| 2026-05-07 17:15 | https://ayensuanoda.gov.gh/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-07 17:03 | 217.64.148.159:51744 | Remcos | remcos |  TomU |
| 2026-05-07 17:03 | 217.64.148.159:56950 | Remcos | remcos | TomU |
| 2026-05-07 17:02 | sun-006.ydns.eu | Remcos | remcos | TomU |
| 2026-05-07 17:02 | sun-006-bk.ydns.eu | Remcos | remcos | TomU |
| 2026-05-07 16:48 | planbay.represent-skittish.lat | ClearFake | 7May2026 ClearFake Commandline Windows |  Gi7w0rm |
| 2026-05-07 16:00 | https://bik.hidayahnetwork.com/ | Vidar | Vidar |  crep1x |
| 2026-05-07 16:00 | bik.hidayahnetwork.com | Vidar | Vidar | crep1x |
| 2026-05-07 15:55 | onto.relativepulp.cfd | ACR Stealer | ACRStealer |  abuse_ch |
| 2026-05-07 15:53 | ssntana.com | KongTuke | Kongtuke |  monitorsg |
| 2026-05-07 15:53 | https://ssntana.com/file.js | KongTuke | Kongtuke | monitorsg |
| 2026-05-07 15:53 | https://ssntana.com/t | KongTuke | Kongtuke | monitorsg |
| 2026-05-07 15:53 | https://ssntana.com/g | KongTuke | Kongtuke | monitorsg |
| 2026-05-07 15:53 | https://ssntana.com/c | KongTuke | Kongtuke | monitorsg |
| 2026-05-07 15:53 | secure.nzlifecoaching.com | FAKEUPDATES | SocGholish | monitorsg |
| 2026-05-07 15:52 | 142.93.142.120:25001 | Kimwolf | c2 kimwolf |  Bitsight |
| 2026-05-07 14:50 | https://fourdigs.cyou | Lumma Stealer | Lumma | abuse_ch |
| 2026-05-07 14:43 | whynotebanarot.xyz | Unknown Webinject | ErrTraffic | Gi7w0rm |
| 2026-05-07 14:10 | unhoq4.arch-vivarium.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 14:07 | lettercinema.vexon6ar.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 14:05 | https://honceybl.cyou | Lumma Stealer | Lumma | abuse_ch |
| 2026-05-07 14:05 | https://balvlqts.cyou | Lumma Stealer | Lumma | abuse_ch |
| 2026-05-07 14:03 | genesun.arch-vivarium.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 14:01 | 204.10.160.250:7007 | XWorm | XWorm | abuse_ch |
| 2026-05-07 14:01 | parcboo.vexon6ar.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:56 | cwpjb6yk.arch-vivarium.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:54 | rapid-forge.vexon6ar.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:50 | neuralcra.arch-vivarium.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:49 | moledynam.vexon6ar.lat | ClearFake | ClearFake |  threatcat_ch |
| 2026-05-07 13:43 | dawn3-spool.fixionmunici9al.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:41 | onpyo.vexon6ar.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 13:36 | xs2f.fixionmunici9al.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:34 | xwpw.vexon6ar.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:30 | 1ce6-route.fixionmunici9al.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:28 | thre-thic.pav1mirex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:23 | 18nnbu.fixionmunici9al.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 13:21 | listenermacro.pav1mirex.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 13:17 | 1llume-sync.fixionmunici9al.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:14 | hvr071.pav1mirex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:10 | birc6-trail.fixionmunici9al.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 13:08 | launch-point.pav1mirex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 13:03 | supplyvau.fixionmunici9al.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 13:01 | solarvine.pav1mirex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:57 | shellengi.pastor-publicist.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 12:52 | h1ll-switch.pav1mirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 12:48 | casual-hinge.pastor-publicist.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 12:46 | irngvd.pav1mirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 12:41 | rgd2.pastor-publicist.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 12:40 | a3vrjnwj.xamir9el.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 12:35 | talmark5ix.pastor-publicist.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:32 | image-mesh.xamir9el.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:28 | 4mnyykj.pastor-publicist.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:27 | jizeeb.xamir9el.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 12:22 | 1oc44-span.pastor-publicist.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 12:20 | 1oc4l-node.xamir9el.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:15 | shore-leaf.pastor-publicist.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:13 | dynmesh5et.xamir9el.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 12:09 | doma.fastexitnow.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:07 | wg1wa8.xamir9el.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:04 | mixblo.xamir9el.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 12:02 | true.fastexitnow.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 11:58 | outerlaunch.tavro4xel.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 11:50 | un1o-loop.tavro4xel.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 11:47 | asts.datarunkey.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 11:44 | sketchbasic.tavro4xel.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 11:41 | https://round-cherry-4418.hellohiall.workers.dev | Unknown malware | CloudZ RAT |  johannes |
| 2026-05-07 11:41 | https://dyuthiengineering.com/d.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | dyuthiengineering.com | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | https://openrelayzone.top/rate/rate-effect.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | openrelayzone.top | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | https://openrelayzone.top/rate/principal-client.php | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | https://openrelayzone.top/rate/api-template.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | http://178.156.241.213 | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | http://5.78.87.19 | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | https://advancedpatternlab.com/yup | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:41 | advancedpatternlab.com | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-07 11:40 | abh.openlinksys.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 11:37 | 5107vvgb.tavro4xel.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 11:31 | tal-linea.tavro4xel.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 11:30 | https://vbv.hidayahnetwork.com/ | Vidar | Vidar | crep1x |
