## hosts-blocklists
## blocklists-yoroi

# https://yoroi.company/blog/

# https://yoroi.company/research/serverless-infostealer-delivered-in-est-european-countries/
madarbloghogya.blogspot.com

# https://yoroi.company/research/office-documents-may-the-xll-technique-change-the-threat-landscape-in-2022/
art-space.xyz 

# https://yoroi.company/research/spectre-v4-0-the-speed-of-malware-threats-after-the-pandemics/
archsatrap-uroxin-oarsman.cc
balmlike-mends-officiates.cc
conj-lithomancy-behove.cc
enticement-reconclusion-pairedness.cc
fley-dothideacea-joker.cc
healthsomely-bone-idle-rufigallic.cc
momental-scrooges-hoopster.cc
nonradiancy-requisit-mank.cc
surplus-twentyfourmo-protecting.cc
voltaire-overproduction-bordering.cc

# https://yoroi.company/research/financial-institutions-in-the-sight-of-new-jsoutprox-attack-waves/
dilideanter.zapto.org

# https://yoroi.company/research/threatening-within-budget-how-wsh-rat-is-abused-by-cyber-crooks/
kinghome.logsik.net
mercedez.duckdns.org

# https://yoroi.company/research/connecting-the-dots-inside-the-italian-apt-landscape/
failaspesa.altervista.org
ffaadd332211.altervista.org
fujinama.altervista.org
studiocpv.it
xhdyeggeeefeew.000webhostapp.com

# https://yoroi.company/warning/nuove-campagne-di-attacco-quakbot/
donostiayocio.com

# https://yoroi.company/warning/campagna-di-attacco-previdenza-sociale/
gstat.kangweid.com
gstat.premiamo.com
gstat.premiamo.eu
gstat.secundamo.com
gstat.secundato.com
gstat.secundato.net
gstat.securanto.com
gstat.securanto.net
gstat.securezal.com
gstat.securezal.xyz
gstat.securezzas.com
gstat.securezzis.net
gstat.sloleaks.com
web.coryriley.com

# https://yoroi.company/warning/campagna-di-attacco-agenzia-entrate/
gstat.peshtigodental.com
gstat.premiamo.com
gstat.premiamo.eu
gstat.secundamo.com
gstat.secundato.com
gstat.secundato.net
gstat.securanto.com
gstat.securanto.net
gstat.securezal.com
gstat.securezal.xyz
gstat.securezzas.com
gstat.securezzis.net
gstat.securityguardlisting.com
gstat.sloleaks.com
line.ehrlum.com

# https://yoroi.company/research/new-cyber-operation-targets-italy-digging-into-the-netwire-attack-chain/
cloudservices-archive.best

# https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
atn-com.pw

# https://yoroi.company/research/poulight-stealer-a-new-comprehensive-stealer-from-russia/
fff.gearhostpreview.com
poullight.ru
u43692210a.ha003.t.justns.ru

# https://yoroi.company/research/outlaw-is-back-a-new-crypto-botnet-targets-european-organizations/
debian-package.center

# https://yoroi.company/warning/ondate-di-attacco-sload-tramite-pec/
joplock.eu
keepm.eu
lookf2.eu
lookf.eu
merfan.eu
merth.eu
nephemp.com
nonosink.eu
pivpot.eu
tokenradio.com
utywrg.eu
woodlandislamiccenter.com
zarwrite.eu
zoomovers.com

# https://yoroi.company/research/a-brand-new-ursnif-isfb-campaign-targets-italian-organizations/
newuploadswift.pw
yefgweoiuhf.xyz

# https://yoroi.company/warning/campagne-di-phishing-a-tema-webex/
globalpagee-prod-webex.com

# https://yoroi.company/research/a-new-complex-infection-chain-to-deliver-ursnif-malware/
kolamana.com
tealex.it

# https://blog.yoroi.company/research/the-north-korean-kimsuky-apt-keeps-threatening-south-korea-evolving-its-ttps/
suzuki.datastore.pe.hu

# https://blog.yoroi.company/research/karkoff-2020-a-new-apt34-espionage-operation-involves-lebanon-government/
godoycrus.com

