| 2026-04-30 06:11 | basehostunit.cosmologic.bet | ClearFake | 30April2026 ClearFake Commandline Windows |  Gi7w0rm |
| 2026-04-30 06:11 | grid3pathgate.cosmologic.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 06:11 | rule6taskhub.cosmologic.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 06:11 | plotmeshsite.cosmologic.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 06:05 | deep3taskhub.tensorlogicbox.bet | ClearFake | ClearFake |  threatcat_ch |
| 2026-04-30 06:03 | 83.217.208.78:3011 | Unknown malware | |  abuse_ch |
| 2026-04-30 06:00 | plotmeshsite.tensorlogicbox.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 05:54 | flat8logicway.tensorlogicbox.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 05:50 | 103.211.219.238:80 | Remus | Remus |  orlof_v |
| 2026-04-30 05:50 | 195.19.194.107:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 62.72.32.156:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 76.13.17.11:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 85.31.234.218:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 31.97.61.212:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 72.61.25.108:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 148.230.76.66:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 194.164.72.136:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 65.21.104.235:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 168.231.114.49:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 95.217.206.239:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 178.104.90.74:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 5.189.165.117:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | 37.77.150.108:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:50 | high9siteview.kineticgatehub.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | 45.85.147.53:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 137.184.153.47:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 68.183.161.221:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 67.205.186.254:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 78.111.111.236:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 94.231.205.229:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 15.235.192.42:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 147.135.84.14:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 89.58.10.69:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 5.231.25.31:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 5.45.184.254:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 185.53.179.128:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 79.111.111.236:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | 68.183.61.221:80 | Remus | Remus | orlof_v |
| 2026-04-30 05:49 | dice6logicnet.thora9xel.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | fusetasknode.thari9xel.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | linkhostunit.thari9xel.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | side5pathgate.thora9xel.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | zinc8siteview.thari9xel.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | zero4logicway.niva2ron.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | datameshsite.nexo2ran.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | byte7taskhub.nexo2ran.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | loadhostunit.nexo2ran.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | nonehostunit.niva2ron.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | port3pathgate.nexo2ran.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | flow8siteview.nexo2ran.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | scan2logicnet.mira5qor.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | pingmeshnode.mira5qor.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | hop9taskhub.mira5qor.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | win9taskhub.mist5qora.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | next5pathgate.mira5qor.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | next2pathgate.mist5qora.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | core9logicnet.thari9xel.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | suit8siteview.lo4miren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | fast7siteview.mira5qor.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | heat8logicway.sola8ven.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | sunmeshsite.sola8ven.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | highmeshsite.so8laven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | glow3taskhub.sola8ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | king6taskhub.so8laven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | rayhostunit.sola8ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | beam5pathgate.sola8ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:49 | dawn9siteview.sola8ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | patchmeshnode.pavi1rix.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | run4taskhub.pavi1rix.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | starthostunit.pavi1rix.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | linehostunit.peta1vrix.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | save2siteview.pavi1rix.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | heat4logicway.grov6mira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | grid6logicway.grov6tela.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | http://178.16.52.232/ | Unknown malware | ClickFix |  Lenny_3BO |
| 2026-04-30 05:48 | http://91.92.240.45/ | Unknown malware | AS202412 ClickFix french-brand-imp | Lenny_3BO |
| 2026-04-30 05:48 | caravan-crm-lu.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | ton-dossier-fr.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | ta-carte-a-renouvelle.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | renouvelle-ta-carte.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | franceinfo-finance.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | liberation-eco-info.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | liberation-actu-info.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | info-livraison-relay.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | distributionsuivi-colis.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | distribmondrelay.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | distributionmondrelay.com | Unknown malware | AS202412 ClickFix french-brand-imp phishing | Lenny_3BO |
| 2026-04-30 05:48 | https://sandman.bond/api/index.php?a=dl&token=d0a5e3b511c293206448ac44451b87f717fbdfa0c2f97242082bd2f29748a486&src=sanfrancescos.com&mode=cloudflare | Vidar | Vidar |  whoamix302 |
| 2026-04-30 05:48 | dl.nyc-blockchain.com | FAKEUPDATES | SocGholish |  monitorsg |
| 2026-04-30 05:48 | 89.124.79.20:9000 | SectopRAT | 1xxbot ArechClient SectopRAT | whoamix302 |
| 2026-04-30 05:48 | 149.12.67.100:139 | Xtreme RAT | ExtRat Xtreme RAT | whoamix302 |
| 2026-04-30 05:48 | 158.101.97.20:10001 | Xtreme RAT | ExtRat Xtreme RAT | whoamix302 |
| 2026-04-30 05:48 | 5c2cf4d36a6d942d6beb7b27b37c380e3fd688a3bb4f8616a13d20bf80c0bbea | XWorm | ClickFix RMM-abuse ScreenConnect vercel | Lenny_3BO |
