################################################################ # ThreatFox IOCs: recent domains - CSV format # # Last updated: 2026-03-04 03:01:56 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter" "2026-03-04 03:01:56", "1758003", "9.tcp.cpolar.top", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260304-bttnpsav4r", "XWorm", "0", "dyingbreeds_" "2026-03-04 03:00:06", "1758002", "jimej54602-35562.portmap.host", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-21qhqshy9s", "AsyncRAT", "0", "dyingbreeds_" "2026-03-04 02:51:47", "1758001", "crop-sync.croprotation.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-04 02:53:09", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-04 02:22:37", "1758000", "marshalljonesjr.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-04 01:10:34", "1757999", "medical.digibuddy.in", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-04 00:36:26", "1757998", "marks-blindajefinanciero.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 23:55:55", "1757984", "insur02.dachshreinsur.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 23:57:25", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 23:51:46", "1757983", "shre-v1.dachshreinsur.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 23:53:03", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 23:41:31", "1757981", "marketingdigital.uno", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 23:34:41", "1757980", "insur-net.dachshreinsur.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 23:35:41", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 23:24:59", "1757979", "bank-sync.savingssit.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 23:26:25", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 23:02:25", "1757978", "vault08.savingssit.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 23:03:18", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 23:00:46", "1757977", "nowof.ddns.net", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260303-125tdafz7l", "quasar", "0", "dyingbreeds_" "2026-03-03 23:00:43", "1757976", "somethinggoodfeaturesarewaitingforyoumyf.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260303-yyvswsfx7z", "Remcos", "0", "dyingbreeds_" "2026-03-03 23:00:31", "1757973", "llonger.ydns.eu", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260303-zjdrhaft4k", "Remcos", "0", "dyingbreeds_" "2026-03-03 23:00:23", "1757971", "ggq.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-ya7gsaez8w", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:23", "1757972", "giovannini.eu.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-ya7gsaez8w", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:22", "1757966", "v3.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:22", "1757967", "v3.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:22", "1757968", "v3.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:22", "1757969", "v3.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:22", "1757970", "v3.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757937", "ddos.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757938", "ddos.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757939", "ddos.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757940", "ddos.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757941", "malware.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757942", "malware.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757943", "malware.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757944", "malware.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757945", "malware.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757946", "malware.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757947", "phishing.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757948", "phishing.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757949", "phishing.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757950", "phishing.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757951", "phishing.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757952", "phishing.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757953", "quantri.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757954", "quantri.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757955", "quantri.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757956", "quantri.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757957", "quantri.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757958", "quantri.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757959", "v2.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757960", "v2.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757961", "v2.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757962", "v2.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757963", "v2.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757964", "v2.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:21", "1757965", "v3.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757916", "90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:22", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757917", "atex.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757918", "atex.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:22", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757919", "atex.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:22", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757920", "atex.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757921", "atex.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:22", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757922", "atex.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:22", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757923", "backup.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757924", "backup.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757925", "backup.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757926", "backup.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757927", "backup.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757928", "backup.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757929", "data.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757930", "data.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757931", "data.harassmentfreealbany.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757932", "data.livecdnem.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757933", "data.xoilac86ez.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757934", "data.yearofcolour.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757935", "ddos.90phutiu.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:20", "1757936", "ddos.cakhiaas.cc", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yb9crse121", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757906", "andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:16", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757907", "atex.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757908", "backup.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757909", "data.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757910", "ddos.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757911", "malware.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757912", "phishing.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757913", "quantri.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757914", "v2.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:16", "1757915", "v3.andregiordan.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yfnlvsfs6x", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:11", "1757905", "mq3.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-ypkasset4j", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 23:00:08", "1757904", "broadres5.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-yycmbaex5j", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 22:52:55", "1757903", "mariodeganelli.com.br", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 22:33:09", "1757902", "odx9za7g.suffocturkey.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-03 22:32:44", "1757901", "68s7z85n.suffocturkey.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 22:33:10", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 22:32:14", "1757900", "sit-v1.savingssit.