# https://blog.yoroi.company/research/transparent-tribe-four-years-later/
awsyscloud.com

# https://blog.yoroi.company/warning/nuova-campagna-di-attacco-ursnif/
adult-emoji.com
adultemojiapp.com
adultemojiapps.com
agenciaemdigital.com
allodchurch.com
allodchurch.org
app-angels.com
artproctor.com
arturoproctor.com
audreysfeedandtack.com
audreysfeedvb.com
banksesiqueira.xyz
blackplague04.com
blackplague1904.com
bloombread.com
blueoceanmngt.com
bone-hog.com
bonehog.com
bonehogging.com
bonehogs.com
brightseedbakery.com
brightseedbread.com
brightseedbreads.com
brightseedfoods.com
californiapiexam.com
celebcandle.com
celebprayercandles.com
celebritysaint.com
charlotteanabardesigns.com
chentowin.com
codyandlita.com
codyfaeth.com
conceptionmayday.com
conceptiontragedy.com
decoartsinc.com
diablodawg.com
disgruntledoverlanding.com
diveaboardtheconception.com
diveboatconception.com
divelogconception.com
divemasterconception.com
diverslogconception.com
drinkfreetea.com
dungdoptiop.xyz
emojihunter.com
eurothrash.com
fidelityresources.co
fidelityresources.com
fidelityresources.info
fidelityresources.net
fidelityresources.org
fidelitytrans.com
fidtrans.com
fireontheconception.com
fluentfilter.com
fluentintegration.com
funnysaintcandles.com
h2oscada.com
harmonybread.com
hibenjee.com
hiopal.com
holyfrijoli.com
homycons.com
laperrerax.com
licketysplitapps.com
ligafut7.com
ligafut7fem.com
ligaluff.com
litaandcody.com
liveaboardtheconception.com
lockedintheconception.com
logicfluent.com
lovebreads.com
luffem.com
marilurice.com
maydayconception.com
maydaytheconception.com
mexicons.com
murderontheconception.com
mysmartfoodie.com
mysmartgaydad.com
mysmartgaydads.com
mysmarttravelcard.com
mywatersolved.com
omniprojector.com
onthedotservices.com
ourwatersolved.com
patukulo.com
process-emogi.com
processemogi.com
radiantbread.com
reparms.com
republicarmsmanufacturing.com
republicarmsmfg.com
republicarmsoftexas.com
robertdtripsoninc.com
saintcandle.com
saintceleb.com
saintcelebrity.com
saintscandle.com
saintscandles.com
samscartel.com
samtripsoncartel.com
saveourshoresfl.com
saveourshoresfl.org
saveourshoresirc.com
scadaoasis.com
seyoso.com
spacegrunt.com
strand-jewelry.com
superfoodbread.com
superfoodbreads.com
tah-co.com
tahcocorp.com
talesofwaldo.com
telemetrydesign.com
telemetrysolved.com
texastacticool.com
thelovebread.com
thepenisinmymouth.com
thespacemarine.com
thetwigshop.com
threadsboutiquevb.com
tohomeroom.com
tororevolution.com
totalcleaningservicevero.com
tragedyontheconception.com
transformativescada.com
transformativesi.org
transformativeui.com
trapperhackett.com
trapperhackett.info
trapperhackett.net
trapperhackett.org
vigilanteinvestigations.com
waldosbontanicals.com
waldosexton.com
waldosexton.org
waldosgarden.com
wastewatersolved.net
waterautomated.com
waterautomated.info
waterautomated.net
waterautomated.org
waterdefended.com
waterintegrated.com
waterminds.info
waterminds.net
waterminds.org
wytextrans.com
wytextransportation.com
zvrtrans.com
zvrtransportation.com

# https://blog.yoroi.company/research/cyberwarfare-a-deep-dive-into-the-latest-gamaredon-espionage-campaign/
get-icons.ddns.net
masseffect.space
win-apu.ddns.net

# https://blog.yoroi.company/warning/nuove-operazioni-di-attacco-sload/
cafebellissimo.com
cambodiaswimmingpools.com
clubdeajedrezmatamoros.com
hnerert.eu
nweryh.eu

# https://blog.yoroi.company/warning/nuovi-attacchi-ursnif-in-corso-gls-italy/
aromareadytools.com
betterbusinessresults.com
bibpics.com
customerspick.com
desaidles2.fun
ge1dmond.info
gedmond0.pro
hintdeals.com
kolonimalosi8.pw
more-patients-now.com
myaromatoolsstore.com
mylocalreputationreport.com
new1discoveries1.com
newsaplicamento2.surf
newsaplicamento.surf
ohfebveub.fun
ohfebveub.xyz
oneway.rent
personalizedkreations.com
pixelsuperstore.com
rxbizsolutions.com
shoes2boots1991.com
sp344-my.sharepoint.com
sscupace.xyz
student-pod.com
temps.team
thallofloraldesign.com
thedogoodarmy.com
wanderunderwater.com
zal6etuf.pro

