| 2025-12-15 20:30 | brighttv.in.net | Quasar RAT | quasar |  abuse_ch |
| 2025-12-15 20:27 | xib.deep5ky.ru | ClearFake | ClearFake |  threatcat_ch |
| 2025-12-15 20:18 | line.deep5ky.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 20:08 | n2pi1.deep5ky.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 20:01 | 13.222.150.53:790 | Meterpreter | AMAZON-AES AS14618 c2 censys hacktool MetaSploit Meterpreter |  DonPasci |
| 2025-12-15 20:01 | 196.75.22.74:2222 | Meterpreter | AS36903 c2 censys hacktool MetaSploit Meterpreter MT-MPLS | DonPasci |
| 2025-12-15 20:01 | 44.210.142.192:8273 | Meterpreter | AMAZON-AES AS14618 c2 censys hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 20:01 | 141.8.199.207:4444 | AdaptixC2 | AdaptixC2 AS35278 c2 censys SPRINTHOST | DonPasci |
| 2025-12-15 20:01 | 1.52.214.174:443 | Quasar RAT | AS18403 c2 censys FPT-AS-AP quasar RAT | DonPasci |
| 2025-12-15 20:01 | 102.117.166.101:7443 | Unknown malware | AS23889 c2 censys MauritiusTelecom Mythic | DonPasci |
| 2025-12-15 20:01 | 62.164.177.105:9000 | SectopRAT | AS215929 c2 censys DATACAMPUS RAT sectop | DonPasci |
| 2025-12-15 20:01 | 62.164.177.105:15647 | SectopRAT | AS215929 c2 censys DATACAMPUS RAT sectop | DonPasci |
| 2025-12-15 20:00 | 144.31.3.210:443 | Remcos | AS215730 c2 censys H2NEXUS-AS RAT remcos | DonPasci |
| 2025-12-15 20:00 | 115.190.58.252:8080 | Cobalt Strike | AS137718 c2 censys CobaltStrike cs-watermark-391144938 VOLCANO-ENGINE | DonPasci |
| 2025-12-15 20:00 | 23.235.174.6:9878 | Cobalt Strike | AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK | DonPasci |
| 2025-12-15 20:00 | 39.105.200.188:443 | Cobalt Strike | ALIBABA-CN-NET AS37963 c2 censys CobaltStrike cs-watermark-987654321 | DonPasci |
| 2025-12-15 20:00 | 101.126.11.79:80 | Cobalt Strike | AS137718 c2 censys CobaltStrike cs-watermark-987654321 VOLCANO-ENGINE | DonPasci |
| 2025-12-15 20:00 | 101.126.11.79:443 | Cobalt Strike | AS137718 c2 censys CobaltStrike cs-watermark-987654321 VOLCANO-ENGINE | DonPasci |
| 2025-12-15 19:54 | 9r6r.deep5ky.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 19:47 | soft.nightp1xel.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 19:37 | 5cpy.nightp1xel.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 19:27 | uzpwg.nightp1xel.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 19:13 | spark.nightp1xel.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 19:11 | 143.110.129.14:8001 | Aisuru | AISURU | abuse_ch |
| 2025-12-15 19:10 | a5uis.windm1st.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 19:02 | night.windm1st.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:57 | pixel.windm1st.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:46 | 7k4.windm1st.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:43 | 144.172.103.138:8443 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2025-12-15 18:38 | cloud.mintl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:30 | 103.156.25.26:443 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2025-12-15 18:27 | sky.mintl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:18 | shift.mintl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:07 | ra7.mintl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 18:02 | cloudflaredns.duckdns.org | NjRAT | c2 domain njrat triage | DonPasci |
| 2025-12-15 18:01 | lmn293498-43963.portmap.host | AsyncRAT | asyncrat c2 domain RAT triage | DonPasci |
| 2025-12-15 18:00 | dndn01.ddns.net | Remcos | c2 domain RAT remcos triage | DonPasci |
| 2025-12-15 18:00 | doitdoit.ddns.net | Remcos | c2 domain RAT remcos triage | DonPasci |
| 2025-12-15 18:00 | DONNYDONZG123-55083.portmap.host | XWorm | c2 domain triage XWorm | DonPasci |
| 2025-12-15 17:55 | www.exodusupdate.app | Unknown RAT | RAT |  ninjacatcher |
| 2025-12-15 17:55 | api.upscholarship.co.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 17:55 | bim.sa.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 17:55 | 169e6b98a8d3a011105f9962c01c8e52fd42c53ece11e81d9b22407f522aeada | Unknown RAT | RAT | ninjacatcher |
| 2025-12-15 17:55 | chrome.upscholarship.co.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 17:55 | download.upscholarship.co.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 17:55 | mail.upscholarship.co.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 17:55 | elijah.ru.com | AsyncRAT | asyncrat botnet c2 |  amest |
| 2025-12-15 17:55 | pbcollege.in.net | AsyncRAT | asyncrat botnet c2 | amest |
| 2025-12-15 17:55 | monginiscake.in.net | AsyncRAT | asyncrat botnet c2 | amest |
| 2025-12-15 17:52 | vseq.darksh1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 17:47 | u31.darksh1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 17:45 | 45.153.34.241:3778 | Mirai | Mirai | abuse_ch |
| 2025-12-15 17:37 | 91.200.220.143:101 | Mirai | Mirai | abuse_ch |
| 2025-12-15 17:37 | nai.kurol.c.sparixx.silverpath.qzz.io | Mirai | Mirai | abuse_ch |
| 2025-12-15 17:36 | 6w5w.darksh1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 17:34 | 157.245.79.120:39691 | Mirai | Mirai | abuse_ch |
| 2025-12-15 17:32 | storm.darksh1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 17:28 | 1jm.cloudm1x.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 17:17 | nexus.cloudm1x.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 17:11 | pedhelp.top | Unknown RAT | ConnectWise ScreenConnect | abuse_ch |
| 2025-12-15 17:07 | s28z.cloudm1x.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 16:52 | gb.cloudm1x.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 16:42 | lmsx6.lightw1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 16:32 | kimv9.lightw1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 16:28 | dark.lightw1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 16:10 | n8a.lightw1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 16:08 | kqlik.wave5tone.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 16:00 | 41.216.188.18:2404 | Remcos | AS211138 c2 censys PRIVATEHOSTING-NET RAT remcos | DonPasci |
| 2025-12-15 16:00 | 67.21.33.174:443 | Remcos | AS397373 c2 censys H4Y-TECHNOLOGIES RAT remcos | DonPasci |
| 2025-12-15 16:00 | 45.67.56.129:18888 | GobRAT | AS198610 BEGET-AS c2 censys GobRAT RAT | DonPasci |
| 2025-12-15 15:59 | 3i.wave5tone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 15:54 | form.wave5tone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 15:46 | 75.wave5tone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 15:35 | drift.darkf1eld.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 15:27 | nova.darkf1eld.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 15:17 | fq3v.darkf1eld.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 15:03 | 144.31.196.10:8443 | Mirai | Mirai | abuse_ch |
| 2025-12-15 15:02 | 77.239.120.250:8443 | Mirai | Mirai | abuse_ch |
| 2025-12-15 15:02 | 144.31.196.39:8443 | Mirai | Mirai | abuse_ch |
