################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2025-07-24 09:44:44 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-07-24 09:44:44", "1560271", "14.225.198.50:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "https://threatquery.com/engines/ip.html?value=14.225.198.50&type=ip", "AS135905,c2,Havoc,threatquery", "0", "threatquery"
"2025-07-24 08:46:41", "1560270", "2.50.53.227:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-24 10:46:18", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-24 08:01:53", "1560268", "176.46.158.40:1911", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://search.censys.io/hosts/176.46.158.40", "AS-PFCLOUD,AS202685,C2,censys,redline,stealer", "0", "DonPasci"
"2025-07-24 08:01:40", "1560267", "111.90.151.59:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:43:27", "100", "https://search.censys.io/hosts/111.90.151.59", "AS45839,C2,censys,Mythic,SHINJIRU-MY-AS-AP", "0", "DonPasci"
"2025-07-24 08:01:36", "1560266", "34.219.119.143:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.219.119.143", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2025-07-24 08:01:27", "1560265", "124.198.132.250:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:43:42", "100", "https://search.censys.io/hosts/124.198.132.250", "AS210558,AsyncRAT,C2,censys,RAT,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-07-24 08:01:23", "1560264", "124.198.132.250:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:43:42", "100", "https://search.censys.io/hosts/124.198.132.250", "AS210558,AsyncRAT,C2,censys,RAT,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-07-24 08:01:08", "1560263", "47.105.51.165:2000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-24 10:47:48", "100", "https://search.censys.io/hosts/47.105.51.165", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci"
"2025-07-24 08:00:42", "1560262", "47.237.86.35:52901", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.237.86.35", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-24 08:00:39", "1560261", "101.200.193.211:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.200.193.211", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-07-24 07:35:03", "1560260", "107.158.145.206:5610", "ip:port", "botnet_cc", "jar.strrat", "None", "STRRAT", "", "100", "None", "STRRAT", "0", "abuse_ch"
"2025-07-24 06:42:14", "1560254", "77.96.238.78:8686", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "50", "", "c2,orcus", "0", "juroots"
"2025-07-24 06:41:22", "1560252", "167.160.161.43:1888", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "", "c2,dcrat", "0", "juroots"
"2025-07-24 06:39:16", "1560251", "35.177.208.100:3101", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/35.177.208.100#3101", "c2,netsupport,shodan", "0", "juroots"
"2025-07-24 06:38:57", "1560250", "101.200.221.43:3306", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/101.200.221.43#3306", "c2,extreme,shodan", "0", "juroots"
"2025-07-24 06:38:42", "1560249", "84.46.243.167:10443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "50", "https://www.shodan.io/host/84.46.243.167#10443", "adaptixc2,c2,shodan", "0", "juroots"
"2025-07-24 06:37:44", "1560248", "87.228.114.68:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/87.228.114.68#7443", "c2,mythic,shodan", "0", "juroots"
"2025-07-24 06:37:24", "1560247", "198.7.124.59:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/198.7.124.59#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-24 06:37:05", "1560246", "47.242.129.79:9443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.242.129.79#9443", "c2,cobaltstrike,cs-watermark-100000,shodan", "0", "juroots"
"2025-07-24 06:37:02", "1560245", "47.110.33.225:4848", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.110.33.225#4848", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-07-24 06:28:49", "1560176", "103.77.241.176:12121", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "https://www.virustotal.com/gui/file/728c164f79f7ecaba065bf78e4040d195caa416f2c67e9adfca2988528f09f63/behavior", "mirai,morte", "1", "BlinkzSec"
"2025-07-24 06:21:15", "1560242", "49.235.177.231:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-07-24 06:21:12", "1560239", "8.148.31.196:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:21:12", "1560240", "47.122.51.211:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:21:12", "1560241", "47.122.63.142:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:20:21", "1560238", "47.122.121.212:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:20:18", "1560237", "38.54.30.22:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:20:17", "1560235", "47.109.88.26:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-07-24 06:20:17", "1560236", "8.148.20.98:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:20:16", "1560234", "43.143.114.43:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2025-07-24 06:20:10", "1560233", "8.148.79.177:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:20:09", "1560231", "47.122.158.70:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-24 06:20:09", "1560232", "113.45.243.41:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-07-24 06:20:07", "1560230", "185.11.145.125:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-07-24 06:06:24", "1560228", "206.238.179.200:31796", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250724-gmk1watxa1", "AS399077,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-24 06:05:59", "1560227", "147.45.219.9:5552", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250724-fzlbqsfn2z", "AS33842,C2,njrat,triage", "0", "DonPasci"
"2025-07-24 06:01:56", "1560224", "88.247.16.132:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250724-fmw8gafl8y", "AS9121,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-07-24 06:01:06", "1560221", "92.222.100.197:7777", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250724-f3znjavmy8", "AS16276,C2,triage,xworm", "0", "DonPasci"
"2025-07-24 05:50:11", "1560219", "206.238.179.200:31795", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-24 04:14:25", "1560218", "107.150.0.62:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-24 04:04:10", "1560217", "47.254.85.24:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.254.85.24", "AS45102,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:09", "1560215", "51.20.113.187:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.20.113.187", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:09", "1560216", "35.180.25.119:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.180.25.119", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:08", "1560212", "185.47.174.137:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.47.174.137", "AS204548,censys,CLOUDWEBMANAGE-IL-FR,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:08", "1560213", "98.70.42.229:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/98.70.42.229", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:08", "1560214", "183.82.122.12:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/183.82.122.12", "AS18209,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:07", "1560211", "3.89.93.231:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.89.93.231", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:06", "1560210", "159.65.128.224:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.65.128.224", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:05", "1560207", "129.211.211.145:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/129.211.211.145", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:05", "1560208", "4.198.121.42:4433", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/4.198.121.42", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:05", "1560209", "185.209.162.101:445", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.209.162.101", "AS14576,censys,GoPhish,HOSTING-SOLUTIONS,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:04", "1560204", "167.234.226.89:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/167.234.226.89", "AS31898,censys,GoPhish,ORACLE-BMC-31898,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:04", "1560205", "103.235.75.107:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.235.75.107", "AS135444,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:04", "1560206", "31.97.248.145:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.97.248.145", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:03", "1560202", "46.101.208.87:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.101.208.87", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:03", "1560203", "18.142.9.64:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.142.9.64", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-24 04:04:02", "1560201", "89.221.214.18:51115", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/89.221.214.18", "AS197019,censys,GoPhish,Phishing,WEDOS", "0", "dyingbreeds_"
