverygotfrommybestplacess[.]hta
hxxp://96[.]44[.]159[.]144/500/verygoodpeoplesaroundtheowrldwithbestfturueforme[.]PHP
hxxp://209[.]54[.]102[.]137/img/verybestpersonifoundeverydayonmylifebettergoodways[.]hta
hxxps://it-ing[.]hr/Trillings[.]sea
hxxp://209[.]54[.]102[.]137/arquivo_20250911035523[.]txt
hxxp://96[.]44[.]159[.]216/133/goodwithbestfeelingsitsgivenmebestbentirefeelingsgoodfomrebest[.]hta
hxxp://96[.]44[.]159[.]144/arquivo_20250911012138[.]txt
Remcos


URL
hxxp://196[.]251[.]69[.]226/POKEY[.]hta
hxxp://193[.]23[.]199[.]155/km[.]bat
PureLogs Stealer


URL
hxxp://413426cm[.]nyash[.]es/protectFlowerdownloads[.]php
hxxp://901730cm[.]nyash[.]es/_processprocessorBigload[.]php
DCRat


URL
hxxp://kali[.]free[.]idcfengye[.]com/igfxCUIServiceN[.]exe
hxxp://kali[.]free[.]idcfengye[.]com/beacon_x64[.]exe
hxxp://kali[.]free[.]idcfengye[.]com/svchost[.]exe
hxxp://kali[.]free[.]idcfengye[.]com/artifact_x64[.]exe
hxxp://47[.]238[.]239[.]22:443/AiRa
hxxp://106[.]119[.]204[.]52:60002/beacon[.]exe
hxxp://108[.]186[.]255[.]114:8696/RZy8
hxxp://114[.]132[.]169[.]168/faOG
hxxp://106[.]75[.]6[.]253:808/02[.]08[.]2022[.]exe
hxxp://43[.]138[.]14[.]158:9999/02[.]08[.]2022[.]exe
hxxp://8[.]218[.]112[.]112:8082/02[.]08[.]2022[.]exe
hxxp://124[.]222[.]47[.]15:8089/02[.]08[.]2022[.]exe
hxxp://38[.]12[.]16[.]163/02[.]08[.]2022[.]exe
hxxp://8[.]130[.]74[.]111:8080/02[.]08[.]2022[.]exe
hxxp://196[.]251[.]70[.]216:7777/02[.]08[.]2022[.]exe
hxxp://134[.]122[.]162[.]67:8888/02[.]08[.]2022[.]exe
hxxp://106[.]119[.]204[.]52:60001/02[.]08[.]2022[.]exe
hxxp://121[.]41[.]167[.]80/02[.]08[.]2022[.]exe
hxxp://8[.]218[.]112[.]112:8880/02[.]08[.]2022[.]exe
hxxp://121[.]4[.]111[.]137:5422/02[.]08[.]2022[.]exe
hxxp://36[.]137[.]134[.]42:5555/02[.]08[.]2022[.]exe
hxxp://8[.]155[.]165[.]8:9999/02[.]08[.]2022[.]exe
hxxp://69[.]165[.]68[.]209:39601/02[.]08[.]2022[.]exe
hxxp://154[.]205[.]9[.]53:8080/02[.]08[.]2022[.]exe
hxxp://124[.]221[.]237[.]102:8081/02[.]08[.]2022[.]exe
hxxp://82[.]156[.]147[.]52:60200/02[.]08[.]2022[.]exe
hxxp://150[.]109[.]197[.]241:8888/02[.]08[.]2022[.]exe
hxxp://144[.]172[.]112[.]78/02[.]08[.]2022[.]exe
hxxp://39[.]97[.]35[.]139/02[.]08[.]2022[.]exe
hxxp://152[.]32[.]212[.]63:9292/02[.]08[.]2022[.]exe
hxxp://8[.]218[.]112[.]112:8080/02[.]08[.]2022[.]exe
hxxp://38[.]55[.]205[.]15:82/02[.]08[.]2022[.]exe
hxxp://8[.]218[.]112[.]112:8081/02[.]08[.]2022[.]exe
hxxp://118[.]193[.]45[.]238/02[.]08[.]2022[.]exe
hxxp://113[.]44[.]87[.]199/02[.]08[.]2022[.]exe
hxxp://106[.]75[.]6[.]253/02[.]08[.]2022[.]exe
hxxp://117[.]72[.]105[.]10:8000/artifact_x64[.]exe
Cobalt Strike


URL
hxxp://kali[.]free[.]idcfengye[.]com/payload[.]exe
hxxp://124[.]70[.]133[.]212:8000/KHG[.]exe
Meterpreter


URL
hxxps://serralux[.]pt/Fagforeningskomiteerne[.]aca
hxxp://olgamostova[.]com/CS/unserv[.]ttf
hxxp://olgamostova[.]com/CS/Demole[.]ocx
hxxp://olgamostova[.]com/CS/trspvzxKwTeDIYMhHiYnjizqu173[.]bin
hxxp://goldseason[.]hu/Underfra[.]hhk
CloudEyE


URL
hxxps://api[.]telegram[.]org/bot8118931032:AAEFmB674oN9yaxY2_0cnQrxsU61rQLXUM8/sendMessage?chat_id=1345746651
hxxps://api[.]telegram[.]org/bot8076552983:AAFowwSM_oMG9zJXQZAu8-6Iwqci5WT3vlg/sendMessage?chat_id=7735280443
hxxps://api[.]telegram[.]org/bot7751119020:AAFZCxrsLG2uMFeEqfA3rPg6kJT3u8bHXPw/sendMessage?chat_id=7625980131
DarkCloud


URL
hxxp://193[.]23[.]199[.]155/111[.]exe
RedLine Stealer


URL
hxxp://85[.]192[.]48[.]47/linux-arm
Dofloo


URL
hxxps://webcre8[.]com/4r3w[.]js
hxxps://webcre8[.]com/js[.]php
hxxp://144[.]31[.]221[.]88:6060/capcha9856
hxxps://math1st[.]com/4r5j[.]js
hxxps://math1st[.]com/js[.]php
hxxp://144[.]31[.]221[.]37:6060/capcha9856
KongTuke


URL
hxxps://4revergreen[.]com/ajax/pixi[.]min[.]js
hxxps://pokelv[.]com/res/partygardencapital
NetSupportManager RAT


URL
hxxp://91[.]245[.]255[.]43:8765/stux2[.]exe
Havoc


URL
hxxp://45[.]61[.]150[.]203/documents/b/bosskay_encoded[.]txt
hxxp://45[.]61[.]150[.]203/documents/r/roccee_encoded[.]txt
hxxp://213[.]209[.]150[.]18/lwwN0cZ45dYxAhs[.]exe
hxxp://213[.]209[.]150[.]18/0vJHJ5DnWpthvfS[.]exe
hxxp://213[.]209[.]150[.]18/4bwRMYS3GCK6h1F[.]exe
hxxps://tjthjd[.]icu/img/image[.]jpg
MASS Logger


URL
hxxp://196[.]251[.]69[.]227/shimFRIDAY[.]vbs
hxxp://196[.]251[.]69[.]226/shimcomthurs[.]vbs
hxxp://196[.]251[.]73[.]58/H2/MEX[.]zip
hxxp://doublemanfs[.]com/rimmer[.]bin
Agent Tesla