| 2025-12-15 15:02 | 194.36.190.59:8443 | Mirai | Mirai | abuse_ch |
| 2025-12-15 15:01 | e91n.darkf1eld.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:57 | light.mistw0rk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:48 | m9pld.mistw0rk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:37 | hgdm.mistw0rk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:31 | sotavpn.shop | Unknown malware | ClickFix Fake OS Update | HuntYethHounds |
| 2025-12-15 14:31 | 10controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://10controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://8controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 9controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://9controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 8controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 7controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://7controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://6controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 6controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 8controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://8controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 9controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://9controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 10controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://10controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 2controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://2controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 3controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://3controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 4controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://4controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 5controller.online | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://5controller.online/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://6controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 7controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://7controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 6controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://4controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 5controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://5controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 4controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 3controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://3controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | 2controller.ru | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://2controller.ru/videos.html | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:31 | http://167.71.90.208:8888/supershell/login/ | Unknown malware | AS14061 DigitalOcean LLC Supershell |  antiphishorg |
| 2025-12-15 14:31 | http://194.87.54.82/tumka.odd | Unknown malware | ClickFix Fake OS Update xHamster | HuntYethHounds |
| 2025-12-15 14:27 | rain.mistw0rk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:18 | apm.frostl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:07 | sbbc8.frostl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 14:00 | http://transmagistralcountysystem.info:8080/updater?for=5120D3FEDD36EAC912DB54C863CE59BB | Unknown malware | GoProxy | abuse_ch |
| 2025-12-15 13:58 | 94.154.35.61:6000 | XWorm | XWorm | abuse_ch |
| 2025-12-15 13:57 | rm.frostl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 13:47 | stone.frostl1ne.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 13:37 | delta.skysh1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 13:29 | us.skysh1ft.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 13:18 | forge.skysh1ft.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 13:15 | tra.akina.ovh | Vidar | Vidar |  crep1x |
| 2025-12-15 13:15 | tra.asrkala.top | Vidar | Vidar | crep1x |
| 2025-12-15 13:15 | https://tra.akina.ovh/ | Vidar | Vidar | crep1x |
| 2025-12-15 13:15 | https://tra.asrkala.top/ | Vidar | Vidar | crep1x |
| 2025-12-15 13:08 | node.skysh1ft.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 12:58 | o3n.corest0rm.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 12:52 | 8.138.214.65:8080 | Meterpreter | drb-ra MetaSploit Meterpreter | abuse_ch |
| 2025-12-15 12:47 | range.corest0rm.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 12:47 | https://miov2iaiaoubqosiqoiajwowiwjso.online/login | Unknown malware | AS13335 Cloudflare Inc. miolab WEBCC | antiphishorg |
| 2025-12-15 12:47 | https://mioisiskwowiwjowuwjwolab.club/login | Unknown malware | AS13335 Cloudflare Inc. miolab WEBCC | antiphishorg |
| 2025-12-15 12:37 | zpv.corest0rm.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 12:28 | 162.19.205.184:443 | Cobalt Strike | AS16276 c2 censys OVH |  dyingbreeds_ |
| 2025-12-15 12:28 | 45.88.186.199:8808 | AsyncRAT | AS210558 c2 censys RAT | dyingbreeds_ |
| 2025-12-15 12:28 | 23.95.106.22:35490 | AsyncRAT | AS-COLOCROSSING AS36352 c2 censys RAT | dyingbreeds_ |
| 2025-12-15 12:28 | 77.3.217.7:7443 | Unknown malware | AS6805 c2 censys Mythic TDDE-ASN1 | dyingbreeds_ |
| 2025-12-15 12:28 | 14.103.142.173:3333 | Unknown malware | AS137718 censys GoPhish phishing | dyingbreeds_ |
| 2025-12-15 12:28 | 8.211.156.87:8090 | BianLian | AS45102 c2 censys | dyingbreeds_ |
| 2025-12-15 12:27 | 7kqic.corest0rm.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 12:17 | work.cloudn0de.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 12:15 | 46.246.4.4:7076 | Vjw0rm | Vjw0rm | abuse_ch |
| 2025-12-15 12:07 | 88r.cloudn0de.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 12:03 | 154.12.87.24:800 | ValleyRAT | AS401696 c2 RAT triage ValleyRAT | DonPasci |
| 2025-12-15 12:03 | querahinor.xyz | RedLine Stealer | c2 domain RedLine RedLineStealer stealer triage | DonPasci |
| 2025-12-15 12:03 | kanagoriyn.xyz | RedLine Stealer | c2 domain RedLine RedLineStealer stealer triage | DonPasci |
| 2025-12-15 12:03 | hadachannt.xyz | RedLine Stealer | c2 domain RedLine RedLineStealer stealer triage | DonPasci |
| 2025-12-15 12:01 | 199.101.111.158:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 12:01 | 199.101.111.168:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 12:01 | 54.249.141.45:80 | Brute Ratel C4 | AMAZON-02 AS16509 brc4 c2 censys | DonPasci |
| 2025-12-15 12:01 | 206.71.149.162:8090 | DCRat | AS399629 BLNWX c2 censys dcrat RAT | DonPasci |
| 2025-12-15 12:01 | 143.198.176.156:443 | Unknown malware | AS14061 c2 censys DIGITALOCEAN-ASN Mythic | DonPasci |
| 2025-12-15 12:00 | 178.18.255.229:8089 | Sliver | AS51167 c2 censys CONTABO open-dir payload sliver | DonPasci |
| 2025-12-15 12:00 | 144.34.182.81:8001 | Sliver | AS25820 c2 censys IT7NET open-dir payload sliver | DonPasci |
| 2025-12-15 12:00 | yuseef-57605.portmap.host | XWorm | c2 domain triage XWorm | DonPasci |
