ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

233

IOCs shared (past 24 hours)

Vidar

Most seen malware family (past 24 hours)

1'615'599

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-01-29 21:38	captolls.com	ClearFake	ClickFix	threatcat_ch
2026-01-29 21:30	192.109.200.95:8443	XenoRAT	XenoRAT	abuse_ch
2026-01-29 20:52	http://45.93.20.205	Stealc	Stealc	abuse_ch
2026-01-29 20:52	http://158.94.211.84	Stealc	Stealc	abuse_ch
2026-01-29 20:47	https://aliengp.cyou/api	Lumma Stealer	Lumma	abuse_ch
2026-01-29 20:23	mini-zmoto.com	Unknown Stealer	c2 domain MacSync stealer	dyingbreeds_
2026-01-29 20:17	arsenmarkaruyn.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 20:17	cotlesgengeral.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 20:11	hqej69yf.v0xenharvest.ru	ClearFake	ClearFake	Anonymous
2026-01-29 20:10	wydannc6.v0xenharvest.ru	ClearFake	ClearFake	threatcat_ch
2026-01-29 20:06	13.212.200.168:37892	Meterpreter	AMAZON-02 AS16509 c2 censys hacktool MetaSploit Meterpreter	DonPasci
2026-01-29 20:06	56.112.53.44:35458	Meterpreter	AMAZON-02 AS16509 c2 censys hacktool MetaSploit Meterpreter	DonPasci
2026-01-29 20:05	45.156.87.160:8808	AsyncRAT	AS51396 asyncrat c2 censys PFCLOUD RAT	DonPasci
2026-01-29 20:05	103.136.249.49:31333	Sliver	AS138915 c2 censys KAOPU-HK sliver	DonPasci
2026-01-29 19:51	190.144.146.90:2205	Remcos	AS14080 c2 RAT remcos Telmex	DonPasci
2026-01-29 19:43	192.241.120.160:2176	Remcos	remcos	abuse_ch
2026-01-29 19:26	bargeshipping.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 19:22	gosemobi.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 19:20	njtankservices.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 19:20	laderbaj.net	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 19:01	54.73.77.160:443	DeimosC2	Deimos drb-ra	abuse_ch
2026-01-29 19:01	52.223.52.219:443	DeimosC2	Deimos drb-ra	abuse_ch
2026-01-29 18:58	45.88.186.45:1000	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-01-29 18:55	209.145.63.3:33330	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-01-29 18:44	115.187.17.138:443	BianLian	BianLian drb-ra	abuse_ch
2026-01-29 18:15	https://stobminipinporl.com/api/bot/heartbeat	Unknown Stealer	2.0 c2 shub SHubStealer VirusTotal	DonPasci
2026-01-29 18:15	http://evervisionicd.com/xquat/fre.php	Loki Password Stealer (PWS)	c2 Loki LokiBot triage	DonPasci
2026-01-29 18:13	stobminipinporl.com	Unknown Stealer	2.0 c2 domain shub SHubStealer stealer VirusTotal	DonPasci
2026-01-29 18:11	47.74.57.14:8080	ValleyRAT	AS45102 c2 RAT triage ValleyRAT	DonPasci
2026-01-29 18:08	www.355bet.com.br	AsyncRAT	asyncrat c2 domain RAT triage	DonPasci
2026-01-29 18:05	138.199.38.132:53284	Remcos	AS212238 c2 RAT remcos triage	DonPasci
2026-01-29 18:04	46.137.227.63:9696	XWorm	AS16509 c2 triage XWorm	DonPasci
2026-01-29 18:04	13.201.84.62:6666	XWorm	AS16509 c2 triage XWorm	DonPasci
2026-01-29 18:04	rentals-hidden.gl.at.ply.gg	XWorm	c2 domain triage XWorm	DonPasci