URL
hxxps://poppy[.]monster/c/rzn[.]exe
BlankGrabber


URL
hxxp://178[.]16[.]54[.]200/files/629582567/A4BWsxK[.]exe
SalatStealer


URL
hxxps://185[.]141[.]216[.]172/gateway/o4obvot8[.]h7its
hxxp://2[.]58[.]56[.]54:1888/gateway/fm5xroun[.]0zrtw
hxxp://185[.]141[.]216[.]120:1888/gateway/ugb6ewgu[.]skyru
hxxp://94[.]154[.]35[.]99:1888/gateway/ugb6ewgu[.]skyru
hxxps://94[.]154[.]35[.]99:1888/gateway/ugb6ewgu[.]skyru
hxxps://shiteatwop[.]sbs/gateway/uv3akw97[.]t5rel
hxxps://shiwa[.]sbs/gateway/uv3akw97[.]t5rel
hxxps://shiporitoy[.]sbs/gateway/uv3akw97[.]t5rel
hxxps://shiteafirs[.]live/gateway/uv3akw97[.]t5rel
hxxps://shiteathre[.]sbs/gateway/uv3akw97[.]t5rel
hxxp://45[.]156[.]87[.]246/gateway/lxl1puu6[.]gj9bk
hxxp://194[.]55[.]137[.]30/gateway/calh79rb[.]cjjfi
hxxps://194[.]33[.]61[.]162/gateway/gqmrbp7r[.]q76cs
hxxps://194[.]33[.]61[.]182/gateway/17culsk6[.]cf2hn
hxxps://103[.]146[.]119[.]92/gateway/gm4qvawu[.]l2o2o
hxxp://139[.]59[.]4[.]189/gateway/36hnkwg1[.]2kkq9
hxxps://37[.]221[.]66[.]174/gateway/araxd4kd[.]hakt5
hxxps://185[.]196[.]9[.]64/gateway/wu25gfoo[.]sc9q4
hxxps://87[.]120[.]107[.]181/gateway/ou0gkk7n[.]p14tw
hxxps://193[.]233[.]126[.]173/gateway/j2ipitfi[.]g7skm
hxxp://193[.]233[.]126[.]173/gateway/j2ipitfi[.]g7skm
hxxp://178[.]16[.]53[.]7/9[.]exe
hxxps://minepulse[.]pro/111[.]exe
hxxps://193[.]233[.]126[.]43/gateway/ddctcquq[.]egr8w
hxxp://77[.]83[.]207[.]226:1337/gateway/qp1nvdit[.]5ankp
hxxp://77[.]83[.]207[.]226:1337/gateway/ut256frb[.]3pbu5
hxxps://77[.]83[.]207[.]226:1337/gateway/ut256frb[.]3pbu5
hxxps://77[.]83[.]207[.]226:1337/gateway/3lb4560e[.]njddt
hxxps://77[.]83[.]207[.]226:1337/gateway/5sv801wo[.]xbp97
hxxps://77[.]83[.]207[.]226:1337/gateway/qp1nvdit[.]5ankp
hxxps://77[.]83[.]207[.]226:1337/gateway/gadw9wwh[.]nfihu
hxxp://178[.]16[.]54[.]200/files/925585121/ywV9G75[.]exe
hxxp://178[.]16[.]53[.]243:6343/gateway/3mh6oe84[.]n0756
hxxps://openai-diversifies-with-ai[.]com:6343/gateway/8k9xlxs5[.]vtcl8
hxxps://sngrlglpthi[.]mw/gateway/iug4o6dc[.]wsxon
hxxps://193[.]233[.]126[.]43/gateway/iug4o6dc[.]wsxon
hxxps://193[.]233[.]126[.]43/gateway/iesm4j25[.]s4pj7
hxxps://193[.]23[.]216[.]48/gateway/iesm4j25[.]s4pj7
hxxps://dkqnkaqwyrf[.]ar/gateway/iesm4j25[.]s4pj7
hxxp://178[.]16[.]54[.]200/files/6637358436/m9viBtH[.]exe
hxxp://176[.]46[.]152[.]62:5858/d2a3db0fe2ac476e8ca876f8c23ba92f_miner[.]exe
Rhadamanthys


URL
hxxp://77[.]90[.]153[.]225/c9d95c9f4c224c36[.]php
hxxp://176[.]46[.]152[.]46/281ef81f2444fb93[.]php
hxxp://45[.]153[.]34[.]123/b0481cf5ba1844ec[.]php
hxxp://91[.]196[.]32[.]97/8a9c48a5e99a4eac[.]php
hxxp://toxwebapp[.]com/c1c44617e43e556b[.]php
hxxp://143[.]92[.]39[.]31/97dbb8f0394943c6[.]php
hxxp://96[.]9[.]125[.]98/cef01016566d4884[.]php
hxxp://172[.]236[.]192[.]27/c58d03b5de424a3f[.]php
hxxp://206[.]123[.]145[.]165/a2d7fe84a0c94fc1[.]php
hxxp://178[.]16[.]54[.]200/files/5254702106/eqEgiiV[.]exe
Stealc


URL
hxxp://romcablu[.]com/s/luck/k[.]php
hxxp://pakarabi[.]net/loki/Panel/five/fre[.]php
hxxp://213[.]209[.]157[.]114/pi00/pin[.]php
LokiBot


URL
hxxp://178[.]16[.]54[.]200/files/1312043415/mg6DkTY[.]exe
Vidar


URL
hxxp://213[.]209[.]150[.]18/ciLCAwjocX86fCG[.]exe
hxxps://api[.]telegram[.]org/bot8441624704:AAH6vGbiIWRY7nBMD7IpR6i99Ct1pG_HoQ8/sendMessage?chat_id=7720428574
Snake Keylogger


URL
hxxp://172[.]86[.]90[.]22/FIRM_SHAWL[.]exe
hxxp://172[.]86[.]90[.]22/WEB[.]exe
hxxp://172[.]86[.]90[.]22/WEB[.]dat
hxxp://64[.]176[.]180[.]238/SQUARE_CREDENZA[.]exe
hxxp://64[.]176[.]180[.]238/MONTHLY_CANDY[.]exe
hxxp://64[.]176[.]180[.]238/AGENT[.]exe
hxxp://64[.]176[.]180[.]238/DIVINE_WAITRESS[.]exe
hxxp://194[.]195[.]208[.]43:9741/pwnd/syslog[.]exe
Sliver


URL
hxxps://151[.]28[.]230[.]104:8443/sda1/Video[.]scr
hxxps://151[.]28[.]230[.]104:8443/sda1/AV[.]scr
hxxps://151[.]28[.]230[.]104:8443/sda1/2020%20VIDEO%20SABINAS%20MOESE/Photo[.]scr
hxxps://151[.]28[.]230[.]104:8443/sda1/Photo[.]scr
hxxps://151[.]28[.]230[.]104:8443/sda1/2020%20VIDEO%20SABINAS%20MOESE/Video[.]scr
hxxps://151[.]28[.]230[.]104:8443/sda1/2020%20VIDEO%20SABINAS%20MOESE/AV[.]scr
hxxp://117[.]30[.]59[.]254:887/AV[.]scr
hxxp://117[.]30[.]59[.]254:887/Photo[.]scr
hxxp://117[.]30[.]59[.]254:887/lost%2Bfound/AV[.]scr
hxxp://117[.]30[.]59[.]254:887/Video[.]scr
hxxp://117[.]30[.]59[.]254:887/lost%2Bfound/Video[.]scr
hxxp://117[.]30[.]59[.]254:887/lost%2Bfound/Photo[.]scr
hxxp://117[.]30[.]59[.]254:887/lost+found/Photo[.]scr
hxxp://117[.]30[.]59[.]254:887/lost+found/Video[.]scr
hxxp://117[.]30[.]59[.]254:887/lost+found/AV[.]scr
hxxps://github[.]com/hkakkkaa/gdsssdggsg/releases/download/fsdfsd/lol1[.]exe
hxxp://72[.]60[.]108[.]185/nice[.]exe
Coinminer


URL
hxxp://182[.]92[.]96[.]11:8888/hhh[.]apk
hxxp://182[.]92[.]96[.]11:8888/Ahmyth[.]s[.]apk
AhMyth


URL
hxxp://193[.]23[.]200[.]19/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs
hxxp://94[.]156[.]154[.]121/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs
SmartLoader