# https://blog.yoroi.company/warning/ondata-di-attacchi-sollecito-pagamento/
booksale.red
eiufhvhrc.xyz
guatemal.xyz
hummercarss.com
nsdaqos.pw
padareova.fun
randomord.com
reoomavo.fun
skrollinu.xyz
steercos.pw
toloadname.xyz
wessell.pw

# https://blog.yoroi.company/warning/campagna-di-attacco-nuovo-documento/
2short2waste.org
bethelarts.org
bethelucc-ontario.org
boathandlingjack.com
composerforfilms.com
crccoating.com
crclaserfab.com
crclasertechnologies.com
embroiderydigitizing.miami
hivechannel3.com
homesredmond.com
inlandempiresymphony.com
myegy.club
pizzaonenj.com
promoteyourico.com
realestatewoodinville.net
samuelbillett.com
teablitziloilo.xyz
thefork.info
thenuttyheads.us
uccontario.com
websitemaestra.com
woodinvillewa.com

# https://blog.yoroi.company/research/the-sload-threat-ten-months-later/
butchscorpion.com
carpediem123.com
clutchmagazine.com
cvrwe.eu
dreamacinc.com
famebite.com
fanaaru.com
ghettoaffiliatemarketing.com
ijve.eu
interloc-tp.com
iumju1.eu
jonwilliam.com
kd5ndz.com
memoriesmadelb.com
rdtber1.eu
rdtber.eu
uilomiku1.eu
uilomiku.eu

# https://blog.yoroi.company/warning/campagna-di-attacco-emotetursnif/
alister-mathmatics.club
aylaspa.com
panelfiberton.com
qirqle.com
sysmobi.com
transporteselfenix.com

# https://blog.yoroi.company/research/commodity-malware-reborn-the-agenttesla-total-oil-themed-campaign/
handrush.com

# https://blog.yoroi.company/warning/nuove-operazioni-di-attacco-gootkit/
cdn.areascans.com
itp.surfpapara.com
web.mavensd.org

# https://blog.yoroi.company/warning/ritorno-delle-campagne-di-attacco-emotet/
biyunhui.com
broadpeakdefense.com
followergods.com
hotelkrome.com
lecairtravels.com
nautcoins.com
refferalstaff.com
startupforbusiness.com
sunflagsteel.com
think1.com

# https://blog.yoroi.company/warning/ondata-di-attacchi-contro-aziende-italiane-ursnif/
aliiuyrt.space
aliiuyrt.xyz
alloiudh.casa
newupprolods.club
newupprolods.fun
siurreje.xyz

# https://blog.yoroi.company/research/new-gobrut-version-in-the-wild/
formfactset.org

# https://blog.yoroi.company/warning/campagna-di-email-pec-infette-sload/
antonmolok.com
drgenehawkins.com
fasotechnologie.com
hackonbrawlstars.com
hulksterfitness.com
turningcash.com

# https://blog.yoroi.company/research/the-evolution-of-aggah-from-roma225-to-the-rg-campaign/
createdbymewithdeniss.blogspot.com
rgalldmn.duckdns.com

# https://blog.yoroi.company/warning/pericolosa-campagna-di-attacco-trickbot/
altxcode.com
penpilot.net

# https://blog.yoroi.company/research/p2p-worm-spreads-crypto-miners-in-the-wild/
xcnpool.1gh.com

# https://blog.yoroi.company/warning/nuova-campagna-di-attacco-verso-aziende-italiane/
outlowupdt.info

# https://blog.yoroi.company/research/spotting-rats-tales-from-a-criminal-attack/
thisurl.doesntexist.com

# https://blog.yoroi.company/research/how-ursnif-evolves-to-keep-threatening-italy/
fileneopolo.online
filomilalno.club
newupdatindef.info
reziki.online
reziki.xyz