| 2026-04-30 05:48 | vickynewsc.xyz | XWorm | ClickFix RMM-abuse ScreenConnect vercel | Lenny_3BO |
| 2026-04-30 05:48 | vmailnewwqmwe.vercel.app | XWorm | ClickFix RMM-abuse ScreenConnect vercel | Lenny_3BO |
| 2026-04-30 05:48 | https://vmailnewwqmwe.vercel.app/new.msi | XWorm | ClickFix RMM-abuse ScreenConnect vercel | Lenny_3BO |
| 2026-04-30 05:48 | mapmeshsite.grov6tela.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | coldmeshsite.grov6mira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | zone3taskhub.grov6tela.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | areahostunit.grov6tela.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | hot9taskhub.grov6mira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | plot5pathgate.grov6tela.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | burn2pathgate.grov6mira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | site8siteview.grov6tela.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | cool3logicnet.flor3xan.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | air7taskhub.flor3xan.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | freehostunit.flor3xan.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | pure9siteview.flor3xan.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | view8siteview.flo3xaren.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | dark2logicway.mi2rath.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | gold9logicway.verd7loka.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | voidmeshsite.mi2rath.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | lasthostunit.mi2rath.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:48 | zero5pathgate.mi2rath.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | deep7siteview.mi2rath.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | dark4logicnet.pulsarspin.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | lightmeshway.pulsarspin.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | beam9taskhub.pulsarspin.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | corehostunit.pulsarspin.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | fast2pathgate.pulsarspin.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | glow7siteview.pulsarspin.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | dust6logicway.nebulaflux.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | leap7pathgate.quantumbitlink.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | cloudmeshsite.nebulaflux.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | gas3taskhub.nebulaflux.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | ionhostunit.nebulaflux.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | faint5pathgate.nebulaflux.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | deep8siteview.nebulaflux.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | ray2logicnet.quasargrid.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | highmeshnode.quasargrid.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | firehostunit.quasargrid.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | hard4pathgate.quasargrid.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | gearhostunit.torquegridunit.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | pure9siteview.quasargrid.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | spin2pathgate.torquegridunit.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | turn5logicway.orbitmesh.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | pathmeshsite.orbitmesh.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | loop3taskhub.orbitmesh.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | sidehostunit.orbitmesh.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | axis8pathgate.orbitmesh.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | basehostunit.staticmeshview.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | peak7logicnet.zenithnode.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | cold6siteview.staticmeshview.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | topmeshnode.zenithnode.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | move2logicnet.kineticgatehub.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | up5pathgate.zenithnode.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | sky9siteview.zenithnode.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | rush4pathgate.kineticgatehub.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | math4logicway.cosmologic.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:47 | sleeve-stadium-pubs-javascript.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | peace-ray-unnecessary-dave.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | wet-envelope-beam-laser.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | katrina-teenage-documentation-auction.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | cst-lap-racing-authentic.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | cams-sphere-airline-drums.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | proceedings-essay-pricing-includes.trycloudflare.com | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | 96e157a49e9b3667d9c0838743a5cff48803e7062357853d2cd3f430c05c181c | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | 230b693565c103966ab2e05691554765a434628d672b37d757ea130eff2c8e21 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | a24730b62777b46bf22b83c08d470b9a85e22dccebf23635de2ca8cb72267325 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | 207d964e8254633cff1059ed62c2cc9fe67cedd83094bb2b61b9a430f924749b | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | 5478d1fe4f979f6a9a456d50dd84d18b04294701c9128eabcef412f6779a39b4 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | 8e248505b6cd87d2e27ed40541c2b2933113380da27bc75458d62d419e732f8d | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | 1382fbfcc7691d404b2202838270efd4137d4a4964047b94f2ed1dfabb407741 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | c85d73b0dbe1a5ff6a25e8980b0639d7309d9a97d2f5d799fb337bb36f217744 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:47 | b538e0e8a2add9ee49386771563804ec64f71cb592196c9cd415f535799db13d | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 832326f3a377973a35cb465bd3510f5f6199c7454a0e0557e4f95b85313a76a5 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 6056329246bf6ef61ff8eae8bf7697ea59bfc3413cd7c9ce338e51e302264f46 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 39c3267609ba685febfd9e385dd17d2fec28a79c3fc9b9d787aa411e4e2bd87f | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 26b35f04cd53782196ef2f56f1f0b37866f0b685c7e2e4c8b84495e01c91917f | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 06c9d67ad7d9d11e12b2f167cc22e1ea538df4b28f85fc6e00c36e9bcdaec043 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | c978e8310f179fc5a3a3275a81d57ed8e95705f00b24d205dff705502e942f41 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 218628edc95f7c425fad294048adca65e235ae3024f084c9afaf483f66f71b6c | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 14526f645590fc1e29557efb1e177b641c8caca50fb6246611940d329edf9eac | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | aaf15e8f685f8801ea6a605150b3739797ba8a2bfee6838d045368adfe3d62e1 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 13a6420822dab0d4ca6c1b422c66e5dd3a59637588279097efe47f7e553eb849 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | bd3a7e2805d2f6f371366d6847998843b98298a748c45dd3ef6014b85697c4ae | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | f38cd6aa26981ba1eea4fb0ec8f9db212e518f65f28556e108ef74d92e4809b6 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | f2caaf774ab4ac5e7b5d9299117eb1bad22e025a2e530ffc29496456760390b6 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | d191615b7c6db1ce70af1a6f4849f3e1933e4609c58d84273c643ff1c20f5ded | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | 71fc6f86d7ab21afe5ef5954e8a17443f2a1999a4c30ed837da9baaecff71da8 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | c0d5366786aae498e155b1321e70793cec440563891757a5f5f7a374984d2b10 | Unknown malware | ClickFix fingerfix-cluster multi-rat-deliver trycloudflare UK WebDav | Lenny_3BO |