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 22:33:07", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 22:00:13", "1757899", "marianneclason.nl", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 21:47:48", "1757898", "mariamahmad.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 21:09:09", "1757897", "marcos.techadvisor.mx", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 20:42:53", "1757896", "save-node.savingssit.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 20:43:32", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 20:29:50", "1757895", "loyalcap.website", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 20:26:33", "1757894", "trail-x.goldtrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 20:26:50", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 20:17:41", "1757892", "lovinglifewithcass.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 20:04:34", "1757890", "gold-hub.goldtrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 20:04:52", "100", "False", "None", "ClearFake", "1", "ttakvam" "2026-03-03 19:53:34", "1757627", "trail-net.goldtrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 19:54:40", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 19:49:08", "1757625", "loureiroeazevedo.adv.br", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 19:29:24", "1757622", "gold04.goldtrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 19:30:13", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 18:51:26", "1757620", "manoumanwell.info", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 18:26:47", "1757616", "lp.novoselementos.com.br", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 18:02:25", "1757605", "lhcom.j-hodgson.co.uk", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 18:00:45", "1757603", "p-89qeketo.ru.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 19:00:08", "100", "False", "https://tria.ge/260303-sdc5fsd19k", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-03 18:00:44", "1757602", "americas.us.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 19:00:06", "100", "False", "https://tria.ge/260303-sjvaxsct9x", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-03 17:51:43", "1757599", "lp.espacosparaeventos.com.br", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 17:25:17", "1757585", "asahikg.co", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "", "ClickFix", "0", "HuntYethHounds" "2026-03-03 17:25:17", "1757586", "texashydrowork.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "", "ClickFix", "0", "HuntYethHounds" "2026-03-03 16:44:12", "1757597", "red09.redhaven.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 16:44:20", "100", "False", "None", "ClearFake", "1", "ttakvam" "2026-03-03 16:42:47", "1757595", "lp.adlersocial.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 16:36:13", "1757594", "haven-x.redhaven.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 16:36:31", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 16:26:11", "1757593", "redbase.redhaven.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 16:26:45", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 16:25:16", "1757592", "floridamovietheaters.com", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "c2,domain,macsync,stealer", "0", "DonPasci" "2026-03-03 16:17:21", "1757584", "marceloubaldo.com.br", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 16:16:56", "1757583", "forest-run.oaktrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 16:17:00", "100", "False", "None", "ClearFake", "1", "ttakvam" "2026-03-03 16:11:39", "1757582", "oak05.oaktrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 16:11:43", "100", "False", "None", "ClearFake", "1", "ttakvam" "2026-03-03 16:01:25", "1757575", "trail-v2.oaktrail.in.net", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 16:02:18", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 15:59:33", "1757563", "oakpath.oaktrail.in.net", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "", "ClearFake,Windows", "0", "Gi7w0rm" "2026-03-03 15:59:33", "1757564", "sunflow.suncrest.in.net", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "", "ClearFake,Windows", "0", "Gi7w0rm" "2026-03-03 15:59:33", "1757565", "solarbase.suncrest.in.net", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "", "ClearFake,Windows", "0", "Gi7w0rm" "2026-03-03 15:59:33", "1757566", "crest01.suncrest.in.net", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "", "ClearFake,Windows", "0", "Gi7w0rm" "2026-03-03 15:59:33", "1757567", "sun-node.suncrest.in.net", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "", "ClearFake,Windows", "0", "Gi7w0rm" "2026-03-03 15:54:56", "1757562", "marcavalado.anavalado.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 15:49:26", "1757561", "oakpath.oaktrail.in.net@80", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 15:49:38", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 15:17:36", "1757543", "website-9988a09b.mobimark.net", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757544", "karlachacon.ch", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757545", "mabosfloor.ch", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:36", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757546", "insurance.loanroad.co.uk", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:37", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757547", "lcontrols8.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:37", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757548", "kalongo.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:37", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757549", "health.wnyagent.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:37", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757550", "lcontrols10.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:37", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757551", "lcontrols9.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "2026-03-03 15:17:37", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757552", "lcontrols8.online", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757553", "lcontrols4.online", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757554", "lcontrols2.online", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757555", "lcontrols3.online", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757556", "lcontrols5.online", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757557", "lcontrols6.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757558", "livingstonscleaning.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757559", "3-acc-domain.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:36", "1757560", "3accdomain2.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757522", "msg-booking.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757523", "tesllamacapp.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757524", "sqlcapture.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757525", "vandyuk.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757526", "yuu-jinsei.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757527", "yutoku-plusoneshop.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757528", "zoolasuites.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757529", "wodan-trading.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757530", "zingst-ostsee.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757531", "xq5.dev", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757532", "www2.clv.it", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757533", "zingst24.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757534", "wanya-no-heya.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757535", "webbklubben.se", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757536", "d3tool.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757537", "bornodatabase.ng", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757538", "ec2-13-233-119-235.ap-south-1.compute.amazonaws.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757539", "admin.falconpayglobal.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757540", "mobileloavestc.org", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757541", "cmevents.live", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:35", "1757542", "adrianadecastrojewelry.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757500", "neletuchi.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757501", "zqmk9ymc1hx0kumrm0v5awvv.t3.storage.dev", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757502", "ai-informer.net", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757503", "fundingfactors.