# https://blog.yoroi.company/warning/campagna-di-attacco-sload-verso-pec-italiane/
agilebeats.com
alberta-davidson.com
americangoatfederation.com
areabasics.com
atonceegypt.com
bdsm-training.com
behemothadvertising.com
belgrade4u.com
berkeleytaylorconsultants.com
cinematicleo.com
citilamp.com
decorretouch.com
drapermerch.com
e-gency.com
easthamorg.com
hellokittyvietnam.com
implantrefer.com
jimifox.com
kelleyrecording.com
kitapplatformu.com
libreko.com
marionettedesigns.com
mdcreativevision.com
metaphysicalstores.com
misedocs.com
moresaleswithai.com
mullinsbeach.com
myvahine.com
nanolayercoatings.com
nothinbutsports.com
nuvenn.com
nycloot.com
olxtree.com
openofficelight.com
ourinnerhealth.com
petperksandstuff.com
phobosstudio.com
phunctions.com
piramal-usa.com
pratapsinhpatil.com
princewilliamcountylife.com
revofine.com
safariarmy.com
silentbidder.com
staceymorse.com
ta-meyer.com
tcjwelding.com
thepicturecafe.com
thetomatokitchen.com
topcreditloans.com
trailerhireonline.com
truganics.com
villasencancun.com
wakeupcalluk.com
watchgq.com
wbhrconsultants.com
webberwebsites.com
webshops-linux.com
wickedelve.com
wtxhemp.com

# https://blog.yoroi.company/warning/nuova-campagna-di-attacco-ransomware-sodinokibi/
decryptor.top

# https://blog.yoroi.company/research/the-russian-shadow-in-eastern-europe-a-month-later/
bitvers.ddns.net
my-certificates.ddns.net
torrent-vnc.ddns.net

# https://blog.yoroi.company/research/ta505-is-expanding-its-operations/
kentona.su

# https://blog.yoroi.company/research/the-stealthy-email-stealer-in-the-ta505-arsenal/
bullettruth.com
nettubex.top

# https://blog.yoroi.company/warning/campagna-gootkit-verso-pec-italiane/
ami.sigaingegneria.com
ema.emeraldsurfsciences.com
martatov.top
safa.205dundas.com
ssw.138front.com
vdd.c21breeden.com

# https://blog.yoroi.company/research/the-russian-shadow-in-eastern-europe-ukrainian-mod-campaign/
bitwork.ddns.net
librework.ddns.net

# https://blog.yoroi.company/warning/ondata-di-attacco-ursnif-fattura-doc
alltimedfgsf.icu
illeain.info

# https://blog.yoroi.company/warning/nuova-campagna-di-attacco-sload/
areaclienti.17025-accreditation.com
areariservata.17025-accreditation.com
areariservata.alleycathydroponics.com
areariservata.anniversaryguides.com
areariservata.arprop.com
areariservata.astrolivia.com
areariservata.english2helpu.com
areariservata.hvacprosgreensboro.com
areariservata.rhohost.com
areariservata.vendeycompradetodo.com
areariservata.vipsfollowingleadership.com
assistenza.anniversaryguides.com
assistenza.dentistsseattlewa.com
assistenza.happybeatmaking.com
assistenza.poddiva.com
assistenza.startourschi.com
casefinity.com
cloud.correctivepixels.com
cloud.flamebarandgrill.com
cloud.spiritcation.com
discoversolarpower.com
help.flutterlashstudios.com
help.opticlink.com
hotxm90.com
resellrightscreator.com
serviziweb.adventureswithangelsnextdoor.com
serviziweb.bodagadelsantek.com
thechosenrub.com

# https://blog.yoroi.company/research/apt28-and-upcoming-elections-possible-interference-signals/
functiondiscovery.net

# https://blog.yoroi.company/research/limerat-spreads-in-the-wild/
hacks4all.net
netpipe.warzonedns.com

# https://blog.yoroi.company/research/ursnif-the-latest-evolution-of-the-most-popular-banking-malware/
nuovalo.icu
nuovalo.site

# https://blog.yoroi.company/research/the-ursnif-gangs-keep-threatening-italy/
blogger.scentasticyoga.com
link.kunstsignal.net

# https://blog.yoroi.company/warning/campagna-di-attacco-ransomware/
blogs.nwp2.xcut.pl
mutualamcoop.com.ar
oshorainternational.com
tehms.com
testzagroda.hekko24.pl

# https://blog.yoroi.company/research/the-document-that-eluded-applocker-and-amsi/
riscomponents.pw

# https://blog.yoroi.company/research/apex-legends-for-android-a-fake-app-could-compromise-your-smartphone/
apexhack.site
areyouabot.net
krater.giize.com

# https://blog.yoroi.company/research/op-pistacchietto-an-italian-job/
certificates.ddns.net
config01.homepc.it
config02.addns.org
paner.altervista.org
verifiche.ddns.net
visionstore.info

# https://blog.yoroi.company/warning/campagna-di-attacco-scarica-il-documento/
dod.suze10n1.com
dod.suzienow.com
link.kunstsignal.com
munosi.acnepatient.com
munosi.addpatient.com
munosi.baptiststay.com
munosi.bharatbioscience.in
munosi.buddhiststay.com
munosi.catsdogsbabies.com
munosi.ihavedryskin.com
munosi.irritablebowelsyndromepatient.com
munosi.jacksonvillerentalcommunity.com
munosi.lupusinfotech.com
munosi.mepex.in
ortusi.adderallpatient.com
ortusi.albertmuzaurieta.net
ortusi.allergypatient.net
ortusi.civilexpo.in
ortusi.goodappledigital.com
ortusi.icesurat.org
ortusi.insomniapatient.com
solini.albertmuzaurieta.com
solini.allergypatient.net
solini.anxietypatient.com
solini.bharatbioscience.in
solini.catholicstay.com
solini.codeconcepts.co
solini.headachepatient.com
solini.icesurat.org
sortini.albertmuzaurieta.net
sortini.bharatbioscience.in
sortini.buddhiststay.com
sortini.catholicstay.com
sortini.catsdogsbabies.com
sortini.codeconcepts.in
sortini.goodappledigital.com
sortini.irritablebowelsyndromepatient.com
sortini.jorgetonarely.com
sortini.lupusinfotech.com
sutori.allergypatient.net
sutori.bharatbioscience.in
sutori.catsdogsbaby.com
sutori.codeconcepts.co
sutori.codeconcepts.in
sutori.icesurat.org
sutori.ihavedryskin.com
sutori.jaipurmurtibhandar.in
sutori.lupusinfotech.com
sutori.mepex.in
sutori.pichvaitraditionandbeyond.com

# https://blog.yoroi.company/warning/ondata-di-attacchi-con-archivi-cifrati/
cyihenryqd.city
n79ye83au4268.com
wbfnjohanna.band
xbtillmanee.company