| 2025-12-15 12:00 | 47.83.182.65:443 | Cobalt Strike | ALIBABA-CN-NET AS45102 c2 censys CobaltStrike cs-watermark-987654321 | DonPasci |
| 2025-12-15 11:58 | gx5xq.cloudn0de.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 11:48 | mind.cloudn0de.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 11:37 | bridge.stormm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 11:28 | crest.stormm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 11:17 | j24uv.stormm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 11:07 | wind.stormm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:57 | ember.softm1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:53 | 38.147.170.55:443 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2025-12-15 10:53 | 38.147.170.55:9999 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2025-12-15 10:47 | beta.softm1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:37 | fx.softm1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:28 | wave.softm1nd.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:18 | field.mintdr1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:10 | https://178.159.11.216/ | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 10:07 | mix.mintdr1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 10:05 | 95.217.242.205:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.217.25.1:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 65.109.241.240:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.217.241.248:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 91.107.252.37:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 157.90.147.67:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 91.124.149.229:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 78.47.123.242:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.217.240.117:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.217.242.95:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.217.25.244:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 46.224.107.187:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 65.109.242.86:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 91.124.149.231:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.216.176.2:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 46.224.48.142:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 86.54.42.138:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.217.28.117:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.216.177.27:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 95.216.181.100:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:05 | 116.202.3.184:443 | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mng.333202.xyz | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mng.keyzsoft.com | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mof.akina.ovh | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | fix.akina.ovh | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | ity.akina.ovh | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mng.akina.ovh | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mng.748202.xyz | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mof.arramis1.top | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | ctr.arramis1.top | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | cr.keyzsoft.net | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | fix.keyzsoft.net | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | fxo.demisemarzban.top | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | fxo.hanel.work | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | hro.demisemarzban.top | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | hro.hanel.work | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | hro.333202.xyz | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | gov.333202.xyz | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mx1.333202.xyz | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | mx1.keyzsoft.com | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.241.248/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://91.107.252.37/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://91.124.149.229/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://86.54.42.138/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.28.117/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.216.177.27/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.242.205/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://91.98.43.138/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.25.1/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://65.109.241.240/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.242.95/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.25.244/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://46.224.107.187/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://65.109.242.86/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://91.124.149.231/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.216.176.2/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://46.224.48.142/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mng.akina.ovh/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mng.748202.xyz/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mof.arramis1.top/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://ctr.arramis1.top/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://ity.keyzsoft.com/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://cr.keyzsoft.net/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://fix.keyzsoft.net/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://95.217.240.117/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mx1.keyzsoft.com/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mng.333202.xyz/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mng.keyzsoft.com/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mof.akina.ovh/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://fix.akina.ovh/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://ity.akina.ovh/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://fxo.demisemarzban.top/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://fxo.hanel.work/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://hro.demisemarzban.top/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://hro.hanel.work/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://hro.333202.xyz/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://gov.333202.xyz/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://gov.hanel.work/ | Vidar | Vidar | crep1x |
| 2025-12-15 10:04 | https://mx1.333202.xyz/ | Vidar | Vidar | crep1x |
| 2025-12-15 09:57 | 6axg.mintdr1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 09:57 | akjycare.live | Unknown RAT | ConnectWise ScreenConnect | abuse_ch |