2026-01-29 17:46	octazo.gb.net	AsyncRAT	asyncrat	abuse_ch
2026-01-29 17:46	fb888.uk.com	AsyncRAT	asyncrat	abuse_ch
2026-01-29 17:46	communications.it.com	AsyncRAT	asyncrat	abuse_ch
2026-01-29 17:38	hobefork.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 17:37	clearwaterfishingcompany.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 17:35	taxnearme.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 17:30	kd62.casino	Quasar RAT	quasar	abuse_ch
2026-01-29 17:30	337788bet.site	Quasar RAT	quasar	abuse_ch
2026-01-29 17:28	194.62.55.143:1604	Quasar RAT	quasar	abuse_ch
2026-01-29 17:24	94.26.90.170:443	ClearFake	ClickFix	threatcat_ch
2026-01-29 17:22	handsonatwork.co.uk	ClearFake	ClickFix	threatcat_ch
2026-01-29 17:20	cansti.in.net	AsyncRAT	asyncrat	abuse_ch
2026-01-29 17:20	foamfasfkkfkfkfa.com	ClearFake	ClickFix	threatcat_ch
2026-01-29 17:20	ofofoalalaladjrkrka.com	ClearFake	ClickFix	threatcat_ch
2026-01-29 16:48	https://cdn.jsdelivr.net/gh/web3call/ws014/st85	ClearFake	ClearFake	threatcat_ch
2026-01-29 16:41	tdrdomainnew.com	CastleRAT	c2 CastleRAT domain RAT triage	DonPasci
2026-01-29 16:40	207.189.164.112:9999	CastleRAT	AS394177 c2 CastleRAT RAT SHIFT-HOSTING-LLC triage	DonPasci
2026-01-29 16:06	151.64.17.150:8080	Empire Downloader	AS1267 ASN-WINDTRE c2 censys PowershellEmpire	DonPasci
2026-01-29 16:05	103.177.47.176:3790	Meterpreter	AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter	DonPasci
2026-01-29 16:05	13.245.75.48:53744	Meterpreter	AMAZON-02 AS16509 c2 censys hacktool MetaSploit Meterpreter	DonPasci
2026-01-29 16:05	196.75.172.144:2222	Meterpreter	AS36903 c2 censys hacktool MetaSploit Meterpreter MT-MPLS	DonPasci
2026-01-29 16:05	20.106.187.78:443	PoshC2	AS8075 c2 censys MICROSOFT-CORP-MSN-AS-BLOCK Posh	DonPasci
2026-01-29 16:05	185.11.61.241:7777	DCRat	AS57523 c2 censys CHANGWAY-AS dcrat RAT	DonPasci
2026-01-29 16:05	81.17.99.174:443	Unknown malware	AS51167 c2 censys CONTABO Mythic	DonPasci
2026-01-29 16:05	107.172.31.102:4465	AsyncRAT	AS-COLOCROSSING AS36352 asyncrat c2 censys RAT	DonPasci
2026-01-29 16:05	45.83.31.246:5000	Remcos	AS210558 c2 censys RAT remcos	DonPasci
2026-01-29 16:04	124.198.131.201:8888	Remcos	AS210558 c2 censys RAT remcos SERVICES-1337-GMBH	DonPasci
2026-01-29 16:04	185.208.159.173:2404	Remcos	AS42624 c2 censys RAT remcos SWISSNETWORK02	DonPasci
2026-01-29 16:04	47.101.152.28:80	Cobalt Strike	ALIBABA-CN-NET AS37963 c2 censys CobaltStrike cs-watermark-666666666	DonPasci
2026-01-29 16:04	156.234.218.171:24704	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-01-29 15:51	unmindv.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:51	genussy.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:51	studfdu.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	aliengp.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	vetchir.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	menopjc.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	stathas.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	odovakmc.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	mummifjn.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	offseti.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:49	interrg.cyou	Lumma Stealer	c2 domain Lumma stealer	DonPasci