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757504", "gieable.shop", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757505", "namsioc.shop", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757506", "canacopachuca.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757507", "gdckupwara.edu.in", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757508", "polbath.co.uk", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757509", "web135.140.hosttech.eu", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757510", "si-co.jp", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757511", "yomogi-2203.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757512", "wrike.os.ogilvy.africa", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757513", "westcoastwine.co.za", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757514", "wifi-dengen.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757515", "vallealto.unocode.dev", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757516", "uk-yakutsk.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757517", "test.organia.lk", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757518", "vimo.ddsis.com.mx", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757519", "tv.rapigra.co.id", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757520", "spectrumtechconsulting.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:17:34", "1757521", "resodanse-salsa.ch", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-03 15:12:05", "1757494", "jkoyz.tollabemakki.info", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://bazaar.abuse.ch/sample/c5cbcc786d5f4c5a53611f9c1738bdeaa3e76e0aa91f459438f79b099d5d7064/", "c2", "0", "burger" "2026-03-03 15:11:18", "1757498", "asteriaproject.dstat.click", "domain", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "https://bazaar.abuse.ch/sample/a3a0dcd8d8a9bc8a4172589724f2969cafdb7942ab83f23f918338e7f8df9e2a/", "Bashlite,Gafgyt", "0", "abuse_ch" "2026-03-03 15:00:23", "1757491", "pjnwbd.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-p1fbjsgs6w", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 15:00:17", "1757490", "pubs.eu.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-rlxcmacy6j", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 15:00:12", "1757489", "vee.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-rzf8kadv4l", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 15:00:06", "1757488", "buy-cheap-online.us.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260303-r4gpwsdw8l", "AsyncRAT", "0", "dyingbreeds_" "2026-03-03 14:46:04", "1757487", "www.belaijobackup2.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-03 15:00:54", "75", "False", "https://bazaar.abuse.ch/sample/19be387664e72c18ee90523d33cb19780d4f8500ed961b721baec81a0af9d37f/", "remcos", "0", "abuse_ch" "2026-03-03 14:45:55", "1757486", "www.belaijobackup1.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-03 15:00:54", "75", "False", "https://bazaar.abuse.ch/sample/19be387664e72c18ee90523d33cb19780d4f8500ed961b721baec81a0af9d37f/", "remcos", "0", "abuse_ch" "2026-03-03 14:23:49", "1757415", "manuelee.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 14:02:55", "1757283", "bot.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-03 14:02:55", "1757284", "bot.cricket-physio.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-03 14:01:43", "1757279", "mantena.mg.gov.br", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 13:54:31", "1757278", "mansi.cmpatelandcompany.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 13:45:54", "1757275", "medipeads.com", "domain", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-03-03 13:10:08", "100", "True", "https://infosec.exchange/@monitorsg/116165404197075638", "KongTuke", "0", "monitorsg" "2026-03-03 12:42:19", "1757267", "solarbase.suncrest.in.net@80", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 14:53:10", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 12:03:03", "1757266", "crest01.suncrest.in.net@80", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 12:10:53", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 12:00:48", "1757258", "hazesenpai67-61821.portmap.host", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 15:00:31", "100", "False", "https://tria.ge/260303-m7zbwsd12e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-03 11:41:52", "1757254", "friovjk.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "False", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2026-03-03 11:37:57", "1757253", "sun-node.suncrest.in.net@80", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 11:59:05", "100", "False", "None", "3March2026,ClearFake,Commandline,Windows", "0", "Gi7w0rm" "2026-03-03 10:49:44", "1757251", "z4fwpj6c.podkaraultempera.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-03 10:47:50", "1757250", "ulnskj7j.podkaraultempera.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 10:48:45", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 09:14:12", "1757249", "app-google3.duckdns.org", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "False", "", "c2,xworm", "0", "juroots" "2026-03-03 09:14:08", "1757248", "majekssoftware.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 09:13:53", "1757247", "newangelnewlifenewhopeformoneygetrichbac.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-03 19:00:33", "50", "False", "", "c2,remcos", "0", "juroots" "2026-03-03 09:13:34", "1757246", "smartmultiservice.in.net", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-03-03 11:00:02", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-03-03 08:38:26", "1757243", "szfwq888.com", "domain", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:26", "1757244", "yandibaiji0219.com", "domain", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:20", "1757232", "bobnet.exiled.fit", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:20", "1757233", "olrvjjldlynhaixm.camdvr.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:20", "1757234", "dcuyypjhxgjppihi.kozow.com", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:20", "1757235", "67sexy.duckdns.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:20", "1757236", "oonpczqujhsboufx.loseyourip.com", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:20", "1757237", "kmojjtdxqmjuepmh.freeddns.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:19", "1757231", "rpsslpjavhdodnio.webredirect.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:18", "1757228", "changllinstocks.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:18", "1757229", "mastercliente.ddns.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:18", "1757230", "lubumbapetr.ddns.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:38:16", "1757227", "alkhal015.ddns.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:56", "1757217", "bucket-grievance.with.playit.plus", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:56", "1757218", "backup.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:56", "1757219", "malware.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:55", "1757214", "ddos.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:55", "1757215", "v3.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:55", "1757216", "malware.healthcaretrends.in.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:54", "1757212", "healthcaretrends.in.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:54", "1757213", "ddos.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:52", "1757211", "atex.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:50", "1757210", "atex.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:48", "1757207", "v2.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:48", "1757208", "phishing.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:48", "1757209", "phishing.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:47", "1757203", "v2.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:47", "1757204", "malware.uykhur.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 09:13:34", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:47", "1757205", "data.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:47", "1757206", "malware.hunewsbaytara23.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:46", "1757202", "backup.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:44", "1757198", "quantri.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:44", "1757199", "hunewsbaytara23.