| 2025-12-15 09:47 | 7hz0p.mintdr1ft.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 09:46 | https://aboutpearlharbor.org/ | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 09:37 | wie.cl0udforge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 09:27 | deep.cl0udforge.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 09:17 | wahh.cl0udforge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 09:07 | ez72.cl0udforge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:58 | ridge.crystalroad.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:48 | quartz.crystalroad.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:47 | 219.246.21.240:8860 | DeimosC2 | Deimos drb-ra | abuse_ch |
| 2025-12-15 08:47 | 219.246.21.241:8860 | DeimosC2 | Deimos drb-ra | abuse_ch |
| 2025-12-15 08:47 | 195.20.17.33:443 | Sliver | drb-ra sliver | abuse_ch |
| 2025-12-15 08:39 | allahuhq7777-54726.portmap.host | XWorm | c2 XWorm |  juroots |
| 2025-12-15 08:39 | school-argument.gl.at.ply.gg | XWorm | c2 XWorm | juroots |
| 2025-12-15 08:39 | maroni823.sytes.net | XenoRAT | c2 XenoRAT | juroots |
| 2025-12-15 08:38 | http://www.zzepms.com/askhelp52/askinstall52.exe | Unknown Loader | shortloader | juroots |
| 2025-12-15 08:38 | https://cdn.discordapp.com/attachments/873244194234318850/895746980494585856/pctool.exe | Unknown Loader | shortloader | juroots |
| 2025-12-15 08:38 | https://cdn.discordapp.com/attachments/902593911397175306/906840671875399740/pctool.exe | Unknown Loader | shortloader | juroots |
| 2025-12-15 08:38 | facet2.crystalroad.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:37 | 192.227.217.229:21722 | Remcos | c2 remcos | juroots |
| 2025-12-15 08:37 | https://t.me/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | https://t.me/gishsunsetman | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | https://t.me/rino115sipsip | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | https://tttttt.me/bghost13 | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | https://tttttt.me/homahomabtat | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://telegin.top/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://telegin.top/rino115sipsip | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://telegka.top/rino115sipsip | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://telegraf.top/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://teletele.top/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://toptelete.top/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://ttmirror.top/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | http://telegalive.top/frombobu98s | Raccoon | c2 raccoon | juroots |
| 2025-12-15 08:37 | v3.aromatic-salad.sa.com | Quasar RAT | c2 quasar | juroots |
| 2025-12-15 08:37 | v2.nazrej.sa.com | Quasar RAT | c2 quasar | juroots |
| 2025-12-15 08:36 | cashing.is-a-llama.com | NetWire RC | c2 NetWire | juroots |
| 2025-12-15 08:36 | nerverdieorcus.selfip.biz | NetWire RC | c2 NetWire | juroots |
| 2025-12-15 08:36 | netplg.mlbfan.org | NetWire RC | c2 NetWire | juroots |
| 2025-12-15 08:35 | http://chiddy.baxishop.ro/Panel/fre.php | Loki Password Stealer (PWS) | c2 LokiBot | juroots |
| 2025-12-15 08:35 | enahsmusic.com | Unknown Loader | c2 formatloader | juroots |
| 2025-12-15 08:35 | http://enahsmusic.com/lib/easing/fw5.exe | Unknown Loader | formatloader | juroots |
| 2025-12-15 08:35 | http://enahsmusic.com/lib/easing/fw1.exe | Unknown Loader | formatloader | juroots |
| 2025-12-15 08:35 | http://enahsmusic.com/lib/easing/fw2.exe | Unknown Loader | formatloader | juroots |
| 2025-12-15 08:35 | http://enahsmusic.com/lib/easing/fw3.exe | Unknown Loader | formatloader | juroots |
| 2025-12-15 08:35 | http://enahsmusic.com/lib/easing/fw4.exe | Unknown Loader | formatloader | juroots |
| 2025-12-15 08:34 | http://enahsmusic.com/lib/easing/fw4.php | Unknown Loader | c2 formatloader | juroots |
| 2025-12-15 08:34 | http://enahsmusic.com/lib/easing/fw5.php | Unknown Loader | c2 formatloader | juroots |
| 2025-12-15 08:34 | http://enahsmusic.com/lib/easing/fw1.php | Unknown Loader | c2 formatloader | juroots |
| 2025-12-15 08:34 | http://enahsmusic.com/lib/easing/fw2.php | Unknown Loader | c2 formatloader | juroots |
| 2025-12-15 08:34 | http://enahsmusic.com/lib/easing/fw3.php | Unknown Loader | c2 formatloader | juroots |
| 2025-12-15 08:34 | v2.xoilacna.tv | DCRat | c2 dcrat | juroots |
| 2025-12-15 08:34 | v3.xoilacna.tv | DCRat | c2 dcrat | juroots |
| 2025-12-15 08:33 | https://pastebin.com/raw/281M3qnx | DCRat | c2 dcrat | juroots |
| 2025-12-15 08:33 | 118.107.6.209:5000 | Unknown malware | c2 datzbro | juroots |
| 2025-12-15 08:33 | 154.12.50.119:4888 | Unknown malware | c2 datzbro | juroots |
| 2025-12-15 08:32 | lgaircon.xyz | Cobalt Strike | c2 CobaltStrike | juroots |
| 2025-12-15 08:32 | quantizedcontroller.cloud-ip.cc | Cobalt Strike | c2 CobaltStrike | juroots |
| 2025-12-15 08:32 | quantizedcontroller.didns.ru | Cobalt Strike | c2 CobaltStrike | juroots |
| 2025-12-15 08:32 | quantizedcontroller.myaddr.io | Cobalt Strike | c2 CobaltStrike | juroots |
| 2025-12-15 08:32 | aromatic-salad.sa.com | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | dns.aromatic-salad.sa.com | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | fornoconti.co | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | gatex.fornoconti.co | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | jwnoynz6l.localto.net | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | malware.aromatic-salad.sa.com | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | malware.nazrej.sa.com | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | window.aromatic-salad.sa.com | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:32 | xoilaczzxzpz.tv | AsyncRAT | asyncrat c2 | juroots |
| 2025-12-15 08:31 | https://api.telegram.org/bot8194658562:AAEAkHGba5YUASDs5JFXv6GHA22t6IXyf9I/ | Agent Tesla | AgentTesla c2 | juroots |
| 2025-12-15 08:28 | https://103.21.62.64/passport/index.php | Amadey | Amadey c2 URLscan | juroots |
| 2025-12-15 08:28 | http://122.155.223.9/amssplus/index.php | Amadey | Amadey c2 URLscan | juroots |
| 2025-12-15 08:27 | http://37.221.66.174/a927e02a8d5e42df.php | Stealc | c2 Stealc URLscan | juroots |
| 2025-12-15 08:27 | https://62.60.226.113/d1a2d2be9fcb458f.php | Stealc | c2 Stealc URLscan | juroots |
| 2025-12-15 08:27 | prism.crystalroad.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:27 | http://62.60.158.9/ | Hook | c2 HookBot URLscan | juroots |
| 2025-12-15 08:27 | http://80.66.72.158/ | Hook | c2 HookBot URLscan | juroots |
| 2025-12-15 08:26 | https://fixedwr.click/api | Lumma Stealer | c2 Lumma URLscan | juroots |
| 2025-12-15 08:26 | https://94.156.119.187/pages/login.php | Unknown malware | c2 UNAM URLscan | juroots |
| 2025-12-15 08:26 | https://91.92.243.254/kelly/five/PvqDq929BSx_A_D_M1n_a.php | Loki Password Stealer (PWS) | c2 LokiBot URLscan | juroots |