URL
hxxp://202[.]189[.]5[.]5:99/buding/3DExplor[.]dll
hxxp://192[.]140[.]182[.]48:66/30frxxbd/139Assicc[.]dll
hxxp://118[.]25[.]68[.]152:91/rasadhlp[.]dll
hxxp://124[.]221[.]29[.]185:91/rasadhlp[.]dll
hxxp://124[.]222[.]151[.]47:99/rasadhlp[.]dll
KrBanker


URL
hxxp://tat-neftbank[.]ru/kkq[.]ph
hxxp://crutop[.]nu/ind
hxxp://kidos-bank[.]ru/in
hxxp://virus-list[.]com/index
Berbew


URL
hxxp://b-cloudsystem[.]org/u3n6hcu6te3b46gc
TrickMo


URL
hxxps://api[.]telegram[.]org/bot7679726230:AAE_UpFsIaNayfGmoETC_jHCf1DJ7bS8H-M/sendMessage
hxxps://api[.]telegram[.]org/bot7506503995:AAGarQC5KpDjYeUbST6q467puFAXomVw_8A/sendMessage
hxxps://api[.]telegram[.]org/bot8287667971:AAHe9oNc-6-VWmEAFbGfNfJ97J4osfspPEY/sendMessage
hxxps://api[.]telegram[.]org/bot8311978149:AAHu7sk4yvVYMomaoNJi1RxaUSlrmxs4Wtw/sendMessage
hxxp://72[.]60[.]108[.]185/lauunch1exe[.]exe
hxxp://72[.]60[.]108[.]185/Launch[.]exe
AsyncRAT


URL
hxxp://178[.]16[.]54[.]200/files/5815908625/K6lV9Hn[.]exe
StormKitty


URL
hxxp://68[.]69[.]184[.]110:8000/linux_mips64el
hxxp://68[.]69[.]184[.]110:8000/linux_arm5
hxxp://68[.]69[.]184[.]110:8000/linux_mipsel
hxxp://68[.]69[.]184[.]110:8000/linux_aarch64
hxxp://68[.]69[.]184[.]110:8000/linux_arm7
hxxp://68[.]69[.]184[.]110:8000/linux_amd64
hxxp://68[.]69[.]184[.]110:8000/linux_arm6
hxxp://68[.]69[.]184[.]110:8000/linux_mips64
hxxp://68[.]69[.]184[.]110:8000/linux_mips
hxxp://68[.]69[.]184[.]110:8000/download[.]sh
hxxp://68[.]69[.]184[.]110:8000/linux_386
Kaiji


URL
hxxp://68[.]69[.]184[.]110:8000/Linux-udp25000
hxxp://68[.]69[.]184[.]110:8000/Linux-syn25000
BillGates