# https://blog.yoroi.company/research/the-long-run-of-shade-ransomware/
3dpers.com
3forfree.org
250land.000webhostapp.com
365poker.000webhostapp.com
aafiyaat.com
aceponline.org.ng
acm.ee
agence.nucleus.odns.fr
aguimaweb.com
aialogisticsltd.com
akiko.izmsystem.net
alax.nexxtech.fr
alexis.monville.com
alfaqihuddin.com
alongthelines.com
americanstaffordshireterrier.it
ankarabeads.com
anket.kalthefest.org
anneliesje.nl
app-1536185165.000webhostapp.com
aslike.org
asztar.pl
atjtourjogja.com
autolikely.com
azraglobalnetwork.com
bakita.life
balkaniks.de
bar-tenderly.com
barbarapaliga.pl
basicpartner.no
berkje.com
berplamon.de
bienhieutrongnha.com
bishokukoubou.com
bit-com.info
bits-kenya.com
biurorachunkowe24.waw.pl
blackout.pub
blessedstudiodigital.000webhostapp.com
blockchainhowtouse.com
bobathsi.pl
bojacobsen.dk
bookle.se
brewmethods.com
brigitte-family.com
bundartree.000webhostapp.com
byce.nl
caferaclete.pt
caraccessonriesr9.com
careersatltd.com
caringsoul.org
chancesaffiliates.com
changematterscounselling.com
choinkimarkus.pl
chuletas.fr
citylawab.com
clareplueckhahn.com.au
clarte-thailand.com
clermontmasons.org
clubs.hmmagic.com
co2services.be
codebyshellbot.com
comments.hmmagic.com
comsystem.ch
coptermotion.aero
cozynetworks.com
creativeapparel.co.uk
d-fannet.com
danieljenkins2000.000webhostapp.com
dawgpoundinc.com
deflektori.ru
demosthene.org
dev01.europeanexperts.com
dev.europeanexperts.com
digituote.fi
dixo.se
djisyam38.com
doktech.cba.pl
dreams-innovations.com
drjoshihospital.com
duttonandsherman.com
e-online.fr
ecchionline.com
efficientlifechurch.org
emlak.baynuri.net
enjoy-kobac.com
equiracing.fr
erataqim.com.my
ericotv.com
evansindustries.com
eviescoolstuff.com
expert-centr.com
fayanscimustafa.com
fibeex.com
firstbaptisthackensack.org
firstdobrasil.com.br
fupu.org
ghetto-royale.com
good-deal.ml
grenop-invest.cz
hanuram.net
happysungroup.de
helpingpawsrescueinc.org
hi-shop.ml
hiwentis.de
hobbysalon-tf.com
home-spy-shop.com
hopperfinishes.com
hugomaia.com
ia-planet.com
ijweaver.com
ikuhenta.net
ilan.baynuri.net
immobilien-dresdner-land.de
indigo-daisy.000webhostapp.com
ingridandryan.com
insight-analytica-amir.000webhostapp.com
insperide.nl
instaforexmas.com
iphonedelivery.com
irapak.com
isolation.nucleus.odns
iventix.de
jillharness.com
joinjohndoeit.000webhostapp.com
jonathantercero.com
jupajubbeauty.com
kasutwakai.com
katharinen-apotheke-braunschweig.de
kensei-kogyo.com
kerusiinovasi.com
kiathongind.com.my
klotho.net
kobac-hita.com
kobac-namerikawa01.com
kobac-suzuka.com
kobac-takayama.com
kobac-yokohama01.com
kokoon.co.uk
kvintek.com
kwebfun.com
lakematheson.com
lam.cz
landing-page1169.000webhostapp.com
latinbeat.com
lawaaike.nl
lbermudez.000webhostapp.com
leeth.org
lg4square.com
lightbox.de
lingvaworld.ru
lipraco.cz
lokersmkbwi.com
lutnikwitwicki.pl
madrascrackers.com
mail.optiua.com
manhtructhanhtin.com
manoulaland.com
market.optiua.com
master-of-bitcoin.net
maxdvr.000webhostapp.com
maxwatermit2.com
meble-robert.pl
medgen.pl
mentoringjagojualan.com
mizutama.com
mobshop.schmutzki.de
mock.fpdev.xyz
mod.sibcat.info
montolla.tk
morganbits.com
morsengthaithai.com
motelfortpierce.com
muapromotion.com
muratto.site
musojoe.com
myboysand.me
myspaceplanner.fr
mztm.jp
mztm.sixcore.jp
na-korable.ru
nagoyan.fun
nexxtech.fr
nienkevanhijum.nl
nkcatering.pl
nn-webdesign.be
northmaint.se
nts-solution.net
old.vide-crede.pl
orangeconsultingin.000webhostapp.com
orhangencebay.gen.tr
osiedle-polna.pl
otterloo.nl
p30qom.ir
paewaterfilter.com
pakmedcon.com
panska.cz
parrocchiadellannunziata.it
pausin-fotografie.de
peinture-marseille.com
pickledbrain.com
planetpainter.ca
posadaelnogal.000webhostapp.com
presse.schmutzki.de
primeeast.net
projectmmo.ru
psychoactive-mentio.000webhostapp.com
qlcalendar.com
qlknowledge.com
quarenta.eu
rarejewelry.net
raymieszoo.com
rbgrouptech.000webhostapp.com
re-set.fr
refurbished.my
rentacar.baynuri.net
rheniumsolutions.co.ke
ri-photo.com
rivercitylitho.com
robjunior.com
rocksolidstickers.com
rosarioalcadaaraujo.com
rosetki.sibcat.info
rupinasu410.com
sacredheartwinnetka.com
sale-petit-bonhomme.com
schmutzki.de
scotts-grotto.org
semiworldwide.net
senital.co.uk
service.baynuri.net
shatki.info
skincareshopbeauty.com
smile-kobac.com
sobornarada.gov.ua
somelie.jp
speak-and-translate.com
spleenjanitors.com.ng
srikrungdd.com
staroil.info
stellacosmeticos.com
stonescrossing.com
stradious.com
strewn.org
stringletter.com
sunrise-sprit-enkazu.com
super-industries.co
supersnacks.rocks
taking-technician.000webhostapp.com
tanecni.org
taoday.net
tb.ostroleka.pl
tekanova.com
tewsusa.co
the-bombay-summit.000webhostapp.com
theboltchick.com
thegiddystitcher.com
therollingshop.com
thielepape.de
thorxer.de
thu-san-world-challenges.org
tontonfilms.com
transforma.de
tree.sibcat.info
tunisiagulf.com
u-kagawa.info
uborprofit.com
usep75.fr
ventecservice.no
videodiburama.com
vps200999.vps.ovh.ca
wallpapershd.xyz
wamambotrading.com
waterfordcomputers.ie
wcf-old.sibcat.info
weblogos.org
webonlineshop.ml
withyou2408.com
xavietime.com
xindetrading.000webhostapp.com
yurayura.life
zmastaa.com