| 2025-12-15 08:20 | http://piratekings.online/tmp/index.php | SmokeLoader | smokeloader | abuse_ch |
| 2025-12-15 08:20 | http://olovge.at/tmp/index.php | SmokeLoader | smokeloader | abuse_ch |
| 2025-12-15 08:20 | http://obozintsev.ru/tmp/index.php | SmokeLoader | smokeloader | abuse_ch |
| 2025-12-15 08:20 | http://nuxc.cc/tmp/index.php | SmokeLoader | smokeloader | abuse_ch |
| 2025-12-15 08:17 | pier4.safebr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:07 | girder.safebr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 08:02 | 20.195.41.174:443 | Cobalt Strike | AS8075 c2 censys CobaltStrike MICROSOFT-CORP-MSN-AS-BLOCK open-dir | DonPasci |
| 2025-12-15 08:02 | 103.177.47.32:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.48:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.37:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.95:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.28:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.8:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.22:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.78:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.21:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.28:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.91:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.23:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.12:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.108:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.68:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.22:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.25:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.42:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.27:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.47.51:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 103.177.46.11:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 08:02 | 143.20.185.91:808 | Kaiji | AS214209 c2 censys INTERNET-MAGNATE | DonPasci |
| 2025-12-15 08:02 | 45.154.98.138:4782 | Quasar RAT | AS210558 c2 censys quasar RAT SERVICES-1337-GMBH | DonPasci |
| 2025-12-15 08:02 | 62.164.177.103:9000 | SectopRAT | AS215929 c2 censys DATACAMPUS RAT sectop | DonPasci |
| 2025-12-15 08:02 | 151.243.95.207:8888 | Unknown malware | AS400342 c2 censys EDGENAT-CLOUD Supershell | DonPasci |
| 2025-12-15 08:00 | 149.104.30.242:81 | Cobalt Strike | AS139659 c2 censys CobaltStrike cs-watermark-666666666 LUCID-AS-AP | DonPasci |
| 2025-12-15 08:00 | 111.170.148.153:6666 | Cobalt Strike | AS151185 c2 censys CobaltStrike cs-watermark-987654321 CT-XIANGYANG-IDC2 | DonPasci |
| 2025-12-15 08:00 | 134.175.186.196:31303 | Cobalt Strike | AS45090 c2 censys CobaltStrike cs-watermark-987654321 TENCENT-NET-AP | DonPasci |
| 2025-12-15 07:57 | truss.safebr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 07:50 | 192.210.239.172:2219 | Unknown Loader | TetraLoader | abuse_ch |
| 2025-12-15 07:48 | span2.safebr1dge.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 07:37 | arch.safebr1dge.ru | ClearFake | ClearFake | Anonymous |
| 2025-12-15 07:27 | flare.redb1rth.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 07:18 | dawn.redb1rth.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 07:07 | nova3.redb1rth.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 06:59 | 193.233.175.123:1488 | Unknown Stealer | stealer TORNADO | abuse_ch |
| 2025-12-15 06:57 | ember.redb1rth.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 06:55 | trh.uk.com | Quasar RAT | botnet c2 QuasarRAT RAT | Anonymous |
| 2025-12-15 06:55 | http://45.148.8.121:5000/supershell/login/ | Unknown malware | AS49468 MAGIT'ST SRL Supershell | antiphishorg |
| 2025-12-15 06:55 | 45.148.8.121:5000 | Unknown malware | AS49468 MAGIT'ST SRL Supershell | antiphishorg |
| 2025-12-15 06:55 | https://gaines-kg.jp/ | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 06:55 | 45.93.20.187:80 | Stealc | Loader Stealc stealer |  Bitsight |
| 2025-12-15 06:55 | miov2iaiaoubqosiqoiajwowiwjso.online | Unidentified macOS 001 (UnionCryptoTrader) | |  solostalking |
| 2025-12-15 06:55 | mioisiskwowiwjowuwjwolab.club | Unidentified macOS 001 (UnionCryptoTrader) | | solostalking |
| 2025-12-15 06:55 | 196.251.107.97:3000 | Unidentified macOS 001 (UnionCryptoTrader) | | solostalking |
| 2025-12-15 06:55 | ns524280.ip-192-99-232.net | Cobalt Strike | |  duggusa |
| 2025-12-15 06:55 | https://odeon-gongen.com/shopdetail/364/111299347 | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 06:55 | https://knowledgemomentum-net.moneymaking-opportunities.com/ | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 06:55 | https://shinsenkaku-osaka.com/ | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 06:54 | https://obseu.youstarsbuilding.com/ns/636f8b858f681acb7bfa6f583a96630a.html?ch=AdsDeli%20-%20iFrame | FAKEUPDATES | | dudewhosurfs |
| 2025-12-15 06:54 | https://euob.youstarsbuilding.com/sxp/i/636f8b858f681acb7bfa6f583a96630a.js | FAKEUPDATES | | dudewhosurfs |
| 2025-12-15 06:54 | https://jewelryexchange.com | FAKEUPDATES | | dudewhosurfs |
| 2025-12-15 06:54 | 82.22.184.127:3778 | Mirai | Mirai | seckle |
| 2025-12-15 06:54 | https://annietello.com/ | Unknown malware | ClickFix | CarsonWilliams |
| 2025-12-15 06:54 | mail.livesquare.uk.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 06:54 | img.livesquare.uk.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 06:54 | log.livesquare.uk.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 06:54 | download.livesquare.uk.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 06:54 | api.livesquare.uk.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 06:54 | tvm-systems.uk.com | AsyncRAT | asyncrat c2 RAT | Anonymous |
| 2025-12-15 06:54 | http://94.156.119.187/pages/login.php | Unknown malware | AS211673 Mynymbox LLC UNAM | antiphishorg |
| 2025-12-15 06:53 | 158.94.208.102:80 | Unknown Stealer | SvcStealer | abuse_ch |
| 2025-12-15 06:51 | http://62.60.226.159/zbuyowgn/data.php | Unknown Stealer | SvcStealer | abuse_ch |
| 2025-12-15 06:51 | http://158.94.208.102/diamo/data.php | Unknown Stealer | SvcStealer | abuse_ch |
| 2025-12-15 06:51 | http://196.251.107.23/diamo/data.php | Unknown Stealer | SvcStealer | abuse_ch |
| 2025-12-15 06:51 | http://178.16.53.7/diamo/data.php | Unknown Stealer | SvcStealer | abuse_ch |
| 2025-12-15 06:51 | http://196.251.107.61/diamo/data.php | Unknown Stealer | SvcStealer | abuse_ch |
| 2025-12-15 06:47 | dusk.black0wl.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 06:45 | readbookstory.kozow.com | XWorm | XWorm | abuse_ch |