URL
hxxp://eyota[.]com[.]sg/a2z/panelnew/gate[.]php
Pony


URL
hxxp://alpinreisan1[.]com/UHH[.]exe
BluStealer




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxps://qd[.]fa6eq[.]ru/w9od0f60mx[.]pdf hxxps://qd[.]fa6eq[.]ru/hi35g5c5p7[.]pdf hxxps://tne[.]we4ex[.]ru/pe[.]google?t=fbb6t95d hxxps://qd[.]fa6eq[.]ru/i5gwsl7ep4[.]pdf hxxps://qd[.]fa6eq[.]ru/9jhqsqt00g[.]pdf hxxps://du[.]xe3ax[.]ru/zo[.]check?t=46lc6a49 hxxps://yn[.]fa6eq[.]ru/ihu4ciep58[.]pdf hxxps://va[.]xe3ax[.]ru/vim[.]check?t=3dwdg5eg hxxps://yn[.]fa6eq[.]ru/x2cngs88bc[.]pdf hxxps://yn[.]fa6eq[.]ru/cvnmztbf1d[.]pdf hxxps://yn[.]fa6eq[.]ru/jfjze20ko3[.]pdf hxxps://kri[.]xe3ax[.]ru/lq[.]google?t=57bpvr2x hxxps://yn[.]fa6eq[.]ru/fvf9p0lh0f[.]pdf hxxps://pne[.]xe3ax[.]ru/tx[.]google?t=ftfdq2pa hxxps://yn[.]fa6eq[.]ru/8fclquuhh0[.]pdf hxxps://tr[.]ji1im[.]ru/dewcbe2l8j[.]pdf hxxps://rq[.]fo1od[.]ru/ir[.]google?t=lwdw536g hxxps://tr[.]ji1im[.]ru/cmlbs5anf3[.]pdf hxxps://tr[.]ji1im[.]ru/qy6de4b2no[.]pdf hxxps://xal[.]fo1od[.]ru/sna[.]check?t=txus0s6j hxxps://tr[.]ji1im[.]ru/gz3ywtjlpb[.]pdf hxxps://lx[.]ji1im[.]ru/2n0gnzlc84[.]pdf hxxps://lx[.]ji1im[.]ru/dy7cppwtbb[.]pdf hxxps://me[.]fo1od[.]ru/qd[.]google?t=19hcsfk8 hxxps://lx[.]ji1im[.]ru/4qzbfo0nr9[.]pdf hxxps://lx[.]ji1im[.]ru/f0esvmakxn[.]pdf hxxps://by[.]xe3ax[.]ru/oga[.]check?t=zvgjjf7s hxxps://mv[.]mo5un[.]ru/suf9b0isem[.]pdf hxxps://mv[.]mo5un[.]ru/67mftjant1[.]pdf hxxps://bti[.]fo1od[.]ru/wq[.]check?t=ffhhhpjc hxxps://pc[.]mo5un[.]ru/lllsg0we1n[.]pdf hxxps://pc[.]mo5un[.]ru/6dpoogx3ju[.]pdf hxxps://jo[.]qe3yn[.]ru/em[.]check?t=jzfwdg4a hxxps://pc[.]mo5un[.]ru/qsuqdqfcay[.]pdf hxxps://pc[.]mo5un[.]ru/pxnznuzs35[.]pdf hxxps://cy[.]fo1od[.]ru/lmi[.]google?t=2lo09sc8 hxxps://hb[.]wi9ik[.]ru/vfluivasw4[.]pdf hxxps://pru[.]qe3yn[.]ru/rv[.]google?t=lkpx59j9 hxxps://hb[.]wi9ik[.]ru/cubklm7dy4[.]pdf hxxps://pc[.]mo5un[.]ru/alschv5tmi[.]pdf hxxps://pc[.]mo5un[.]ru/qd8ufk4ehw[.]pdf hxxps://ta[.]qe3yn[.]ru/dna[.]check?t=jrne2acr hxxps://pc[.]mo5un[.]ru/27zgdnwd78[.]pdf hxxps://pc[.]mo5un[.]ru/4wmrahb8wp[.]pdf hxxps://vex[.]qe3yn[.]ru/yq[.]google?t=knes1jvx hxxps://ha[.]bi3ux[.]ru/tc[.]google?t=r0qec4jb hxxps://zu[.]wi9ik[.]ru/yg8q325xf4[.]pdf hxxps://zu[.]wi9ik[.]ru/4xj7canhaa[.]pdf hxxps://hb[.]wi9ik[.]ru/p3fbrsl0mr[.]pdf hxxps://hb[.]wi9ik[.]ru/tow8zuaulc[.]pdf hxxps://nl[.]qe3yn[.]ru/oza[.]check?t=m29pmldn hxxps://as[.]boku0[.]ru/to[.]google?t=ds3dfcnz hxxps://wo[.]by3iq[.]ru/0qp7k1d6d9[.]pdf hxxps://wo[.]by3iq[.]ru/nh429o82fj[.]pdf hxxps://kj[.]by3iq[.]ru/y9lu4dw2vh[.]pdf hxxps://kj[.]by3iq[.]ru/jksqqi2x5d[.]pdf hxxps://an[.]boku0[.]ru/on[.]check?t=q7uj2an6 hxxps://kj[.]by3iq[.]ru/4v968fzkwo[.]pdf hxxps://kj[.]by3iq[.]ru/sb1vjxptp1[.]pdf hxxps://l[.]bi3ux[.]ru/pgni[.]google?t=iw6dznk9 hxxps://kj[.]by3iq[.]ru/0s7r99da23[.]pdf hxxps://kj[.]by3iq[.]ru/ehbnmomcea[.]pdf hxxps://zpa[.]bi3ux[.]ru/em[.]check?t=qpbkosd3 hxxps://zu[.]wi9ik[.]ru/4rj6xpghub[.]pdf hxxps://zu[.]wi9ik[.]ru/ktod0q8iya[.]pdf hxxps://mri[.]bi3ux[.]ru/oya[.]check?t=kuk5l77c hxxps://wo[.]by3iq[.]ru/6qmkhgu845[.]pdf hxxps://wo[.]by3iq[.]ru/00q6y97omm[.]pdf hxxps://by[.]boku0[.]ru/at[.]check?t=vxsmyxqn hxxps://wo[.]by3iq[.]ru/ss5wqmhzah[.]pdf hxxps://wo[.]by3iq[.]ru/nbzd08i35z[.]pdf hxxps://be[.]boku0[.]ru/of[.]google?t=budm053w hxxps://at[.]boku0[.]ru/in[.]check?t=8kk1mc2q hxxps://wo[.]by3iq[.]ru/71h9srsa0h[.]pdf hxxps://wo[.]by3iq[.]ru/aygl42g34j[.]pdf hxxps://wo[.]by3iq[.]ru/wba4ybxpkz[.]pdf hxxps://he[.]boku-0[.]ru/is[.]google?t=r8z5g1zu hxxps://wo[.]by3iq[.]ru/i3qp0225wc[.]pdf hxxps://wo[.]by3iq[.]ru/tiin6h32k0[.]pdf hxxps://go[.]boku-0[.]ru/no[.]check?t=mdq10tqi hxxps://wo[.]by3iq[.]ru/w3o2clqtxg[.]pdf hxxps://wo[.]by3iq[.]ru/qskba601p7[.]pdf hxxps://do[.]boku-0[.]ru/up[.]google?t=b20sster hxxps://wo[.]by3iq[.]ru/ww6viyjgja[.]pdf hxxps://as[.]ty1un[.]ru/qok5aqzizi[.]pdf hxxps://as[.]ty1un[.]ru/ssrnmwl2h0[.]pdf hxxps://wo[.]by3iq[.]ru/dpvhdd88wh[.]pdf hxxps://wo[.]by3iq[.]ru/1rbvroleww[.]pdf hxxps://if[.]boku-0[.]ru/am[.]check?t=lwbcwxvc hxxps://as[.]ty1un[.]ru/xeky7a4dws[.]pdf hxxps://as[.]ty1un[.]ru/nus6ynb88t[.]pdf hxxps://it[.]buno8[.]ru/so[.]google?t=dfmz9gdz hxxps://as[.]ty1un[.]ru/0b5xytebpm[.]pdf hxxps://as[.]ty1un[.]ru/7jxderwyw4[.]pdf hxxps://is[.]buno8[.]ru/or[.]check?t=3ehwi9al hxxps://in[.]boku-0[.]ru/it[.]google?t=pwp2deab hxxps://by[.]ty1un[.]ru/hp7jc8fg4s[.]pdf hxxps://md[.]cykugeu[.]ru/2dc065f62ee8774c2517bf4c4d2c1211 hxxps://me[.]buno8[.]ru/we[.]check?t=uwznwzpm hxxps://by[.]ty1un[.]ru/0jdecoznxo[.]pdf hxxps://by[.]ty1un[.]ru/wl7xnd1r4z[.]pdf hxxps://by[.]ty1un[.]ru/dermiiwvgd[.]pdf hxxps://no[.]buno8[.]ru/an[.]google?t=luev5mkc hxxps://by[.]ty1un[.]ru/cy8md4rfli[.]pdf hxxps://by[.]ty1un[.]ru/5xasmnpu3e[.]pdf hxxps://of[.]buno8[.]ru/as[.]check?t=g1qh2i1p hxxps://go[.]fe1it[.]ru/hvho0t18ib[.]pdf hxxps://or[.]ciqe8[.]ru/by[.]check?t=gdz85h31 hxxps://go[.]fe1it[.]ru/ofzqjizdeo[.]pdf hxxps://go[.]fe1it[.]ru/t67jv3bw9y[.]pdf hxxps://on[.]ciqe8[.]ru/be[.]google?t=boxz3oa4 hxxps://go[.]fe1it[.]ru/hye7zhw1if[.]pdf hxxps://go[.]fe1it[.]ru/63cmrihpui[.]pdf hxxps://so[.]ciqe8[.]ru/do[.]google?t=kkzoyrje