2026-01-29 15:35	https://interrg.cyou/api	Lumma Stealer	Lumma	abuse_ch
2026-01-29 15:25	https://stathas.cyou/api	Lumma Stealer	Lumma	abuse_ch
2026-01-29 15:25	https://menopjc.cyou/api	Lumma Stealer	Lumma	abuse_ch
2026-01-29 13:45	vyy.uk.com	Quasar RAT	quasar	abuse_ch
2026-01-29 13:45	nog.jp.net	Quasar RAT	quasar	abuse_ch
2026-01-29 13:45	license.eu.com	Quasar RAT	quasar	abuse_ch
2026-01-29 13:28	104.248.130.195:7492	NjRAT		netresec
2026-01-29 12:09	luvxcide.duckdns.org	Nanocore RAT	c2 domain NanoCore RAT triage	DonPasci
2026-01-29 12:08	dohinukss.localto.net	SpyNote	Android c2 domain Spynote triage	DonPasci
2026-01-29 12:07	91.108.244.139:443	FAKEUPDATES	SocGholish	threatcat_ch
2026-01-29 12:05	172.104.188.247:9999	AdaptixC2	AdaptixC2 AKAMAI-LINODE-AP AS63949 c2 censys	DonPasci
2026-01-29 12:05	47.109.78.104:8080	Sliver	ALIBABA-CN-NET AS37963 c2 censys open-dir payload sliver	DonPasci
2026-01-29 12:05	194.68.225.168:80	Unknown RAT	AS57169 c2 censys EDIS-AS-EU RAT spicerat	DonPasci
2026-01-29 12:05	20.206.201.190:2404	Remcos	AS8075 c2 censys MICROSOFT-CORP-MSN-AS-BLOCK RAT remcos	DonPasci
2026-01-29 12:05	192.3.136.235:5070	Remcos	AS36352 c2 RAT remcos triage	DonPasci
2026-01-29 12:04	Boosterman22q1-33740.portmap.host	XWorm	c2 domain triage XWorm	DonPasci
2026-01-29 12:04	hebasix.duckdns.org	XWorm	c2 domain triage XWorm	DonPasci
2026-01-29 12:04	45.150.128.141:7000	XWorm	AS56309 c2 triage XWorm	DonPasci
2026-01-29 12:04	Boosterman22q1-42479.portmap.host	XWorm	c2 domain triage XWorm	DonPasci
2026-01-29 12:04	Egornigga-61525.portmap.host	XWorm	c2 domain triage XWorm	DonPasci
2026-01-29 12:04	206.238.70.42:80	Cobalt Strike	AS399077 c2 censys CobaltStrike cs-watermark-987654321 TERAEXCH	DonPasci
2026-01-29 12:04	43.156.27.192:80	Cobalt Strike	AS132203 c2 censys CobaltStrike cs-watermark-987654321 TENCENT-NET-AP-CN	DonPasci
2026-01-29 11:36	https://cdn.jsdelivr.net/gh/web3call/ws014/zr0	ClearFake	ClearFake	threatcat_ch
2026-01-29 11:19	https://cdn.jsdelivr.net/gh/web3call/ws014/das	ClearFake	ClearFake	threatcat_ch
2026-01-29 11:01	194.150.220.63:8443	Unknown malware	AS215540 censys GCS-AS GoPhish phishing	dyingbreeds_
2026-01-29 11:01	194.150.220.63:2083	Unknown malware	AS215540 censys GCS-AS GoPhish phishing	dyingbreeds_
2026-01-29 11:01	178.156.234.79:8443	Unknown malware	AS213230 censys GoPhish HETZNER-CLOUD2-AS phishing	dyingbreeds_
2026-01-29 11:01	34.233.15.237:443	Unknown malware	AS14618 censys GoPhish phishing	dyingbreeds_
2026-01-29 11:01	54.90.55.61:443	Unknown malware	AS14618 censys GoPhish phishing	dyingbreeds_
