不正URLへのアクセス、不正メールの受信
-
メール受信した
弊社お客様0社 URLアクセスした
弊社お客様0社 -
2023/05/23
※2023/05/23 更新
マルウェア感染させると考えられるURLを検知(2023/05/23)
■IoC(※1)
| Type: | IOC: | Signature: |
|---|---|---|
| URL | hxxp://62[.]171[.]178[.]45/WindowsApp6[.]exe | XWorm |
| URL | hxxps://kfcacademy[.]com/niu/?686561 | QakBot |
| URL | hxxp://194[.]180[.]48[.]58/morgan/five/fre[.]php hxxp://161[.]35[.]102[.]56/~nikol/?p=4479137330 hxxp://161[.]35[.]102[.]56/~nikol/?p=41491438105 hxxp://185[.]246[.]220[.]85/project/five/fre[.]php hxxp://161[.]35[.]102[.]56/~nikol/?p=97763662196 hxxp://171[.]22[.]30[.]164/fred1/five/fre[.]php hxxp://161[.]35[.]102[.]56/~nikol/?p=0244025 |
LokiBot |
| URL | hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3[.]dll hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3[.]dll hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140[.]dll hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3[.]dll hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140[.]dll hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue[.]dll hxxp://45[.]9[.]74[.]99/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3[.]dll |
RecordBreaker |
| URL | hxxp://146[.]70[.]113[.]142/JWbjDtObd215[.]bin hxxp://146[.]70[.]113[.]142/pRvEdFjrSmyZFoU67[.]bin hxxp://146[.]70[.]113[.]142/iWLjLe12[.]bin hxxp://156[.]96[.]113[.]118/hpXEcYclIUizngIFp56[.]bin hxxp://156[.]96[.]113[.]118/xaXhDOwB56[.]bin hxxp://156[.]96[.]113[.]118/tpmAWFKmBIkXbzbORsJqa4[.]bin hxxp://156[.]96[.]113[.]118/dtlXWHZoulIo127[.]bin |
CloudEyE |
| URL | hxxp://194[.]180[.]48[.]59/damianozx[.]exe hxxp://23[.]94[.]231[.]139/145/vbc[.]exe hxxp://194[.]180[.]48[.]59/pmexzx[.]exe |
Agent Tesla |
| URL | hxxp://103[.]188[.]167[.]113/xmrig32[.]exe | Coinminer |
| URL | hxxps://167[.]88[.]170[.]23/swo/sw[.]exe | Eternity |
| URL | hxxp://hosplfar[.]com/order/a[.]exe | Nanocore RAT |
| URL | hxxps://39[.]104[.]76[.]226/toutiao/search hxxp://103[.]146[.]179[.]67:8090/dpixel hxxp://39[.]105[.]110[.]247:8099/pixel[.]gif hxxp://179[.]60[.]150[.]57/push hxxp://92[.]63[.]196[.]48:92/ga[.]js hxxps://8[.]210[.]56[.]76:12345/visit[.]js hxxp://101[.]42[.]16[.]56:8083/j[.]ad hxxp://80[.]66[.]88[.]127/ptj hxxp://194[.]55[.]224[.]169/cm hxxp://198[.]46[.]249[.]118:30001/ga[.]js hxxp://120[.]55[.]100[.]163:6666/dpixel hxxps://47[.]117[.]163[.]173:4445/updates[.]rss hxxp://171[.]244[.]60[.]21/image/ hxxps://1[.]14[.]65[.]206:49564/push hxxps://smss[.]svchost[.]co/jquery-3[.]3[.]1[.]min[.]js hxxp://103[.]44[.]244[.]251:7777/j[.]ad hxxp://43[.]143[.]222[.]153:8001/cx hxxps://dash[.]congluanz[.]net/jquery-3[.]3[.]1[.]min[.]js hxxp://www[.]ilovechina[.]site:8080/jquery-3[.]3[.]1[.]min[.]js hxxp://39[.]107[.]250[.]164:65534/azure/api/v2/userinfo/get hxxp://c[.]kalilinux[.]net:8080/push