| 2026-05-07 11:30 | vbv.hidayahnetwork.com | Vidar | Vidar | crep1x |
| 2026-05-07 11:24 | 69zhzd.tavro4xel.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 11:18 | rich-endpo.tavro4xel.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 11:12 | rl035mt.7zorelax.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 11:05 | neo-anch0r.7zorelax.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 11:05 | gitlabh.openlinksys.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:57 | agmdojf.7zorelax.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:56 | apiopss.openlinksys.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:51 | 4rray-dock.7zorelax.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:49 | logbins.openlinksys.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:44 | pipelin-reach.7zorelax.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:44 | 94.154.35.160:12345 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-07 10:44 | 83.147.38.94:2030 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-07 10:44 | 66.85.27.30:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-07 10:44 | 5.101.81.81:9323 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-07 10:43 | 203.159.90.139:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-07 10:43 | 104.167.199.243:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-07 10:42 | appsrch.openlinksys.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 10:38 | jwosviuw.7zorelax.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:33 | webdocs.openlinksys.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:31 | filte-path.7zorelax.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:25 | syskeys.openlinksys.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:24 | wornod.qen2virex.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 10:19 | netmans.datarunkey.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 10:18 | steadymeasure.qen2virex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 10:11 | tcpcons.datarunkey.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 10:07 | sandman.qen2virex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 10:05 | sshpros.datarunkey.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 10:05 | silverlinegereedschap.nl | Nanocore RAT | NanoCore | abuse_ch |
| 2026-05-07 10:00 | oixkxhga.qen2virex.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:58 | vmlists.datarunkey.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:55 | 75aohwq.qen2virex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:50 | usrgrps.datarunkey.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 09:46 | 3ohr8brt.qen2virex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:43 | optwebs.datarunkey.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:40 | fmnnyp.qen2virex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:36 | proxyss.linkdevbase.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:31 | ciabjdb.mav8loren.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:30 | lanhops.linkdevbase.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:24 | go1d8-core.mav8loren.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:23 | subclis.linkdevbase.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:18 | arkdraor.mav8loren.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:17 | gt5kq695.die-reformer.digital | ClearFake | ClearFake | Anonymous |
| 2026-05-07 09:17 | ya15z70c.die-reformer.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:17 | a62fkli6.die-reformer.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:16 | bitkits.linkdevbase.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:11 | ultra-narr0.mav8loren.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:06 | envsets.linkdevbase.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 09:00 | m0del9-spool.mav8loren.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 09:00 | doclabs.linkdevbase.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 09:00 | doclabs.linkdevbase.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 08:53 | 30vw.mav8loren.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:53 | syncits.softworkapi.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 08:47 | roughvocal.mav8loren.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 08:46 | ioflows.softworkapi.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:39 | 5t4g3-port.3toravix.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 08:39 | taskids.softworkapi.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 08:31 | lum-valeon.3toravix.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:30 | comwebs.softworkapi.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:24 | trackeglacie.3toravix.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 08:23 | refid-xs.softworkapi.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:17 | railmix.3toravix.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:17 | autboxs.softworkapi.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:11 | snowvolt.3toravix.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 08:10 | domregs.fastexitnow.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 08:04 | 50cia8-route.3toravix.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 08:03 | pwrlogs.fastexitnow.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 07:57 | tlbwfid.3toravix.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:54 | extnets.fastexitnow.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:51 | gitlabh.fatovism-r2ccoon.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:50 | pkgruns.fastexitnow.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:44 | apiopss.fatovism-r2ccoon.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:43 | modbuss.fastexitnow.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 07:42 | ohn.stainedunstitch.work | SnappyClient | SnappyClient | abuse_ch |