# https://blog.yoroi.company/research/gootkit-unveiling-the-hidden-link-with-azorult/
avant-garde.host
hairpd.com
host.colocrossing.com
ivanzakharov91.example.com
kinzhal.online

# https://blog.yoroi.company/warning/campagna-malevola-dhl/
databeuro.com
driverconnectsearch.info
faceboolmotorses.com
googodsgld.com
ssl.admin.itybuy.it
suihuajx.com

# https://blog.yoroi.company/research/ursnif-long-live-the-steganography/
nolavalt.icu
pereloplatka.host
roiboutique.ru
sendertips.ru
uusisnfbfaa.xyz

# https://blog.yoroi.company/warning/campagna-di-attacco-fattura-corretta/
felipllet.info
fillialopago.info

# https://blog.yoroi.company/research/the-story-of-manuels-java-rat/
thegoldfingerinc.com

# https://blog.yoroi.company/warning/campagna-di-attacco-tramite-pec/
flpscuolafoggia.it
gtdspr.space
it.sunballast.de
martatovaglieri.com
ws.cmgsystems.it

# https://blog.yoroi.company/research/the-ave_maria-malware/
anglekeys.warzonedns.com
masaimaranationalparkkenya.com
sentinelx.tk
xinchingho.ml

# https://blog.yoroi.company/warning/campagne-di-attacco-dichiarazione-dei-redditi/
donations.storecery.com
local.firstcapitalmortgages.ca
pinghostwell.info
pragueat.com
returns.chrismissirian.net
sriyukteshvar.com
ticketiinvoice.info
todayutos.info

# https://blog.yoroi.company/research/the-enigmatic-roma225-campaign/
cdtmaster.com.br
minhacasaminhavidacdt.blogspot.com
office365update.duckdns.org
pocasideiascdt.blogspot.com
systen32.ddns.net

# https://blog.yoroi.company/research/dissecting-the-danabot-paylaod-targeting-italy/
equityfloat.pw

# https://blog.yoroi.company/warning/campagna-di-attacco-invio-documenti-ursnif/    halamobedlam.org
allooalel.club

# https://blog.yoroi.company/research/dissecting-the-muddywater-infection-chain/
amorenvena.com
amphira.com
pazazta.com

# https://blog.yoroi.company/research/dissecting-the-latest-ursnif-dhl-themed-campaign/
apt.melotor.at
groupschina.com
grwdesign.com
in.ledalco.at
int.nokoguard.at
io.ledalco.at
rest.relonter.at
web2003.uni.net
web2341.uni5.net

# https://blog.yoroi.company/warning/attacchi-ursnif-nuovo-documento/
boby.ancorarestaurantnyc.com
link.esempleo.com
nana.anarindianhollywood.com

# https://blog.yoroi.company/research/the-sload-powershell-threat-is-expanding-to-italy/
balkher.eu
bureaucratica.org
cavintageclothing.com
firetechnicaladvisor.com
hamofgri.me
icodeucode.com
ljfumm.me
peatsenglishcider.com
perecwarrior.eu
rootcellarproductions.com
sciencefictionforgirls.com
three-bottles.com
upabovenewyork.com

# https://blog.yoroi.company/warning/campagne-di-propagazione-malware-gootkit/
bodim.jaipurmurtibhandar.in
comm.clicktravelex.com
ipo.pranavashram.in
lenam.uk
mercati.gasheatingrepairs.com
predisposto.mattpodschweit.com

# https://blog.yoroi.company/warning/ondate-di-attacchi-danabot/
driversearch.site
driversearch.space

# https://blog.yoroi.company/research/hunting-for-sofacy-lojax-double-agent-analysis/
mail.regvirt.com
regvirt.com

# https://blog.yoroi.company/warning/campagna-di-attacco-ursnif-re/
cjwefomatt.com
dubbergergbb.com
ninasukash.com
ticrerfgiff.com