| 2025-12-15 06:37 | hoot.black0wl.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 06:27 | perch.black0wl.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 06:18 | talon2.black0wl.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 06:08 | noct.black0wl.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 05:58 | tide.0ceandust.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 05:46 | silt7.0ceandust.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 05:37 | coral.0ceandust.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 05:27 | fog.mistyw0lf.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 05:17 | prowl.mistyw0lf.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 05:07 | lair.mistyw0lf.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:57 | dusk3.mistyw0lf.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:47 | howl.mistyw0lf.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:38 | humus.clears0il.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:35 | 51.68.244.77:7032 | XWorm | XWorm | abuse_ch |
| 2025-12-15 04:27 | arid.clears0il.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:18 | 88ba15506ae497efd8995b5971a91ef3 | XWorm | |  Grim |
| 2025-12-15 04:18 | c97a4714e38aa7f36e38735972d5ea23 | XWorm | | Grim |
| 2025-12-15 04:18 | 478466346e981c958e0385b6b21e1ed3cbcf558d | XWorm | | Grim |
| 2025-12-15 04:18 | 656bcff52518bd53ae865533a6cd7188372ed4766a1c27c6dfacd7d363af8b52 | XWorm | | Grim |
| 2025-12-15 04:18 | 01a043167c5f956665ee333d08a71226 | GCleaner | | Grim |
| 2025-12-15 04:18 | 5463aeaa7ba053df9bce2124e156e003c346c089 | XWorm | | Grim |
| 2025-12-15 04:18 | c0476477dac02df42dab7a04921988fecdda0652f5d40dd420c0e07b53665d96 | XWorm | | Grim |
| 2025-12-15 04:18 | 4632df0d75ab4198a64ea7b80c77ab65604f2604 | GCleaner | | Grim |
| 2025-12-15 04:18 | 538073d6951e80cee6cd2606ab90f6f5bb1a67cc16b2bacb0b712fd3ef010f42 | GCleaner | | Grim |
| 2025-12-15 04:18 | 7a804c51be230074557baa34d0b53f6c0ee6e76271fceef6b96f4c7646fba934 | ValleyRAT | | Grim |
| 2025-12-15 04:18 | 1a55fc085063b6e48f6ecd6867f9c139 | ValleyRAT | | Grim |
| 2025-12-15 04:18 | 22efca03c72a9138012abccf517d42e0 | ZStealer | | Grim |
| 2025-12-15 04:18 | fce06d3e352a3ff1efe89af63b371540d9c4dcbd | ValleyRAT | | Grim |
| 2025-12-15 04:18 | 0fe7e69bc6f4b0223f27656c4eb6edcb | Quasar RAT | | Grim |
| 2025-12-15 04:18 | f22a314b94e5cb46e0a4b3c68689c82b39d6c4d3 | ZStealer | | Grim |
| 2025-12-15 04:18 | 64b97d63af694192e4d6ba57c278ec324eaf6c8700c0f7cade06f5a08da81f5a | ZStealer | | Grim |
| 2025-12-15 04:18 | f9f30c5f8521cb2618ccb31960c1b598 | Masad Stealer | | Grim |
| 2025-12-15 04:18 | 14129838382a816b9ac391af20a77a3289322a0a | Quasar RAT | | Grim |
| 2025-12-15 04:18 | 9dcf7893b4c18e6d1ed5554231b57937226adc8c3be8c389b715454fe75b6ab6 | Quasar RAT | | Grim |
| 2025-12-15 04:18 | 54e18a136258439ebb87b59b8b37be0d3d018dbd | Masad Stealer | | Grim |
| 2025-12-15 04:18 | c39f4a82642778198c30e8f2c06a70df627c558f159ce9fcfff0f5005e8efb0f | Masad Stealer | | Grim |
| 2025-12-15 04:18 | fee7abb1a26814098f4188b599387df811518770 | Vidar | | Grim |
| 2025-12-15 04:18 | 7be46bf5d6f94592f1a62e1943b5127a9e6c664729ba509c3e286d01270f2325 | Vidar | | Grim |
| 2025-12-15 04:18 | e59d08c96d9491b4a8cf07d0957e669c | Vidar | | Grim |
| 2025-12-15 04:18 | 349d06aa67b8e886e1bb56f4c9e659f307e8643b | Stealc | | Grim |
| 2025-12-15 04:18 | 9c2a2efdab4195801905c2f9224099f9a017075e773c9660e56bed3fad08b23e | Stealc | | Grim |
| 2025-12-15 04:18 | d9de836e645c40db5576d7334976fd8a | Stealc | | Grim |
| 2025-12-15 04:18 | 330cde21f8324b44a2ec6f0471b5a790f1216423f91bd67c8b2fe80ed0d4bcd5 | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 53d56b94a54f454043605351b7aa4b34 | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | fb49a3c2bf8466798f0346639a3d94a0829524afd365dda714eb42863e8502e5 | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | cb6046c1f133f7842fe6ae419cab4eed | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 0cc3526531b5aa30fb54fb8040dabd3e4fb52c1d | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 0a20ebb879c141b3d3017af7ea3d2f0d | Vjw0rm | | Grim |
| 2025-12-15 04:18 | 36ce73942c0206916b9eef2819a811f7befe4c8b | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | b0e6853cb1094abbaffda31e9924e406 | SalatStealer | | Grim |
| 2025-12-15 04:18 | 44047c10795073aaf8e19c332c2d609afec2181d | Vjw0rm | | Grim |
| 2025-12-15 04:18 | 90ea17ac6a4f81bec11e988df387eccf0f27d7ecd5bd486d009bed19028fa0da | Vjw0rm | | Grim |
| 2025-12-15 04:18 | d2b822bcddaf8e7349a7f9e8b14854c65f03ee8c | SalatStealer | | Grim |
| 2025-12-15 04:18 | 0b7ebbb6e65892ff7434ef2cca5f60a8d0df8a8d0250ebd2dcde0d5af596f954 | SalatStealer | | Grim |
| 2025-12-15 04:18 | 5d7d14945cd43b8b43a6dfc9bc22af4e | Owlproxy | | Grim |
| 2025-12-15 04:18 | 0908f979655926ed925cad2497df7974d426a892 | SalatStealer | | Grim |
| 2025-12-15 04:18 | 55161713f2e89d48c6291a7213047de671b58b591f0487dc6795fab40f739de5 | SalatStealer | | Grim |
| 2025-12-15 04:18 | aaf0f26390a830eef3b8691d2a8e8917 | SalatStealer | | Grim |
| 2025-12-15 04:18 | ebdd73e4e7ca746e1ea6e8cccc4c0295 | AsyncRAT | | Grim |
| 2025-12-15 04:18 | 52a717070c912085f64be346f1cd3ae04c6249f1 | Owlproxy | | Grim |
| 2025-12-15 04:18 | 9ecafea587089db9e4c582d52154fdaffe11bfc9c3352c8e65badae8c94215ff | Owlproxy | | Grim |
| 2025-12-15 04:18 | d6a64bfa135586b196df15b636da8eba19977c35 | AsyncRAT | | Grim |
| 2025-12-15 04:18 | e36f23a8fa59e0d256c28bb433e5e357fe43b5eb14651bc983ef9c043ed25cc2 | AsyncRAT | | Grim |
| 2025-12-15 04:18 | 634a7306c5860aabb6c178722e7c8c4a5dd8bc6c | NjRAT | | Grim |
| 2025-12-15 04:18 | e4d13cb5c3dcb794f7464ae665fafa2390107672417b8203432a6646344e3895 | NjRAT | | Grim |
| 2025-12-15 04:18 | 6159a711b535955d96695b3ece94acb4 | NjRAT | | Grim |
| 2025-12-15 04:18 | cf652361ca2f17e91d077b083b566e20 | SalatStealer | | Grim |
| 2025-12-15 04:18 | 0021263979729db7f5baab7c431dce730211a89cf7501a83eab43dd9f585cad5 | SalatStealer | | Grim |
| 2025-12-15 04:18 | 133a7866f62290cc81d02349b0758e53 | SalatStealer | | Grim |
| 2025-12-15 04:18 | c1f9b10bba80f309bbd6ccc9c9f6feefda38f530 | SalatStealer | | Grim |
| 2025-12-15 04:18 | 7d29db1cb4bc0e3308106c93fa20f983b28c6ce9bc45af1e341f3c510469b593 | SalatStealer | | Grim |
| 2025-12-15 04:18 | a39acb11266c8a5d99a115d9201ae478ef82bc50 | XWorm | | Grim |
| 2025-12-15 04:18 | 4f5c44f2ff5744910b23ba846a1cf3eddc95256aef8b4b1dbc5f02be3c3946fe | XWorm | | Grim |
| 2025-12-15 04:18 | f659eba25efc7657d10ea90674a909de | XWorm | | Grim |
| 2025-12-15 04:18 | c644ed1b336eeed612907a98494a73fe4b0179c8ee9336d98b2b2cf6818109c3 | XWorm | | Grim |
| 2025-12-15 04:18 | 19bcd537467e603961fc6a1b7371ee97 | XWorm | | Grim |
| 2025-12-15 04:18 | 76123bdf89c69344ccbf5a7770d92c40d49adcde963a9546054aa783fb6b581d | DCRat | | Grim |
| 2025-12-15 04:18 | 72b77e7a8de1016a13900301d60f780a | DCRat | | Grim |
| 2025-12-15 04:18 | 83dfd6089a4dd48d0ff3f6fdda9318d35f2e802e | XWorm | | Grim |
| 2025-12-15 04:18 | c7fc692b4650356566b33414924475176328bd93 | troystealer | | Grim |
| 2025-12-15 04:18 | 14ed3878b6623c287283a8a80020f68e1cb6bfc37b236f33a95f3a64c4f4611f | troystealer | | Grim |
| 2025-12-15 04:18 | 092864a16fff333b8a98b29eb0a06d6c | troystealer | | Grim |