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:44", "1757200", "data.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:44", "1757201", "quantri.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:43", "1757195", "gatex.sitthereanddonothing.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:43", "1757196", "v3.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:56", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:43", "1757197", "malware.xoilacxyt.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:42", "1757194", "www.trillex.io", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 23:00:05", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:40", "1757193", "data.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:39", "1757190", "ddos.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:39", "1757191", "v2.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:39", "1757192", "malware.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:38", "1757185", "v3.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:40", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:38", "1757186", "quantri.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:38", "1757187", "atex.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:38", "1757188", "backup.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:37:38", "1757189", "phishing.royal-sea-6c18.firebrainss.workers.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "3March2026,iocbottest", "0", "Gi7w0rm" "2026-03-03 08:13:11", "1757184", "fogwharf.graydock.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-03 08:34:51", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-03 08:10:39", "1757174", "pks.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-03 08:10:39", "1757175", "pks.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-03 07:30:24", "1757148", "mainecourtreporting.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 07:00:22", "1757143", "halleyforsaf.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260303-g1yh5aew4b", "Remcos", "0", "dyingbreeds_" "2026-03-03 07:00:22", "1757144", "marimarivelley.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260303-g1yh5aew4b", "Remcos", "0", "dyingbreeds_" "2026-03-03 06:18:13", "1757035", "customer.grovecityroofing.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "True", "https://infosec.exchange/@monitorsg/116161396309905585", "SocGholish", "0", "monitorsg" "2026-03-03 06:18:12", "1757034", "xpertlearninghub.com", "domain", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-03-03 04:13:30", "100", "True", "https://infosec.exchange/@monitorsg/116161391860445326", "KongTuke", "0", "monitorsg" "2026-03-03 06:18:06", "1757019", "retrepoint.top", "domain", "payload_delivery", "js.smartapesg", "HANEYMANEY,ZPHP", "SmartApeSG", "2026-03-02 19:19:56", "100", "True", "https://infosec.exchange/@monitorsg/116161195608451784", "SmartApeSG", "0", "monitorsg" "2026-03-03 06:17:57", "1757044", "support.grovecityelectrician.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "False", "", "SocGholish,tds", "0", "rmceoin" "2026-03-03 06:17:56", "1757047", "cpanel.siefertfamilydentistry.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "False", "", "SocGholish,tds", "0", "rmceoin" "2026-03-03 06:00:58", "1757139", "ghsyhk.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 07:00:16", "100", "False", "https://tria.ge/260303-eed69abz8b", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-03 06:00:28", "1757137", "ynvgx9hh15.localto.net", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "2026-03-03 07:03:00", "100", "False", "https://tria.ge/260303-e9r2lac18g", "C2,domain,triage,xworm", "0", "DonPasci" "2026-03-03 04:44:42", "1757135", "magicbarry.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 04:18:48", "1757134", "magazin.obbzor.top", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 03:28:25", "1757121", "milfs.xvideoclip.net", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 03:20:44", "1757120", "mincho.site.tb-hosting.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 02:06:50", "1757118", "madeleinemcmichael.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-03 00:45:24", "1757117", "klinklin.okonlomon.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-03 03:00:19", "75", "False", "https://bazaar.abuse.ch/sample/6a794a8e3184d505573cc23c957b78b11a7eb89317ae2a82bbaa1195c310da0e/", "remcos", "0", "abuse_ch" "2026-03-02 23:39:52", "1757087", "lwgconsulting.net", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 23:00:21", "1757077", "atex.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:58", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757078", "backup.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:52", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757079", "data.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757080", "ddos.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757081", "malware.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:52", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757082", "phishing.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:50", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757083", "quantri.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:42", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757084", "v2.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:21", "1757085", "v3.gmo-compass.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:46", "100", "False", "https://tria.ge/260302-yc8gvsft8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757068", "atex.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757069", "backup.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757070", "data.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757071", "ddos.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:56", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757072", "malware.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:48", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757073", "phishing.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757074", "quantri.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:47", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757075", "v2.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:46", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:17", "1757076", "v3.xoilacztx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:52", "100", "False", "https://tria.ge/260302-ygn9safx2a", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757058", "atex.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757059", "backup.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757060", "data.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757061", "ddos.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757062", "malware.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:56", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757063", "phishing.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:54", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757064", "quantri.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:50", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757065", "v2.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:40", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:09", "1757066", "v3.barefootblonde.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-z16hvaay2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:06", "1757053", "malware.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:06", "1757054", "phishing.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:40", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:06", "1757055", "quantri.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:06", "1757056", "v2.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:06", "1757057", "v3.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:05", "1757049", "atex.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:50", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:05", "1757050", "backup.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:47", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:05", "1757051", "data.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 23:00:05", "1757052", "ddos.xoilaczhx.tv", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-z491faaz5h", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 22:36:33", "1757045", "luxcocinas.