| 2026-04-30 05:46 | tourimex.com | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress |  varysz |
| 2026-04-30 05:46 | edwinmsarmiento.com | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-04-30 05:46 | aeronbranding.com | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-04-30 05:46 | precosdemotos.com.br | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-04-30 05:46 | dokunmatikekrandegisimi.com | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-04-30 05:46 | sanfrancescos.com | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-04-30 05:46 | match3taskhub.zora7vex.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | skillhostunit.zora7vex.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | win2siteview.zora7vex.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | key8taskhub.lumi4ren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | 5.252.177.183:443 | Unknown malware | ClickFix iex MIVOCLOUD powershell | Lenny_3BO |
| 2026-04-30 05:46 | lockhostunit.lumi4ren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | safe4pathgate.lumi4ren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | cryptmeshsite.lumi4ren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | vault5logicway.lumi4ren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | chip2logicway.lo4miren.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | verifi-cation.com | Remus | Remus | orlof_v |
| 2026-04-30 05:46 | clou-dprotect.co | Remus | Remus | orlof_v |
| 2026-04-30 05:46 | pro9pathgate.zora7vex.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | https://satserfield.com/file.js | KongTuke | Kongtuke | monitorsg |
| 2026-04-30 05:46 | satserfield.com | KongTuke | Kongtuke | monitorsg |
| 2026-04-30 05:46 | https://satserfield.com/t | KongTuke | Kongtuke | monitorsg |
| 2026-04-30 05:46 | https://satserfield.com/g | KongTuke | Kongtuke | monitorsg |
| 2026-04-30 05:46 | https://satserfield.com/c | KongTuke | Kongtuke | monitorsg |
| 2026-04-30 05:46 | teampurenode.zora7vex.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | spin3taskhub.dra7vexa.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | relay-craft.grov9essa.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | xvwwhz.flo7ravia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | ser-meshal.flo5renth.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | re1ay8-zone.verd2onis.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:46 | ywqcdgz.flo7ravia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | freightflow.verd2onis.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | socialformat.verd2onis.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | arknex1ix.flo5renth.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | gpfaz8x.verd2onis.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | fabriclattic.verd2onis.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | przvbelk.verda7lya.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | znsb.verda7lya.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | daralteb.net | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-04-30 05:45 | frag7logicnet.zora7vex.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | illumemedia.peta8mora.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | rucbhks.grov3elia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | sol-crestor.grov3elia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | https://safecore.top/trace/principal-core.php | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-30 05:45 | safecore.top | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-30 05:45 | https://safecore.top/trace/rate-core.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-30 05:45 | kevh.grov3elia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | c4rrie3-node.grov3elia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | kqwgc4.grov3elia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | imea.flo7ravia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | 6352.grov9essa.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:45 | solvenon4.flo7ravia.bet | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-30 05:35 | starthostunit.kineticgatehub.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 05:30 | dash7taskhub.kineticgatehub.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 05:24 | flowmeshnode.kineticgatehub.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 05:07 | hold8pathgate.staticmeshview.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:56 | firm3taskhub.staticmeshview.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:50 | staymeshsite.staticmeshview.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:45 | stop5logicway.staticmeshview.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:39 | fast7siteview.torquegridunit.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:22 | bolt9taskhub.torquegridunit.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:16 | turnmeshnode.torquegridunit.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:11 | axis4logicnet.torquegridunit.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:05 | hide8siteview.cryptosyncflow.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 04:00 | lock5pathgate.cryptosyncflow.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:54 | signhostunit.cryptosyncflow.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:50 | 117.50.71.2:9999 | ValleyRAT | valleyrat_s2 | abuse_ch |
| 2026-04-30 03:48 | key6taskhub.cryptosyncflow.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:45 | 94.156.250.190:7781 | RatonRAT | RatonRAT | abuse_ch |
| 2026-04-30 03:45 | http://94.250.250.235/generatormobile/supportmobile/phpframe/php/localServerdataMath/antiprodhtoppool/ruleServerWar/prod/phpcutrule/record/WarpluginCam/plugincore/limit/videoLinesecurebigloadsql.php | DCRat | dcrat RAT | abuse_ch |
| 2026-04-30 03:45 | 129.151.142.36:3229 | NjRAT | njrat | abuse_ch |
| 2026-04-30 03:45 | 129.151.142.36:2232 | NjRAT | njrat | abuse_ch |