| 2026-05-07 07:42 | ootid.srv-auth-dlt-msh.in.net | SnappyClient | SnappyClient | abuse_ch |
| 2026-05-07 07:42 | sash.thirstyschnapps.cfd | SnappyClient | SnappyClient | abuse_ch |
| 2026-05-07 07:37 | logbins.fatovism-r2ccoon.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 07:37 | 27.124.5.95:886 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-07 07:36 | srcgets.fastexitnow.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 07:36 | 43.199.58.243:8880 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-07 07:36 | cccflknorgnsd.cn | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-07 07:35 | 18.163.249.4:8880 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-07 07:34 | gimtjks.cn | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-07 07:30 | hwd.hidayahnetwork.com | Vidar | Vidar | crep1x |
| 2026-05-07 07:30 | https://hwd.hidayahnetwork.com/ | Vidar | Vidar | crep1x |
| 2026-05-07 07:30 | appsrch.fatovism-r2ccoon.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:30 | uidmaps.cloudtaskgo.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 07:25 | http://45.150.66.241/TRANCE | Unknown malware | macOS |  HuntYethHounds |
| 2026-05-07 07:25 | http://45.150.66.241/NITRO | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:25 | http://45.150.66.241/KLOP | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:24 | http://45.150.66.241/GETWELL | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:24 | http://45.150.66.241/Junilew | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:23 | http://45.150.66.241/Hikudip | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:23 | ftpsrvs.cloudtaskgo.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 07:23 | http://45.150.66.241/Cucowu | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:23 | http://45.150.66.241/Doheku | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:22 | https://vortexlogicgate.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:21 | webdocs.fatovism-r2ccoon.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 07:19 | https://s4frlcnoplw.com/d | KongTuke | Kongtuke | monitorsg |
| 2026-05-07 07:19 | s4frlcnoplw.com | KongTuke | Kongtuke | monitorsg |
| 2026-05-07 07:19 | https://jimbos.com/ | IClickFix | | GeNer8 |
| 2026-05-07 07:19 | https://bgu-uniq.co.il/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-07 07:19 | https://coloringonly.com/es/lionel-messi/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-07 07:18 | vortexlogicgate.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 07:15 | libsyss.cloudtaskgo.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 07:14 | syskeys.fatovism-r2ccoon.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 07:08 | jobadms.cloudtaskgo.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:06 | 121.196.170.236:443 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-05-07 07:06 | 8.136.182.237:80 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-05-07 07:05 | netmans.chemistry5till.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 07:01 | rawdats.cloudtaskgo.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:56 | tcpcons.chemistry5till.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:55 | ziparks.cloudtaskgo.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:50 | sshpros.chemistry5till.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:48 | osbases.srvappsite.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:43 | vmlists.chemistry5till.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:41 | metalts.srvappsite.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:37 | https://moro4tix.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 06:37 | moro4tix.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 06:36 | usrgrps.chemistry5till.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:36 | https://1ymphstoy.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 06:35 | 1ymphstoy.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-05-07 06:34 | apidocs.srvappsite.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:29 | optwebs.chemistry5till.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:27 | dbinsts.srvappsite.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:25 | https://goodpix21341.digital/t.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-07 06:24 | https://goodpix21341.digital/ext.f66368c3907c.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-07 06:24 | https://goodpix21341.digital/ext-b.1c60f323a607.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-07 06:23 | https://goodpix21341.digital/t.188cfd3975db.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-07 06:23 | proxyss.smell-chat.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:22 | goodpix21341.digital | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-07 06:21 | skyvpns.srvappsite.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:20 | https://clacndjsvulnarbi.beer/api/css.js | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-05-07 06:19 | clacndjsvulnarbi.beer | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-05-07 06:16 | lanhops.smell-chat.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:13 | cmdsets.srvappsite.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 06:06 | tmpdirs.boxvpslog.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 06:04 | subclis.smell-chat.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 05:59 | sshbins.boxvpslog.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 05:58 | bitkits.smell-chat.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:52 | sslkeys.boxvpslog.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:51 | envsets.smell-chat.