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 22:24:21", "1757043", "lynne.windley.org", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 22:22:05", "1757042", "lynn.nutmeg.com.au", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 22:15:31", "1757041", "lydianpayments.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 21:46:57", "1757039", "lvrehc.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 21:25:57", "1757038", "lux-improvement.nl", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 20:41:14", "1757037", "lunkenbuilding.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 19:59:09", "1757028", "lunamedios.com.ar", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 19:52:58", "1757027", "lummondo.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 19:34:38", "1757026", "lumdokolola.nicolasalliot.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 19:25:29", "1757025", "lukasbartos.cz", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 19:22:33", "1757024", "lujanyleon.graficaleon.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 18:08:30", "1757017", "brasserieontarioaube.com", "domain", "botnet_cc", "win.deerstealer", "None", "DeerStealer", "", "100", "False", "https://tria.ge/260228-sljbfab15a", "c2,deerstealer,domain,triage", "0", "DonPasci" "2026-03-02 18:01:44", "1757015", "sg1.localto.net", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-03-02 19:00:52", "100", "False", "https://tria.ge/260302-thf8cagv9e", "C2,domain,quasar,rat,triage", "0", "DonPasci" "2026-03-02 18:01:33", "1757014", "npa.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:58", "100", "False", "https://tria.ge/260302-vymkqsaz7a", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:32", "1757013", "tr88.br.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:47", "100", "False", "https://tria.ge/260302-vvz2naay3g", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:31", "1757012", "itu.us.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-vy3a7aaz8d", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:29", "1757011", "02070op.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:47", "100", "False", "https://tria.ge/260302-vy3a7aaz8d", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:28", "1757010", "healthmatters.eu.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-vy3a7aaz8d", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:27", "1757009", "jhv.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:54", "100", "False", "https://tria.ge/260302-vy3a7aaz8d", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:25", "1757008", "establishment.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:42", "100", "False", "https://tria.ge/260302-v38nrsh13b", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:24", "1757007", "pragmaticplay.it.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-wccn3saw2b", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:23", "1757006", "qik.it.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-wdk2vaaw6b", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:21", "1757005", "isc.it.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-wkl8gsaz8d", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 18:01:19", "1757004", "ninja-browser.it.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:50", "100", "False", "https://tria.ge/260302-wgyr4say7e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 17:54:43", "1757003", "luciannethais.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 17:47:24", "1757002", "lucia-stone.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 17:45:34", "1757001", "ni3h0x2y.gastronsyriansky.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 17:43:41", "1757000", "t4305hzn.gastronsyriansky.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 17:44:38", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 17:38:49", "1756994", "jakkakaskakasj.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:38:49", "1756995", "asjkfalasfkaksflalaf.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:38:49", "1756996", "boksopable.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:38:49", "1756997", "bukpuka.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:38:49", "1756998", "jasjdpoekkqwda.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:38:49", "1756999", "jaskfakfafasjfafkasfkakfaasw.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:34:44", "1756992", "bookstablesoon.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-03-02 17:38:49", "100", "False", "https://x.com/JAMESWT_WT/status/2028465380704883183", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:34:44", "1756993", "stayonbokablesol.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-03-02 17:38:49", "100", "False", "https://x.com/JAMESWT_WT/status/2028465380704883183", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756980", "srvcmandatory.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756981", "srvc-av.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756982", "hotelsyscheck.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756983", "mandatoryhotel.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756984", "localsrvcs.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756985", "hotelupdatesys.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756986", "channelmanagerpms.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756987", "hotelservicemonitor.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756988", "hotelcncts.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756989", "srvc-mcrst.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756990", "chrm-srv.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:11", "1756991", "ms-scedg.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756973", "av-srvcn.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756974", "bozorki.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756975", "homokiddo.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756976", "mndtrprcs.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756977", "nokolers.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756978", "okolosedal.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 17:31:10", "1756979", "rentalcentrals.com", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "c2,domain,netsupport,rat", "0", "DonPasci" "2026-03-02 16:52:11", "1756969", "ltnworld.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 16:30:52", "1756948", "gamepinxjzr.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "", "ClickChain,ClickFix,ErrTraffic", "0", "HuntYethHounds" "2026-03-02 16:30:07", "1756968", "njpv91f5.eighteenshuga.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 16:27:44", "1756967", "c1js1obl.eighteenshuga.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 16:28:41", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 16:04:45", "1756965", "bst.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 16:04:45", "1756966", "bst.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 15:54:06", "1756958", "lpmdiseno.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 15:33:23", "1756957", "montefer.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 15:08:07", "1756946", "achandograca.com", "domain", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-03-02 15:06:45", "100", "True", "https://infosec.exchange/@monitorsg/116160200494497208", "KongTuke", "0", "monitorsg" "2026-03-02 15:02:15", "1756944", "unease-liens.with.playit.plus", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "2026-03-03 08:38:09", "100", "False", "https://tria.ge/260302-phcgyag14b", "XWorm", "0", "dyingbreeds_" "2026-03-02 15:00:43", "1756942", "teensuicide-48670.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-03-03 08:37:37", "100", "False", "https://tria.ge/260302-r9qvraet9g", "quasar", "0", "dyingbreeds_" "2026-03-02 15:00:11", "1756937", "fm.radio.fm", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-n44mwafy2e", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:11", "1756938", "icbd.co.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:52", "100", "False", "https://tria.ge/260302-n44mwafy2e", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:11", "1756939", "katana.jp.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:46", "100", "False", "https://tria.ge/260302-n44mwafy2e", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:11", "1756940", "libell.jp.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:47", "100", "False", "https://tria.ge/260302-n44mwafy2e", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:11", "1756941", "xbqj.sa.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:40", "100", "False", "https://tria.ge/260302-n44mwafy2e", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:10", "1756935", "uit.co.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-n8aklafz5f", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:10", "1756936", "usk.co.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-n8aklafz5f", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:09", "1756931", "auif.sa.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-n8aklafz5f", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:09", "1756932", "ausieslots.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:55", "100", "False", "https://tria.ge/260302-n8aklafz5f", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:09", "1756933", "emfoot.sa.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-n8aklafz5f", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:09", "1756934", "mystery.co.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-n8aklafz5f", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:07", "1756929", "au88.gr.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-pb8xkags4g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:07", "1756930", "au88.jp.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:51", "100", "False", "https://tria.ge/260302-pb8xkags4g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 15:00:05", "1756928", "edition-daily.sa.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-pfgc4sgw8g", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 14:38:06", "1756919", "zoolatours.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756920", "zestsolar.pt", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756921", "viraghagymafesztival.hu", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756922", "videoo.fit", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756923", "toyama-housenavi.net", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756924", "toolspro.su", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756925", "traqc.net", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756926", "sleeve.diamantflex.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:06", "1756927", "ragdoll-blog.online", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756903", "aksafil.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756904", "africaexports.click", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756905", "cavallotech.de.businessecontact.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756906", "cammy-freelance.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756907", "cpcontacts.centrocirugiaplastica.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756908", "edgenroots.net", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756909", "gia5.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756910", "hitokara-kishin.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756911", "horodniany.pl", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756912", "lafabri-k.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756913", "mail.e1staffingandrecruiting.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756914", "mail.mamahdannirwana.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756915", "kinugort.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756916", "mebelinki.ru", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756917", "wp.retirevillage.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:05", "1756918", "saboresdomalte.com.br", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756885", "goldnews24h.com.yemint.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756886", "funpasta.webdevlink.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756887", "willlog7.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756888", "wehouse.au", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756889", "tenabl.io", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756890", "visa.ourdubaitravel.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756891", "sales.activemedicaresolutions.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756892", "nouralhalaby.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756893", "newsite.jacquiejordan.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756894", "mail.diskopumkm-minahasa.my.id", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756895", "mail.istar-vip.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756896", "securelearn.co", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756897", "senioryuyu.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756898", "wurk.africa", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756899", "mail.panorama-g.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756900", "mail.domonova.co.ao", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756901", "3iss-online.3iss-online.com.br", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:04", "1756902", "99idesign.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756866", "mail.castlefordlocksmiths.co.uk", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756867", "mail.fundacion-primavera.org", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756868", "mcash.trumpcode.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756869", "mail.kalantarilaw.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756870", "sos-ch-gva-2.exo.io", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756871", "walwood.be", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756872", "inheritance-claims-portal-32792.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756873", "goansgsr.shop", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756874", "verify-slack.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756875", "socheaphost.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756876", "dblanka.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756877", "digiskillzz.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756878", "gatepass-corp.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756879", "binadata.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756880", "admin.ilygold.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756881", "asgwellness.korrakang.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756882", "demo14.netbazaarbd.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756883", "ddledu.dev.sugaweb.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:03", "1756884", "celik.bewapps.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756859", "reviewloading.t3.storage.dev", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756860", "customblindinstall.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756861", "berlinphysiotherapie.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756862", "arayapps.cl", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756863", "catalogocanjefideliza.amsd.cl", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756864", "ceymox.xyz", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:38:02", "1756865", "coveney-ltd.com", "domain", "botnet_cc", "js.iclickfix", "None", "IClickFix", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClickFix", "clickfix", "0", "TheRavenFile" "2026-03-02 14:33:27", "1756858", "h977pm9s.judaspapal.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 14:31:44", "1756857", "zgrmktug.judaspapal.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 14:32:47", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 13:42:11", "1756853", "qnxzzwihawagrarx.globalgforce.com", "domain", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://www.virustotal.com/gui/file/d1f7c95584960424f21cff7ae54fef34be8a7e637eb01fb30d8396ac8e7de65f", "AdaptixC2,c2,domain,virustotal", "0", "DonPasci" "2026-03-02 13:31:21", "1756849", "amowdwt.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2026-03-03 11:41:54", "100", "False", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2026-03-02 12:59:42", "1756848", "saramoftah.com", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "https://www.virustotal.com/gui/file/99877ffe3458560d067e167e82ab08c2dd5cc692e9064062d156b971e4e14097", "c2,domain,macsync,stealer,virustotal", "0", "DonPasci" "2026-03-02 12:58:18", "1756847", "ej41ykw1.slobodaspang.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 12:57:46", "1756846", "s4xq03z7.slobodaspang.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 12:58:13", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 12:57:37", "1756841", "rapidfilevault1.homes", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "c2,domain,macsync,stealer", "0", "DonPasci" "2026-03-02 12:57:37", "1756842", "rapidfilevault2.homes", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "c2,domain,macsync,stealer", "0", "DonPasci" "2026-03-02 12:57:37", "1756843", "rapidfilevault3.homes", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "c2,domain,macsync,stealer", "0", "DonPasci" "2026-03-02 12:57:37", "1756844", "rapidfilevault4.homes", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "c2,domain,macsync,stealer", "0", "DonPasci" "2026-03-02 12:57:37", "1756845", "rapidfilevault5.homes", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "c2,domain,macsync,stealer", "0", "DonPasci" "2026-03-02 12:15:13", "1756808", "www.lqakk1dg.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.lqakk1dg.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:13", "1756809", "www.mlicguwa.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.mlicguwa.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:12", "1756806", "www.u31jq3of.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.u31jq3of.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:12", "1756807", "www.lepx7nf8.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.lepx7nf8.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:11", "1756805", "www.qplzc7af.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.qplzc7af.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:10", "1756803", "www.pyjdhaie.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.pyjdhaie.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:10", "1756804", "www.i7nf86tz.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.i7nf86tz.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:09", "1756802", "www.ysrmrhon.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.ysrmrhon.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:08", "1756800", "www.w62le3kb.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.w62le3kb.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:08", "1756801", "www.unokb9vc.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.unokb9vc.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:07", "1756799", "www.qqpw0z0r.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.qqpw0z0r.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:06", "1756798", "www.yw4ufrqo.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.yw4ufrqo.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:05", "1756797", "www.o8w9i1r0.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.o8w9i1r0.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:04", "1756796", "www.uchvqxc8.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.uchvqxc8.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:03", "1756795", "www.pvoiv6vk.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.pvoiv6vk.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:15:02", "1756794", "www.nfokam9i.shop", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/118.107.47.86+www.nfokam9i.shop", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci" "2026-03-02 12:00:48", "1756742", "vdp.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:58", "100", "False", "https://tria.ge/260302-nsj44afs3e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 11:54:16", "1756741", "mwtinting.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 11:50:20", "1756740", "dianganadores.duckdns.org", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "2026-03-02 15:02:07", "75", "False", "https://bazaar.abuse.ch/sample/bff9fe40dc446a02b458e9177134be246d722474c3e38561c1d38a46b450ba6a/", "xworm", "0", "abuse_ch" "2026-03-02 11:37:33", "1756739", "merafondeur.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 11:17:03", "1756738", "jxx0qj1x.lickunsung.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 11:15:20", "1756737", "zs5a7k6f.lickunsung.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 11:16:09", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 11:12:36", "1756736", "muuseum.tostamaa.ee", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 11:00:03", "1756731", "55gamee.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:43", "100", "False", "https://tria.ge/260302-mywjmsds2d", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 10:43:27", "1756729", "mutternetz.de", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 10:32:08", "1756728", "mustbemolly.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 10:31:58", "1756727", "blyatblyatblyatblyatblyat.icu", "domain", "botnet_cc", "win.santa_stealer", "None", "SantaStealer", "", "100", "False", "https://bazaar.abuse.ch/sample/f53d493686ad5e22de411f03c6bce47ca352945f891052b4761292966fba826f/", "SantaStealer", "0", "abuse_ch" "2026-03-02 10:26:58", "1756726", "dnvigv97.comedianmental.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 10:25:03", "1756725", "vudydhue.comedianmental.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 10:25:22", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 10:10:32", "1756724", "www.delmontoyalogisticsllc2.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-02 11:00:29", "75", "False", "https://bazaar.abuse.ch/sample/eba7cc03097f2a51ada7e787ee48c728b75cd20ff1fe8c5551df3d3eea0ed808/", "remcos", "0", "abuse_ch" "2026-03-02 10:10:30", "1756723", "www.delmontoyalogisticsllc1.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-02 11:00:29", "75", "False", "https://bazaar.abuse.ch/sample/eba7cc03097f2a51ada7e787ee48c728b75cd20ff1fe8c5551df3d3eea0ed808/", "remcos", "0", "abuse_ch" "2026-03-02 10:10:29", "1756722", "www.delmontoyalogisticsllc.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-02 11:00:29", "75", "False", "https://bazaar.abuse.ch/sample/eba7cc03097f2a51ada7e787ee48c728b75cd20ff1fe8c5551df3d3eea0ed808/", "remcos", "0", "abuse_ch" "2026-03-02 10:09:25", "1756720", "che.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 10:09:25", "1756721", "che.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756673", "sps.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756674", "gtp.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756675", "ctl.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756676", "goo.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756677", "bis.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756678", "ttt.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756679", "wib.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756680", "gtp.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:50", "1756681", "ctl.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756664", "ctl.it-bd.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756665", "ctl.cardiffphysio.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756666", "hro.it-bd.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756667", "hro.cardiffphysio.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756668", "pay.it-bd.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756669", "pay.cardiffphysio.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756670", "bis.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756671", "goo.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:31:49", "1756672", "wib.jhotpot.com.bd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-03-02 09:21:08", "1756612", "niggerniggerniggerniggerniggernigger.icu", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "", "GoProxy", "0", "abuse_ch" "2026-03-02 09:19:51", "1756611", "ofegofo.biz", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://bazaar.abuse.ch/sample/a93a1a1329d86384295dd87e4a5b4595afcfd8259ee43290416623fd17949769/", "None", "0", "abuse_ch" "2026-03-02 09:13:30", "1756609", "sps.cricket-matters.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2026-03-02 09:31:50", "100", "False", "", "Vidar", "0", "abuse_ch" "2026-03-02 09:08:32", "1756607", "wpc99gxs.immunizeoot.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 09:07:33", "1756606", "406nf3za.immunizeoot.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 09:08:40", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 08:50:42", "1756604", "bootstrap.jqu3ry.cfd", "domain", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://bazaar.abuse.ch/sample/8e7049f09985c7138137cbe83ee1bcdd639805527a7969e5a4cd0b87094a7028/", "AdaptixC2", "0", "abuse_ch" "2026-03-02 08:15:55", "1756601", "free-represents.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "False", "", "c2,njrat", "0", "juroots" "2026-03-02 08:15:37", "1756600", "imsorrydidhejustsayhislastnameisburgur.vietnamddns.com", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "False", "", "c2,mirai", "0", "juroots" "2026-03-02 08:14:58", "1756592", "73bet.app", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-03-02 08:14:58", "1756593", "km-ok365.site", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-03-02 08:14:36", "1756591", "anonymous5334.duckdns.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "False", "", "c2,darkcomet", "0", "juroots" "2026-03-02 07:51:59", "1756588", "townquiver.xyz", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "False", "", "OffLoader", "0", "abuse_ch" "2026-03-02 07:45:22", "1756586", "passengerbrake.space", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "False", "", "OffLoader", "0", "abuse_ch" "2026-03-02 07:45:21", "1756583", "bagcare.space", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "False", "", "OffLoader", "0", "abuse_ch" "2026-03-02 07:45:21", "1756584", "gunbear.xyz", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "False", "", "OffLoader", "0", "abuse_ch" "2026-03-02 07:45:21", "1756585", "birthdaymagic.xyz", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "False", "", "OffLoader", "0", "abuse_ch" "2026-03-02 07:30:00", "1756582", "20t2lqnx.grosstable.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "clearfake", "1", "ttakvam" "2026-03-02 07:29:09", "1756581", "7lj1il64.grosstable.digital", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2026-03-02 07:29:39", "100", "False", "None", "ClearFake", "0", "threatcat_ch" "2026-03-02 07:21:22", "1756576", "lomboking.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 07:05:19", "1756575", "logspot.aktuel.cloud", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 07:01:02", "1756397", "78smp.com", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "https://app.any.run/tasks/3380023e-609a-4305-b513-2aa95adf93b3", "C2,MicroStealer", "0", "burger" "2026-03-02 07:00:54", "1756461", "satanc2.top", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "False", "", "None", "1", "c0t0d0s2" "2026-03-02 07:00:04", "1756571", "ciatranoler.za.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:54", "100", "False", "https://tria.ge/260302-g7k7dahw4b", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 07:00:04", "1756572", "fb88i.dev", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:56", "100", "False", "https://tria.ge/260302-g7k7dahw4b", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 07:00:04", "1756573", "rpv.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:47", "100", "False", "https://tria.ge/260302-g7k7dahw4b", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 07:00:04", "1756574", "wifi.eu.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:56", "100", "False", "https://tria.ge/260302-g7k7dahw4b", "AsyncRAT", "0", "dyingbreeds_" "2026-03-02 06:50:53", "1756570", "multicanaltvcali.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 06:26:36", "1756568", "muhancorp.gabia.io", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 06:13:49", "1756567", "mugsandpuddles.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 06:01:43", "1756566", "juggle.it.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:50", "100", "False", "https://tria.ge/260302-f27yhsfv5e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 06:01:40", "1756564", "intercontinentalphuquoc.vn", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:44", "100", "False", "https://tria.ge/260302-f27yhsfv5e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 06:01:38", "1756563", "vgsshop.vn", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:56", "100", "False", "https://tria.ge/260302-f27yhsfv5e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 06:01:37", "1756562", "er0dbme.uk.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-03 08:37:54", "100", "False", "https://tria.ge/260302-f27yhsfv5e", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2026-03-02 05:11:31", "1756558", "bksrvcs.sbs", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:11:31", "1756559", "confirmation-reserv.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:11:31", "1756560", "heuenis.direct.quickconnect.to", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "100", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756546", "videorecruitpro.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756547", "vidhirehub.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756548", "zenspiretech.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756549", "smartdriverfix.cloud", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756550", "webcamdrivers.cloud", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756551", "webcamwizard.cloud", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756552", "camdriversupport.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756553", "camera-drive.org", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756554", "camtechdrivers.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756555", "drivercams.cloud", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756556", "drive-release.cloud", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:06:00", "1756557", "web-cam.cloud", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756520", "devchallengehq.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756521", "evalassesso.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756522", "evalswift.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756523", "quickskill-review.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756524", "jobinterview360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756525", "livehirehub.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756526", "talenthiring360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756527", "quickassessio.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756528", "quickhire360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756529", "quickinterview360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756530", "eskillprof.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756531", "evalvidz.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756532", "intervwolf.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756533", "vidcruiterinterview.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756534", "vidcruitermaster.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756535", "vidintermaster.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756536", "skillhiretrack.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756537", "skillprooflab.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756538", "talentcheck.pro", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756539", "talentsnaptest.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756540", "talentview360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756541", "test-wolf.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756542", "toptalentassess.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756543", "ugethired360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756544", "vidassess360.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:59", "1756545", "vidassesspro.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756511", "vid-crypto-assess.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756512", "assessiohq.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756513", "blockassess.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756514", "blockchainjobassessment.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756515", "blockchainjobhub.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756516", "candidateinsightinfo.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756517", "coinbase-walet.biz", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756518", "coinbase-walet.me", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 05:05:58", "1756519", "competency-core.com", "domain", "botnet_cc", "js.clearfake", "None", "ClearFake", "", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/ClearFake", "clearfake", "0", "TheRavenFile" "2026-03-02 04:27:32", "1756510", "msicpl.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 04:01:39", "1756509", "msi.marketstockindo.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 03:48:31", "1756508", "ms-landtechnik.com", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" "2026-03-02 03:23:54", "1756507", "mrpc.pramnos.net", "domain", "payload_delivery", "win.strelastealer", "None", "StrelaStealer", "", "100", "True", "None", "StrelaStealer", "0", "threatcat_ch" # Number of entries: 614