hxxps://101[.]42[.]236[.]83:8443/IE9CompatViewList[.]xml hxxps://114[.]116[.]39[.]74:8443/ga[.]js hxxp://101[.]33[.]117[.]154:2111/jquery-3[.]3[.]1[.]min[.]js hxxp://43[.]154[.]52[.]127:8013/dot[.]gif hxxp://82[.]180[.]137[.]225/en_US/all[.]js hxxp://179[.]43[.]154[.]137:8010/ptj hxxp://124[.]222[.]160[.]123:11111/view[.]jsp hxxp://49[.]65[.]125[.]131:8999/j[.]ad hxxp://167[.]71[.]245[.]119:8188/c/msdownload/update/others/2020/10/29136388_ hxxp://198[.]74[.]113[.]208/aaaaaaaaa hxxps://111[.]230[.]80[.]153/clemente/details hxxps://1[.]12[.]239[.]55/dot[.]gif hxxp://108[.]166[.]209[.]94:2280/activity hxxp://20[.]212[.]231[.]77:808/IE9CompatViewList[.]xml hxxp://119[.]91[.]217[.]230:8088/j[.]ad hxxps://43[.]245[.]199[.]163:8443/api/v4/zones/entitlements hxxp://1[.]116[.]10[.]227:8000/Quit/cv/IPI9U4OF hxxps://74[.]119[.]193[.]57/ga[.]js hxxp://114[.]132[.]241[.]133/cm hxxp://5[.]9[.]224[.]206/design/query/9X5M3SOE0F hxxps://74[.]119[.]193[.]57:1443/match |
Cobalt Strike |
| URL | hxxp://91[.]107[.]224[.]54/6e26382b1807d1b9[.]php hxxp://91[.]107[.]224[.]54/4184da83d7329318/msvcp140[.]dll hxxp://91[.]107[.]224[.]54/4184da83d7329318/softokn3[.]dll hxxp://91[.]107[.]224[.]54/4184da83d7329318/vcruntime140[.]dll hxxp://91[.]107[.]224[.]54/4184da83d7329318/mozglue[.]dll hxxp://91[.]107[.]224[.]54/4184da83d7329318/sqlite3[.]dll hxxp://91[.]107[.]224[.]54/4184da83d7329318/freebl3[.]dll hxxp://91[.]107[.]224[.]54/4184da83d7329318/nss3[.]dll |
Stealc |
| URL | hxxps://ggarco[.]com/atma/?1 hxxps://dua-welfare[.]com/eefi/?1 hxxps://thulasipharmacy[.]com/unu/?1 hxxps://amohtaseb[.]com/ta/?1 hxxps://kvrautomotive[.]com/vai/?1 hxxps://ghadmoshrek[.]com/ao/?1 hxxps://cgscoaching[.]com/tu/?1 hxxps://fivedit[.]com/in/?1 hxxps://ultimategamefowls[.]com/tlie/?1 hxxps://otelbaev[.]com/ua/?1 hxxps://topresumesolution[.]com/nesc/?1 hxxps://vijayshanti[.]com/dnud/?1 hxxps://sbdcbahamas[.]com/ihi/?1 hxxps://jetskitourdubai[.]com/ueu/?1 hxxps://agagulf[.]com/usi/?1 hxxps://drpetertio[.]com/tlu/?1 hxxps://austriasummerholidays[.]co[.]uk/am/?1 hxxps://sistemasov[.]com/iaqe/?1 hxxps://udesp[.]org[.]br/emer/?1 hxxps://coderschoolbd[.]com/ctd/?1 hxxps://softmaint[.]it/eqae/?1 hxxps://melodyfidel[.]com/heoc/?1 hxxps://tipsfreehealth[.]com/apo/?1 hxxps://letscbeauty[.]com/ecsa/?1 hxxps://klonopinonlinerx[.]com/urir/?1 hxxps://sewingwithnancytv[.]com/etpu/?1 hxxps://atgjobmodeling[.]com/rict/?1 hxxps://jacksonkatz[.]com/iauu/?1 hxxps://professionalaccountantsgroup[.]com/qad/?1 hxxps://inventorseducare[.]com/ipsd/?1 hxxps://opencartturkey[.]com/omat/?1 hxxps://mma[.]org[.]np/ga/?1 hxxps://yangstory[.]com/si/?1 hxxps://biolablaboratorio[.]com/so/?1 hxxps://nesport[.]com/raue/?1 hxxps://skplayonline[.]com/ifq/?1 hxxps://pranaevents[.]net/om/?1 hxxps://shopolx[.]com/sn/?1 hxxps://leadsglobalsolutions[.]com/te/?1 hxxps://bibianos[.]com/en/?1 hxxps://jcijcom[.]com/el/?1 hxxps://plugvibez[.]com/iuor/?1 hxxps://silvermaidsdubai[.]com/quum/?1 hxxps://wisdomtoothgrowingpain[.]com/ult/?1 hxxps://urbanfreshgrocers[.]com/hnm/?1 hxxps://vuelosfantastico[.]com/iqou/?1 hxxps://cooktaillab[.]com/muta/?1 hxxps://btlspinning[.]com/ne/?1 hxxps://biocoreconferences[.]com/io/?1 hxxps://bodylegendfitness[.]com/snu/?1 hxxps://cycoolsports[.]com/ans/?1 hxxps://bioempaquesas[.]com/lq/?1 hxxps://simhdtv[.]com/odm/?1 hxxps://imperialbox[.]net/ea/?1 hxxps://sdgservices[.]net/ss/?1 hxxps://imanagementpro[.]com/broa/?1 hxxps://neelikon[.]com/macp/?1 hxxps://mauro-cafe[.]com/oapt/?1 hxxps://artforlife[.]f2f[.]org/ssdu/?1 hxxps://adttowing[.]com/uups/?1 hxxps://siddharulagam[.]org/uqie/?1 hxxps://huthamcaudanang[.]net/var/?1 hxxps://gcforkcg[.]com/pou/?1 hxxps://cesarspaint[.]com/ed/?1 hxxps://nidokenya[.]org/anlu/?1 hxxps://algorithm-consult[.]com/si/?1 hxxps://alojamaneira[.]com/rn/?1 hxxps://api[.]irs[.]org[.]in/ptua/?1 hxxps://yearmate[.]com/dei/?1 hxxps://houseot[.]com/um/?1 hxxps://swiftrentalcar[.]com/iqui/?1 hxxps://liceoparroquial[.]org/si/?1 hxxps://bengalurupools[.]com/ol/?1 hxxps://cplraipur[.]com/pr/?1 hxxps://cavalindustrial[.]com/oqi/?1 hxxps://joolcomercializadora[.]com/ees/?1 hxxps://mortalflix[.]com/qiu/?1 hxxps://clifton-computers[.]net/lm/?1 hxxps://roxtermoto[.]com/iisu/?1 hxxps://vikasitaconnect[.]com/pqo/?1 hxxps://gawahweekly[.]com/neri/?1 hxxps://barryconsultinggroup[.]com/so/?1 hxxps://lesdeuxpalmiers[.]com/ae/?1 hxxps://moltiporta[.]com/ited/?1 hxxps://affiliateweapons[.]net/eloe/?1 hxxps://lacaviosafrica[.]com/tet/?1 hxxps://sawatours[.]com/uoid/?1 hxxps://madualbarakah[.]com/euru/?1 hxxps://busaracenter[.]org/qvui/?1 hxxps://thekingflix[.]com/ia/?1 hxxps://baycommerce[.]net/cot/?1 hxxps://epcw-eg[.]com/mee/?1 hxxps://pulsarcircuits[.]com/qus/?1 hxxps://p2phelp[.]org/vped/?1 hxxps://goromgorom[.]com/be/?1 hxxps://ankitashrivastava[.]com/id/?1 hxxps://theconversationconference[.]com/nui/?1 hxxps://easyswipe[.]net/ei/?1 hxxps://drchiomaawuziefoundation[.]org/sllu/?1 hxxps://launchfxm[.]com/ea/?1 hxxps://flourkraft[.]com/di/?1 hxxps://hydronomicsgh[.]com/eut/?1 hxxps://smartresourcespvt[.]com/tmg/?1 hxxps://businessservicesla[.]com/qu/?1 hxxps://bomberosibarra[.]com/ios/?1 hxxps://sefluxuryservices[.]com/dt/?1 hxxps://wogishadenis[.]net/tdsu/?1 hxxps://sammohankendra[.]com/tprt/?1 hxxps://farming4you[.]com/tm/?1 hxxps://isac[.]net[.]in/iquu/?1 hxxps://caracaspools[.]com/lfai/?1 hxxps://cfcfitness[.]net/lst/?1 hxxps://nazlimaleki[.]com/nde/?1 hxxps://hepm[.]co[.]uk/acta/?1 hxxps://intevestig[.]com/atsi/?1 hxxps://bouchardtowing[.]com/de/?1 hxxps://zuluagamarketing[.]com/nadl/?1 