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:50 | getcfgs.boxvpslog.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 05:44 | doclabs.smell-chat.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:44 | ipnodes.boxvpslog.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 05:37 | syncits.inhum2ntendency.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:35 | hotfixs.boxvpslog.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:30 | ioflows.inhum2ntendency.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 05:28 | bitfoxs.webbitsync.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 05:23 | taskids.inhum2ntendency.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:21 | topsvcs.webbitsync.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 05:15 | comwebs.inhum2ntendency.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:14 | opsmgrs.webbitsync.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 05:08 | refid-xs.inhum2ntendency.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 05:07 | cpupros.webbitsync.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:01 | autboxs.inhum2ntendency.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 05:00 | vpsruns.webbitsync.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:54 | domregs.hatched-labile.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 04:54 | dnswebs.webbitsync.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 04:47 | pwrlogs.hatched-labile.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 04:46 | appboxs.nethubtop.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:40 | extnets.hatched-labile.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:40 | devbits.nethubtop.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:33 | pkgruns.hatched-labile.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 04:33 | srvlogs.nethubtop.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 04:26 | modbuss.hatched-labile.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 04:26 | netapis.nethubtop.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:19 | srcgets.hatched-labile.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:19 | webcdnx.nethubtop.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 04:13 | uidmaps.poi5oneducation.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 04:13 | srvhubs.nethubtop.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 04:04 | ftpsrvs.poi5oneducation.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 03:56 | libsyss.poi5oneducation.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 03:50 | jobadms.poi5oneducation.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 03:40 | rawdats.poi5oneducation.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 03:34 | ziparks.poi5oneducation.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 03:27 | osbases.puerto-ricans.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 03:20 | metalts.puerto-ricans.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 03:13 | apidocs.puerto-ricans.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 03:06 | dbinsts.puerto-ricans.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 02:58 | skyvpns.puerto-ricans.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 02:52 | cmdsets.puerto-ricans.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 02:45 | tmpdirs.moto7transport.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 02:38 | sshbins.moto7transport.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 02:31 | sslkeys.moto7transport.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 02:25 | getcfgs.moto7transport.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 02:15 | ipnodes.moto7transport.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 02:08 | hotfixs.moto7transport.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 02:01 | bitfoxs.breasted-skoda.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 02:00 | https://ann.hidayahnetwork.com/ | Vidar | Vidar | crep1x |
| 2026-05-07 02:00 | ann.hidayahnetwork.com | Vidar | Vidar | crep1x |
| 2026-05-07 01:54 | topsvcs.breasted-skoda.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 01:47 | opsmgrs.breasted-skoda.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 01:41 | cpupros.breasted-skoda.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 01:29 | vpsruns.breasted-skoda.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 01:22 | dnswebs.breasted-skoda.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 01:14 | appboxs.mowin8single.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 01:07 | devbits.mowin8single.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 01:00 | srvlogs.mowin8single.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 00:51 | netapis.mowin8single.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 00:42 | webcdnx.mowin8single.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 00:36 | srvhubs.mowin8single.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 00:30 | gitlabh.sorix7el.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 00:23 | apiopss.sorix7el.lat | ClearFake | 7May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-07 00:18 | logbins.sorix7el.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-07 00:12 | appsrch.sorix7el.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-07 00:05 | webdocs.sorix7el.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 23:59 | syskeys.sorix7el.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 23:54 | netmans.5dorexin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 23:47 | tcpcons.5dorexin.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 23:40 | sshpros.5dorexin.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 23:34 | vmlists.5dorexin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 23:28 | usrgrps.5dorexin.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 23:23 | optwebs.5dorexin.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 23:17 | proxyss.vexon4al.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 23:11 | lanhops.vexon4al.