2026-01-29 11:01	80.211.130.251:3333	Unknown malware	ARUBA-ASN AS31034 censys GoPhish phishing	dyingbreeds_
2026-01-29 11:01	159.198.37.223:8080	Unknown malware	AS22612 censys GoPhish phishing	dyingbreeds_
2026-01-29 11:00	45.155.173.119:8443	Havoc	AS213250 c2 censys ITP-SOLUTIONS	dyingbreeds_
2026-01-29 11:00	rousedonkibure.us	Havoc	AS13335 c2 censys	dyingbreeds_
2026-01-29 11:00	146.103.40.249:8000	Havoc	AS215311 c2 censys REGXA-CLOUD	dyingbreeds_
2026-01-29 11:00	evil.azuretest.fr	Unknown malware	AS13335 c2 censys Mythic	dyingbreeds_
2026-01-29 11:00	http://cb042722.tw1.ru/b4e69250.php	DCRat	dcrat RAT	abuse_ch
2026-01-29 11:00	8.148.251.204:443	Cobalt Strike	AS37963 c2 censys	dyingbreeds_
2026-01-29 11:00	194.87.198.205:80	Cobalt Strike	AS26383 c2 censys	dyingbreeds_
2026-01-29 10:53	https://cdn.jsdelivr.net/gh/web3call/ws014/tor	ClearFake	ClearFake	threatcat_ch
2026-01-29 10:45	193.161.193.99:42479	NjRAT	njrat	abuse_ch
2026-01-29 10:44	https://cdn.jsdelivr.net/gh/web3call/ws014/hex	ClearFake	ClearFake	threatcat_ch
2026-01-29 10:38	https://cdn.jsdelivr.net/gh/web3call/ws014/bra	ClearFake	ClearFake	threatcat_ch
2026-01-29 10:10	91.215.85.119:9999	CastleRAT		abuse_ch
2026-01-29 10:10	kakapupuneww.com	CastleRAT	CastleRAT RAT	abuse_ch
2026-01-29 10:00	https://cdn.jsdelivr.net/gh/web3call/ws014/zec	ClearFake	ClearFake	threatcat_ch
2026-01-29 09:32	midlandaudio.com	Unknown Stealer	c2 domain MacSync stealer	DonPasci
2026-01-29 09:31	https://cdn.jsdelivr.net/gh/web3call/ws014/var	ClearFake	ClearFake	threatcat_ch
2026-01-29 09:16	178.17.59.34:443	Vidar	Vidar	crep1x
2026-01-29 09:16	49.13.124.144:443	Vidar	Vidar	crep1x
2026-01-29 09:16	49.13.33.221:443	Vidar	Vidar	crep1x
2026-01-29 09:16	135.181.14.70:443	Vidar	Vidar	crep1x
2026-01-29 09:16	37.27.63.113:443	Vidar	Vidar	crep1x
2026-01-29 09:16	95.217.227.187:443	Vidar	Vidar	crep1x
2026-01-29 09:15	bek.cloudvaly.com	Vidar	Vidar	crep1x
2026-01-29 09:15	bek.beznervov.com	Vidar	Vidar	crep1x
2026-01-29 09:15	pov.cloudvaly.com	Vidar	Vidar	crep1x
2026-01-29 09:15	pov.beznervov.com	Vidar	Vidar	crep1x
2026-01-29 09:15	tor.cloudvaly.com	Vidar	Vidar	crep1x
2026-01-29 09:15	tor.beznervov.com	Vidar	Vidar	crep1x
2026-01-29 09:15	https://95.217.227.187/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://178.17.59.34/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://49.13.124.144/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://49.13.33.221/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://135.181.14.70/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://37.27.63.113/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://pov.cloudvaly.com/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://pov.beznervov.com/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://bek.cloudvaly.com/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://bek.beznervov.com/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://tor.cloudvaly.com/	Vidar	Vidar	crep1x