"2025-07-24 04:03:57", "1560200", "47.96.40.33:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.96.40.33", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-07-24 04:02:27", "1560198", "103.253.27.116:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/103.253.27.116", "AS133210,C2,censys,ENTECHNOLOGIES-AS-AP,RAT", "0", "DonPasci"
"2025-07-24 04:02:22", "1560197", "60.204.208.172:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/60.204.208.172", "AS55990,C2,censys,CobaltStrike,HWCSNET,open-dir", "0", "DonPasci"
"2025-07-24 04:02:01", "1560196", "45.192.209.54:8888", "ip:port", "botnet_cc", "elf.kaiji", "None", "Kaiji", "2025-07-24 04:03:51", "100", "https://search.censys.io/hosts/45.192.209.54", "ANTBOX1-AS-AP,AS138995,C2,censys", "0", "DonPasci"
"2025-07-24 04:01:58", "1560195", "45.192.209.47:8888", "ip:port", "botnet_cc", "elf.kaiji", "None", "Kaiji", "2025-07-24 04:03:51", "100", "https://search.censys.io/hosts/45.192.209.47", "ANTBOX1-AS-AP,AS138995,C2,censys", "0", "DonPasci"
"2025-07-24 04:01:49", "1560194", "130.164.181.230:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:43:55", "100", "https://search.censys.io/hosts/130.164.181.230", "AS25019,C2,censys,Netsupport,RAT,SAUDINETSTC-AS", "0", "DonPasci"
"2025-07-24 04:01:41", "1560193", "85.208.84.56:45051", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-07-24 10:48:59", "100", "https://search.censys.io/hosts/85.208.84.56", "AS211659,C2,censys,Hookbot,STIMUL-AS", "0", "DonPasci"
"2025-07-24 04:01:34", "1560192", "185.93.89.55:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/185.93.89.55", "AS213790,C2,censys,LIMITEDNETWORK-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-24 04:01:17", "1560191", "185.174.135.71:80", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "https://search.censys.io/hosts/185.174.135.71", "AS59711,C2,censys,HZ-EU-AS,RAT,SpiceRAT", "0", "DonPasci"
"2025-07-24 04:01:08", "1560189", "104.243.254.98:4862", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:43:15", "100", "https://search.censys.io/hosts/104.243.254.98", "AS7040,C2,censys,NETMINDERS,RAT,Remcos", "0", "DonPasci"
"2025-07-24 04:00:43", "1560188", "65.99.193.152:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:10", "100", "https://search.censys.io/hosts/65.99.193.152", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-07-24 04:00:37", "1560187", "47.110.229.125:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:00:49", "100", "https://search.censys.io/hosts/47.110.229.125", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-07-24 04:00:11", "1560186", "113.45.134.83:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:14", "100", "https://search.censys.io/hosts/113.45.134.83", "AS55990,C2,censys", "0", "dyingbreeds_"
"2025-07-24 00:03:15", "1560175", "91.92.120.113:62520", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-07-24 00:02:29", "1560174", "52.205.143.192:443", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/52.205.143.192", "AMAZON-AES,AS14618,C2,censys,PowershellEmpire", "0", "DonPasci"
"2025-07-24 00:02:27", "1560173", "207.180.246.14:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/207.180.246.14", "AS51167,C2,censys,CONTABO,PowershellEmpire", "0", "DonPasci"
"2025-07-24 00:02:25", "1560172", "34.229.188.97:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/34.229.188.97", "AMAZON-AES,AS14618,C2,censys,PowershellEmpire", "0", "DonPasci"
"2025-07-24 00:01:53", "1560171", "13.232.71.100:5222", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:43:51", "100", "https://search.censys.io/hosts/13.232.71.100", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-24 00:01:47", "1560170", "54.242.171.49:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:48:16", "100", "https://search.censys.io/hosts/54.242.171.49", "AMAZON-AES,AS14618,C2,censys,Havoc", "0", "DonPasci"
"2025-07-24 00:01:32", "1560168", "45.32.187.145:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/45.32.187.145", "AS-VULTR,AS20473,C2,censys,RAT,Sectop", "0", "DonPasci"
"2025-07-24 00:01:27", "1560167", "85.102.13.26:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:48:58", "100", "https://search.censys.io/hosts/85.102.13.26", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci"
"2025-07-24 00:00:53", "1560166", "43.138.22.149:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:40", "100", "https://search.censys.io/hosts/43.138.22.149", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-24 00:00:40", "1560165", "43.138.22.149:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:46", "100", "https://search.censys.io/hosts/43.138.22.149", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 23:10:16", "1560162", "37.120.208.40:57625", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-23 22:50:54", "1560160", "72.10.160.165:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-24 10:52:04", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-07-23 22:50:54", "1560161", "72.10.160.166:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-24 10:52:04", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-07-23 20:47:53", "1560157", "45.9.2.12:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:47:43", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 20:45:50", "1560156", "188.4.60.216:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-24 10:45:43", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-23 20:45:26", "1560155", "18.253.92.151:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:45:21", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 20:44:38", "1560153", "16.64.38.46:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:44:34", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 20:44:38", "1560154", "16.64.41.204:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:44:35", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 20:43:55", "1560152", "13.248.147.218:6443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:43:52", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 20:02:53", "1560151", "62.60.226.235:8888", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/62.60.226.235", "AS214351,C2,censys,cert,FEMOIT,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-23 20:02:50", "1560150", "5.79.96.117:8081", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-07-24 10:48:00", "100", "https://search.censys.io/hosts/5.79.96.117", "AS60781,BianLian,C2,censys,LEASEWEB-NL-AMS-01", "0", "DonPasci"
"2025-07-23 20:02:49", "1560149", "216.105.169.10:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/216.105.169.10", "AS63018,C2,censys,DEDICATED,RAT", "0", "DonPasci"
"2025-07-23 20:02:47", "1560148", "8.211.5.170:443", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/8.211.5.170", "ALIBABA-CN-NET,AS45102,C2,censys,PowershellEmpire", "0", "DonPasci"
"2025-07-23 20:02:27", "1560147", "207.180.246.14:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-07-24 10:46:24", "100", "https://search.censys.io/hosts/207.180.246.14", "AS51167,censys,Chaos,CONTABO,panel", "0", "DonPasci"
"2025-07-23 20:02:16", "1560145", "155.94.155.251:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-23 20:02:16", "1560146", "107.150.0.84:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-23 20:02:13", "1560144", "102.100.73.246:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:43:06", "100", "https://search.censys.io/hosts/102.100.73.246", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 20:02:07", "1560143", "181.174.164.139:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:45:24", "100", "https://search.censys.io/hosts/181.174.164.139", "AS52469,C2,censys,Havoc,Offshore", "0", "DonPasci"
"2025-07-23 20:02:00", "1560141", "92.249.61.30:3000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-24 04:03:20", "100", "https://search.censys.io/hosts/92.249.61.30", "AS212219,C2,censys,HOSTINGDUNYAM,Quasar,RAT", "0", "DonPasci"
"2025-07-23 20:01:58", "1560140", "177.103.18.77:5000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-24 04:03:18", "100", "https://search.censys.io/hosts/177.103.18.77", "AS27699,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci"
"2025-07-23 20:01:55", "1560139", "102.117.165.12:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:43:06", "100", "https://search.censys.io/hosts/102.117.165.12", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci"
"2025-07-23 20:01:48", "1560138", "94.156.177.121:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:49:16", "100", "https://search.censys.io/hosts/94.156.177.121", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci"