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 23:06 | subclis.vexon4al.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 22:59 | bitkits.vexon4al.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 22:53 | envsets.vexon4al.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 22:47 | doclabs.vexon4al.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 22:39 | syncits.pav8lorex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 22:34 | ioflows.pav8lorex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 22:25 | taskids.pav8lorex.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 22:18 | comwebs.pav8lorex.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 22:12 | refid-xs.pav8lorex.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 22:07 | autboxs.pav8lorex.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 21:57 | domregs.xamir3on.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 21:52 | pwrlogs.xamir3on.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 21:45 | extnets.xamir3on.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 21:40 | pkgruns.xamir3on.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 21:32 | modbuss.xamir3on.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-06 21:27 | quickhelp.me | Unknown malware | panel ScreenConnect |  varysz |
| 2026-05-06 21:25 | srcgets.xamir3on.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 21:21 | workplacemeetingconnect.com | Unknown malware | Fake Zoom rmm | varysz |
| 2026-05-06 21:21 | ck34.site | AsyncRAT | |  skocherhan |
| 2026-05-06 21:17 | uidmaps.tavro6xel.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 21:13 | gitlabh.filipen-typograp.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 21:12 | ftpsrvs.tavro6xel.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 21:07 | apiopss.filipen-typograp.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 21:04 | libsyss.tavro6xel.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 21:02 | logbins.filipen-typograp.lat | ClearFake | ClearFake | Anonymous |
| 2026-05-06 20:56 | jobadms.tavro6xel.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:55 | appsrch.filipen-typograp.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 20:53 | http://178.16.55.25/bcbb13c7c8984290857b.php | Stealc | c2 FFF0506 Loader Stealc stealer | Bitsight |
| 2026-05-06 20:53 | ctcodein.biz | magecart | Magecart | varysz |
| 2026-05-06 20:53 | 82.21.7.28:4444 | Remcos | remcos RemcosRAT Remvio Socmer |  whoamix302 |
| 2026-05-06 20:53 | 27.102.137.139:443 | Remcos | remcos RemcosRAT Remvio Socmer | whoamix302 |
| 2026-05-06 20:53 | 145.82.181.191:548 | Xtreme RAT | ExtRat Xtreme RAT | whoamix302 |
| 2026-05-06 20:53 | https://trackpipe.dev | Remcos | | johannes |
| 2026-05-06 20:53 | 192.109.200.154:54984 | Nanocore RAT | Nancrat NanoCore NanoCore RAT | whoamix302 |
| 2026-05-06 20:53 | https://wrat.in:992/sa1at/ | Unknown malware | Salat Stealer | johannes |
| 2026-05-06 20:53 | mxtestacionamentos.com | Unknown malware | TCLBANKER | johannes |
| 2026-05-06 20:53 | https://salat.cn/sa1at/ | Unknown malware | Salat Stealer | johannes |
| 2026-05-06 20:53 | campanha1-api.ef971a42.workers.dev | Unknown malware | TCLBANKER | johannes |
| 2026-05-06 20:53 | support-onion.club | Unknown malware | NWHStealer | johannes |
| 2026-05-06 20:53 | https://webhook.site/1d98b695-72df-4e88-885c-5efeb3df75f7 | Unknown malware | teampcp | johannes |
| 2026-05-06 20:53 | uploadfiler.com | Chaos | | johannes |
| 2026-05-06 20:53 | cosmic-nebula.cc | Unknown malware | NWHStealer | johannes |
| 2026-05-06 20:53 | silent-orbit.cc | Unknown malware | NWHStealer | johannes |
| 2026-05-06 20:53 | 72.5.43.193:8888 | Unknown malware | autovault autovault-panel | Lenny_3BO |
| 2026-05-06 20:53 | 3zetr6eb20x.com | KongTuke | Kongtuke | monitorsg |
| 2026-05-06 20:53 | https://t.me/ax03bot | Phantom Stealer | macOS PhantomPulse Windows | fab0 |
| 2026-05-06 20:53 | https://3zetr6eb20x.com/d | KongTuke | Kongtuke | monitorsg |
| 2026-05-06 20:53 | honestly.ink | Phantom Stealer | macOS PhantomPulse Windows | fab0 |
| 2026-05-06 20:53 | acvgste.club | Phantom Stealer | macOS PhantomPulse Windows | fab0 |
| 2026-05-06 20:53 | 0x666.info | Phantom Stealer | macOS PhantomPulse Windows | fab0 |
| 2026-05-06 20:53 | pla7ina.cfd | Phantom Stealer | macOS PhantomPulse Windows | fab0 |
| 2026-05-06 20:53 | https://selelegroup.co.za/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-06 20:53 | boletukk.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | trotskxt.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | springvc.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | psychozc.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | pricelou.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | strainug.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | americoq.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | lyingapy.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:53 | bactergy.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | perfecpl.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | granddsd.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | lovesozp.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | oncolonb.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | amphibgz.cyou | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | mushxhb.best | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | 134.122.48.21:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-05-06 20:52 | 146.190.18.251:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-05-06 20:52 | cpanel.khomeini.eu.org | FAKEUPDATES | SocGholish | monitorsg |
| 2026-05-06 20:52 | 167.71.66.3:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-05-06 20:52 | genugsq.best | Lumma Stealer | Lumma Windows | fab0 |