| 2026-04-30 03:42 | codemeshsite.cryptosyncflow.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:40 | xzx.uk.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-30 03:40 | aanthuys.nl | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-30 03:40 | asm.it.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-30 03:35 | 172.67.164.185:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | 104.21.50.178:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | 104.21.27.243:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | 172.67.169.216:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | 172.67.213.117:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | 104.21.37.211:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | 104.21.30.121:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:35 | hash3logicway.cryptosyncflow.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-30 03:35 | 172.67.172.230:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-30 03:29 | jump2siteview.quantumbitlink.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:17 | corehostunit.quantumbitlink.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:12 | wave4taskhub.quantumbitlink.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:06 | spinmeshnode.quantumbitlink.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 03:01 | atom9logicnet.quantumbitlink.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:55 | safe7siteview.verd7loka.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:50 | mint2pathgate.verd7loka.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:44 | bankhostunit.verd7loka.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:38 | coin4taskhub.verd7loka.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:32 | richmeshsite.verd7loka.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:12 | rate5pathgate.flo3xaren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 02:02 | parihostunit.flo3xaren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 01:57 | prob6taskhub.flo3xaren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 01:51 | statmeshnode.flo3xaren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 01:46 | math3logicnet.flo3xaren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 01:38 | glow7siteview.grov6mira.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 01:25 | firehostunit.grov6mira.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 01:03 | cash8siteview.peta1vrix.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-30 01:00 | https://bbi.nossamidia.net.br/ | Vidar | Vidar |  crep1x |
| 2026-04-30 01:00 | https://bbi.yutikeyu.com/ | Vidar | Vidar | crep1x |
| 2026-04-30 01:00 | bbi.nossamidia.net.br | Vidar | Vidar | crep1x |
| 2026-04-30 01:00 | bbi.yutikeyu.com | Vidar | Vidar | crep1x |
| 2026-04-30 00:57 | pay5pathgate.peta1vrix.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 00:43 | pull2taskhub.peta1vrix.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 00:38 | reelmeshnode.peta1vrix.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 00:30 | slot7logicnet.peta1vrix.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 00:24 | wild9siteview.so8laven.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 00:18 | jack4pathgate.so8laven.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-30 00:12 | acehostunit.so8laven.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 23:54 | rank3logicway.so8laven.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 23:48 | fast7siteview.mist5qora.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 23:37 | lasthostunit.mist5qora.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 23:25 | playmeshnode.mist5qora.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 23:20 | game5logicnet.mist5qora.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 23:15 | open8siteview.niva2ron.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 23:15 | https://financialexpress.com.au/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-29 23:09 | free3pathgate.niva2ron.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 22:57 | null7taskhub.niva2ron.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 22:52 | voidmeshsite.niva2ron.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 22:40 | drop9siteview.thora9xel.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 22:29 | edgehostunit.thora9xel.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 22:23 | face2taskhub.thora9xel.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 22:18 | rollmeshnode.thora9xel.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 21:59 | ante4pathgate.lo4miren.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 21:53 | bankhostunit.lo4miren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 21:47 | fold7taskhub.lo4miren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 21:42 | dealmeshsite.lo4miren.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 21:36 | ogicway.lo4miren.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 21:30 | https://yutikeyu.com/ | Vidar | Vidar | crep1x |
| 2026-04-29 21:26 | luck9siteview.dra7vexa.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 21:20 | deck5pathgate.dra7vexa.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 21:14 | cardhostunit.dra7vexa.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 21:11 | https://nig.nossamidia.net.br/ | Vidar | lv80gzr Vidar | abuse_ch |
| 2026-04-29 21:11 | nig.nossamidia.net.br | Vidar | lv80gzr Vidar | abuse_ch |
| 2026-04-29 21:04 | riskmeshnode.dra7vexa.bet | ClearFake | ClearFake | Anonymous |
| 2026-04-29 20:59 | odds8logicnet.dra7vexa.bet | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 20:35 | 104.168.70.158:2404 | Remcos | remcos | abuse_ch |
| 2026-04-29 20:35 | 104.168.70.158:5000 | Remcos | remcos | abuse_ch |
| 2026-04-29 19:44 | vtc3eae.verda7lya.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 19:32 | hyper-fund.verda7lya.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 19:21 | cliff2-vault.verda7lya.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 19:14 | frameworkjsbns.beer | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 19:09 | image-hold.flo5renth.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 18:59 | l6ms.flo5renth.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 18:53 | vine-lab.flo5renth.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 18:29 | 9takl.grov9essa.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 18:23 | vupvuar8.grov9essa.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 18:18 | out13-stream.grov9essa.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 18:12 | microbeforest.petalu1ne.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 18:07 | zen-coreet.petalu1ne.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 18:01 | ultra-rnetr1.petalu1ne.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 18:00 | mnt.nossamidia.net.br | Vidar | Vidar | crep1x |
| 2026-04-29 18:00 | https://mnt.nossamidia.net.br/ | Vidar | Vidar | crep1x |
| 2026-04-29 18:00 | mnt.yutikeyu.com | Vidar | Vidar | crep1x |
| 2026-04-29 18:00 | https://mnt.yutikeyu.com/ | Vidar | Vidar | crep1x |
| 2026-04-29 17:56 | hqyqbe.petalu1ne.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 17:47 | meta-rnass1v.petalu1ne.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 17:35 | fj0r8-chain.so6lavern.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 17:29 | dyncorear.so6lavern.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 17:22 | urbandeep.so6lavern.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 17:20 | https://springvc.cyou | Lumma Stealer | Lumma | abuse_ch |
