https://cdn.discordapp.com/attachments/1091449028107051142/1094520407274569738/bildak.exe
https://cdn.discordapp.com/attachments/1111985588615249960/1113790937693433916/54656464.exe
http://colisumy.com/dl/build.exe
https://speedlab.com.eg/tmp/index.php
http://45.9.74.80/wall.exe
http://host-file-host6.com/
https://cdn.discordapp.com/attachments/1111985588615249960/1113502455964110848/54656464.exe

https://filetransfer.io/data-package/llBlT2VL/download -> GoogleChromeUpdate.exe ->  https://raw.githubusercontent.com/RHGF44/string/main/readme.txt -> DCRat -> C2: pococox.cc -> 134.255.216.148:80 (+ Scheduled Task and Add-MpPreference -ExclusionPath)

http://hugersi.com/dl/6523.exe

https://darkbox.pw/d/2NDOYbiR12bS1ItY28sWAZ6I2FJlkP -> clear.exe -> Loader reaching out to: 
http://5.42.94.169/customer/115 -> Downloads and executes RedLine C2: 45.9.74.4:46910

http://potunulit.org/

http://kingpirate.ru/tmp/

http://respekt5568.com/downloads/toolspub1.exe

https://nftsmean.com/pro2.exe

https://cdn.discordapp.com/attachments/1113947677764374622/1113960414951252049/1st.exe -> C2: 84.54.50.125:58002

http://dropbuyinc.ga/

https://cdn.discordapp.com/attachments/920726397322928168/1079835676448669768/qwfqwf.exe

http://140.99.221.199/sp.exe

http://95.214.27.98/file/lega.exe -> 2x RedLine (Botnet:lars && Botnet grom) C2:  83.97.73.127:19045 + Amadey: http://95.214.27.98/cronus/index.php

https://seattle-fishing-club.com/search.php

http://194.180.48.90/cc.exe -> Rhadamanthys Stealer -> C2: 179.43.162.23:8509

http://colisumy.com/dl/buildz.exe

https://cdn.discordapp.com/attachments/1082332577060356128/1087147141560012851/635965506.exe?raw

https://cdn.discordapp.com/attachments/1069223617117814787/1069223713129635970/asdasdb.exe

https://miami-golf-club.com/search.php