| 2026-05-06 20:52 | https://empretec.co.zw/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-06 20:45 | 45.207.192.190:30078 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-06 20:45 | 207.56.226.75:443 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-06 20:45 | 117.72.168.103:16337 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-06 20:44 | static.slbc7890.shop | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-06 20:42 | rawdats.tavro6xel.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:40 | webdocs.filipen-typograp.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:36 | ziparks.tavro6xel.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:34 | syskeys.filipen-typograp.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:29 | osbases.1zorelin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:28 | netmans.clampe7outback.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:23 | metalts.1zorelin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:23 | tcpcons.clampe7outback.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:17 | apidocs.1zorelin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:17 | sshpros.clampe7outback.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:15 | https://leemidtownsalon.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-06 20:12 | dbinsts.1zorelin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:11 | vmlists.clampe7outback.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:06 | skyvpns.1zorelin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:06 | usrgrps.clampe7outback.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:01 | cmdsets.1zorelin.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:00 | optwebs.clampe7outback.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 20:00 | https://ntr.hidayahnetwork.com/ | Vidar | Vidar | crep1x |
| 2026-05-06 20:00 | ntr.hidayahnetwork.com | Vidar | Vidar | crep1x |
| 2026-05-06 19:57 | x8jh7qqg.die-reformer.digital | ClearFake | ClearFake | Anonymous |
| 2026-05-06 19:56 | 3ck7o3zl.die-reformer.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:55 | tmpdirs.qen9varol.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:55 | proxyss.captive-portal.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:49 | sshbins.qen9varol.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:49 | lanhops.captive-portal.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:44 | sslkeys.qen9varol.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:43 | subclis.captive-portal.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:36 | getcfgs.qen9varol.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:36 | bitkits.captive-portal.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:31 | ipnodes.qen9varol.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:30 | envsets.captive-portal.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:25 | hotfixs.qen9varol.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:25 | doclabs.captive-portal.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:19 | bitfoxs.mav2lirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:19 | syncits.academicunmemo7.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:15 | https://johnsinstallations.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-06 19:15 | https://vistarmoney.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-06 19:14 | topsvcs.mav2lirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:13 | ioflows.academicunmemo7.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:08 | opsmgrs.mav2lirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:08 | taskids.academicunmemo7.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 19:02 | cpupros.mav2lirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 19:02 | comwebs.academicunmemo7.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:57 | vpsruns.mav2lirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:56 | refid-xs.academicunmemo7.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:51 | dnswebs.mav2lirex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:50 | autboxs.academicunmemo7.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:45 | appboxs.7toralex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:44 | domregs.cobble-mortgag.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:44 | 5.101.86.102:2501 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-06 18:44 | 5.101.86.107:4934 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-06 18:43 | 31.57.216.62:14641 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-06 18:43 | 192.109.200.143:2345 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-06 18:43 | 178.16.52.203:1889 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-06 18:43 | 154.18.238.18:8848 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-06 18:43 | 104.194.157.45:7001 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-06 18:39 | pwrlogs.cobble-mortgag.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 18:35 | devbits.7toralex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:33 | extnets.cobble-mortgag.lat | ClearFake | 6May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-06 18:29 | srvlogs.7toralex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:27 | pkgruns.cobble-mortgag.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:23 | netapis.7toralex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:22 | modbuss.cobble-mortgag.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:18 | webcdnx.7toralex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:16 | srcgets.cobble-mortgag.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:15 | https://alexanderkeller.ch/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-06 18:12 | srvhubs.7toralex.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:11 | uidmaps.setting5hoo.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 18:03 | ftpsrvs.setting5hoo.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 17:57 | libsyss.setting5hoo.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 17:52 | jobadms.setting5hoo.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 17:47 | meta-narr0.sorix7el.lat | ClearFake | ClearFake | threatcat_ch |
| 2026-05-06 17:46 | rawdats.setting5hoo.lat | ClearFake | ClearFake | threatcat_ch |