2026-01-29 09:15	https://tor.beznervov.com/	Vidar	Vidar	crep1x
2026-01-29 09:10	https://cdn.jsdelivr.net/gh/web3call/ws014/cvx	ClearFake	ClearFake	threatcat_ch
2026-01-29 09:09	84.54.37.191:7080	Bashlite	Gafgyt	abuse_ch
2026-01-29 09:03	81.94.151.189:1312	Mirai	Mirai	seckle
2026-01-29 09:03	45.93.20.205:80	Stealc	c2 click Loader Stealc stealer	Bitsight
2026-01-29 09:03	138.226.236.254:80	Stealc	1 c2 Loader Stealc stealer	Bitsight
2026-01-29 09:03	https://34ten.com/	Unknown malware	ClickFix	CarsonWilliams
2026-01-29 09:03	http://144.172.106.251/	Unknown malware	NightSpire Ransomware	TheRavenFile
2026-01-29 09:03	213.152.162.170:5580	Nanocore RAT	AS49453 c2 NanoCore threatquery	threatquery
2026-01-29 09:03	213.152.162.89:5580	Nanocore RAT	AS49453 c2 NanoCore threatquery	threatquery
2026-01-29 08:59	https://cdn.jsdelivr.net/gh/web3call/ws014/eth	ClearFake	ClearFake	threatcat_ch
2026-01-29 08:54	123.207.50.225:9002	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-01-29 08:52	8.219.240.66:10230	DeimosC2	Deimos drb-ra	abuse_ch
2026-01-29 08:51	74.48.214.25:443	DeimosC2	Deimos drb-ra	abuse_ch
2026-01-29 08:51	54.153.244.254:443	DeimosC2	Deimos drb-ra	abuse_ch
2026-01-29 08:44	125.25.56.12:7443	NetSupportManager RAT	drb-ra NetSupport RAT	abuse_ch
2026-01-29 08:41	https://cdn.jsdelivr.net/gh/grading-chatter-dock73/super-docs-web3/forward	ClearFake	ClearFake	threatcat_ch
2026-01-29 08:05	34.123.90.49:8082	Empire Downloader	AS396982 c2 censys GOOGLE-CLOUD-PLATFORM PowershellEmpire	DonPasci
2026-01-29 08:05	83.136.249.143:8000	MimiKatz	AS202053 c2 censys hacktool Mimikatz open-dir UPCLOUD	DonPasci
2026-01-29 08:05	138.2.16.164:5038	DCRat	AS31898 c2 censys dcrat ORACLE-BMC-31898 RAT	DonPasci
2026-01-29 08:05	129.151.142.36:5038	DCRat	AS31898 c2 censys dcrat ORACLE-BMC-31898 RAT	DonPasci
2026-01-29 08:05	193.233.113.81:8080	Venom RAT	AS215826 c2 censys PARTNER-HOSTING-LTD RAT Venom	DonPasci
2026-01-29 08:05	3.137.149.24:443	Havoc	AMAZON-02 AS16509 c2 censys Havoc	DonPasci
2026-01-29 08:04	51.178.11.179:2487	Remcos	AS16276 c2 censys OVH RAT remcos	DonPasci
2026-01-29 08:04	63.176.129.242:80	Cobalt Strike	AMAZON-02 AS16509 c2 censys CobaltStrike cs-watermark-100000	DonPasci
2026-01-29 08:04	216.126.239.50:443	Cobalt Strike	AS14956 c2 censys CobaltStrike cs-watermark-987654321 ROUTERHOSTING	DonPasci
2026-01-29 08:04	216.126.239.50:80	Cobalt Strike	AS14956 c2 censys CobaltStrike cs-watermark-987654321 ROUTERHOSTING	DonPasci
2026-01-29 08:04	23.235.179.117:34781	Cobalt Strike	AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK	DonPasci
2026-01-29 06:55	185.222.58.48:55615	RedLine Stealer	RedLine	abuse_ch
2026-01-29 06:34	https://cdn.jsdelivr.net/gh/grading-chatter-dock73/super-docs-web3/sdf	ClearFake	ClearFake	threatcat_ch
2026-01-29 06:05	33.53.50.4:4449	AsyncRAT	AS749 asyncrat c2 RAT triage	DonPasci
2026-01-29 06:05	33.53.50.4:25340	AsyncRAT	AS749 asyncrat c2 RAT triage	DonPasci