| 2025-12-15 04:18 | 626527138ef6fb83ef51fb67c68d01f27c176985 | DCRat | | Grim |
| 2025-12-15 04:18 | ede9704d231f2950a65e272362c6f3cc82521e5c | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 1c38e3cda8ac6d79d9da40834367697a209c6b07e6b3ab93b3a4f375b161a901 | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 7002b9e747b3d92d6d52f291e911a7fc | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | d80566e89d6392f8154b95c81a8fa02ada707d6883497c8a264a7d465b3da622 | Stealc | | Grim |
| 2025-12-15 04:18 | 0b6d833a53f813296cd1d225ee9e0834 | Stealc | | Grim |
| 2025-12-15 04:18 | cf990c07f431feebbb06b928ee77b2882f7753c47f315fbdcdfbb6467c40eca3 | poscardstealer | | Grim |
| 2025-12-15 04:18 | c185148ae90b947e36bcea6a70a653bc | poscardstealer | | Grim |
| 2025-12-15 04:18 | a9cbe58a75f1fc9cfed96ebc03d6c31db81f36bf | Stealc | | Grim |
| 2025-12-15 04:18 | 7e9d3236eb6c30eaba04f7480a3b00aa2d0c990e101d120c11325e6b4faacdf8 | poscardstealer | | Grim |
| 2025-12-15 04:18 | e9852c0cf42165ae949ba7b7745c2d0e | poscardstealer | | Grim |
| 2025-12-15 04:18 | 778a54c02276713bd0c4458bb9c6f5e961c2b818 | poscardstealer | | Grim |
| 2025-12-15 04:18 | 5815e808c2b1aed48f52afa32f4203142c61aa9d3bed5fbe0e36a7b006d968e3 | Ghost RAT | | Grim |
| 2025-12-15 04:18 | 3a8b08cf3a3f30d26869e8c8d40e96e6 | Ghost RAT | | Grim |
| 2025-12-15 04:18 | 995e1179b42682030354017318a453e8c1c8d135 | poscardstealer | | Grim |
| 2025-12-15 04:18 | 2eb1f2a7a0f77c3c26489238e9cd1838592adbef | Havoc | | Grim |
| 2025-12-15 04:18 | 17133fd671146d9cb9980c1e6e1798b75d84865f759d03203f010e1abcbbc977 | Havoc | | Grim |
| 2025-12-15 04:18 | 94ca3ce24c18427f84ee0b590670735a | Havoc | | Grim |
| 2025-12-15 04:18 | 6b6165a2b1c223f62bf62570fb095ddfa87e2f9c | Ghost RAT | | Grim |
| 2025-12-15 04:18 | 19c50f47b4bf659011a954e793853ae23e1b284e | Vidar | | Grim |
| 2025-12-15 04:18 | bf4582cfd40d7826e478f3bdd861e815b82f4c5953a5d5f70b9762de7e50f51a | Vidar | | Grim |
| 2025-12-15 04:18 | cb43f733b83699a4a8e65eea9430c47d | Vidar | | Grim |
| 2025-12-15 04:18 | 03857d6a38ed27137ca01a06458b89cf8e4a91282494879700738af1ac3dbd6a | DCRat | | Grim |
| 2025-12-15 04:18 | e64ee138457305a42952c5458dffb41f | DCRat | | Grim |
| 2025-12-15 04:18 | 484e71482deec8fea0efda19f82de7575ef75e25 | XWorm | | Grim |
| 2025-12-15 04:18 | 93134aade970be0e7e0e999a428bd326eb93f7dab054056024e973c231c14fc0 | XWorm | | Grim |
| 2025-12-15 04:18 | 5875acc94c099b35807ee696039a10d4 | XWorm | | Grim |
| 2025-12-15 04:18 | 2d3e9be7d533d4c39298a3e86670b2e3a75048a7 | DCRat | | Grim |
| 2025-12-15 04:18 | 7684910b8cf71402d58fe2ae3f03b179eec4078c | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 05c944314d0c39b3f389a6ed36b5adc5f2d8521b5a1d9a82d2f36ab1acbbce87 | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 4e348eba565f9eb6f44ae698d23cb4b8 | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | 9c8b0505d89551c815ef01d9260f33b85b73c9bf | Quasar RAT | | Grim |
| 2025-12-15 04:18 | 0985d2bd933aa5585e6454304a80ad2f32f8814d1d14add558038e033b482bdc | Quasar RAT | | Grim |
| 2025-12-15 04:18 | 3818e48805ab0dc54caaadffa943ad35 | Quasar RAT | | Grim |
| 2025-12-15 04:18 | a6c041503e8a1c81f85805f341e74a22 | SwaetRAT | | Grim |
| 2025-12-15 04:18 | 935b13e683e9070305c9aa7f43bcbf348c6513c4 | SwaetRAT | | Grim |
| 2025-12-15 04:18 | 22340b89f926ff263bd94dbf8966b71afb1bb6c5618ecb593bc1e7b4566ece1a | SwaetRAT | | Grim |
| 2025-12-15 04:18 | 837141eb5f3316149830e48aaf343f8bd6301d07 | XWorm | | Grim |
| 2025-12-15 04:18 | f0220c88bb98dd407c19bc29a473457144e0f573a6beb4a78ca78b943367f61d | XWorm | | Grim |
| 2025-12-15 04:18 | 0f40be79ea1a15b0632bfd006a2981ae | XWorm | | Grim |
| 2025-12-15 04:18 | 5c2458ab58bb10c023e9f88ed69d94c046501fce9e4181ea4a2e68ba458f07e4 | CoffeeLoader | | Grim |
| 2025-12-15 04:18 | 68907d77e716313680c8bbc247b8e69d | CoffeeLoader | | Grim |
| 2025-12-15 04:18 | 5b0d8d92cb6f8a37378a9c9a98994e3f | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | d968977dfacbd9529d39ff35dc9399a28ac1e3e3 | CoffeeLoader | | Grim |
| 2025-12-15 04:18 | 9bb57c2ab14025c856918021a0ef249b | XWorm | | Grim |
| 2025-12-15 04:18 | e138d10465c41a90e5a39a38d72089da488962cd | Cobalt Strike | | Grim |
| 2025-12-15 04:18 | ffddc4f5595e677284025292315e3fcea6b4524e9007a60882f58630bc6535ca | Cobalt Strike | | Grim |
| 2025-12-15 04:17 | 1b6d1df27dc820ee833e545edb25e324 | QuantLoader | | Grim |
| 2025-12-15 04:17 | 31fc10911f34c7dacd1db3f02fc62107d71f60c4 | XWorm | | Grim |
| 2025-12-15 04:17 | 399b495b8e3088dd4e8ff8c2c2649d9cb154a1fcc2e8a26165869e307bcbe9b6 | XWorm | | Grim |
| 2025-12-15 04:17 | ee1bc9874ec99137e07baab2f998886c | Amadey | | Grim |
| 2025-12-15 04:17 | 4b6e01ee353db0166a7c30f487ba6c70a6a2ddac | QuantLoader | | Grim |
| 2025-12-15 04:17 | 06ae81461f1131c74dff539cb34bf30fcfd884a56b120294e00785137937f1c3 | QuantLoader | | Grim |
| 2025-12-15 04:17 | 19b066ed4fae241bf7e9f22bdf56f647 | ValleyRAT | | Grim |
| 2025-12-15 04:17 | fccc34685256bd739c27f580f1a70b3d6adad0c3 | Amadey | | Grim |
| 2025-12-15 04:17 | 811471a5b0b641fb1f8e9e077f54f9f631022cb1f8372f2daca3323c7e7128d6 | Amadey | | Grim |
| 2025-12-15 04:17 | 2fa95cff02b6b16349a15a4225a2f8af | Quasar RAT | | Grim |
| 2025-12-15 04:17 | 4f1ebf9c9bdd24356d25b2569a660ce7b02ec207 | ValleyRAT | | Grim |
| 2025-12-15 04:17 | 2b5cc5dedd93fd77ec4d8c28d26df606b16e6a5bdd3b88dd77be9e38f24a98b1 | ValleyRAT | | Grim |
| 2025-12-15 04:17 | 69c79d91868ee1b9f38c9a0dcbadd935 | Owlproxy | | Grim |
| 2025-12-15 04:17 | 80b8e555707f18191205092a2bf430a4de4506bc | Quasar RAT | | Grim |
| 2025-12-15 04:17 | 6e2fb508779859da86754cea3a2a4b15e90d0df1f9695422080611b54826dc08 | Quasar RAT | | Grim |
| 2025-12-15 04:17 | 607ec6db92d3657bc781313ac12e50e5286e212f | Owlproxy | | Grim |
| 2025-12-15 04:17 | 199ec99e17d06bc96ca6171960d31657dcc7f2ef57ee9e26054331848ef331cc | Owlproxy | | Grim |
| 2025-12-15 04:17 | 137dc99853dd8dfd9761096f65c06d623e609909 | AsyncRAT | | Grim |
| 2025-12-15 04:17 | 95dedfab4877fe261b682619b51bd94b400d536906709b153097bef5fd2b76a2 | AsyncRAT | | Grim |
| 2025-12-15 04:17 | c9df8aeb2bec09c26c75258dbf64b51b | AsyncRAT | | Grim |
| 2025-12-15 04:17 | 0299e1f0b09a2f30212ee5c12961ae343a7b6e8b | Quasar RAT | | Grim |
| 2025-12-15 04:17 | f7ca7837683a7514cd991e5a0ab8dc4b1b7542d537284e6a131bf176dc6c08e7 | Quasar RAT | | Grim |
| 2025-12-15 04:17 | d7f209c9a9742dccb2a09762dae861fa | Quasar RAT | | Grim |
| 2025-12-15 04:17 | 11e80251f14902a18b9b0786fd82f293760afa52 | NimGrabber | | Grim |
| 2025-12-15 04:17 | 639e0c6a4c6a4864c73ed5836bc9578cb5272d94d0b133d73b339cfcf8eced5f | NimGrabber | | Grim |
| 2025-12-15 04:17 | 22f04c393c9030f346c45ba75a73b6fc | NimGrabber | | Grim |
| 2025-12-15 04:17 | 847d65e755ad8d1dacc351b2e2a66ebd | Vidar | | Grim |
| 2025-12-15 04:17 | 457abbfc3fbca0a3e22cf1be695c94dc089236e6 | Vidar | | Grim |
| 2025-12-15 04:17 | c0fea10495f260c2343db21e874b691b594204773b84d5f50f8083e53810adfb | Vidar | | Grim |