"2025-07-23 20:01:46", "1560137", "85.102.13.26:3000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:48:58", "100", "https://search.censys.io/hosts/85.102.13.26", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci"
"2025-07-23 20:01:43", "1560136", "172.81.62.139:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:44:55", "100", "https://search.censys.io/hosts/172.81.62.139", "AS398019,AsyncRAT,C2,censys,DYNU,RAT", "0", "DonPasci"
"2025-07-23 20:01:20", "1560135", "91.227.77.6:80", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "https://search.censys.io/hosts/91.227.77.6", "AS62005,BV-EU-AS,C2,censys,RAT,SpiceRAT", "0", "DonPasci"
"2025-07-23 20:01:01", "1560134", "121.61.108.193:444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:00:55", "100", "https://search.censys.io/hosts/121.61.108.193", "AS4134,C2,censys,CHINANET-BACKBONE,CobaltStrike,cs-watermark-1234567890", "0", "DonPasci"
"2025-07-23 20:00:54", "1560133", "110.42.57.182:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:21", "100", "https://search.censys.io/hosts/110.42.57.182", "AS136188,C2,censys,CHINATELECOM-ZHEJIANG-NINGBO-IDC,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 20:00:46", "1560132", "45.80.158.252:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:17", "100", "https://search.censys.io/hosts/45.80.158.252", "AS210558,C2,censys,CobaltStrike,cs-watermark-987654321,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-07-23 20:00:42", "1560131", "20.243.170.247:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:51", "100", "https://search.censys.io/hosts/20.243.170.247", "AS8075,C2,censys,CobaltStrike,cs-watermark-987654321,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-07-23 20:00:38", "1560130", "196.251.80.243:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:04", "100", "https://search.censys.io/hosts/196.251.80.243", "AS401120,C2,censys,CHEAPY-HOST,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-23 18:52:02", "1559868", "47.245.61.75:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:51:53", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-23 18:51:49", "1559867", "45.143.92.81:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:51:41", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-23 18:40:05", "1559862", "185.241.208.219:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-07-23 18:04:47", "1559861", "196.251.72.174:7172", "ip:port", "botnet_cc", "win.aurotun_stealer", "None", "Aurotun Stealer", "", "100", "https://tria.ge/250723-styq4axyes", "AS401120,aurotunstealer,C2,stealer,triage", "0", "DonPasci"
"2025-07-23 18:04:45", "1559860", "198.251.84.224:7172", "ip:port", "botnet_cc", "win.aurotun_stealer", "None", "Aurotun Stealer", "", "100", "https://tria.ge/250723-styq4axyes", "AS53667,aurotunstealer,C2,stealer,triage", "0", "DonPasci"
"2025-07-23 18:03:10", "1559858", "109.248.201.180:7500", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://tria.ge/250723-vxbrvaythy", "AS204490,C2,RedLine,RedlineStealer,stealer,triage", "0", "DonPasci"
"2025-07-23 18:01:36", "1559857", "23.140.8.180:23032", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250723-qk8tlafr8z", "AS394760,C2,rat,remcos,triage", "0", "DonPasci"
"2025-07-23 17:55:19", "1559853", "147.185.221.26:27450", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-23 17:00:38", "1559839", "79.110.49.104:6363", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-23 16:04:15", "1559837", "192.159.99.85:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-23 16:02:45", "1559836", "62.60.226.159:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/62.60.226.159", "AS214351,C2,censys,FEMOIT,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-23 16:02:41", "1559835", "150.139.144.163:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/150.139.144.163", "AS136195,C2,censys,CHINATELECOM-QINGDAO-CLOUDBASE,RAT", "0", "DonPasci"
"2025-07-23 16:02:38", "1559834", "47.236.156.89:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/47.236.156.89", "ALIBABA-CN-NET,AS45102,C2,censys,RAT", "0", "DonPasci"
"2025-07-23 16:02:25", "1559833", "107.150.0.64:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-23 16:02:20", "1559832", "35.228.18.60:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:47:06", "100", "https://search.censys.io/hosts/35.228.18.60", "AS396982,censys,EvilGoPhish,GOOGLE-CLOUD-PLATFORM,panel,Phishing", "0", "DonPasci"
"2025-07-23 16:02:05", "1559831", "13.127.250.197:1963", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:43:50", "100", "https://search.censys.io/hosts/13.127.250.197", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 16:01:59", "1559830", "44.245.0.39:10080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:47:25", "100", "https://search.censys.io/hosts/44.245.0.39", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci"
"2025-07-23 16:01:49", "1559829", "164.92.238.177:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:44:42", "100", "https://search.censys.io/hosts/164.92.238.177", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-23 16:01:40", "1559828", "45.81.23.43:444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:47:40", "100", "https://search.censys.io/hosts/45.81.23.43", "AS49870,AS49870-BV,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-07-23 16:01:35", "1559827", "92.249.61.30:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:49:13", "100", "https://search.censys.io/hosts/92.249.61.30", "AS212219,AsyncRAT,C2,censys,HOSTINGDUNYAM,RAT", "0", "DonPasci"
"2025-07-23 16:01:19", "1559826", "43.205.82.171:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-24 10:47:22", "100", "https://search.censys.io/hosts/43.205.82.171", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci"
"2025-07-23 16:00:55", "1559825", "38.54.30.22:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:13", "100", "https://search.censys.io/hosts/38.54.30.22", "AS138915,C2,censys,CobaltStrike,cs-watermark-0,KAOPU-HK", "0", "DonPasci"
"2025-07-23 16:00:52", "1559824", "43.138.22.149:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:51:32", "100", "https://search.censys.io/hosts/43.138.22.149", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 16:00:44", "1559823", "8.140.22.103:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:17", "100", "https://search.censys.io/hosts/8.140.22.103", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-23 16:00:37", "1559822", "47.122.152.65:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:00:28", "100", "https://search.censys.io/hosts/47.122.152.65", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-23 14:56:42", "1559817", "207.90.236.243:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-07-23 14:56:41", "1559818", "178.130.47.243:80", "ip:port", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "25", "https://app.any.run/tasks/1e28f8a6-65d1-478f-aa93-435d0feb0a1f", "None", "0", "pitachu"
"2025-07-23 14:20:23", "1559819", "143.92.61.180:80", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-23 13:42:45", "1559811", "172.245.4.250:16070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-07-23 13:42:45", "1559812", "172.245.4.250:16090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-07-23 13:40:06", "1559807", "45.77.162.217:800", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-07-23 13:39:59", "1559806", "62.113.59.146:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.113.59.146#443", "c2,havoc,shodan", "0", "juroots"
"2025-07-23 13:39:43", "1559805", "145.82.183.176:3460", "ip:port", "botnet_cc", "win.poison_ivy", "SPIVY,pivy,poisonivy", "Poison Ivy", "", "50", "https://www.shodan.io/host/145.82.183.176#3460", "c2,poison_ivy,shodan", "0", "juroots"
"2025-07-23 13:39:26", "1559804", "155.94.155.157:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/155.94.155.157#1604", "c2,darkcomet,shodan", "0", "juroots"