hxxps://go[.]fe1it[.]ru/v6qakdiuyc[.]pdf hxxps://1[.]fe1it[.]ru/o2tpms84jw[.]pdf hxxps://1[.]fe1it[.]ru/h6f8zp76pd[.]pdf hxxps://to[.]ciqe8[.]ru/go[.]check?t=v3c9wiun hxxps://1[.]fe1it[.]ru/icm2804xnk[.]pdf hxxps://1[.]fe1it[.]ru/5y1wjll5wy[.]pdf hxxps://up[.]ciqe8[.]ru/he[.]google?t=n85yksa1 hxxps://1[.]fe1it[.]ru/ja8u8ujjex[.]pdf hxxps://1[.]fe1it[.]ru/xq8db58pll[.]pdf hxxps://we[.]devy3[.]ru/if[.]check?t=a4mkj12c hxxps://1[.]fe1it[.]ru/c9o3x4vgfo[.]pdf hxxps://am[.]devy3[.]ru/in[.]google?t=jru1fyha hxxps://1[.]fe1it[.]ru/9f68ps6swg[.]pdf hxxps://q[.]bi0ic[.]ru/mgkgejpszt[.]pdf hxxps://q[.]bi0ic[.]ru/w9w37vlpex[.]pdf hxxps://as[.]devy3[.]ru/it[.]google?t=hdpl92go hxxps://an[.]devy3[.]ru/is[.]check?t=834te5n3 hxxps://1[.]fe1it[.]ru/t0z7d6d82g[.]pdf hxxps://1[.]fe1it[.]ru/2elu6gmr4p[.]pdf hxxps://hv[.]bi0ic[.]ru/sh8js8tft6[.]pdf hxxps://hv[.]bi0ic[.]ru/wy91nwnd8j[.]pdf hxxps://at[.]devy3[.]ru/me[.]check?t=ejewiv2l hxxps://m[.]zo1ah[.]ru/3kersyq7ge[.]pdf hxxps://by[.]devy-3[.]ru/of[.]check?t=7zaoye8s hxxps://m[.]zo1ah[.]ru/i0zalklrjn[.]pdf hxxps://hv[.]bi0ic[.]ru/ixh9ktmvze[.]pdf hxxps://hv[.]bi0ic[.]ru/8tw2fcqh4u[.]pdf hxxps://be[.]devy-3[.]ru/no[.]google?t=7p0j4co5 hxxps://q[.]m074[.]ru/8v98shdv9r[.]webm hxxps://q[.]m074[.]ru/ruon1p898m[.]webm hxxps://b9c[.]m074[.]ru/7kzkzo0gtb[.]webm hxxps://b9c[.]m074[.]ru/e5aum8u25e[.]webm hxxps://u[.]v-9542[.]ru/q1[.]google?t=gpgqarvo hxxps://b9c[.]m074[.]ru/lk0n9165n4[.]webm hxxps://b9c[.]m074[.]ru/fjz16lv4zx[.]webm hxxps://y7[.]t408[.]ru/g3u9[.]google?t=ihfidlno hxxps://md[.]gazecoe[.]ru/2dc065f62ee8774c2517bf4c4d2c1211 hxxps://t[.]k002[.]ru/q4d6j0s3lu[.]webm hxxps://m[.]kdesu[.]ru/vx[.]google?t=z9q7vv56 hxxps://t[.]k002[.]ru/3p5l9zvmf7[.]webm hxxps://r5[.]k002[.]ru/19tmyscrpq[.]webm hxxps://c2[.]kdesu[.]ru/1k4[.]check?t=z05z49ba hxxps://r5[.]k002[.]ru/lkjkq699gs[.]webm hxxps://r5[.]k002[.]ru/qpe1ruabzx[.]webm hxxps://4m[.]v-9542[.]ru/zn7[.]check?t=o98mvvtk hxxps://r5[.]k002[.]ru/3pbk3tkmsv[.]webm hxxps://d1[.]h934[.]ru/ts[.]check?t=vchth5ki hxxps://n[.]j220[.]ru/r298iq4pvn[.]webm hxxps://n[.]j220[.]ru/xj7rhm2pw3[.]webm hxxps://z[.]h934[.]ru/9b1[.]google?t=5s8ncxn2 hxxps://t[.]k002[.]ru/witjgzjbgj[.]webm hxxps://t[.]k002[.]ru/1yq3qqwu5s[.]webm hxxps://s6[.]b340[.]ru/47o2ulr36b[.]webm hxxps://aq[.]b5x1g[.]ru/n52[.]google?t=zqb5k2q1 hxxps://s6[.]b340[.]ru/t131hv7tmf[.]webm hxxps://e[.]b340[.]ru/hkgrp5j1ca[.]webm hxxps://ap[.]b5x1g[.]ru/ef[.]check?t=x6pn62nd hxxps://e[.]b340[.]ru/bjnescjsae[.]webm hxxps://k3p[.]j220[.]ru/mul8x8cbbv[.]webm hxxps://af[.]b5x1g[.]ru/5du[.]check?t=f00n62gx hxxps://k3p[.]j220[.]ru/hezj0ythzk[.]webm hxxps://m9[.]r274[.]ru/olq9dkcaul[.]webm hxxps://m9[.]r274[.]ru/320gx2gfvu[.]webm hxxps://md[.]hecynya[.]ru/2dc065f62ee8774c2517bf4c4d2c1211 hxxps://bv[.]f0z1n[.]ru/7k[.]google?t=o0cd653v hxxps://bi[.]f0z1n[.]ru/jo[.]google?t=nnorjwx1 hxxps://d[.]r274[.]ru/dcivnrmqj3[.]webm hxxps://d[.]r274[.]ru/jevv1am0rz[.]webm hxxps://aa1[.]l134[.]ru/ktrh3ft324[.]webm hxxps://aa1[.]l134[.]ru/1774pp7s3u[.]webm hxxps://bh[.]f0z1n[.]ru/bp[.]google?t=yeii8ho1 hxxps://p7[.]l134[.]ru/5tqnrw1sh8[.]webm hxxps://p7[.]l134[.]ru/ng2tt81ho0[.]webm hxxps://bc[.]b5x1g[.]ru/u7[.]check?t=gq8d0cjr hxxps://br[.]g3w2p[.]ru/1iv[.]check?t=k7cckfzg hxxps://lst[.]n50e[.]ru/vd962v09t6[.]webm hxxps://lst[.]n50e[.]ru/7wg0ewl2jl[.]webm hxxps://lst[.]n50e[.]ru/hlz418tg86[.]webm hxxps://lst[.]n50e[.]ru/kgzldm4v3m[.]webm hxxps://b[.]g3w2p[.]ru/a3h[.]google?t=nchdn3i5 hxxps://lst[.]n50e[.]ru/4pdl5gsklv[.]webm hxxps://bl[.]f8t6m[.]ru/pm3[.]google?t=32ox8phc hxxps://lst[.]n50e[.]ru/cdg20bhxsm[.]webm hxxps://fcx[.]n50e[.]ru/hqnbf1mhwn[.]webm hxxps://md[.]hecynya[.]ru/5cf7aca4edcec33f5cc014b25dfff547 hxxps://fcx[.]n50e[.]ru/5ya45r64e6[.]webm hxxps://bg[.]f8t6m[.]ru/3j[.]check?t=51m9gq5c hxxps://fck[.]n50e[.]ru/ffde8vorv2[.]webm hxxps://fck[.]n50e[.]ru/z5bfc7c68o[.]webm hxxps://ao[.]f8t6m[.]ru/6kj[.]check?t=hctv43xw hxxps://u[.]b704[.]ru/hud6la4aul[.]webm hxxps://g5[.]f969[.]ru/2ut9ro6hlv[.]webm hxxps://al[.]f8t6m[.]ru/23a[.]check?t=2bx3je95 hxxps://g5[.]f969[.]ru/g047rbeenm[.]webm hxxps://g5[.]f969[.]ru/xo526o7c2f[.]webm hxxps://s[.]f0z1n[.]ru/hn[.]check?t=z6lgq89s	ClearFake
URL	hxxps://leauab[.]asia/xakd hxxps://suctso[.]asia/xoza hxxp://178[.]16[.]54[.]200/files/plug/BerkeleyLots[.]exe hxxps://repzzm[.]asia/takz hxxps://tmpfiles[.]org/api hxxp://178[.]16[.]54[.]200/files/8233681234/rrr2ITl[.]exe hxxp://178[.]16[.]54[.]200/files/8322977947/NGWevNl[.]exe hxxp://178[.]16[.]54[.]200/files/5418417533/gZ3dBvj[.]exe hxxps://genuysf[.]bet/xsak hxxps://eleccqt[.]bet/tiod hxxps://brusfnk[.]top/qpza hxxps://turrgql[.]bet/zamt hxxps://tortodyq[.]xin/xakj hxxps://subtehi[.]bet/tpel hxxps://somefed[.]top/siuo hxxps://battpnd[.]top/xoai hxxps://homemdks[.]top/eoix hxxps://flagump[.]top/tqow hxxps://poisoha[.]top/zqow hxxps://complve[.]top/zldl hxxps://stepwxv[.]top/wiqx hxxps://sociiud[.]top/atkd hxxps://rutxnm[.]top/wqed hxxps://kenyafu[.]top/zajh hxxps://nonckucg[.]top/xkzn hxxps://lingzvl[.]top/zdgt hxxps://secrequ[.]top/tieq hxxps://jocospt[.]shop/gjai