2026-01-29 06:05	33.53.50.4:53504	AsyncRAT	AS749 asyncrat c2 RAT triage	DonPasci
2026-01-29 06:04	Th3Hunt3r-53504.portmap.host	XWorm	c2 domain triage XWorm	DonPasci
2026-01-29 04:05	45.129.9.25:4444	AdaptixC2	AdaptixC2 AS3258 c2 censys XTOM-JAPAN	DonPasci
2026-01-29 04:05	167.86.153.197:443	NetSupportManager RAT	AS25019 c2 censys NetSupport RAT SAUDINETSTC-AS	DonPasci
2026-01-29 04:05	93.198.186.62:82	NetSupportManager RAT	AS3320 c2 censys DTAG NetSupport RAT	DonPasci
2026-01-29 04:05	140.238.207.208:5038	DCRat	AS31898 c2 censys dcrat ORACLE-BMC-31898 RAT	DonPasci
2026-01-29 04:05	146.235.38.234:5038	DCRat	AS31898 c2 censys dcrat ORACLE-BMC-31898 RAT	DonPasci
2026-01-29 04:05	144.24.139.70:5038	DCRat	AS31898 c2 censys dcrat ORACLE-BMC-31898 RAT	DonPasci
2026-01-29 04:05	103.106.229.177:5038	DCRat	AS136258 c2 censys dcrat ONEPROVIDER-AS RAT	DonPasci
2026-01-29 04:05	37.148.133.242:443	Unknown malware	AS210356 BATTLEHOST c2 censys Mythic	DonPasci
2026-01-29 04:05	185.11.61.237:9000	SectopRAT	AS57523 c2 censys CHANGWAY-AS RAT sectop	DonPasci
2026-01-29 04:05	158.94.210.95:8808	AsyncRAT	AS214943 asyncrat c2 censys RAILNET RAT	DonPasci
2026-01-29 04:04	109.248.151.109:2404	Remcos	AS52048 c2 censys RAT remcos RIXHOST	DonPasci
2026-01-29 04:04	124.221.65.130:80	Cobalt Strike	AS45090 c2 censys CobaltStrike cs-watermark-987654321 TENCENT-NET-AP	DonPasci
2026-01-29 02:50	38.60.214.166:4443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-01-29 00:43	https://cdn.jsdelivr.net/gh/relight-73-unsigned/tk-hz-ctrl/ypfcbjy5exc2pzs4bc7j	ClearFake	ClearFake	threatcat_ch
2026-01-29 00:05	52.51.175.248:2082	Meterpreter	AMAZON-02 AS16509 c2 censys hacktool MetaSploit Meterpreter	DonPasci
2026-01-29 00:05	83.136.251.141:8000	MimiKatz	AS202053 c2 censys hacktool Mimikatz open-dir UPCLOUD	DonPasci
2026-01-29 00:05	93.198.186.62:81	NetSupportManager RAT	AS3320 c2 censys DTAG NetSupport RAT	DonPasci
2026-01-29 00:05	194.59.31.64:8727	Quasar RAT	AS399486 c2 censys quasar RAT VIRTUO	DonPasci
2026-01-29 00:05	72.60.30.120:8090	Sliver	AS-HOSTINGER AS47583 c2 censys sliver	DonPasci
2026-01-29 00:04	112.213.110.180:9090	Cobalt Strike	AS152194 c2 censys CobaltStrike cs-watermark-666666666 CTGSERVERLIMITED-AS-AP	DonPasci
2026-01-28 23:00	64.76.214.54:443	Unknown malware	AS3549 censys GoPhish LVLT-3549 phishing	dyingbreeds_
2026-01-28 23:00	47.101.152.28:60000	Unknown malware	AS37963 censys Viper	dyingbreeds_
2026-01-28 23:00	103.110.81.59:60000	Unknown malware	AS401696 censys Viper	dyingbreeds_
2026-01-28 23:00	91.188.254.18:80	MooBot	AS213772 c2 censys	dyingbreeds_
2026-01-28 23:00	62.72.51.165:8888	Unknown malware	AS-HOSTINGER AS47583 c2 censys Supershell	dyingbreeds_
2026-01-28 23:00	77.110.106.206:8839	Sliver	AEZA-AS AS210644 c2 censys	dyingbreeds_
2026-01-28 23:00	79.137.192.191:80	Cobalt Strike	AS216246 c2 censys RU-AEZA-AS	dyingbreeds_
2026-01-28 23:00	deeyou.xyz	Cobalt Strike	AS138915 c2 censys	dyingbreeds_