| 2025-12-15 04:17 | 682ea50cbac6d4c47858bccf7baa7b356d85265e | ValleyRAT | | Grim |
| 2025-12-15 04:17 | d08c07e7a8a7ffeb5e3e1ee417ec7b292f00a72920768915bf964efce66d2482 | ValleyRAT | | Grim |
| 2025-12-15 04:17 | 5c8bea324b7bb8a41976cc0e4b6c2dad | ValleyRAT | | Grim |
| 2025-12-15 04:17 | tilth2.clears0il.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:08 | loam.clears0il.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 04:03 | 3.82.249.160:47001 | Meterpreter | AMAZON-AES AS14618 c2 censys hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 04:03 | 44.211.123.84:28131 | Meterpreter | AMAZON-AES AS14618 c2 censys hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 04:03 | 103.177.46.40:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 04:03 | 199.101.111.98:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 04:02 | nastwest.icu | Havoc | AS42624 c2 censys Havoc SWISSNETWORK02 | DonPasci |
| 2025-12-15 04:02 | 62.164.177.104:15647 | SectopRAT | AS215929 c2 censys DATACAMPUS RAT sectop | DonPasci |
| 2025-12-15 04:02 | 89.110.122.152:9000 | SectopRAT | AS216071 c2 censys RAT sectop VDSINA | DonPasci |
| 2025-12-15 04:02 | 62.164.177.103:15647 | SectopRAT | AS215929 c2 censys DATACAMPUS RAT sectop | DonPasci |
| 2025-12-15 04:01 | 144.172.103.138:443 | AsyncRAT | AS14956 asyncrat c2 censys RAT ROUTERHOSTING | DonPasci |
| 2025-12-15 04:01 | 144.172.103.138:8080 | AsyncRAT | AS14956 asyncrat c2 censys RAT ROUTERHOSTING | DonPasci |
| 2025-12-15 04:00 | 217.76.56.238:2404 | Remcos | AS51167 c2 censys CONTABO RAT remcos | DonPasci |
| 2025-12-15 04:00 | dav131.duckdns.org | XWorm | XWorm | abuse_ch |
| 2025-12-15 04:00 | 139.159.149.202:443 | Cobalt Strike | AS55990 c2 censys CobaltStrike cs-watermark-666666666 HWCSNET | DonPasci |
| 2025-12-15 03:57 | zephyr.windtrace.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 03:55 | 2.59.219.26:7000 | XWorm | XWorm | abuse_ch |
| 2025-12-15 03:47 | trail3.windtrace.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 03:37 | gust.windtrace.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 03:28 | nip.frostb1te.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 03:18 | flurry4.frostb1te.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 03:06 | gelid.frostb1te.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 02:58 | hoar2.frostb1te.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 02:47 | rime.frostb1te.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 02:37 | peak.cl0udcrest.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 02:27 | nadir.cl0udcrest.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 02:17 | zenith.cl0udcrest.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 02:07 | alto3.cl0udcrest.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 01:57 | apex.cl0udcrest.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 01:47 | loam.s0ftcliff.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 01:36 | cush.s0ftcliff.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 01:27 | ledge2.s0ftcliff.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 01:17 | plush.s0ftcliff.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 01:07 | ridge.rapidstone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:57 | scree.rapidstone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:47 | talus3.rapidstone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:38 | shard.rapidstone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:27 | swift.rapidstone.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:25 | 143.92.62.89:6666 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2025-12-15 00:17 | truss.mistybr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:07 | fog.mistybr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-15 00:04 | 3.34.125.22:80 | Unknown malware | AMAZON-02 AS16509 c2 censys ClickFix first-stage | DonPasci |
| 2025-12-15 00:03 | 199.101.111.47:3790 | Meterpreter | AS58580 c2 censys FASTRACK hacktool MetaSploit Meterpreter | DonPasci |
| 2025-12-15 00:03 | 23.105.252.167:43211 | AdaptixC2 | AdaptixC2 AS39134 c2 censys UNITEDNET | DonPasci |
| 2025-12-15 00:03 | 217.60.249.120:4321 | AdaptixC2 | AdaptixC2 AS56971 c2 censys | DonPasci |
| 2025-12-15 00:03 | 179.95.160.102:9990 | NetSupportManager RAT | AS18881 c2 censys NetSupport RAT TELEFONICA | DonPasci |
| 2025-12-15 00:03 | revounecses.run | Hook | AEZA-AS AS210644 c2 censys HookBot | DonPasci |
| 2025-12-15 00:03 | 18.158.60.15:9999 | Sliver | AMAZON-02 AS16509 c2 censys payload sliver | DonPasci |
| 2025-12-15 00:03 | 176.117.107.202:2404 | Remcos | AS208191 c2 censys GOHOST RAT remcos | DonPasci |
| 2025-12-15 00:02 | 172.245.93.89:2404 | Remcos | AS-COLOCROSSING AS36352 c2 censys RAT remcos | DonPasci |
| 2025-12-15 00:01 | 23.235.174.8:9812 | Cobalt Strike | AS138415 c2 censys CobaltStrike cs-watermark-987654321 YANCYLIMITED-AS-HK | DonPasci |
| 2025-12-14 23:57 | span2.mistybr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 23:47 | arch.mistybr1dge.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 23:37 | noir.shadowm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 23:27 | basil.shadowm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 23:17 | herb5.shadowm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 23:07 | shade.shadowm1nt.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 23:05 | nazrej.sa.com | Quasar RAT | quasar | abuse_ch |
| 2025-12-14 23:05 | malware.motchilltv.how | Quasar RAT | quasar | abuse_ch |
| 2025-12-14 22:58 | hush2.r1verdusk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 22:47 | bend.r1verdusk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 22:37 | gloam.r1verdusk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 22:27 | delta.r1verdusk.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 22:17 | ash.f1restorm.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 22:08 | squall.f1restorm.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:57 | flare1.f1restorm.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:48 | ember.f1restorm.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:38 | sun.cliffbright.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:27 | brink.cliffbright.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:18 | ridge3.cliffbright.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:07 | ledge.cliffbright.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 21:05 | eGQfG1Ah2LBHoksjmXz30w== | XWorm | XWorm | abuse_ch |
| 2025-12-14 20:57 | frost.darkmint.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 20:55 | 132.145.75.68:6597 | XWorm | XWorm | abuse_ch |
| 2025-12-14 20:47 | glade.darkmint.ru | ClearFake | ClearFake | threatcat_ch |
| 2025-12-14 20:45 | http://10.2.10.224:80/jZSF | Cobalt Strike | CobaltStrike | abuse_ch |
| 2025-12-14 20:38 | herb2.darkmint.ru | ClearFake | ClearFake | threatcat_ch |