hxxps://masmbv[.]asia/xdao hxxps://tarakmb[.]asia/tawt hxxp://178[.]16[.]54[.]200/files/2013029379/5mzrCmG[.]exe hxxps://hoobow[.]asia/aooz hxxp://178[.]16[.]54[.]200/files/8283443171/6VDcuAI[.]exe hxxp://178[.]16[.]54[.]200/files/6629342726/vgXMNSY[.]exe hxxps://jackaw[.]asia/xjao hxxps://genpyb[.]asia/qweo hxxps://nexoramods[.]net/nexora[.]zip hxxps://rhusdniw[.]shop/teyg hxxp://178[.]16[.]54[.]200/files/1013240947/lASvHyD[.]exe hxxps://morticmbnr[.]run/gako hxxps://github[.]com/maddiousc/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe hxxps://github[.]com/k0ntessy/FortniteSpoofer/raw/refs/heads/main/TempSpoofer[.]exe hxxps://github[.]com/sweerd/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe hxxps://github[.]com/cuncherry/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe hxxps://github[.]com/shanney-png/Temp-Spoofer-LifeTime/raw/refs/heads/main/TempSpoofer[.]exe hxxps://github[.]com/davveyl/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe hxxps://github[.]com/operrtha/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe hxxps://www[.]4sync[.]com/web/directDownload/yFKITjwD/4W5DbszB[.]eec54fd06d0698a4369a51e98735ffc1 hxxps://github[.]com/clariesy/FortniteSpoofer/raw/refs/heads/main/TempSpoofer[.]exe hxxps://github[.]com/achelly7/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe hxxps://github[.]com/m0lleroys/Temp-Spoofer-LifeTime/raw/refs/heads/main/TempSpoofer[.]exe hxxps://github[.]com/ddenair/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe hxxps://github[.]com/nuerrty/FortniteSpoofer/raw/refs/heads/main/TempSpoofer[.]exe hxxps://github[.]com/naerlydd/FiveM-Spoofer/raw/refs/heads/main/CFXBypass[.]exe hxxps://github[.]com/mad1eel/Temp-Spoofer-LifeTime/raw/refs/heads/main/TempSpoofer[.]exe hxxps://github[.]com/dddvh/Monotone-HWID-Spoofer/raw/refs/heads/main/Monotone[.]exe hxxps://wasxhawg[.]shop/twxz hxxps://permanz[.]qpon/talx hxxps://dropphef[.]shop/iuxd hxxps://yunded[.]com/uwuz	Lumma Stealer
URL	hxxp://microsoft-telemetry[.]cc/iddr/lool[.]exe hxxp://178[.]16[.]54[.]200/test/amnew[.]exe hxxp://92[.]118[.]235[.]112/uyBuqsrm[.]txt hxxp://178[.]16[.]54[.]200/du4ko7hd/index[.]php hxxp://178[.]16[.]54[.]200/du4ko7hd/Login[.]php hxxp://microsoft-telemetry[.]at/cvdfnaFJBmC0/index[.]php	Amadey
URL	hxxps://anythingcanbethissub[.]chat1[.]store/update/3[.]pdf hxxps://anythingcanbethissub[.]chat1[.]store/update/6[.]pdf hxxps://anythingcanbethissub[.]chat1[.]store/update/2[.]pdf hxxps://anythingcanbethissub[.]chat1[.]store/update/5[.]pdf hxxps://anythingcanbethissub[.]chat1[.]store/update/1[.]pdf hxxps://anythingcanbethissub[.]chat1[.]store/update/4[.]pdf hxxp://info-ups[.]com/file/sw[.]msi	MetaStealer
URL	hxxp://141[.]98[.]10[.]164/upl04d/cl13ent/edu[.]mpsl hxxp://141[.]98[.]10[.]164/upl04d/cl13ent/edu[.]mips hxxp://141[.]98[.]10[.]164/vv/mips hxxp://141[.]98[.]10[.]164/upl04d/cl13ent/edu[.]sh4 hxxp://141[.]98[.]10[.]164/vv/mipsel hxxp://67[.]159[.]18[.]115/dc hxxp://67[.]159[.]18[.]115/sex[.]sh hxxp://67[.]159[.]18[.]115/m-6[.]8-k[.]Sakura hxxp://67[.]159[.]18[.]115/s-h[.]4-[.]Sakura hxxp://67[.]159[.]18[.]115/x-3[.]2-[.]Sakura hxxp://67[.]159[.]18[.]115/a-r[.]m-6[.]Sakura hxxp://67[.]159[.]18[.]115/i-5[.]8-6[.]Sakura hxxp://67[.]159[.]18[.]115/m-p[.]s-l[.]Sakura hxxp://67[.]159[.]18[.]115/p-p[.]c-[.]Sakura hxxp://67[.]159[.]18[.]115/a-r[.]m-5[.]Sakura hxxp://67[.]159[.]18[.]115/a-r[.]m-4[.]Sakura hxxp://67[.]159[.]18[.]115/m-i[.]p-s[.]Sakura hxxp://67[.]159[.]18[.]115/a-r[.]m-7[.]Sakura hxxp://67[.]159[.]18[.]115/x-8[.]6-[.]Sakura hxxp://196[.]251[.]71[.]207/armv4l hxxp://196[.]251[.]71[.]207/armv5l hxxp://176[.]65[.]132[.]70/bot[.]mips hxxp://176[.]65[.]132[.]70/bot[.]mipsel hxxp://158[.]94[.]209[.]216/lmips hxxp://158[.]94[.]209[.]216/umpsl hxxp://158[.]94[.]209[.]216/lmpsl hxxp://158[.]94[.]209[.]216/emips hxxp://158[.]94[.]209[.]216/mpsl hxxp://158[.]94[.]209[.]216/umips hxxp://158[.]94[.]209[.]216/nmips hxxp://67[.]159[.]18[.]115/Sakura[.]sh hxxp://158[.]94[.]209[.]216/poc	Bashlite
URL	hxxps://realty[.]yourpgcountyliving[.]com/pixel[.]png hxxps://secure[.]happyhatterreviews[.]com/pixel[.]png	FAKEUPDATES
URL	hxxp://96[.]44[.]159[.]216/arquivo_20250909231221[.]txt hxxp://107[.]172[.]132[.]42/arquivo_20250910082944[.]txt hxxp://96[.]44[.]159[.]216/122/verybestfeelingseverygotfrommybestplacess[.]hta hxxp://96[.]44[.]159[.]144/500/verygoodpeoplesaroundtheowrldwithbestfturueforme[.]PHP hxxp://209[.]54[.]102[.]137/img/verybestpersonifoundeverydayonmylifebettergoodways[.]hta hxxps://it-ing[.]hr/Trillings[.]sea hxxp://209[.]54[.]102[.]137/arquivo_20250911035523[.]txt hxxp://96[.]44[.]159[.]216/133/goodwithbestfeelingsitsgivenmebestbentirefeelingsgoodfomrebest[.]hta hxxp://96[.]44[.]159[.]144/arquivo_20250911012138[.]txt	Remcos
URL	hxxp://196[.]251[.]69[.]226/POKEY[.]hta hxxp://193[.]23[.]199[.]155/km[.]bat	PureLogs Stealer
URL	hxxp://413426cm[.]nyash[.]es/protectFlowerdownloads[.]php hxxp://901730cm[.]nyash[.]es/_processprocessorBigload[.]php	DCRat