"2025-07-23 13:39:03", "1559802", "54.147.50.180:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 04:04:06", "50", "https://www.shodan.io/host/54.147.50.180#443", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-07-23 13:39:03", "1559803", "52.220.84.38:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 04:04:06", "50", "https://www.shodan.io/host/52.220.84.38#443", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-07-23 13:38:25", "1559801", "20.235.39.5:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/20.235.39.5#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:24", "1559796", "149.28.255.228:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/149.28.255.228#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:24", "1559797", "170.238.45.40:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/170.238.45.40#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:24", "1559798", "139.59.44.30:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/139.59.44.30#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:24", "1559799", "45.38.20.58:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/45.38.20.58#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:24", "1559800", "104.248.142.64:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/104.248.142.64#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:23", "1559792", "185.28.84.46:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/185.28.84.46#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:23", "1559793", "31.129.108.115:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/31.129.108.115#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:23", "1559794", "85.198.82.179:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/85.198.82.179#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:38:23", "1559795", "206.189.1.112:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/206.189.1.112#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-23 13:37:57", "1559790", "5.161.55.85:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/5.161.55.85#80", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-23 13:37:57", "1559791", "124.222.74.146:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/124.222.74.146#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-23 13:37:56", "1559788", "43.138.22.149:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/43.138.22.149#8086", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-23 13:37:56", "1559789", "47.122.158.243:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.122.158.243#80", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-23 13:37:55", "1559787", "35.92.61.165:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:57", "50", "https://www.shodan.io/host/35.92.61.165#443", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-23 13:37:37", "1559786", "196.251.116.69:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:56", "50", "https://www.shodan.io/host/196.251.116.69#4433", "c2,cobaltstrike,cs-watermark-678358251,shodan", "0", "juroots"
"2025-07-23 13:37:20", "1559784", "47.237.120.206:444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:57", "50", "https://www.shodan.io/host/47.237.120.206#444", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-07-23 13:37:20", "1559785", "109.205.213.106:12525", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:55", "50", "https://www.shodan.io/host/109.205.213.106#12525", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-07-23 13:37:17", "1559783", "116.55.209.90:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:57", "50", "https://www.shodan.io/host/116.55.209.90#8888", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-07-23 13:37:16", "1559780", "43.138.22.149:8085", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:56", "50", "https://www.shodan.io/host/43.138.22.149#8085", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-07-23 13:37:16", "1559781", "154.3.33.103:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 13:37:56", "50", "https://www.shodan.io/host/154.3.33.103#8443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-07-23 13:37:16", "1559782", "47.122.51.211:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:21", "50", "https://www.shodan.io/host/47.122.51.211#80", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-07-23 12:03:16", "1559776", "34.32.121.27:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/34.32.121.27", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,PowershellEmpire", "0", "DonPasci"
"2025-07-23 12:03:02", "1559775", "115.29.211.107:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/115.29.211.107", "ALIBABA-CN-NET,AS37963,C2,censys,hacktool,Mimikatz,open-dir", "0", "DonPasci"
"2025-07-23 12:02:40", "1559774", "45.134.225.90:7000", "ip:port", "botnet_cc", "win.bit_rat", "None", "BitRAT", "2025-07-24 04:03:43", "100", "https://search.censys.io/hosts/45.134.225.90", "AS213438,BitRAT,C2,censys,COLOCATEL-INC,RAT", "0", "DonPasci"
"2025-07-23 12:02:25", "1559772", "144.172.101.181:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:44:08", "100", "https://search.censys.io/hosts/144.172.101.181", "AS14956,C2,censys,Mythic,ROUTERHOSTING", "0", "DonPasci"
"2025-07-23 12:02:15", "1559771", "196.251.69.242:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:46:06", "100", "https://search.censys.io/hosts/196.251.69.242", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci"
"2025-07-23 12:02:09", "1559770", "172.94.1.232:81", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:44:56", "100", "https://search.censys.io/hosts/172.94.1.232", "AS212238,AsyncRAT,C2,CDNEXT,censys,RAT", "0", "DonPasci"
"2025-07-23 12:02:04", "1559769", "185.196.10.29:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:45:33", "100", "https://search.censys.io/hosts/185.196.10.29", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-07-23 12:01:57", "1559768", "1.13.164.149:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 04:02:32", "100", "https://search.censys.io/hosts/1.13.164.149", "AS45090,C2,censys,Supershell,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 12:01:52", "1559767", "45.141.215.235:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250723-mn51bsvzez", "AS210558,C2,quasar,rat,triage", "0", "DonPasci"
"2025-07-23 12:01:39", "1559766", "206.123.149.194:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:46:23", "100", "https://search.censys.io/hosts/206.123.149.194", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-07-23 12:01:32", "1559765", "173.249.28.102:2565", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:45:01", "100", "https://search.censys.io/hosts/173.249.28.102", "AS51167,C2,censys,CONTABO,RAT,Remcos", "0", "DonPasci"
"2025-07-23 12:01:24", "1559764", "149.88.86.89:8080", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-07-24 04:02:12", "100", "https://search.censys.io/hosts/149.88.86.89", "AS142032,C2,censys,Gh0st,HFTCL-AS-AP,RAT", "0", "DonPasci"
"2025-07-23 12:01:07", "1559763", "47.122.135.192:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:02:05", "100", "https://search.censys.io/hosts/47.122.135.192", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 12:00:58", "1559762", "47.110.32.175:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:21", "100", "https://search.censys.io/hosts/47.110.32.175", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 12:00:45", "1559761", "43.138.22.149:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:51:32", "100", "https://search.censys.io/hosts/43.138.22.149", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 12:00:34", "1559759", "110.41.12.167:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:50:13", "100", "https://search.censys.io/hosts/110.41.12.167", "AS55990,C2,censys,CobaltStrike,cs-watermark-391144938,HWCSNET", "0", "DonPasci"
"2025-07-23 12:00:31", "1559758", "106.52.241.166:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:37", "100", "https://search.censys.io/hosts/106.52.241.166", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 11:36:52", "1559747", "117.50.172.208:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "evilgophish,panel", "1", "BlinkzSec"
"2025-07-23 11:25:42", "1559755", "91.219.239.22:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/013cefb6299d98a05613896a42fbaf73826149faa8e4f65ab2199598367dd04c/", "xworm", "0", "abuse_ch"
"2025-07-23 09:55:15", "1559743", "149.30.242.248:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-23 08:52:27", "1559741", "178.128.212.39:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:51:05", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-23 08:48:57", "1559739", "54.36.163.184:8384", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:48:17", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 08:48:49", "1559738", "51.89.229.188:5007", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:48:06", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 08:47:43", "1559737", "34.198.206.81:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:46:58", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 08:46:06", "1559735", "182.30.92.201:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:45:27", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 08:46:06", "1559736", "182.30.92.214:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-24 10:45:27", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-23 08:44:43", "1559734", "149.109.82.74:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-24 10:44:17", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-23 08:30:21", "1559733", "45.134.142.6:57489", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-23 08:02:41", "1559732", "155.94.155.250:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-23 08:02:08", "1559731", "18.153.210.162:1963", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:45:16", "100", "https://search.censys.io/hosts/18.153.210.162", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 08:02:03", "1559730", "51.84.68.56:1099", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:48:06", "100", "https://search.censys.io/hosts/51.84.68.56", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 08:01:57", "1559729", "42.119.166.132:4444", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "2025-07-24 04:03:39", "100", "https://search.censys.io/hosts/42.119.166.132", "AS18403,C2,censys,FPT-AS-AP,Orcus,RAT", "0", "DonPasci"