hxxps://studiolegaledefenu[.]it/sfnc/?1 hxxps://techafresh[.]com/ei/?1 hxxps://bookingdone[.]com/ii/?1 hxxps://hipocampoacademy[.]com/ns/?1 hxxps://osam[.]org[.]ar/sea/?1 hxxps://gfppaint[.]com/uu/?1 hxxps://mehrana[.]dev/ttee/?1 hxxps://winnerspaathshala[.]com/tis/?1 hxxps://welnez[.]org/ui/?1 hxxps://joker123truewallet[.]net/qaui/?1 hxxps://terraabilities[.]com/snc/?1 hxxps://rjsi[.]org[.]pk/or/?1 hxxps://sarasotawindowtint[.]com/ee/?1 hxxps://radiofreequency[.]net/ix/?1 hxxps://ultimategatewayconstructions[.]com/net/?1 hxxps://groupbuyseotools[.]net/spa/?1 hxxps://str-tn[.]com/lodo/?1 hxxps://ar-albania[.]com/qi/?1 hxxps://cruiselinemw[.]com/erm/?1 hxxps://hracuway[.]com/np/?1 hxxps://ilmolmabdaa[.]com/ect/?1 hxxps://captainhookstowing[.]com/cor/?1 hxxps://alhabibs[.]net/iit/?1 hxxps://capstonee[.]com/iu/?1 hxxps://camwheat[.]com/nis/?1 hxxps://tangentcorporation[.]com/tion/?1 hxxps://reviewnight[.]com/dls/?1 hxxps://orleansfoodsltd[.]com/euiv/?1 hxxps://mastertechnologies[.]net/pmeq/?1 hxxps://employersgroup[.]com/isre/?1 hxxps://fodexy[.]fr/qdau/?1 hxxps://graficosourcing[.]com/me/?1 hxxps://madvitz[.]com/tiio/?1 hxxps://raheelsarwar[.]com/ps/?1 hxxps://entregainmediata21[.]com/lcs/?1 hxxps://naberlegalnurseconsultants[.]com/caum/?1 hxxps://foodsssl[.]com/atbs/?1 hxxps://athens4d[.]com/ete/?1 hxxps://thebluebellsisters[.]com/pi/?1 hxxps://mensajesquelatten[.]com/et/?1 hxxps://apkvisions[.]com/bua/?1 hxxps://ma4salebyowner[.]com/nuq/?1 hxxps://bodybuildingsupplementzone[.]com/tq/?1 hxxps://ortopediawong[.]com/gi/?1 hxxps://lindaameen[.]com/io/?1 hxxps://cellularport[.]com/re/?1 hxxps://augustogrz[.]com/poa/?1 hxxps://alfosoolonline[.]com/oi/?1 hxxps://alphaoverseasgroups[.]com/atmo/?1 hxxps://bismihomeappliance[.]com/ed/?1 hxxps://plasticmetal[.]it/aund/?1 hxxps://nellinez[.]org/aa/?1 hxxps://bvmpp[.]com/iqua/?1 hxxps://prisanastechin[.]com/ueu/?1 hxxps://alejnr[.]com/osi/?1 hxxps://bluffyn[.]com/ea/?1 hxxps://maisuae[.]com/ic/?1 hxxps://v-onerotate[.]com/umc/?1 hxxps://grabarticles[.]com/uqit/?1 hxxps://nwdiecasting[.]com/iata/?1 hxxps://transdead[.]com/inoc/?1 hxxps://solocajasmanuales[.]com/tscp/?1 hxxps://casa-forte[.]it/io/?1 hxxps://bioempaquesas[.]com/ltae/?1 hxxps://vscleaning[.]com/iic/?1 hxxps://brave-evolution[.]com/mn/?1 hxxps://dreamzonemadurai[.]com/subt/?1 hxxps://promostopsy[.]com/cr/?1 hxxps://malpanipipes[.]com/axte/?1 hxxps://bylinkers[.]com/qoun/?1 hxxps://britvet[.]com/rin/?1 hxxps://taluja[.]com/mau/?1 hxxps://contcour[.]com/len/?1 hxxps://jandaautotowing[.]com/iip/?1 hxxps://alibabas[.]co[.]uk/uqs/?1 hxxps://fernandinapm[.]com/amiu/?1 hxxps://kasilassports[.]com/osoe/?1 hxxps://lokmangalbiotech[.]com/uid/?1 hxxps://visualfxservices[.]net/iqun/?1 hxxps://canaldomarketing[.]com/mp/?1 hxxps://techviralo[.]com/nueq/?1 hxxps://newsbusiness[.]net/or/?1 hxxps://britqualis[.]co[.]uk/smd/?1 hxxps://goromgorom[.]com/pni/?1 hxxps://moltiporta[.]com/psa/?1 hxxps://royalkidsshop[.]com/tael/?1 hxxps://equilives[.]com/el/?1 hxxps://estudioalabama[.]com/ia/?1 hxxps://accesoscse[.]com/sonl/?1 hxxps://thesustainindiacampaign[.]com/eumu/?1 hxxps://frey2[.]com/ormo/?1 hxxps://getmehow[.]com/st/?1 hxxps://deeper24[.]com/pod/?1 hxxps://ministarsme[.]com/vi/?1 hxxps://ayyappatemplerohini[.]com/dd/?1 hxxps://ikidobrand[.]com/iuit/?1 hxxps://homhugs[.]com/uau/?1 hxxps://sdsolutionseg[.]com/uaue/?1 hxxps://theelevatedpalate[.]com/qeau/?1 hxxps://hgl4u[.]com/da/?1 hxxps://ankitashrivastava[.]com/lsem/?1 hxxps://sharqiproduction[.]com/sa/?1 hxxps://scaleqa[.]com/assm/?1 hxxps://theheadsoccerunblocked[.]com/lqre/?1 hxxps://mena-studies[.]org/ti/?1 hxxps://winpopup-express[.]com/ro/?1 hxxps://woodtechsolutionbd[.]com/ei/?1 hxxps://t-shit[.]org/uql/?1 hxxps://newsbusiness[.]net/prud/?1 hxxps://jcc-e-systems[.]com/nnpd/?1 hxxps://drbuthainaalansari[.]com/qa/?1 hxxps://emtenansa[.]com/ttc/?1 hxxps://pattersonoil[.]co[.]uk/qui/?1 hxxps://entregainmediata21[.]com/itsn/?1 hxxps://casa-forte[.]it/rrf/?1 hxxps://graduatescheme[.]org/sss/?1 hxxps://abbaruna[.]com/auo/?1 hxxps://techcorpsolar[.]com/hiio/?1 hxxps://julie-knapp[.]com/ice/?1 hxxps://zenxglobal[.]com/qtu/?1 hxxps://contcour[.]com/eoe/?1 hxxps://drainsolutionplus[.]com/rtuo/?1 hxxps://harborlightscondos[.]com/ntm/?1 hxxps://reviewnight[.]com/pii/?1 hxxps://importbr[.]org/sut/?1 hxxps://worldsanalytics[.]com/uisn/?1 hxxps://xpertssol[.]com/cios/?1 hxxps://ggroler[.]com/eoml/?1 hxxp://176[.]124[.]198[.]212/s0A/z3ZNW4XF20JN hxxp://176[.]124[.]198[.]213/Fs8Py/gbbd4 hxxp://109[.]172[.]45[.]79/PlL4mU/ihwYceHQVuBP hxxps://aadarshtechnosoft[.]com/iiup/?1 hxxps://vedhousing[.]com/blii/?1 hxxps://pariolimp[.]com/dmu/?1 hxxps://avpmerj[.]org/teae/?1 hxxps://webbysherry[.]com/uqip/?1 hxxps://pacersur[.]com/lm/?1 hxxps://suinter-usa[.]com/iip/?1 hxxps://pueblomacabeo[.]com/rbem/?1 hxxps://waltedmunds[.]com/uoim/?1 hxxps://santerreetfils[.]com/pacs/?1 hxxps://chielslawfirm[.]com/sroa/?1 hxxps://waff-fight[.]com/quma/?1 hxxps://roxtermoto[.]com/rl/?1 hxxps://noorfoods[.]com/rrui/?1 hxxps://bahrainplumbing[.]com/iudq/?1 hxxps://yourhealhealth[.]com/aluq/?1 hxxps://synergiegroupepharmaceutique[.]com/tf/?1 hxxps://apkfeeds[.]com/soo/?1 hxxps://awamichatroom[.]com/lap/?1 hxxps://sharpservicecenterkarachi[.]com/iv/?1 hxxps://novaesperanca[.]org[.]br/ile/?1 hxxps://labmedegypt[.]com/siei/?1 hxxps://incoglobalm[.]com/erme/?1 hxxps://pdamsula[.]com/lpt/?1 hxxps://litexperu[.]com/nuda/?1 hxxps://sarahfayearts[.]com/rc/?1 hxxps://centro-cerberus[.]it/ee/?1 hxxps://chielslawfirm[.]com/deii/?1 hxxps://gulfroof[.]com/er/?1 