| 2026-04-29 17:16 | bundlfilter.so6lavern.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 17:14 | seering5outh.digital | ClearFake | 29April2026 ClearFake Commandline macOS | Gi7w0rm |
| 2026-04-29 17:14 | arkmarkar2.lunav8era.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 17:14 | neo-tr3nd.lunav8era.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 17:14 | serlithos.mist3briar.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 17:14 | vel-valeis.mist3briar.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 17:14 | banner-stack.so6lavern.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 17:14 | nor-tideum.ve7loria.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 17:14 | glowmedaesthetics.com | Unknown Stealer | MacSync |  tanner |
| 2026-04-29 17:02 | 0njmhe52.mist3briar.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 16:57 | lwmbun.mist3briar.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:40 | velcrest2en.mist3briar.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:34 | lxkedtm4.lunav8era.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:32 | h6gmmo5g.seering5outh.digital | ClearFake | ClearFake | Anonymous |
| 2026-04-29 16:32 | 16z4okne.seering5outh.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:28 | sub-l1ght.lunav8era.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:15 | https://seabelleyachtservices.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-29 16:15 | https://green-buildingsrl.it/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-29 16:14 | w674qftb.seering5outh.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:14 | z3ebwqw0.seering5outh.digital | ClearFake | ClearFake | Anonymous |
| 2026-04-29 16:11 | nggau.lunav8era.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:06 | zcvxwp.thorni2va.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 16:00 | dynmesh5or.thorni2va.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:58 | jh27i1hs.seering5outh.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:55 | o3fs4mi0.little-spoken.digital | ClearFake | ClearFake | Anonymous |
| 2026-04-29 15:54 | insigh-pro.thorni2va.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 15:54 | xh2vawpt.little-spoken.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:53 | fuq05rzs.little-spoken.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:49 | glac-vector.thorni2va.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:43 | xqjrhdwm.thorni2va.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:38 | sharpnoti.ve7loria.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:30 | equ1t-spark.ve7loria.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:25 | dynvenet7.ve7loria.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:18 | calm-bir.glen4mora.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 15:18 | gate1-forge.ve7loria.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 15:18 | 103.140.238.45:31337 | Sliver | sliver | whoamix302 |
| 2026-04-29 15:18 | 152.53.103.201:31337 | Sliver | sliver | whoamix302 |
| 2026-04-29 15:15 | https://labo.univ-msila.dz/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-29 15:02 | zr4ipb.glen4mora.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 15:01 | ee1ewv3.glen4mora.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 15:00 | https://wtn.nossamidia.net.br/ | Vidar | Vidar | crep1x |
| 2026-04-29 15:00 | https://wtn.yutikeyu.com/ | Vidar | Vidar | crep1x |
| 2026-04-29 15:00 | wtn.nossamidia.net.br | Vidar | Vidar | crep1x |
| 2026-04-29 15:00 | wtn.yutikeyu.com | Vidar | Vidar | crep1x |
| 2026-04-29 14:56 | 3u02msh.glen4mora.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 14:50 | 45.9.168.219:2404 | Remcos | remcos | abuse_ch |
| 2026-04-29 14:45 | mujqm85.glen4mora.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 14:43 | 82.156.62.131:80 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 14:43 | 46.137.196.122:8000 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 14:43 | 217.154.212.25:8081 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 14:43 | 156.245.147.98:9010 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 14:43 | 100.113.210.8:8081 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 14:43 | microsoftcdn.accesscam.org | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 14:39 | cedspoo.g1enmor.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 14:34 | qhyo.ve1ori.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 14:34 | https://kovkcek.com/file.js | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | dynfluxon5.ve1ori.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 14:34 | kovkcek.com | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | https://kovkcek.com/t | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | https://kovkcek.com/g | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | https://kovkcek.com/c | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | https://rs2y15sungu.com/d | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | rs2y15sungu.com | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 14:34 | juvobd.g1enmor.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 14:34 | 117.50.71.2:6666 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-29 14:32 | extractquant.g1enmor.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 14:18 | meadow-cast.g1enmor.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 14:13 | pilot-brave.g1enmor.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 14:07 | vordraon9.g1enmor.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 14:02 | sercrestar.ve1ori.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 13:44 | 307clahr.mistbr1a.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:44 | rapidlogiclab.top | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-29 13:44 | https://rapidlogiclab.top/trace/principal-core.php | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-29 13:44 | https://rapidlogiclab.top/trace/rate-core.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-29 13:44 | https://truenexor.com/document | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-29 13:44 | truenexor.com | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-29 13:44 | yluumg.lunave5.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:44 | tr4il7-watch.lunave5.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:44 | update.updatemicfosoft.com | WarLock | |  johannes |
| 2026-04-29 13:44 | theoryviraleliminate.com | Unknown malware | | johannes |
| 2026-04-29 13:44 | monkey.kyun.li | Unknown malware | | johannes |
| 2026-04-29 13:44 | codeinecrazy.xyz | Unknown malware | | johannes |
| 2026-04-29 13:44 | cherrymixtureinstrument.com | Unknown malware | | johannes |
| 2026-04-29 13:44 | cinemscript.th0rniva.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:44 | lummeshet3.lunave5.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:44 | sample9-field.th0rniva.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:44 | brionter.com | Unknown malware | ClickFix fingerfix | Lenny_3BO |