"2025-07-23 08:01:40", "1559727", "95.217.44.118:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/95.217.44.118", "AS24940,C2,censys,HETZNER-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-23 08:01:23", "1559726", "109.172.87.64:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-24 10:43:24", "100", "https://search.censys.io/hosts/109.172.87.64", "AS48282,C2,censys,Sliver,VDSINA-AS", "0", "DonPasci"
"2025-07-23 08:01:15", "1559725", "167.160.161.198:99", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:44:45", "100", "https://search.censys.io/hosts/167.160.161.198", "AS214943,C2,censys,RAILNET,RAT,Remcos", "0", "DonPasci"
"2025-07-23 08:01:12", "1559724", "196.251.81.126:6001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:46:09", "100", "https://search.censys.io/hosts/196.251.81.126", "AS401120,C2,censys,CHEAPY-HOST,RAT,Remcos", "0", "DonPasci"
"2025-07-23 08:01:02", "1559723", "185.96.166.113:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:45:41", "100", "https://search.censys.io/hosts/185.96.166.113", "AS59466,C2,censys,EUROXP,RAT,Remcos", "0", "DonPasci"
"2025-07-23 08:00:57", "1559722", "109.230.231.31:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:43:24", "100", "https://search.censys.io/hosts/109.230.231.31", "ACTIVE-SERVERS,AS197071,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-07-23 08:00:35", "1559721", "8.148.105.246:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:57", "100", "https://search.censys.io/hosts/8.148.105.246", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 08:00:34", "1559720", "8.148.105.246:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:54", "100", "https://search.censys.io/hosts/8.148.105.246", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 08:00:33", "1559719", "8.148.79.16:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:11", "100", "https://search.censys.io/hosts/8.148.79.16", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 08:00:31", "1559718", "113.45.26.62:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:00:24", "100", "https://search.censys.io/hosts/113.45.26.62", "AS55990,C2,censys,CobaltStrike,cs-watermark-100000,HWCSNET", "0", "DonPasci"
"2025-07-23 08:00:30", "1559717", "121.43.152.104:18081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:59", "100", "https://search.censys.io/hosts/121.43.152.104", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-07-23 08:00:29", "1559716", "39.104.22.29:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:01:09", "100", "https://search.censys.io/hosts/39.104.22.29", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-23 07:55:13", "1559715", "46.246.4.24:5067", "ip:port", "botnet_cc", "win.vjw0rm", "None", "Vjw0rm", "", "100", "None", "Vjw0rm", "0", "abuse_ch"
"2025-07-23 07:55:04", "1559713", "46.246.4.24:7045", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-07-23 07:21:06", "1559710", "116.203.14.51:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2025-07-23 07:21:06", "1559711", "37.27.92.232:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2025-07-23 06:45:16", "1559706", "91.92.120.133:8467", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-23 06:32:45", "1559705", "120.27.160.106:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-07-23 06:32:44", "1559703", "8.148.77.60:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:13", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:44", "1559704", "47.99.150.238:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:43", "1559702", "47.122.135.192:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:02:08", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:23", "1559701", "8.148.79.16:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:22", "1559699", "47.122.158.243:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:22", "1559700", "47.122.49.109:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:21", "1559697", "8.148.79.138:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:21", "1559698", "8.148.78.165:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:32:20", "1559696", "149.104.29.129:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 04:02:02", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-23 06:31:58", "1559695", "81.69.220.187:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-07-23 06:31:55", "1559694", "175.24.47.254:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:01", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2025-07-23 06:23:34", "1559562", "194.213.18.89:443", "ip:port", "botnet_cc", "win.broomstick", "CLEANBOOST,CleanUp,CleanUpLoader,Oyster", "Broomstick", "", "100", "", "oyster", "0", "tanner"
"2025-07-23 06:01:07", "1559689", "134.122.177.12:9091", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250723-emlw3atnt3", "AS152194,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-23 06:01:07", "1559690", "134.122.177.12:9092", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250723-emlw3atnt3", "AS152194,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-23 06:00:32", "1559683", "196.251.86.155:8059", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250723-epp2hatnv2", "AS401120,C2,triage,xworm", "0", "DonPasci"
"2025-07-23 04:20:11", "1559680", "134.122.177.12:9090", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-23 04:15:03", "1559679", "155.94.155.249:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-23 04:05:34", "1559678", "3.83.187.221:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.83.187.221", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:32", "1559677", "52.59.86.84:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.59.86.84", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:30", "1559676", "52.59.86.84:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.59.86.84", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:28", "1559675", "45.10.175.124:10086", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.10.175.124", "AS55933,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:26", "1559674", "31.220.95.101:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.220.95.101", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:24", "1559673", "18.140.155.160:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.140.155.160", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:22", "1559672", "41.78.75.244:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/41.78.75.244", "AS37371,censys,GoPhish,HORMUUD,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:20", "1559671", "50.19.179.151:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/50.19.179.151", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:18", "1559670", "18.159.4.171:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.159.4.171", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:15", "1559669", "185.16.61.161:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.16.61.161", "AS197540,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:13", "1559668", "18.195.126.122:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.195.126.122", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:11", "1559667", "89.250.200.30:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/89.250.200.30", "AS41421,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:08", "1559666", "194.37.80.183:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/194.37.80.183", "AS204548,censys,CLOUDWEBMANAGE-IL-FR,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:05", "1559665", "57.128.223.136:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/57.128.223.136", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:03", "1559664", "57.128.223.136:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/57.128.223.136", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:05:00", "1559663", "15.156.238.124:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/15.156.238.124", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:58", "1559662", "40.81.227.247:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/40.81.227.247", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:56", "1559661", "54.252.181.85:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.252.181.85", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:54", "1559660", "204.44.87.238:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/204.44.87.238", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:51", "1559659", "158.220.116.136:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/158.220.116.136", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:49", "1559658", "103.235.75.107:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.235.75.107", "AS135444,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:47", "1559657", "23.95.198.247:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/23.95.198.247", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:45", "1559656", "23.95.198.247:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/23.95.198.247", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:43", "1559655", "132.255.20.218:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/132.255.20.218", "AS27951,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:42", "1559654", "116.202.19.145:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/116.202.19.145", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_"
"2025-07-23 04:04:33", "1559653", "193.112.206.193:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/193.112.206.193", "AS45090,censys,Viper", "0", "dyingbreeds_"
"2025-07-23 04:04:31", "1559652", "122.51.215.90:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/122.51.215.90", "AS45090,censys,Viper", "0", "dyingbreeds_"
"2025-07-23 04:04:29", "1559651", "113.45.188.14:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/113.45.188.14", "AS55990,censys,Viper", "0", "dyingbreeds_"
"2025-07-23 04:04:11", "1559650", "85.208.108.228:5000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/85.208.108.228", "AS53363,Botnet,byob,C2,censys,TANGRAM-CANADA-INC", "0", "dyingbreeds_"
"2025-07-23 04:03:10", "1559649", "62.60.226.235:443", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/62.60.226.235", "AS214351,C2,censys,cert,FEMOIT,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-23 04:02:39", "1559648", "18.61.119.224:445", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:45:22", "100", "https://search.censys.io/hosts/18.61.119.224", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 04:02:36", "1559647", "13.114.15.139:49501", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:43:49", "100", "https://search.censys.io/hosts/13.114.15.139", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 04:02:33", "1559646", "93.232.99.226:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:49:15", "100", "https://search.censys.io/hosts/93.232.99.226", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 04:02:31", "1559645", "181.12.248.204:5610", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:45:23", "100", "https://search.censys.io/hosts/181.12.248.204", "AS7303,C2,censys,Netsupport,RAT,Telecom", "0", "DonPasci"
"2025-07-23 04:02:23", "1559644", "194.79.46.110:7000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-23 04:03:37", "100", "https://search.censys.io/hosts/194.79.46.110", "AS49545,C2,censys,Quasar,RAT,STROYTELECOM-YUG-AS", "0", "DonPasci"
"2025-07-23 04:02:18", "1559643", "46.101.158.51:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:47:44", "100", "https://search.censys.io/hosts/46.101.158.51", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-23 04:02:15", "1559642", "184.83.83.47:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:45:29", "100", "https://search.censys.io/hosts/184.83.83.47", "AS11232,C2,censys,MIDCO-NET,Mythic", "0", "DonPasci"
"2025-07-23 04:02:08", "1559641", "185.126.64.49:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/185.126.64.49", "AS214927,C2,censys,PSB-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-23 04:02:05", "1559640", "89.185.80.219:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/89.185.80.219", "AS215540,C2,censys,GCS-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-23 04:02:02", "1559639", "185.93.89.56:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/185.93.89.56", "AS213790,C2,censys,LIMITEDNETWORK-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-23 04:02:00", "1559638", "83.222.191.223:15647", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/83.222.191.223", "AS204428,C2,censys,RAT,Sectop,SS-NET", "0", "DonPasci"
"2025-07-23 04:01:59", "1559637", "83.222.191.223:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/83.222.191.223", "AS204428,C2,censys,RAT,Sectop,SS-NET", "0", "DonPasci"
"2025-07-23 04:01:56", "1559636", "45.74.8.89:83", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:47:36", "100", "https://search.censys.io/hosts/45.74.8.89", "AS3223,AsyncRAT,C2,censys,RAT,VOXILITY", "0", "DonPasci"
"2025-07-23 04:01:45", "1559635", "164.92.224.52:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/164.92.224.52", "AS14061,C2,censys,DIGITALOCEAN-ASN,open-dir,payload,Sliver", "0", "DonPasci"
"2025-07-23 04:01:40", "1559634", "139.180.136.101:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2025-07-24 10:44:01", "100", "https://search.censys.io/hosts/139.180.136.101", "AS-VULTR,AS20473,C2,censys,Pupy,RAT", "0", "DonPasci"
"2025-07-23 04:01:19", "1559632", "59.110.12.179:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:16", "100", "https://search.censys.io/hosts/59.110.12.179", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 04:01:19", "1559633", "182.160.2.66:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:05", "100", "https://search.censys.io/hosts/182.160.2.66", "AS136907,C2,censys,CobaltStrike,cs-watermark-666666666,HWCLOUDS-AS-AP", "0", "DonPasci"
"2025-07-23 04:01:18", "1559631", "8.148.31.196:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:34", "100", "https://search.censys.io/hosts/8.148.31.196", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 04:01:15", "1559630", "8.148.23.98:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:18", "100", "https://search.censys.io/hosts/8.148.23.98", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 04:01:10", "1559629", "47.122.117.96:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:12", "100", "https://search.censys.io/hosts/47.122.117.96", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 04:01:04", "1559628", "8.148.77.56:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:11", "100", "https://search.censys.io/hosts/8.148.77.56", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 04:00:59", "1559627", "8.148.20.98:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:12", "100", "https://search.censys.io/hosts/8.148.20.98", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-23 04:00:40", "1559626", "82.156.202.136:20001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:10", "100", "https://search.censys.io/hosts/82.156.202.136", "AS45090,C2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 04:00:34", "1559625", "156.224.79.193:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:20", "100", "https://search.censys.io/hosts/156.224.79.193", "AkileCloud,AS61112,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-23 04:00:25", "1559624", "113.45.129.135:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:00:53", "100", "https://search.censys.io/hosts/113.45.129.135", "AS55990,C2,censys", "0", "dyingbreeds_"
"2025-07-23 04:00:12", "1559623", "47.237.153.209:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:00:47", "100", "https://search.censys.io/hosts/47.237.153.209", "AS45102,C2,censys", "0", "dyingbreeds_"
"2025-07-23 03:10:04", "1559619", "147.185.221.30:6048", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-07-23 01:40:19", "1559618", "144.172.91.74:7709", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-07-23 00:01:56", "1559616", "102.96.170.230:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:43:07", "100", "https://search.censys.io/hosts/102.96.170.230", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-23 00:01:54", "1559615", "146.19.215.141:9090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-07-24 10:44:12", "100", "https://search.censys.io/hosts/146.19.215.141", "ADVIN-AS,AS206216,C2,censys,DcRAT,RAT", "0", "DonPasci"
"2025-07-23 00:01:50", "1559614", "42.116.61.184:4444", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "2025-07-23 04:03:59", "100", "https://search.censys.io/hosts/42.116.61.184", "AS18403,C2,censys,FPT-AS-AP,Orcus,RAT", "0", "DonPasci"