hxxps://sistemasov[.]com/ton/?1 hxxps://sauangodoy[.]com/em/?1 hxxps://costaricadestinationwedding[.]com/hiut/?1 hxxps://elematexpertise[.]com/imqi/?1 hxxps://kenobs[.]org/tu/?1 hxxps://depedborongancitydivision-sgod[.]com/pies/?1 hxxps://lyhourgroup[.]com/hion/?1 hxxps://perchstoneandgraeys[.]com/sl/?1 hxxps://400-sy[.]com/inlo/?1 hxxps://ripasho[.]com/side/?1 hxxps://pologroundsmusic[.]com/uii/?1 hxxps://bouldertowingservices[.]com/pt/?1 hxxps://afri-ppp[.]com/rse/?1 hxxps://after8s[.]com/lna/?1 hxxps://ca2solution[.]it/ila/?1 hxxps://mmcentertainments[.]net/ps/?1 hxxps://lizardiartedecorativo[.]com/doe/?1 hxxps://knoxwestern[.]com/alp/?1 hxxps://leannecfp[.]com/lss/?1 hxxps://defect-less[.]com/eu/?1 hxxps://thetechgear[.]com/lunq/?1 hxxps://uduakben[.]com/iius/?1 hxxps://hostraha[.]com/ql/?1 hxxps://carbonsawire[.]com/sua/?1 hxxps://as2kdigital[.]com/caul/?1 hxxps://sarahfayearts[.]com/ps/?1 hxxps://restaurantecomeketo[.]com/emin/?1 hxxps://hentaipussypics[.]com/eait/?1 hxxps://sunshinestateipl[.]org/ccu/?1 hxxps://jyotfoundationrajkot[.]org/lie/?1 hxxps://pointblanknews[.]com/at/?1 hxxps://mymsa-eg[.]com/us/?1 hxxps://ti-softwarefactory[.]com/rea/?1 hxxps://smmglory[.]com/tu/?1 hxxps://ambarinfinity[.]com/ti/?1 hxxps://fahmy-group[.]com/au/?1 hxxps://position1seo[.]co[.]uk/aca/?1 hxxps://carefreshness[.]com/isae/?1 hxxps://pasca[.]org[.]br/eoi/?1 hxxps://catsla[.]com/dtur/?1 hxxps://kadurkolors[.]com/tgam/?1 hxxps://rbzjewellers[.]com/eom/?1 hxxps://thecrescentschools[.]com/ipu/?1 hxxps://nagashishclinic[.]com/upt/?1 hxxps://emtenansa[.]com/emit/?1 hxxps://grubcart[.]com/oie/?1 hxxps://dramarthadaza[.]com/ssre/?1 hxxps://xboxvicio[.]com/su/?1 hxxps://jdwebsol[.]com/sie/?1 hxxps://hgl4u[.]com/mir/?1 hxxps://kalishwardas[.]com/tip/?1 hxxps://eit[.]net[.]pk/odao/?1 hxxps://globalshoppingcenter[.]it/ucd/?1 hxxps://nesral3roba[.]com/tl/?1 hxxps://ultimategatewayconstructions[.]com/lrr/?1 hxxps://aranzone[.]com/osih/?1 hxxps://ispacecorp[.]com/st/?1 hxxps://allformasti[.]com/iene/?1 hxxps://alejnr[.]com/eesl/?1 hxxps://sankalppediatrictherapy[.]com/oe/?1 hxxps://foshanpools[.]com/lnr/?1 hxxps://fitochem[.]com/spn/?1 hxxps://tapthecard[.]com/ovs/?1 hxxps://foodssl[.]com/uai/?1 hxxps://bernardinoressende[.]com/idb/?1 hxxps://ue-gov[.]uk/moi/?1 hxxps://accessaccelerator[.]org/cqo/?1 hxxps://gopinaki[.]com/mt/?1 hxxps://pakistaniroom[.]com/as/?1 hxxps://havana4d[.]com/tpr/?1 hxxps://codelinkinfotech[.]com/eit/?1 hxxps://hracuway[.]com/texd/?1 hxxps://midstate-towing[.]com/aix/?1 hxxps://ejagam[.]com/aqte/?1 hxxps://vitalhealthbenefits[.]com/ci/?1 hxxps://mykatakara[.]com/at/?1 |
Pikabot |
| URL | hxxp://as[.]imgjeoigaa[.]com/check/safe | Fabookie |
| URL | hxxp://94[.]142[.]138[.]111/software/bld_3[.]exe | Lucifer |