| 2026-04-29 13:44 | cheeshoumreciple.com | Unknown malware | ClickFix fingerfix | Lenny_3BO |
| 2026-04-29 13:44 | https://brionter.com/4ba0af68-0037-5f6e-afd1-64f89fc0f554/loc1 | Unknown malware | ClickFix fingerfix | Lenny_3BO |
| 2026-04-29 13:44 | https://brionter.com/4ba0af68-0037-5f6e-afd1-64f89fc0f554/v1 | Unknown malware | ClickFix fingerfix | Lenny_3BO |
| 2026-04-29 13:44 | a9d46f61cf10a1fa83560bd68b077bbc1a149bfc6aad7a237b5d2244a7240c02 | Unknown malware | ClickFix fingerfix | Lenny_3BO |
| 2026-04-29 13:44 | b0c9c8c3a10b966873e8cb54b9aa07d0c0e07520b6cf2f23ed790a6eb4c0ea45 | Unknown malware | ClickFix fingerfix | Lenny_3BO |
| 2026-04-29 13:44 | eds122il.ve1ori.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 13:43 | socia-dri.ve1ori.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 13:37 | ycgyxlt2.ve1ori.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 13:18 | 3jf88h.th0rniva.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 13:15 | https://morfometal.gr/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-29 13:12 | dyn-lithum.th0rniva.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 13:06 | tyvvpe4.th0rniva.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 13:01 | barkhidden.th0rniva.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 12:36 | arkven3ix.lunave5.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 12:30 | igsh.lunave5.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 12:23 | wu97b.lunave5.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 12:15 | https://logicallinks.ca/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-29 12:12 | trad3-hinge.mistbr1a.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 12:01 | geo-br4nch.mistbr1a.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:56 | shieldnoble.mistbr1a.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:50 | fa9n.mistbr1a.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:42 | mercore0or.mistbr1a.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:37 | oasis5-well.so1aver.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 11:37 | y-hazel-ten.vercel.app | BeaverTail | base64-obfuscated-c2 BeaverTail ContagiousInterview DPRK env-exfiltration function-eval jackpot Lazarus Novara1o1 npm-prepare-hook Web3-targeting |  o_zehentleitner |
| 2026-04-29 11:37 | https://y-hazel-ten.vercel.app/api | BeaverTail | base64-obfuscated-c2 BeaverTail ContagiousInterview DPRK env-exfiltration function-eval jackpot Lazarus Novara1o1 npm-prepare-hook Web3-targeting | o_zehentleitner |
| 2026-04-29 11:37 | cc9e443872d99b07e4bf5f6baa6144fbe0fd24bc610e58340d9b8c755df17fce | BeaverTail | base64-obfuscated-c2 BeaverTail ContagiousInterview DPRK env-exfiltration function-eval jackpot Lazarus Novara1o1 npm-prepare-hook Web3-targeting | o_zehentleitner |
| 2026-04-29 11:37 | b6987d7732888b73a836c7320fbdc0c0fe5d1238584be66f68371481dc3667ab | BeaverTail | base64-obfuscated-c2 BeaverTail ContagiousInterview DPRK env-exfiltration function-eval jackpot Lazarus Novara1o1 npm-prepare-hook Web3-targeting | o_zehentleitner |
| 2026-04-29 11:37 | xeft5.peta1un.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 11:37 | falconext.so1aver.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 11:37 | icq8nz9.so1aver.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 11:29 | 5ort-line.so1aver.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:11 | iuizmq.so1aver.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:01 | cargovolt.so1aver.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 11:00 | mar.nossamidia.net.br | Vidar | Vidar | crep1x |
| 2026-04-29 11:00 | https://mar.nossamidia.net.br/ | Vidar | Vidar | crep1x |
| 2026-04-29 11:00 | https://mar.yutikeyu.com/ | Vidar | Vidar | crep1x |
| 2026-04-29 11:00 | mar.yutikeyu.com | Vidar | Vidar | crep1x |
| 2026-04-29 10:43 | 47.109.20.107:80 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-04-29 10:41 | rivspectr.peta1un.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 10:38 | https://ip-address-check-mo.vercel.app/api/settings/linux | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | https://ip-address-check-mo.vercel.app/api/settings/mac | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | https://ip-address-check-mo.vercel.app/api/settings/windows | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ip-checking-nine.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-address-checking-mo.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | ip-address-check1.vercel.app.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | ip-address-vscode-checking.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ipaddress-checking-nine.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ipaddress-checking.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ip-address-checking-ten.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ip-address-checking.vercel-ten.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ip-address-checking.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-settings-tasks-json.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vdlk32.peta1un.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 10:38 | iclu.peta1un.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 10:38 | vscode-ip-addess-checking.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-settings-tasks-227.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscode-ipchecking.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscodesetting-task.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | vscodesettingtask.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 5cb088f8471cad861d18e64c9cf2b692236813e982fb04ab9283f4cf7b5ee11f | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | ip-address-check-mo.vercel.app | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 5c11e97aaa968cd1d654512f473a26fa7387cb1a2f5a0cb17a96175e28fd6359 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 1c1f3fcd2a0dde248f4d4060a2b1067e46377ab192a09c02a4f6a798a273ad1d | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 8a9f86b08e4ebca7c627ef45a9fbc98a25565e3dd581218800a9e1db4a89264b | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 5dd771ee7565f3bc7b66af82102a9408caca6039794807fc52bd2b671bae4e8c | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 773ece9712b6b329273710fe39df5847cc2537c2ce22ae291c9de995ce0c1a84 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | d8ef1fc9bc5a8eb55d1e34ea48ffc221d8f6e8c29b712c3dbf1e4e6dde43fe23 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | b8dd2e60a096daff498d77c01f24b7760e2b23385089f02759b8fa6c5be371e5 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 363b03a66ccf5d6f8e1632ee33dd37d6e8c4998ac00c8b7d60edcfb6b1dac505 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | a5ddfa8f2127e6f89278d7bff4cc7dec5249b284a2b9512406bdd265a4ab75ca | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 5f70dd06715b95b3bedacd06a37e051611901e56246af05fa3ed9f734082de43 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | a7cd162c691ad71a4c0c5955765d8f7a60d8b7b9a92b277b1ae74b280644cdf8 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | ceff282f32aae9ce3dea6a9b00212e6de90669646180cb5e5bb6bf5353527bbd | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 22d5d04000915603c7f144fde8e31b451fb814588b5f18bb4840c8ddf14793f3 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:38 | 9d777720bafc548807a94ae67489baf2342c78fcb3d469032523ea2f94973d54 | ContagiousDrop | ContagiousInterview DPRK jackpot Lazarus Novara1o1 vscode vscode-tasks-folderOpen Web3-targeting WhalesVerse-genealogy | o_zehentleitner |