"2025-07-23 00:01:46", "1559613", "34.100.150.65:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:46:56", "100", "https://search.censys.io/hosts/34.100.150.65", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Havoc", "0", "DonPasci"
"2025-07-23 00:01:40", "1559612", "111.90.151.59:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-23 04:03:20", "100", "https://search.censys.io/hosts/111.90.151.59", "AS45839,C2,censys,Mythic,SHINJIRU-MY-AS-AP", "0", "DonPasci"
"2025-07-23 00:01:38", "1559611", "102.117.167.7:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:43:06", "100", "https://search.censys.io/hosts/102.117.167.7", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci"
"2025-07-23 00:01:36", "1559610", "84.32.190.72:82", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-23 04:03:08", "100", "https://search.censys.io/hosts/84.32.190.72", "AS59642,C2,censys,CHERRYSERVERS2-AS,Mythic", "0", "DonPasci"
"2025-07-23 00:01:24", "1559609", "124.198.132.250:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:43:43", "100", "https://search.censys.io/hosts/124.198.132.250", "AS210558,AsyncRAT,C2,censys,RAT,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-07-23 00:01:21", "1559608", "172.111.248.132:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:44:52", "100", "https://search.censys.io/hosts/172.111.248.132", "AS212238,AsyncRAT,C2,CDNEXT,censys,RAT", "0", "DonPasci"
"2025-07-23 00:01:08", "1559607", "52.91.190.99:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/52.91.190.99", "AMAZON-AES,AS14618,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-07-23 00:01:03", "1559606", "194.48.248.59:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-24 10:45:57", "100", "https://search.censys.io/hosts/194.48.248.59", "ALEXHOST,AS200019,C2,censys,Sliver", "0", "DonPasci"
"2025-07-23 00:00:38", "1559605", "101.34.66.77:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:45", "100", "https://search.censys.io/hosts/101.34.66.77", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-23 00:00:34", "1559604", "185.38.142.214:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:42", "100", "https://search.censys.io/hosts/185.38.142.214", "AS47674,C2,censys,CobaltStrike,cs-watermark-987654321,NETSOLUTIONS", "0", "DonPasci"
"2025-07-23 00:00:30", "1559603", "47.109.58.47:8989", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:00:59", "100", "https://search.censys.io/hosts/47.109.58.47", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-22 22:06:37", "1559602", "152.89.218.72:7705", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-07-22 21:25:24", "1559601", "147.185.221.30:26979", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-22 21:25:10", "1559600", "129.28.85.210:55112", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-24 04:01:13", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-07-22 20:50:55", "1559599", "47.120.48.100:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-24 10:51:50", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-07-22 20:50:03", "1559598", "161.97.149.235:587", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-24 10:51:00", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-07-22 20:48:22", "1559596", "86.126.224.214:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-24 10:49:02", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-22 20:44:22", "1559594", "158.255.213.22:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2025-07-24 10:44:30", "75", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-07-22 20:44:22", "1559595", "158.255.213.22:63421", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2025-07-24 10:44:30", "75", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-07-22 20:43:07", "1559593", "103.141.50.146:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-24 10:43:08", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-22 20:40:22", "1559592", "47.239.1.95:26868", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-22 20:02:02", "1559590", "155.94.155.173:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-22 20:02:02", "1559591", "155.94.155.226:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-22 20:01:44", "1559589", "13.250.125.176:80", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/13.250.125.176", "AMAZON-02,AS16509,C2,censys,hacktool,Mimikatz,open-dir", "0", "DonPasci"
"2025-07-22 20:01:35", "1559588", "172.94.96.95:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-23 04:04:23", "100", "https://search.censys.io/hosts/172.94.96.95", "AS207184,C2,censys,panel,TELCHAK-AS,Unam", "0", "DonPasci"
"2025-07-22 20:01:22", "1559585", "145.223.69.2:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:44:11", "100", "https://search.censys.io/hosts/145.223.69.2", "AS215311,C2,censys,Havoc,REGXA-CLOUD", "0", "DonPasci"
"2025-07-22 20:01:22", "1559586", "145.223.69.2:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:44:11", "100", "https://search.censys.io/hosts/145.223.69.2", "AS215311,C2,censys,Havoc,REGXA-CLOUD", "0", "DonPasci"
"2025-07-22 20:01:21", "1559584", "185.250.207.163:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:45:38", "100", "https://search.censys.io/hosts/185.250.207.163", "AS211381,C2,censys,Havoc,PODAON", "0", "DonPasci"
"2025-07-22 20:01:19", "1559583", "102.219.210.202:8090", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-23 04:03:33", "100", "https://search.censys.io/hosts/102.219.210.202", "AS328856,C2,censys,Quasar,RAT,VIJIJI-CONNECT-LIMITED", "0", "DonPasci"
"2025-07-22 20:01:18", "1559582", "207.180.232.158:3000", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-07-23 04:03:26", "100", "https://search.censys.io/hosts/207.180.232.158", "AS51167,C2,censys,CONTABO,Hookbot", "0", "DonPasci"
"2025-07-22 20:01:17", "1559580", "165.227.143.23:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:44:43", "100", "https://search.censys.io/hosts/165.227.143.23", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-22 20:01:17", "1559581", "139.162.190.174:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:44:01", "100", "https://search.censys.io/hosts/139.162.190.174", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci"
"2025-07-22 20:01:13", "1559579", "45.94.47.104:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/45.94.47.104", "AS57043,C2,censys,HOSTKEY-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-22 20:00:57", "1559578", "170.64.232.216:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-24 10:44:48", "100", "https://search.censys.io/hosts/170.64.232.216", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2025-07-22 20:00:48", "1559577", "65.20.82.213:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2025-07-24 10:48:27", "100", "https://search.censys.io/hosts/65.20.82.213", "AS-VULTR,AS20473,C2,censys,Pupy,RAT", "0", "DonPasci"
"2025-07-22 20:00:47", "1559576", "85.239.55.40:80", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "https://search.censys.io/hosts/85.239.55.40", "AS62005,BV-EU-AS,C2,censys,RAT,SpiceRAT", "0", "DonPasci"
"2025-07-22 20:00:45", "1559575", "178.209.246.120:2222", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-07-23 04:01:57", "100", "https://search.censys.io/hosts/178.209.246.120", "AS12714,C2,censys,DarkComet,MEGAFON-AS,RAT", "0", "DonPasci"
"2025-07-22 20:00:30", "1559573", "111.229.80.204:7001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:52", "100", "https://search.censys.io/hosts/111.229.80.204", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-22 20:00:30", "1559574", "111.229.80.204:7000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:50", "100", "https://search.censys.io/hosts/111.229.80.204", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-22 20:00:28", "1559572", "154.12.22.142:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:00:37", "100", "https://search.censys.io/hosts/154.12.22.142", "AS142032,C2,censys,CobaltStrike,cs-watermark-100000,HFTCL-AS-AP", "0", "DonPasci"
"2025-07-22 20:00:27", "1559571", "121.43.152.104:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:03", "100", "https://search.censys.io/hosts/121.43.152.104", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-07-22 20:00:26", "1559569", "121.40.76.3:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:21:17", "100", "https://search.censys.io/hosts/121.40.76.3", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-22 20:00:26", "1559570", "185.38.142.214:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:38", "100", "https://search.censys.io/hosts/185.38.142.214", "AS47674,C2,censys,CobaltStrike,cs-watermark-987654321,NETSOLUTIONS", "0", "DonPasci"
"2025-07-22 18:51:06", "1559566", "23.95.61.136:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 10:51:20", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-22 18:15:39", "1559563", "206.123.145.172:7676", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-22 18:01:16", "1559560", "104.238.191.68:80", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250722-wedn6axygx", "AS20473,C2,njrat,triage", "0", "DonPasci"
"2025-07-22 17:40:10", "1559551", "106.14.1.192:9999", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-07-22 17:15:15", "1559545", "43.250.173.179:8080", "ip:port", "botnet_cc", "win.fatal_rat", "Sainbox RAT", "FatalRat", "", "100", "None", "FatalRAT", "0", "abuse_ch"
"2025-07-22 16:45:07", "1559542", "103.59.160.219:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-07-22 16:25:26", "1559538", "216.9.225.51:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-22 16:15:44", "1559536", "45.192.218.158:443", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-22 16:03:47", "1559535", "208.72.155.9:7712", "ip:port", "botnet_cc", "win.aurotun_stealer", "None", "Aurotun Stealer", "", "100", "None", "AurotunStealer", "0", "abuse_ch"
"2025-07-22 16:02:56", "1559534", "119.167.205.150:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/119.167.205.150", "AS4837,C2,censys,CHINA169-BACKBONE,RAT", "0", "DonPasci"
"2025-07-22 16:02:53", "1559533", "8.211.5.170:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/8.211.5.170", "ALIBABA-CN-NET,AS45102,C2,censys,Starkillerc2", "0", "DonPasci"
"2025-07-22 16:02:44", "1559532", "185.194.175.132:5000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://search.censys.io/hosts/185.194.175.132", "AS206163,C2,censys,open-dir,TBTNET-TELEKOM,Xworm", "0", "DonPasci"
"2025-07-22 16:02:38", "1559531", "212.193.2.162:50001", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/212.193.2.162", "AS26383,ASNET,C2,censys,hacktool,Mimikatz,open-dir", "0", "DonPasci"
"2025-07-22 16:02:35", "1559530", "124.220.51.88:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/124.220.51.88", "AS45090,C2,censys,hacktool,Mimikatz,open-dir,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-22 16:02:11", "1559529", "16.63.137.205:20000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:44:34", "100", "https://search.censys.io/hosts/16.63.137.205", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-22 16:02:07", "1559528", "16.63.137.205:3550", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:44:34", "100", "https://search.censys.io/hosts/16.63.137.205", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-22 16:02:03", "1559527", "34.254.158.94:4730", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:46:58", "100", "https://search.censys.io/hosts/34.254.158.94", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-22 16:01:56", "1559526", "78.163.49.248:81", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-07-23 04:03:53", "100", "https://search.censys.io/hosts/78.163.49.248", "AS9121,C2,censys,RAT,TTNET,Venom", "0", "DonPasci"
"2025-07-22 16:01:51", "1559525", "4.213.161.104:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:47:15", "100", "https://search.censys.io/hosts/4.213.161.104", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-07-22 16:01:47", "1559524", "93.95.231.28:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-24 10:49:16", "100", "https://search.censys.io/hosts/93.95.231.28", "AS44925,C2,censys,Havoc,THE-1984-AS", "0", "DonPasci"
"2025-07-22 16:01:41", "1559523", "46.101.246.74:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:47:44", "100", "https://search.censys.io/hosts/46.101.246.74", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-22 16:01:37", "1559522", "34.1.135.57:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-24 10:46:56", "100", "https://search.censys.io/hosts/34.1.135.57", "AS15169,C2,censys,GOOGLE,Mythic", "0", "DonPasci"
"2025-07-22 16:01:01", "1559521", "47.111.8.116:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 06:31:55", "100", "https://search.censys.io/hosts/47.111.8.116", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike", "0", "DonPasci"
"2025-07-22 16:00:52", "1559520", "111.229.80.204:20001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:49", "100", "https://search.censys.io/hosts/111.229.80.204", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-22 16:00:45", "1559519", "8.148.104.223:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:21", "100", "https://search.censys.io/hosts/8.148.104.223", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-22 16:00:37", "1559518", "8.140.22.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:20", "100", "https://search.censys.io/hosts/8.140.22.103", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-22 16:00:31", "1559517", "8.130.161.225:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 06:32:48", "100", "https://search.censys.io/hosts/8.130.161.225", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-22 13:40:51", "1559345", "176.46.157.32:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "", "25", "https://app.any.run/tasks/1f219c99-c9f6-4e26-a9c1-7a543ba22f92", "None", "0", "pitachu"
"2025-07-22 13:40:50", "1559346", "195.133.88.180:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "", "25", "https://app.any.run/tasks/1f219c99-c9f6-4e26-a9c1-7a543ba22f92", "None", "0", "pitachu"
"2025-07-22 13:27:24", "1559334", "104.194.222.88:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-07-22 12:01:38", "1559324", "202.182.124.254:5555", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "https://search.censys.io/hosts/202.182.124.254", "AdaptixC2,AS-VULTR,AS20473,C2,censys", "0", "DonPasci"
"2025-07-22 12:01:34", "1559321", "192.228.143.187:5672", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:34", "1559322", "192.228.143.187:26018", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:34", "1559323", "192.228.143.187:25", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:33", "1559318", "192.228.143.187:5903", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:33", "1559319", "192.228.143.187:58603", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:33", "1559320", "192.228.143.187:35953", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:32", "1559317", "192.228.143.187:1336", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/192.228.143.187", "AS9930,C2,censys,hacktool,Mimikatz,open-dir,TTNET-MY", "0", "DonPasci"
"2025-07-22 12:01:11", "1559315", "15.188.146.16:833", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:44:19", "100", "https://search.censys.io/hosts/15.188.146.16", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-22 12:01:11", "1559316", "16.51.151.204:1080", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-24 10:44:33", "100", "https://search.censys.io/hosts/16.51.151.204", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-22 12:00:58", "1559311", "186.190.211.108:8080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-24 10:45:41", "100", "https://search.censys.io/hosts/186.190.211.108", "AS-GLOBALTELEHOST,AS63023,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-07-22 12:00:57", "1559310", "123.253.111.23:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-23 04:02:40", "100", "https://search.censys.io/hosts/123.253.111.23", "AS134823,C2,censys,SDCL-AS-AP,Supershell", "0", "DonPasci"
"2025-07-22 12:00:43", "1559308", "217.156.123.93:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-24 10:46:35", "100", "https://search.censys.io/hosts/217.156.123.93", "ALEXHOST,AS200019,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-07-22 12:00:28", "1559303", "120.26.218.41:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:21", "100", "https://search.censys.io/hosts/120.26.218.41", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-22 12:00:28", "1559306", "8.148.69.182:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:20", "100", "https://search.censys.io/hosts/8.148.69.182", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-22 12:00:27", "1559301", "8.148.31.69:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-24 06:20:12", "100", "https://search.censys.io/hosts/8.148.31.69", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-22 12:00:27", "1559302", "8.148.23.98:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:01:25", "100", "https://search.censys.io/hosts/8.148.23.98", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-22 12:00:26", "1559300", "38.14.254.133:2096", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-23 04:00:31", "100", "https://search.censys.io/hosts/38.14.254.133", "AROSS-AS,AS400619,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-22 11:40:27", "1559299", "176.65.128.104:5888", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
# Number of entries: 388