URL	hxxp://kali[.]free[.]idcfengye[.]com/igfxCUIServiceN[.]exe hxxp://kali[.]free[.]idcfengye[.]com/beacon_x64[.]exe hxxp://kali[.]free[.]idcfengye[.]com/svchost[.]exe hxxp://kali[.]free[.]idcfengye[.]com/artifact_x64[.]exe hxxp://47[.]238[.]239[.]22:443/AiRa hxxp://106[.]119[.]204[.]52:60002/beacon[.]exe hxxp://108[.]186[.]255[.]114:8696/RZy8 hxxp://114[.]132[.]169[.]168/faOG hxxp://106[.]75[.]6[.]253:808/02[.]08[.]2022[.]exe hxxp://43[.]138[.]14[.]158:9999/02[.]08[.]2022[.]exe hxxp://8[.]218[.]112[.]112:8082/02[.]08[.]2022[.]exe hxxp://124[.]222[.]47[.]15:8089/02[.]08[.]2022[.]exe hxxp://38[.]12[.]16[.]163/02[.]08[.]2022[.]exe hxxp://8[.]130[.]74[.]111:8080/02[.]08[.]2022[.]exe hxxp://196[.]251[.]70[.]216:7777/02[.]08[.]2022[.]exe hxxp://134[.]122[.]162[.]67:8888/02[.]08[.]2022[.]exe hxxp://106[.]119[.]204[.]52:60001/02[.]08[.]2022[.]exe hxxp://121[.]41[.]167[.]80/02[.]08[.]2022[.]exe hxxp://8[.]218[.]112[.]112:8880/02[.]08[.]2022[.]exe hxxp://121[.]4[.]111[.]137:5422/02[.]08[.]2022[.]exe hxxp://36[.]137[.]134[.]42:5555/02[.]08[.]2022[.]exe hxxp://8[.]155[.]165[.]8:9999/02[.]08[.]2022[.]exe hxxp://69[.]165[.]68[.]209:39601/02[.]08[.]2022[.]exe hxxp://154[.]205[.]9[.]53:8080/02[.]08[.]2022[.]exe hxxp://124[.]221[.]237[.]102:8081/02[.]08[.]2022[.]exe hxxp://82[.]156[.]147[.]52:60200/02[.]08[.]2022[.]exe hxxp://150[.]109[.]197[.]241:8888/02[.]08[.]2022[.]exe hxxp://144[.]172[.]112[.]78/02[.]08[.]2022[.]exe hxxp://39[.]97[.]35[.]139/02[.]08[.]2022[.]exe hxxp://152[.]32[.]212[.]63:9292/02[.]08[.]2022[.]exe hxxp://8[.]218[.]112[.]112:8080/02[.]08[.]2022[.]exe hxxp://38[.]55[.]205[.]15:82/02[.]08[.]2022[.]exe hxxp://8[.]218[.]112[.]112:8081/02[.]08[.]2022[.]exe hxxp://118[.]193[.]45[.]238/02[.]08[.]2022[.]exe hxxp://113[.]44[.]87[.]199/02[.]08[.]2022[.]exe hxxp://106[.]75[.]6[.]253/02[.]08[.]2022[.]exe hxxp://117[.]72[.]105[.]10:8000/artifact_x64[.]exe	Cobalt Strike
URL	hxxp://kali[.]free[.]idcfengye[.]com/payload[.]exe hxxp://124[.]70[.]133[.]212:8000/KHG[.]exe	Meterpreter
URL	hxxps://serralux[.]pt/Fagforeningskomiteerne[.]aca hxxp://olgamostova[.]com/CS/unserv[.]ttf hxxp://olgamostova[.]com/CS/Demole[.]ocx hxxp://olgamostova[.]com/CS/trspvzxKwTeDIYMhHiYnjizqu173[.]bin hxxp://goldseason[.]hu/Underfra[.]hhk	CloudEyE
URL	hxxps://api[.]telegram[.]org/bot8118931032:AAEFmB674oN9yaxY2_0cnQrxsU61rQLXUM8/sendMessage?chat_id=1345746651 hxxps://api[.]telegram[.]org/bot8076552983:AAFowwSM_oMG9zJXQZAu8-6Iwqci5WT3vlg/sendMessage?chat_id=7735280443 hxxps://api[.]telegram[.]org/bot7751119020:AAFZCxrsLG2uMFeEqfA3rPg6kJT3u8bHXPw/sendMessage?chat_id=7625980131	DarkCloud
URL	hxxp://193[.]23[.]199[.]155/111[.]exe	RedLine Stealer
URL	hxxp://85[.]192[.]48[.]47/linux-arm	Dofloo
URL	hxxps://webcre8[.]com/4r3w[.]js hxxps://webcre8[.]com/js[.]php hxxp://144[.]31[.]221[.]88:6060/capcha9856 hxxps://math1st[.]com/4r5j[.]js hxxps://math1st[.]com/js[.]php hxxp://144[.]31[.]221[.]37:6060/capcha9856	KongTuke
URL	hxxps://4revergreen[.]com/ajax/pixi[.]min[.]js hxxps://pokelv[.]com/res/partygardencapital	NetSupportManager RAT
URL	hxxp://91[.]245[.]255[.]43:8765/stux2[.]exe	Havoc
URL	hxxp://45[.]61[.]150[.]203/documents/b/bosskay_encoded[.]txt hxxp://45[.]61[.]150[.]203/documents/r/roccee_encoded[.]txt hxxp://213[.]209[.]150[.]18/lwwN0cZ45dYxAhs[.]exe hxxp://213[.]209[.]150[.]18/0vJHJ5DnWpthvfS[.]exe hxxp://213[.]209[.]150[.]18/4bwRMYS3GCK6h1F[.]exe hxxps://tjthjd[.]icu/img/image[.]jpg	MASS Logger
URL	hxxp://196[.]251[.]69[.]227/shimFRIDAY[.]vbs hxxp://196[.]251[.]69[.]226/shimcomthurs[.]vbs hxxp://196[.]251[.]73[.]58/H2/MEX[.]zip hxxp://doublemanfs[.]com/rimmer[.]bin	Agent Tesla
URL	hxxps://poppy[.]monster/c/rzn[.]exe	BlankGrabber
URL	hxxp://178[.]16[.]54[.]200/files/629582567/A4BWsxK[.]exe	SalatStealer
URL	hxxps://185[.]141[.]216[.]172/gateway/o4obvot8[.]h7its hxxp://2[.]58[.]56[.]54:1888/gateway/fm5xroun[.]0zrtw hxxp://185[.]141[.]216[.]120:1888/gateway/ugb6ewgu[.]skyru hxxp://94[.]154[.]35[.]99:1888/gateway/ugb6ewgu[.]skyru hxxps://94[.]154[.]35[.]99:1888/gateway/ugb6ewgu[.]skyru hxxps://shiteatwop[.]sbs/gateway/uv3akw97[.]t5rel hxxps://shiwa[.]sbs/gateway/uv3akw97[.]t5rel hxxps://shiporitoy[.]sbs/gateway/uv3akw97[.]t5rel hxxps://shiteafirs[.]live/gateway/uv3akw97[.]t5rel hxxps://shiteathre[.]sbs/gateway/uv3akw97[.]t5rel hxxp://45[.]156[.]87[.]246/gateway/lxl1puu6[.]gj9bk hxxp://194[.]55[.]137[.]30/gateway/calh79rb[.]cjjfi hxxps://194[.]33[.]61[.]162/gateway/gqmrbp7r[.]q76cs hxxps://194[.]33[.]61[.]182/gateway/17culsk6[.]cf2hn hxxps://103[.]146[.]119[.]92/gateway/gm4qvawu[.]l2o2o hxxp://139[.]59[.]4[.]189/gateway/36hnkwg1[.]2kkq9 hxxps://37[.]221[.]66[.]174/gateway/araxd4kd[.]hakt5 hxxps://185[.]196[.]9[.]64/gateway/wu25gfoo[.]sc9q4 hxxps://87[.]120[.]107[.]181/gateway/ou0gkk7n[.]p14tw hxxps://193[.]233[.]126[.]173/gateway/j2ipitfi[.]g7skm hxxp://193[.]233[.]126[.]173/gateway/j2ipitfi[.]g7skm hxxp://178[.]16[.]53[.]7/9[.]exe hxxps://minepulse[.]pro/111[.]exe hxxps://193[.]233[.]126[.]43/gateway/ddctcquq[.]egr8w hxxp://77[.]83[.]207[.]226:1337/gateway/qp1nvdit[.]5ankp hxxp://77[.]83[.]207[.]226:1337/gateway/ut256frb[.]3pbu5 hxxps://77[.]83[.]207[.]226:1337/gateway/ut256frb[.]3pbu5 