| 2026-04-29 10:20 | https://mpla-clo.cc | Lumma Stealer | campaign1777454698 Lumma LummaC2 renengine | Anonymous |
| 2026-04-29 10:20 | https://cloback.icu | Lumma Stealer | campaign1777454698 Lumma LummaC2 renengine | Anonymous |
| 2026-04-29 10:20 | vkl2j.grove5s.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 10:20 | 79.124.59.142:80 | Lumma Stealer | campaign1777454698 Lumma LummaC2 renengine | Anonymous |
| 2026-04-29 10:20 | lum-forgeal.peta1un.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 10:11 | zenforgeos3.peta1un.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 09:59 | loose-mesh.grove5s.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 09:42 | 1aun0-zone.verd1ya.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 09:42 | ser-venet.grove5s.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 09:42 | scan.aquasecurtiy.org | Unknown malware | payload rogue teampcp | johannes |
| 2026-04-29 09:42 | soltide9is.grove5s.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 09:30 | r1dge2-stream.grove5s.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 09:28 | yqql69g.grove5s.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 09:10 | slowprim.verd1ya.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 09:04 | taldraa.verd1ya.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 08:52 | lumfluxor.verd1ya.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 08:45 | photonstage.verd1ya.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 08:44 | xtrafftrck.net | Unknown malware | chopi ClickFix ixwebsocket ocx WebDav | Lenny_3BO |
| 2026-04-29 08:44 | echo2pathnode.astrolinkview.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 08:44 | bright3nodeview.kinetichostbit.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 08:44 | signalwestport.kinetichostbit.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 08:28 | deepcloud9base.kinetichostbit.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 08:23 | proxyfastzone.kinetichostbit.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 08:09 | shieldpurelink.kinetichostbit.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 08:06 | trendscan8meta.kinetichostbit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 07:57 | 47.122.147.35:80 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-04-29 07:56 | 8.136.155.237:80 | Cobalt Strike | CobaltStrike | abuse_ch |
| 2026-04-29 07:52 | pitchzoneyview.astrolinkview.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 07:50 | www.m88sut.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-29 07:50 | almendrawinery.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-29 07:50 | screenly.cam | Unknown malware | chopi ClickFix ixwebsocket ocx WebDav | Lenny_3BO |
| 2026-04-29 07:50 | 70.34.205.43:443 | Unknown malware | chopi ClickFix ixwebsocket ocx WebDav | Lenny_3BO |
| 2026-04-29 07:50 | 45c8cbaeb5c7708e7b8030e701747c65203958e82eddc41f39e0ca93bd36c114 | Unknown malware | chopi ClickFix dll ixwebsocket mbedtls ocx regsvr32 | Lenny_3BO |
| 2026-04-29 07:49 | 2b8d4f042daf703b7f152d146bfc892500f436279b0d1866995735998f267af0 | Unknown malware | chopi ClickFix dll ixwebsocket mbedtls ocx regsvr32 | Lenny_3BO |
| 2026-04-29 07:49 | d2e1ab10d5a0c16a724aeda8acb46b38f551ade58137969c3bc3c9cdc0a12425 | Unknown malware | chopi ClickFix dll ixwebsocket mbedtls ocx regsvr32 | Lenny_3BO |
| 2026-04-29 07:49 | 75961f1208581c5154324ebe12f01673248374f3aa67317fe79a06fcd2fb9da5 | Unknown malware | chopi ClickFix Dropper LNK WebDav | Lenny_3BO |
| 2026-04-29 07:49 | b450e893aafd94f2a81e2b70047e6d2faf20cf4056d39cfc17b69ee78912f8b2 | Unknown malware | chopi ClickFix Dropper LNK WebDav | Lenny_3BO |
| 2026-04-29 07:49 | 10d1c6165f86237950eaff9c19e87eaa3eb5045afedcc7e4db5ba1188e3911fe | Unknown malware | chopi ClickFix Dropper LNK WebDav | Lenny_3BO |
| 2026-04-29 07:49 | ba041a2dcf88f9ba5e4f9dd0f6e39679f394e6b1d97c6ee765bace9dad247317 | Unknown malware | chopi ClickFix Dropper LNK WebDav | Lenny_3BO |
| 2026-04-29 07:49 | 0ea172359ddfe89be701d8f80acb4f179ca56af2a214a46a2843367e7b05aa16 | Unknown malware | chopi ClickFix Dropper LNK WebDav | Lenny_3BO |
| 2026-04-29 07:49 | b7b9d77c527e8c2588bfd5bcc573167bb6e83b68250b009aaa68dcd3ed0a21de | Unknown malware | chopi ClickFix Dropper LNK WebDav | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/f38c71 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/14867a | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/f5888f | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/048688 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/430d52 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/c13673 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/bb1452 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/b6e159 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/d240b0 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/bb358d | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/78188a | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://screenly.cam/s/ce1620 | Unknown malware | chopi ClickFix lure screenly | Lenny_3BO |
| 2026-04-29 07:49 | https://xtrafftrck.net/files/updater.ocx | Unknown malware | chopi ClickFix ocx regsvr32 | Lenny_3BO |
| 2026-04-29 07:49 | solidpathlink.basaltlogicnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | sand6tasksys.canyonsyncgate.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | aridlogicnode.canyonsyncgate.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | 172.235.163.133:25001 | Kimwolf | c2 kimwolf |  Bitsight |
| 2026-04-29 07:49 | 172.235.163.98:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.86:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.113:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.71:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.127:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | edgehostunit.vertexurbanhub.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | 172.235.163.114:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.83:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.122:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 172.235.163.102:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | wave4zoneyview.oceanicmeshbit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | tall5logicnet.pylonstaticnet.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | pure8siteview.marblewavebase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | 176.65.139.152:7716 | Mirai | Mirai | seckle |
| 2026-04-29 07:49 | old3logicgate.fossilcryptoweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | sifthostunit.silicapathsys.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | bone7taskhub.fossilcryptoweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | past4pathgate.fossilcryptoweb.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | clay8siteview.fossilcryptoweb.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | 104.248.85.23:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 142.93.143.216:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | 64.225.66.108:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-29 07:49 | clear3logicgate.nebulafluxbase.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | boldfluxsync.nebulafluxbase.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | trendnodeview.nebulafluxbase.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | neogatewayhub.vectorstarcity.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | grand6nodeunit.vectorstarcity.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | wild2pathbase.vectorstarcity.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | freetasklink.vectorstarcity.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | https://purplefeetwines.monster | Lumma Stealer | ClickFix ErrTraffic | YuanGeng |
| 2026-04-29 07:49 | 91.92.243.111:8041 | RemoteAdmin | ConnectWise fiscal-lure Flyservers port-8041 RAT RMM-abuse ScreenConnect | SamTheRuby |
| 2026-04-29 07:49 | https://sites.google.com/view/brewpage | Unknown Stealer | ClickFix |  ineffyble |
| 2026-04-29 07:49 | smartmesh1unit.marinergridhub.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | gravitflux2box.titanmeshflow.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | lunarwaveunit.titanmeshflow.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | vector3sitehub.cobaltpathsys.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | https://macosforguide.gitlab.io/crw/ | Unknown Stealer | | ineffyble |
| 2026-04-29 07:49 | deltahostgate.pulsarlogicnet.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | zincflowbase.zenithdockunit.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | matrix6pathway.cobaltpathsys.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | linehostunit1.cobaltpathsys.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | corehostunit5.ferrumgateweb.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | staticflowsys.ferrumgateweb.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | 176.65.139.59:3000 | Mirai | Mirai | seckle |
| 2026-04-29 07:49 | point8fluxsys.cobaltpathsys.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:49 | blablatst12345.net | Remus | | johannes |
| 2026-04-29 07:49 | http://45.151.91.187/pa.php | Kamasers | | johannes |
| 2026-04-29 07:49 | sad4w7h913-b4a57f9c36eb.herokuapp.com | Unknown malware | SNOWBASIN SNOWBELT SNOWGLAZE | johannes |
| 2026-04-29 07:49 | wss://sad4w7h913-b4a57f9c36eb.herokuapp.com:443/ws | Unknown malware | SNOWBASIN SNOWBELT SNOWGLAZE | johannes |
| 2026-04-29 07:49 | 86.54.24.26:4433 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-04-29 07:49 | 156.245.147.101:9010 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-04-29 07:49 | 46.137.196.122:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-04-29 07:49 | 170.75.170.59:443 | Unknown malware | BotManager | whoamix302 |
| 2026-04-29 07:49 | 170.75.162.74:443 | Unknown malware | BotManager | whoamix302 |
| 2026-04-29 07:49 | 206.166.251.249:1604 | DarkComet | Breut darkcomet Fynloski klovbot | whoamix302 |
| 2026-04-29 07:49 | 94.156.155.42:80 | Stealc | Stealc | whoamix302 |
| 2026-04-29 07:49 | 151.246.238.186:9000 | SectopRAT | 1xxbot ArechClient SectopRAT | whoamix302 |
| 2026-04-29 07:49 | 185.158.250.188:80 | Socks5 Systemz | ProxyBox Socks5 Systemz | whoamix302 |
| 2026-04-29 07:49 | 31.56.209.119:443 | Remcos | remcos RemcosRAT Remvio Socmer | whoamix302 |
| 2026-04-29 07:49 | 31.57.38.106:443 | Remcos | remcos RemcosRAT Remvio Socmer | whoamix302 |
| 2026-04-29 07:49 | 154.41.194.67:6379 | Xtreme RAT | ExtRat Xtreme RAT | whoamix302 |
| 2026-04-29 07:49 | audiomeshbase.astrolinkview.garden | ClearFake | 29April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:48 | http://172.86.116.178:5918 | Unknown malware | | johannes |
| 2026-04-29 07:48 | prism6hostunit.quartzprismcloud.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:48 | flintpathgate.quartzprismcloud.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:48 | https://barsows.com/file.js | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 07:48 | barsows.com | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 07:48 | https://barsows.com/t | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 07:48 | https://barsows.com/g | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 07:48 | https://barsows.com/c | KongTuke | Kongtuke | monitorsg |
| 2026-04-29 07:48 | drift2logicnet.tundraflowunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:48 | frosthostbase.tundraflowunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:48 | galesync7zone.tundraflowunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:48 | iron9siteview.basaltlogicnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-29 07:45 | 193.181.46.11:8000 | Vjw0rm | Vjw0rm | abuse_ch |
| 2026-04-29 07:45 | http://62.109.20.226/secureAuthWindowsFlower.php | DCRat | dcrat RAT | abuse_ch |
| 2026-04-29 07:45 | http://a1161272.xsph.ru/2d54b470.php | DCRat | dcrat RAT | abuse_ch |
| 2026-04-29 07:45 | freq6taskunit.astrolinkview.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 07:45 | 48.220.32.238:1177 | NjRAT | njrat | abuse_ch |
| 2026-04-29 07:45 | http://redlandcpu.mywire.org:8000/is-ready | Houdini | RAT WSHRAT | abuse_ch |
| 2026-04-29 07:45 | 104.18.22.6:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-29 07:45 | 104.18.23.6:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-29 07:45 | 151.101.131.52:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-29 07:45 | 151.101.3.52:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-29 07:45 | 151.101.67.52:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-29 07:45 | 151.101.195.52:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-29 07:39 | tonelogicgate7.astrolinkview.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-29 07:26 | https://claudesave.beer/api/css.js | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 07:26 | claudesave.beer | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 07:25 | https://nsbdnscloud.beer/api/css.js | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 07:25 | nsbdnscloud.beer | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 07:25 | https://nsserdns.beer/api/css.js | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 07:24 | nsserdns.beer | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-29 07:23 | sonic4wavehub.astrolinkview.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 07:10 | pulse8sitebox.ferrumgateweb.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 07:10 | myremnew.duckdns.org | Remcos | remcos | abuse_ch |
| 2026-04-29 07:10 | newupdaterem.duckdns.org | Remcos | remcos | abuse_ch |
| 2026-04-29 06:52 | atom2logicnet.ferrumgateweb.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 06:44 | orbitmeshpath.ferrumgateweb.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 06:38 | quant9wavegate.ferrumgateweb.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 06:24 | planemeshlogic.cobaltpathsys.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-29 06:15 | scalezoneyview.cobaltpathsys.garden | ClearFake | ClearFake | threatcat_ch |