hxxps://77[.]83[.]207[.]226:1337/gateway/3lb4560e[.]njddt hxxps://77[.]83[.]207[.]226:1337/gateway/5sv801wo[.]xbp97 hxxps://77[.]83[.]207[.]226:1337/gateway/qp1nvdit[.]5ankp hxxps://77[.]83[.]207[.]226:1337/gateway/gadw9wwh[.]nfihu hxxp://178[.]16[.]54[.]200/files/925585121/ywV9G75[.]exe hxxp://178[.]16[.]53[.]243:6343/gateway/3mh6oe84[.]n0756 hxxps://openai-diversifies-with-ai[.]com:6343/gateway/8k9xlxs5[.]vtcl8 hxxps://sngrlglpthi[.]mw/gateway/iug4o6dc[.]wsxon hxxps://193[.]233[.]126[.]43/gateway/iug4o6dc[.]wsxon hxxps://193[.]233[.]126[.]43/gateway/iesm4j25[.]s4pj7 hxxps://193[.]23[.]216[.]48/gateway/iesm4j25[.]s4pj7 hxxps://dkqnkaqwyrf[.]ar/gateway/iesm4j25[.]s4pj7 hxxp://178[.]16[.]54[.]200/files/6637358436/m9viBtH[.]exe hxxp://176[.]46[.]152[.]62:5858/d2a3db0fe2ac476e8ca876f8c23ba92f_miner[.]exe	Rhadamanthys
URL	hxxp://77[.]90[.]153[.]225/c9d95c9f4c224c36[.]php hxxp://176[.]46[.]152[.]46/281ef81f2444fb93[.]php hxxp://45[.]153[.]34[.]123/b0481cf5ba1844ec[.]php hxxp://91[.]196[.]32[.]97/8a9c48a5e99a4eac[.]php hxxp://toxwebapp[.]com/c1c44617e43e556b[.]php hxxp://143[.]92[.]39[.]31/97dbb8f0394943c6[.]php hxxp://96[.]9[.]125[.]98/cef01016566d4884[.]php hxxp://172[.]236[.]192[.]27/c58d03b5de424a3f[.]php hxxp://206[.]123[.]145[.]165/a2d7fe84a0c94fc1[.]php hxxp://178[.]16[.]54[.]200/files/5254702106/eqEgiiV[.]exe	Stealc
URL	hxxp://romcablu[.]com/s/luck/k[.]php hxxp://pakarabi[.]net/loki/Panel/five/fre[.]php hxxp://213[.]209[.]157[.]114/pi00/pin[.]php	LokiBot
URL	hxxp://178[.]16[.]54[.]200/files/1312043415/mg6DkTY[.]exe	Vidar
URL	hxxp://213[.]209[.]150[.]18/ciLCAwjocX86fCG[.]exe hxxps://api[.]telegram[.]org/bot8441624704:AAH6vGbiIWRY7nBMD7IpR6i99Ct1pG_HoQ8/sendMessage?chat_id=7720428574	Snake Keylogger
URL	hxxp://172[.]86[.]90[.]22/FIRM_SHAWL[.]exe hxxp://172[.]86[.]90[.]22/WEB[.]exe hxxp://172[.]86[.]90[.]22/WEB[.]dat hxxp://64[.]176[.]180[.]238/SQUARE_CREDENZA[.]exe hxxp://64[.]176[.]180[.]238/MONTHLY_CANDY[.]exe hxxp://64[.]176[.]180[.]238/AGENT[.]exe hxxp://64[.]176[.]180[.]238/DIVINE_WAITRESS[.]exe hxxp://194[.]195[.]208[.]43:9741/pwnd/syslog[.]exe	Sliver
URL	hxxps://151[.]28[.]230[.]104:8443/sda1/Video[.]scr hxxps://151[.]28[.]230[.]104:8443/sda1/AV[.]scr hxxps://151[.]28[.]230[.]104:8443/sda1/2020%20VIDEO%20SABINAS%20MOESE/Photo[.]scr hxxps://151[.]28[.]230[.]104:8443/sda1/Photo[.]scr hxxps://151[.]28[.]230[.]104:8443/sda1/2020%20VIDEO%20SABINAS%20MOESE/Video[.]scr hxxps://151[.]28[.]230[.]104:8443/sda1/2020%20VIDEO%20SABINAS%20MOESE/AV[.]scr hxxp://117[.]30[.]59[.]254:887/AV[.]scr hxxp://117[.]30[.]59[.]254:887/Photo[.]scr hxxp://117[.]30[.]59[.]254:887/lost%2Bfound/AV[.]scr hxxp://117[.]30[.]59[.]254:887/Video[.]scr hxxp://117[.]30[.]59[.]254:887/lost%2Bfound/Video[.]scr hxxp://117[.]30[.]59[.]254:887/lost%2Bfound/Photo[.]scr hxxp://117[.]30[.]59[.]254:887/lost+found/Photo[.]scr hxxp://117[.]30[.]59[.]254:887/lost+found/Video[.]scr hxxp://117[.]30[.]59[.]254:887/lost+found/AV[.]scr hxxps://github[.]com/hkakkkaa/gdsssdggsg/releases/download/fsdfsd/lol1[.]exe hxxp://72[.]60[.]108[.]185/nice[.]exe	Coinminer
URL	hxxp://182[.]92[.]96[.]11:8888/hhh[.]apk hxxp://182[.]92[.]96[.]11:8888/Ahmyth[.]s[.]apk	AhMyth
URL	hxxp://193[.]23[.]200[.]19/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs hxxp://94[.]156[.]154[.]121/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs	SmartLoader
URL	hxxp://202[.]189[.]5[.]5:99/buding/3DExplor[.]dll hxxp://192[.]140[.]182[.]48:66/30frxxbd/139Assicc[.]dll hxxp://118[.]25[.]68[.]152:91/rasadhlp[.]dll hxxp://124[.]221[.]29[.]185:91/rasadhlp[.]dll hxxp://124[.]222[.]151[.]47:99/rasadhlp[.]dll	KrBanker
URL	hxxp://tat-neftbank[.]ru/kkq[.]ph hxxp://crutop[.]nu/ind hxxp://kidos-bank[.]ru/in hxxp://virus-list[.]com/index	Berbew
URL	hxxp://b-cloudsystem[.]org/u3n6hcu6te3b46gc	TrickMo
URL	hxxps://api[.]telegram[.]org/bot7679726230:AAE_UpFsIaNayfGmoETC_jHCf1DJ7bS8H-M/sendMessage hxxps://api[.]telegram[.]org/bot7506503995:AAGarQC5KpDjYeUbST6q467puFAXomVw_8A/sendMessage hxxps://api[.]telegram[.]org/bot8287667971:AAHe9oNc-6-VWmEAFbGfNfJ97J4osfspPEY/sendMessage hxxps://api[.]telegram[.]org/bot8311978149:AAHu7sk4yvVYMomaoNJi1RxaUSlrmxs4Wtw/sendMessage hxxp://72[.]60[.]108[.]185/lauunch1exe[.]exe hxxp://72[.]60[.]108[.]185/Launch[.]exe	AsyncRAT
URL	hxxp://178[.]16[.]54[.]200/files/5815908625/K6lV9Hn[.]exe	StormKitty
URL	hxxp://68[.]69[.]184[.]110:8000/linux_mips64el hxxp://68[.]69[.]184[.]110:8000/linux_arm5 hxxp://68[.]69[.]184[.]110:8000/linux_mipsel hxxp://68[.]69[.]184[.]110:8000/linux_aarch64 hxxp://68[.]69[.]184[.]110:8000/linux_arm7 hxxp://68[.]69[.]184[.]110:8000/linux_amd64 hxxp://68[.]69[.]184[.]110:8000/linux_arm6 hxxp://68[.]69[.]184[.]110:8000/linux_mips64 hxxp://68[.]69[.]184[.]110:8000/linux_mips hxxp://68[.]69[.]184[.]110:8000/download[.]sh hxxp://68[.]69[.]184[.]110:8000/linux_386	Kaiji
URL	hxxp://68[.]69[.]184[.]110:8000/Linux-udp25000 hxxp://68[.]69[.]184[.]110:8000/Linux-syn25000	BillGates
URL	hxxp://eyota[.]com[.]sg/a2z/panelnew/gate[.]php	Pony
URL	hxxp://alpinreisan1[.]com/UHH[.]exe	BluStealer

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております