################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2025-08-20 01:20:14 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-08-20 01:20:14", "1571517", "147.185.221.30:49118", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-20 00:03:20", "1571515", "223.109.90.12:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/223.109.90.12", "AS56046,C2,censys,CMNET-JIANGSU-AP,RAT", "0", "DonPasci"
"2025-08-20 00:03:20", "1571516", "114.67.215.57:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/114.67.215.57", "AS136958,C2,censys,RAT,UNICOM-GUANGZHOU-IDC", "0", "DonPasci"
"2025-08-20 00:03:05", "1571514", "164.92.178.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.92.178.59", "AS14061,censys,DIGITALOCEAN-ASN,EvilGoPhish,panel,Phishing", "0", "DonPasci"
"2025-08-20 00:02:52", "1571511", "13.115.109.98:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "https://search.censys.io/hosts/13.115.109.98", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci"
"2025-08-20 00:02:48", "1571510", "34.203.198.198:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/34.203.198.198", "AMAZON-AES,AS14618,C2,censys,Havoc", "0", "DonPasci"
"2025-08-20 00:02:45", "1571506", "187.201.97.119:1098", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-20 00:02:45", "1571507", "187.201.97.119:2053", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-20 00:02:44", "1571505", "187.201.97.119:1961", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-20 00:02:43", "1571503", "20.42.107.78:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.42.107.78", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "DonPasci"
"2025-08-20 00:02:43", "1571504", "109.122.197.147:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/109.122.197.147", "AS213887,C2,censys,Hookbot,WAICORE-LTD", "0", "DonPasci"
"2025-08-20 00:02:42", "1571502", "95.112.103.2:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/95.112.103.2", "AS6805,C2,censys,Mythic,TDDE-ASN1", "0", "DonPasci"
"2025-08-20 00:02:37", "1571501", "185.196.10.204:5002", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/185.196.10.204", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-08-20 00:02:36", "1571500", "124.220.19.20:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/124.220.19.20", "AS45090,C2,censys,Supershell,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-20 00:02:24", "1571498", "193.26.115.209:1024", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.26.115.209", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci"
"2025-08-20 00:02:24", "1571499", "213.190.4.203:51269", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/213.190.4.203", "AS-HOSTINGER,AS47583,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-08-20 00:02:06", "1571497", "3.27.235.189:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/3.27.235.189", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 21:55:13", "1571484", "103.105.23.130:80", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-19 21:15:04", "1571482", "198.23.197.164:7071", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-08-19 20:48:23", "1571358", "78.40.197.146:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-08-20 00:48:08", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-08-19 20:47:54", "1571357", "52.8.145.106:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:47:43", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 20:46:25", "1571356", "213.133.102.42:8384", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:18", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 20:43:02", "1571355", "1.161.103.144:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:43:02", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 20:35:16", "1571354", "147.185.221.23:52320", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 20:03:03", "1571315", "120.27.209.132:47486", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-08-20 00:43:37", "100", "https://search.censys.io/hosts/120.27.209.132", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci"
"2025-08-19 20:03:03", "1571316", "8.134.181.167:54681", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-08-20 00:48:09", "100", "https://search.censys.io/hosts/8.134.181.167", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci"
"2025-08-19 20:02:50", "1571313", "13.208.252.175:40961", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:46", "100", "https://search.censys.io/hosts/13.208.252.175", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 20:02:49", "1571312", "3.101.82.15:6008", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:32", "100", "https://search.censys.io/hosts/3.101.82.15", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 20:02:45", "1571310", "187.201.97.119:636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 20:02:45", "1571311", "187.201.97.119:501", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 20:02:43", "1571308", "34.55.232.213:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.55.232.213", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Mythic", "0", "DonPasci"
"2025-08-19 20:02:43", "1571309", "81.95.8.176:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/81.95.8.176", "AS201011,C2,censys,CORE-BACKBONE,Mythic", "0", "DonPasci"
"2025-08-19 20:02:38", "1571307", "95.217.57.151:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-08-19 20:02:28", "1571306", "165.232.163.129:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:44:35", "100", "https://search.censys.io/hosts/165.232.163.129", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2025-08-19 20:02:27", "1571305", "139.84.214.159:9999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/139.84.214.159", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci"
"2025-08-19 20:02:23", "1571304", "216.250.252.245:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:21", "100", "https://search.censys.io/hosts/216.250.252.245", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2025-08-19 20:02:07", "1571303", "59.110.83.99:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/59.110.83.99", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci"
"2025-08-19 20:02:06", "1571301", "94.154.35.174:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 20:13:29", "90", "None", "latrodectus", "0", "Rony"
"2025-08-19 20:02:06", "1571302", "8.134.222.115:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.134.222.115", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-08-19 20:02:05", "1571300", "117.72.105.10:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/117.72.105.10", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 18:10:22", "1571293", "144.126.149.221:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 18:03:13", "1571291", "154.94.233.79:0443", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250819-wa19nawshz", "AS137899,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-08-19 18:02:16", "1571289", "160.25.72.96:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250819-rltxhadl7z", "AS150895,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-19 18:02:11", "1571288", "45.11.229.51:8080", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-s1njpsvycw", "AS58087,C2,triage,xworm", "0", "DonPasci"
"2025-08-19 17:00:24", "1571279", "147.185.221.28:38949", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 16:25:16", "1571276", "91.199.42.157:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 16:02:58", "1571272", "82.27.2.251:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/82.27.2.251", "AS215703,C2,censys,FREAKHOSTING,moobot", "0", "DonPasci"
"2025-08-19 16:02:42", "1571271", "85.239.149.90:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/85.239.149.90", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci"
"2025-08-19 16:02:41", "1571270", "18.253.62.84:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:45:02", "100", "https://search.censys.io/hosts/18.253.62.84", "AS8987,AWS-GOVCLOUD,C2,censys,Mythic", "0", "DonPasci"
"2025-08-19 16:02:36", "1571269", "95.217.57.151:82", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:42", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-08-19 16:02:35", "1571268", "216.250.250.224:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:46:21", "100", "https://search.censys.io/hosts/216.250.250.224", "AS396073,AsyncRAT,C2,censys,MAJESTIC-HOSTING-01,RAT", "0", "DonPasci"
"2025-08-19 16:02:34", "1571267", "45.135.194.43:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.135.194.43", "AS51396,C2,censys,PFCLOUD,Supershell", "0", "DonPasci"
"2025-08-19 16:02:21", "1571266", "104.243.254.101:48791", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:43:15", "100", "https://search.censys.io/hosts/104.243.254.101", "AS7040,C2,censys,NETMINDERS,RAT,Remcos", "0", "DonPasci"
"2025-08-19 16:02:11", "1571265", "84.246.226.107:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/84.246.226.107", "AS34177,C2,CELESTE-AS,censys,CobaltStrike", "0", "DonPasci"
"2025-08-19 16:02:07", "1571264", "43.138.22.149:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.138.22.149", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-19 15:30:38", "1571257", "141.164.49.250:80", "ip:port", "botnet_cc", "win.xenorat", "None", "XenoRAT", "", "100", "https://www.virustotal.com/gui/file/b07dd7e831fe0a30ac139bb29d9ac836f0fb1e1034f4e00ad62f427423bc5a7f", "AS-VULTR,AS20473,c2,rat,virustotal,XenoRAT", "0", "DonPasci"
"2025-08-19 15:04:15", "1571245", "154.91.183.174:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AROSS-AS,AS400619,c2,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 15:04:15", "1571246", "118.107.46.174:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AS152194,c2,CTGSERVERLIMITED-AS-AP,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 15:04:15", "1571247", "118.99.3.33:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AS38186,c2,FTG-AS-AP,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 15:04:15", "1571248", "103.237.92.191:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AS55933,c2,CLOUDIE-AS-AP,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 14:21:04", "1571235", "58.9.110.23:18067", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/47afc0bfbced6e6201e2fc2767b69c8686dcd8ad42e0740543d3c955b85e42cb/", "xworm", "0", "abuse_ch"
"2025-08-19 13:39:16", "1571233", "45.86.230.103:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch"
"2025-08-19 12:52:24", "1571231", "43.138.22.149:8023", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:32", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 12:03:21", "1571230", "68.168.222.6:8443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-08-20 00:47:58", "100", "https://search.censys.io/hosts/68.168.222.6", "AS19318,BianLian,C2,censys,IS-AS-1", "0", "DonPasci"
"2025-08-19 12:03:19", "1571229", "31.97.216.105:8081", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/31.97.216.105", "AS-HOSTINGER,AS47583,C2,censys,PowershellEmpire", "0", "DonPasci"
"2025-08-19 12:02:50", "1571227", "13.58.108.28:8545", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:50", "100", "https://search.censys.io/hosts/13.58.108.28", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:50", "1571228", "3.89.225.68:788", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:38", "100", "https://search.censys.io/hosts/3.89.225.68", "AMAZON-AES,AS14618,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:49", "1571224", "54.224.94.224:179", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:45", "100", "https://search.censys.io/hosts/54.224.94.224", "AMAZON-AES,AS14618,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:49", "1571225", "13.58.108.28:995", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:50", "100", "https://search.censys.io/hosts/13.58.108.28", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:49", "1571226", "13.58.108.28:2095", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:50", "100", "https://search.censys.io/hosts/13.58.108.28", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:48", "1571223", "100.42.176.116:4333", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:43:03", "100", "https://search.censys.io/hosts/100.42.176.116", "AS51167,C2,censys,CONTABO,DcRAT,RAT", "0", "DonPasci"
"2025-08-19 12:02:46", "1571222", "157.245.54.105:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-20 00:44:19", "100", "https://search.censys.io/hosts/157.245.54.105", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-08-19 12:02:44", "1571221", "45.138.16.79:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/45.138.16.79", "AS210558,C2,censys,Quasar,RAT,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-08-19 12:02:43", "1571220", "109.122.197.147:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-08-20 00:43:24", "100", "https://search.censys.io/hosts/109.122.197.147", "AS213887,C2,censys,Hookbot,WAICORE-LTD", "0", "DonPasci"
"2025-08-19 12:02:42", "1571219", "31.97.71.171:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:46:40", "100", "https://search.censys.io/hosts/31.97.71.171", "AS-HOSTINGER,AS47583,C2,censys,Mythic", "0", "DonPasci"
"2025-08-19 12:02:13", "1571218", "107.172.232.71:4477", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250819-jkl69shq3y", "AS36352,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-19 12:02:12", "1571217", "194.180.48.253:16789", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250819-lg49sastgt", "AS201814,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-19 12:02:06", "1571216", "156.238.237.119:8020", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/156.238.237.119", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-19 12:02:04", "1571215", "121.5.174.243:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/121.5.174.243", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-19 12:02:03", "1571214", "110.42.47.55:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/110.42.47.55", "AS136188,C2,censys,CHINATELECOM-ZHEJIANG-NINGBO-IDC,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 11:56:03", "1571212", "47.238.124.68:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "ALIBABA-CN-NET,AS45102,asyncrat,c2,rat", "0", "DonPasci"
"2025-08-19 11:56:02", "1571210", "156.241.134.49:6443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "AROSS-AS,AS400619,asyncrat,c2,rat", "0", "DonPasci"
"2025-08-19 11:56:02", "1571211", "156.241.134.49:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "AROSS-AS,AS400619,asyncrat,c2,rat", "0", "DonPasci"
"2025-08-19 11:45:22", "1571204", "147.185.221.31:11257", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 11:14:05", "1571202", "95.216.181.91:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "None", "0", "pitachu"
"2025-08-19 10:51:47", "1571200", "193.169.245.90:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-08-20 00:50:14", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-08-19 10:51:45", "1571192", "35.157.111.131:17449", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "None", "None", "0", "netresec"
"2025-08-19 10:51:41", "1571190", "64.23.157.9:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "https://threatquery.com/engines/ip.html?value=64.23.157.9&type=ip", "AS14061,c2,Havoc,threatquery", "0", "threatquery"
"2025-08-19 10:51:41", "1571191", "67.205.154.243:64553", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "66", "https://app.any.run/tasks/38326558-d660-4c38-9c7f-43816c6fa98f", "None", "0", "netresec"
"2025-08-19 09:47:31", "1571199", "156.234.228.149:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-08-19 09:47:28", "1571198", "89.31.126.165:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-08-19 09:47:27", "1571197", "115.120.225.134:89", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-19 09:46:53", "1571196", "8.141.90.104:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2025-08-19 09:46:52", "1571195", "156.238.243.109:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-19 09:46:49", "1571194", "156.238.243.109:6080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2025-08-19 09:46:48", "1571193", "47.83.155.72:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-19 08:49:57", "1571189", "95.216.183.76:1433", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:48:41", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-08-19 08:49:48", "1571188", "92.98.244.48:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:48:35", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 08:49:37", "1571187", "86.110.218.246:1720", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:48:26", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 08:49:27", "1571186", "83.110.197.213:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:48:19", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 08:48:53", "1571185", "54.38.94.225:8879", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-08-20 00:47:47", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-08-19 08:47:58", "1571184", "44.196.152.102:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-08-20 00:47:05", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2025-08-19 08:47:33", "1571183", "34.99.4.103:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:45", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 08:46:03", "1571182", "189.140.29.244:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:45:28", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 08:45:29", "1571181", "74.249.9.7:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 08:40:05", "1571180", "194.156.79.90:55615", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-08-19 08:03:21", "1571179", "150.139.144.85:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/150.139.144.85", "AS136195,C2,censys,CHINATELECOM-QINGDAO-CLOUDBASE,RAT", "0", "DonPasci"
"2025-08-19 08:03:14", "1571178", "172.234.86.225:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2025-08-20 00:44:45", "100", "https://search.censys.io/hosts/172.234.86.225", "AdaptixC2,AKAMAI-LINODE-AP,AS63949,C2,censys", "0", "DonPasci"
"2025-08-19 08:02:58", "1571177", "137.131.128.143:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://search.censys.io/hosts/137.131.128.143", "AS31898,C2,censys,ORACLE-BMC-31898,Stealc,Stealer", "0", "DonPasci"
"2025-08-19 08:02:50", "1571175", "51.20.142.120:5995", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:38", "100", "https://search.censys.io/hosts/51.20.142.120", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 08:02:50", "1571176", "13.60.69.76:25565", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.60.69.76", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 08:02:49", "1571174", "102.96.214.19:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:08", "100", "https://search.censys.io/hosts/102.96.214.19", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 08:02:48", "1571172", "103.20.102.255:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:43:11", "100", "https://search.censys.io/hosts/103.20.102.255", "AS140817,C2,censys,DcRAT,ODSONLINE-AS-VN,RAT", "0", "DonPasci"
"2025-08-19 08:02:48", "1571173", "196.251.72.146:1597", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:45:45", "100", "https://search.censys.io/hosts/196.251.72.146", "AS401120,C2,censys,CHEAPY-HOST,DcRAT,RAT", "0", "DonPasci"
"2025-08-19 08:02:37", "1571171", "95.217.57.151:100", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-08-19 08:02:27", "1571170", "39.104.50.190:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/39.104.50.190", "ALIBABA-CN-NET,AS37963,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-08-19 08:02:23", "1571169", "212.162.149.228:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:16", "100", "https://search.censys.io/hosts/212.162.149.228", "AS64236,C2,censys,RAT,Remcos,UNREAL-SERVERS", "0", "DonPasci"
"2025-08-19 08:02:05", "1571168", "103.178.57.150:89", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:19", "100", "https://search.censys.io/hosts/103.178.57.150", "AS141159,C2,censys,CobaltStrike,cs-watermark-100000,INCOMPARABLEHKNET-AS-AP", "0", "DonPasci"
"2025-08-19 08:02:04", "1571166", "103.146.125.195:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.146.125.195", "AS141159,C2,censys,CobaltStrike,cs-watermark-100000,INCOMPARABLEHKNET-AS-AP", "0", "DonPasci"
"2025-08-19 08:02:04", "1571167", "154.201.71.196:8005", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.201.71.196", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-19 08:02:03", "1571165", "117.72.175.125:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/117.72.175.125", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-08-19 08:02:02", "1571164", "81.69.98.230:50011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/81.69.98.230", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-19 07:05:27", "1571159", "172.94.96.90:8088", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-19 06:02:07", "1571155", "45.141.26.133:5000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-d13ajazmz6", "AS142299,C2,triage,xworm", "0", "DonPasci"
"2025-08-19 05:50:15", "1571153", "46.246.14.5:7044", "ip:port", "botnet_cc", "win.vjw0rm", "None", "Vjw0rm", "", "100", "None", "Vjw0rm", "0", "abuse_ch"
"2025-08-19 05:50:06", "1571152", "46.246.14.5:2703", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-19 05:25:14", "1571151", "5.83.218.183:4467", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-08-19 05:10:24", "1571150", "107.189.18.107:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 04:18:22", "1571105", "144.126.144.70:8000", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://threatquery.com/engines/ip.html?value=144.126.144.70&type=ip", "AS40021,c2,LokiBot,threatquery", "0", "threatquery"
"2025-08-19 04:18:21", "1571106", "154.44.15.83:8886", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://threatquery.com/engines/ip.html?value=154.44.15.83&type=ip", "AS979,c2,LokiBot,threatquery", "0", "threatquery"
"2025-08-19 04:18:21", "1571108", "94.181.203.77:8188", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/3e81c05a-d1d6-47c5-97c1-83274a78e3c7", "c2,infostealer,stealer", "0", "ninjacatcher"
"2025-08-19 04:18:21", "1571109", "94.181.203.77:44233", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/3e81c05a-d1d6-47c5-97c1-83274a78e3c7", "c2,infostealer,stealer", "0", "ninjacatcher"
"2025-08-19 04:18:15", "1571048", "94.154.35.109:999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes"
"2025-08-19 04:18:14", "1571046", "94.154.35.109:4515", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes"
"2025-08-19 04:18:11", "1570817", "116.203.166.184:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "None", "0", "pitachu"
"2025-08-19 04:17:54", "1571104", "206.245.167.38:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 20:02:37", "100", "None", "AS136557,Host Universal Pty Ltd,supershell", "0", "antiphishorg"
"2025-08-19 04:12:19", "1571144", "87.120.126.150:80", "ip:port", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake,ClickFix", "0", "threatcat_ch"
"2025-08-19 04:02:46", "1571140", "35.178.201.56:12925", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:46", "100", "https://search.censys.io/hosts/35.178.201.56", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 04:02:46", "1571141", "13.247.120.203:2087", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:47", "100", "https://search.censys.io/hosts/13.247.120.203", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 04:02:36", "1571138", "94.154.35.183:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 20:13:27", "90", "None", "latrodectus", "0", "Rony"
"2025-08-19 04:01:22", "1571137", "161.35.140.56:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.140.56", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:21", "1571134", "152.203.19.154:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/152.203.19.154", "AS3816,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:21", "1571135", "20.0.202.73:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.0.202.73", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:21", "1571136", "8.210.4.119:8090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/8.210.4.119", "AS45102,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:20", "1571132", "18.196.182.162:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.196.182.162", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:20", "1571133", "18.196.182.162:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.196.182.162", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:19", "1571131", "223.245.8.144:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/223.245.8.144", "AS4134,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:17", "1571130", "4.224.113.146:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/4.224.113.146", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:10", "1571129", "47.93.51.60:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.93.51.60", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-08-19 04:01:09", "1571128", "8.152.2.86:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/8.152.2.86", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-08-19 04:01:04", "1571127", "62.60.245.136:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:02:57", "100", "https://search.censys.io/hosts/62.60.245.136", "AS211522,C2,censys,HYPERCORELTD,Unam", "0", "dyingbreeds_"
"2025-08-19 04:00:56", "1571126", "106.15.137.41:2", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/106.15.137.41", "AS37963,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:55", "1571125", "47.100.130.127:69", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.100.130.127", "AS37963,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:51", "1571124", "45.55.203.19:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "2025-08-19 04:02:49", "100", "https://search.censys.io/hosts/45.55.203.19", "AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "dyingbreeds_"
"2025-08-19 04:00:49", "1571123", "46.246.82.15:3000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:47:23", "100", "https://search.censys.io/hosts/46.246.82.15", "AS42708,C2,censys,RAT", "0", "dyingbreeds_"
"2025-08-19 04:00:46", "1571122", "135.181.41.9:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-20 00:43:52", "100", "https://search.censys.io/hosts/135.181.41.9", "AS24940,C2,censys,HETZNER-AS", "0", "dyingbreeds_"
"2025-08-19 04:00:31", "1571119", "195.177.94.100:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:39", "100", "https://search.censys.io/hosts/195.177.94.100", "AS214961,C2,censys,RAT,STELLARGROUPSAS", "0", "dyingbreeds_"
"2025-08-19 04:00:28", "1571118", "134.122.207.54:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:02:35", "100", "https://search.censys.io/hosts/134.122.207.54", "AS152194,C2,censys,Supershell", "0", "dyingbreeds_"
"2025-08-19 04:00:21", "1571117", "118.128.151.82:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:02:19", "75", "https://search.censys.io/hosts/118.128.151.82", "AS138195,C2,censys,RAT", "0", "dyingbreeds_"
"2025-08-19 04:00:20", "1571116", "112.196.218.9:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:02:19", "75", "https://search.censys.io/hosts/112.196.218.9", "AS138195,C2,censys,RAT", "0", "dyingbreeds_"
"2025-08-19 04:00:16", "1571115", "119.29.231.118:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:38", "100", "https://search.censys.io/hosts/119.29.231.118", "AS45090,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:15", "1571114", "34.87.104.27:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:22", "100", "https://search.censys.io/hosts/34.87.104.27", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM", "0", "dyingbreeds_"
"2025-08-19 04:00:13", "1571113", "148.135.102.75:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:02:04", "100", "https://search.censys.io/hosts/148.135.102.75", "AS35916,C2,censys,MULTA-ASN1", "0", "dyingbreeds_"
"2025-08-19 04:00:08", "1571112", "103.146.158.129:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:18", "100", "https://search.censys.io/hosts/103.146.158.129", "AS142403,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:07", "1571111", "8.155.16.146:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:02:04", "100", "https://search.censys.io/hosts/8.155.16.146", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-08-19 02:50:59", "1571101", "18.171.55.104:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:09", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 02:50:59", "1571102", "18.171.55.104:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:09", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 01:10:07", "1571094", "198.12.126.169:8787", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-08-19 01:10:07", "1571095", "107.172.132.35:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-08-19 00:40:04", "1571090", "155.94.155.240:6403", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:44:16", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-19 00:03:03", "1571087", "41.216.188.199:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:01:05", "100", "https://search.censys.io/hosts/41.216.188.199", "AS211138,C2,censys,panel,PRIVATEHOSTING-NET,Unam", "0", "DonPasci"
"2025-08-19 00:02:48", "1571085", "187.201.97.119:2455", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:48", "1571086", "187.201.97.119:2628", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571081", "187.201.97.119:1200", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571082", "187.201.97.119:1540", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571083", "187.201.97.119:1311", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571084", "187.201.97.119:2079", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:46", "1571078", "187.201.97.119:2456", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:46", "1571079", "187.201.97.119:591", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:46", "1571080", "187.201.97.119:808", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571074", "187.201.97.119:771", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571075", "187.201.97.119:2181", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571076", "187.201.97.119:2405", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571077", "187.201.97.119:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:44", "1571071", "178.221.72.11:2281", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:38", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:44", "1571072", "178.221.72.11:8013", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:38", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:44", "1571073", "178.221.72.11:17629", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:38", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:43", "1571068", "178.221.72.11:44409", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:43", "1571069", "178.221.72.11:23", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:43", "1571070", "178.221.72.11:222", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:42", "1571066", "178.221.72.11:18080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:42", "1571067", "178.221.72.11:29406", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:41", "1571065", "45.55.203.19:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-08-19 04:00:36", "100", "https://search.censys.io/hosts/45.55.203.19", "AS14061,C2,censys,DIGITALOCEAN-ASN,Hookbot", "0", "DonPasci"
"2025-08-19 00:02:40", "1571064", "102.117.173.45:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:43:07", "100", "https://search.censys.io/hosts/102.117.173.45", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci"
"2025-08-19 00:02:39", "1571063", "170.64.163.25:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:44:40", "100", "https://search.censys.io/hosts/170.64.163.25", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-08-19 00:02:33", "1571062", "38.12.25.253:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:00:28", "100", "https://search.censys.io/hosts/38.12.25.253", "AROSS-AS,AS400619,C2,censys,Supershell", "0", "DonPasci"
"2025-08-19 00:02:24", "1571061", "95.216.183.76:444", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.216.183.76", "AS24940,C2,censys,HETZNER-AS,Sliver", "0", "DonPasci"
"2025-08-19 00:02:23", "1571060", "85.192.40.185:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:48:23", "100", "https://search.censys.io/hosts/85.192.40.185", "AEZA-AS,AS210644,C2,censys,Sliver", "0", "DonPasci"
"2025-08-19 00:02:20", "1571059", "198.135.50.115:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:45:49", "100", "https://search.censys.io/hosts/198.135.50.115", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2025-08-19 00:02:19", "1571057", "172.111.137.67:2889", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:44:42", "100", "https://search.censys.io/hosts/172.111.137.67", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-08-19 00:02:19", "1571058", "94.154.35.190:63288", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:48:37", "100", "https://search.censys.io/hosts/94.154.35.190", "AS214943,C2,censys,RAILNET,RAT,Remcos", "0", "DonPasci"
"2025-08-19 00:02:16", "1571055", "112.196.218.3:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:00:20", "100", "https://search.censys.io/hosts/112.196.218.3", "AS138195,C2,censys,Gh0st,MOACKCOLTD-AS-AP,RAT", "0", "DonPasci"
"2025-08-19 00:02:16", "1571056", "45.204.211.26:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:00:19", "100", "https://search.censys.io/hosts/45.204.211.26", "AS62468,C2,censys,Gh0st,HKCLOUDX,RAT", "0", "DonPasci"
"2025-08-19 00:02:00", "1571054", "98.159.110.66:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:51:18", "100", "https://search.censys.io/hosts/98.159.110.66", "AS-GLOBALTELEHOST,AS63023,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 00:01:59", "1571053", "160.30.231.250:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:14", "100", "https://search.censys.io/hosts/160.30.231.250", "AS134765,C2,censys,CHINANET-YUNNAN-IDC1,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 23:05:18", "1571045", "45.204.214.131:6666", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-18 23:00:28", "1570822", "196.251.87.149:62520", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 20:48:53", "1570812", "95.214.208.42:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:48:40", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 20:46:49", "1570811", "34.193.94.14:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:41", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 20:46:39", "1570810", "27.128.208.206:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:32", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 20:45:45", "1570809", "195.177.94.188:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:45:39", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-08-18 20:45:34", "1570808", "188.48.83.169:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:45:28", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-18 20:05:19", "1570795", "104.234.25.103:1010", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 20:03:21", "1570794", "121.196.211.235:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/121.196.211.235", "ALIBABA-CN-NET,AS37963,C2,censys,RAT", "0", "DonPasci"
"2025-08-18 20:03:20", "1570793", "108.181.23.233:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/108.181.23.233", "AS40676,C2,censys,RAT", "0", "DonPasci"
"2025-08-18 20:03:06", "1570792", "109.123.239.148:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/109.123.239.148", "AS141995,C2,CAPL-AS-AP,censys,Gafgyt,open-dir", "0", "DonPasci"
"2025-08-18 20:03:00", "1570791", "160.30.21.27:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-08-19 04:01:02", "100", "https://search.censys.io/hosts/160.30.21.27", "AS150862,C2,censys,MAYTINHVPSTTT-VN,moobot", "0", "DonPasci"
"2025-08-18 20:02:59", "1570790", "160.30.21.42:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-08-19 04:01:03", "100", "https://search.censys.io/hosts/160.30.21.42", "AS150862,C2,censys,MAYTINHVPSTTT-VN,moobot", "0", "DonPasci"
"2025-08-18 20:02:51", "1570789", "20.199.67.52:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:45:54", "100", "https://search.censys.io/hosts/20.199.67.52", "AS8075,C2,censys,Covenant,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-08-18 20:02:48", "1570788", "15.168.3.125:10261", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:11", "100", "https://search.censys.io/hosts/15.168.3.125", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 20:02:47", "1570787", "78.12.193.1:20058", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:48:06", "100", "https://search.censys.io/hosts/78.12.193.1", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 20:02:46", "1570786", "124.156.225.126:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:43:40", "100", "https://search.censys.io/hosts/124.156.225.126", "AS132203,C2,censys,DcRAT,RAT,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-08-18 20:02:44", "1570785", "188.226.169.207:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-20 00:45:27", "100", "https://search.censys.io/hosts/188.226.169.207", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-08-18 20:02:42", "1570783", "187.201.97.119:1024", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:41", "1570780", "187.201.97.119:1913", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:41", "1570781", "187.201.97.119:1963", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:41", "1570782", "187.201.97.119:554", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:44", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:40", "1570779", "187.201.97.119:1194", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:29", "1570778", "77.110.106.206:9999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/77.110.106.206", "AEZA-AS,AS210644,C2,censys,payload,Sliver", "0", "DonPasci"
"2025-08-18 20:02:01", "1570777", "154.201.84.67:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:57", "100", "https://search.censys.io/hosts/154.201.84.67", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-18 20:02:00", "1570776", "18.171.150.254:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:08", "100", "https://search.censys.io/hosts/18.171.150.254", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 20:01:59", "1570774", "58.181.246.7:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:51:01", "100", "https://search.censys.io/hosts/58.181.246.7", "AS7693,C2,censys,CobaltStrike,COMNET-TH,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 20:01:59", "1570775", "116.203.31.207:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:31", "100", "https://search.censys.io/hosts/116.203.31.207", "AS24940,C2,censys,CobaltStrike,cs-watermark-987654321,HETZNER-AS", "0", "DonPasci"
"2025-08-18 20:01:57", "1570773", "94.154.35.196:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 20:13:28", "90", "None", "latrodectus", "0", "Rony"
"2025-08-18 18:03:24", "1570766", "154.91.84.130:7000", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250818-p9sy1atly7", "AS399077,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-08-18 18:02:57", "1570763", "34.226.189.142:48733", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://tria.ge/250818-qjc1jagn2x", "AS14618,C2,RedLine,RedlineStealer,stealer,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570757", "88.150.6.17:2374", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q71rhatqx9", "AS43341,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570758", "100.42.20.0:2374", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q71rhatqx9", "AS46841,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570759", "1.0.1.0:2374", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q71rhatqx9", "C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570760", "88.150.6.17:666", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q3vppagr5y", "AS43341,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570761", "88.150.6.17:6666", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q3vppagr5y", "AS43341,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:14", "1570754", "103.116.52.102:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250818-rwekkahl3v", "AS150895,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:14", "1570755", "103.116.52.102:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-19 04:00:48", "100", "https://tria.ge/250818-rwekkahl3v", "AS150895,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-08-18 16:02:54", "1570747", "194.180.158.22:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:45:37", "100", "https://search.censys.io/hosts/194.180.158.22", "AS39798,censys,EvilGoPhish,MIVOCLOUD,panel,Phishing", "0", "DonPasci"
"2025-08-18 16:02:40", "1570744", "16.63.35.98:44818", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.35.98", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 16:02:40", "1570745", "43.198.222.90:27017", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:02", "100", "https://search.censys.io/hosts/43.198.222.90", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 16:02:40", "1570746", "43.207.199.12:5900", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:04", "100", "https://search.censys.io/hosts/43.207.199.12", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 16:02:30", "1570743", "185.208.159.71:3001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:19", "100", "https://search.censys.io/hosts/185.208.159.71", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-08-18 16:02:28", "1570742", "118.195.183.125:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:00:27", "100", "https://search.censys.io/hosts/118.195.183.125", "AS45090,C2,censys,Supershell,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-18 16:02:19", "1570741", "195.177.94.188:4444", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:45:40", "100", "https://search.censys.io/hosts/195.177.94.188", "AS214961,C2,censys,Sliver,STELLARGROUPSAS", "0", "DonPasci"
"2025-08-18 16:02:16", "1570740", "216.9.224.52:2080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:22", "100", "https://search.censys.io/hosts/216.9.224.52", "AS44382,C2,censys,RAT,Remcos,WHITELABEL", "0", "DonPasci"
"2025-08-18 16:01:58", "1570739", "98.159.110.65:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:51:18", "100", "https://search.censys.io/hosts/98.159.110.65", "AS-GLOBALTELEHOST,AS63023,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 15:35:20", "1570734", "5.83.218.183:4670", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-08-18 15:35:17", "1570733", "5.83.218.183:4470", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-08-18 15:05:10", "1570732", "154.194.35.243:7826", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-08-18 14:10:23", "1570731", "45.204.213.211:8", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 14:00:05", "1570730", "46.161.27.145:80", "ip:port", "botnet_cc", "win.treasurehunter", "huntpos", "TreasureHunter", "2025-08-20 01:24:02", "50", "https://tracker.viriback.com/index.php?q=46.161.27.145", "TreasureHunter,ViriBack", "0", "abuse_ch"
"2025-08-18 12:30:30", "1570727", "49.228.131.165:2429", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-18 12:02:43", "1570723", "13.247.180.242:56324", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.247.180.242", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:43", "1570724", "40.192.2.32:4567", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:57", "100", "https://search.censys.io/hosts/40.192.2.32", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:43", "1570725", "13.40.3.205:34210", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:49", "100", "https://search.censys.io/hosts/13.40.3.205", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:42", "1570720", "43.207.199.12:10000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:04", "100", "https://search.censys.io/hosts/43.207.199.12", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:42", "1570721", "43.207.199.12:52200", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:04", "100", "https://search.censys.io/hosts/43.207.199.12", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:42", "1570722", "35.180.8.137:427", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:47", "100", "https://search.censys.io/hosts/35.180.8.137", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:36", "1570718", "155.94.155.240:4000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:37", "100", "https://search.censys.io/hosts/155.94.155.240", "AS214943,C2,censys,Quasar,RAILNET,RAT", "0", "DonPasci"
"2025-08-18 12:02:35", "1570717", "104.248.144.119:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:43:16", "100", "https://search.censys.io/hosts/104.248.144.119", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-08-18 12:02:30", "1570716", "3.149.190.172:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:46:34", "100", "https://search.censys.io/hosts/3.149.190.172", "AMAZON-02,AS16509,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-08-18 12:02:29", "1570715", "191.96.207.101:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:30", "100", "https://search.censys.io/hosts/191.96.207.101", "AS199654,AsyncRAT,C2,censys,OXIDE-GROUP-LIMITED,RAT", "0", "DonPasci"
"2025-08-18 12:02:28", "1570714", "195.35.20.235:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:00:28", "100", "https://search.censys.io/hosts/195.35.20.235", "AS-HOSTINGER,AS47583,C2,censys,Supershell", "0", "DonPasci"
"2025-08-18 12:02:20", "1570713", "139.84.214.159:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/139.84.214.159", "AS-VULTR,AS20473,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-08-18 12:02:19", "1570711", "118.178.194.57:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:43:34", "100", "https://search.censys.io/hosts/118.178.194.57", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci"
"2025-08-18 12:02:19", "1570712", "185.208.156.201:8989", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-ke7rfs1ps5", "AS42624,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 12:01:58", "1570707", "18.171.150.254:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:08", "100", "https://search.censys.io/hosts/18.171.150.254", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 12:01:58", "1570708", "47.102.21.22:10001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:45", "100", "https://search.censys.io/hosts/47.102.21.22", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 12:01:57", "1570706", "43.134.189.185:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:15", "100", "https://search.censys.io/hosts/43.134.189.185", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-08-18 11:55:21", "1570705", "103.176.197.6:53", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 10:10:36", "1570661", "147.185.221.30:65365", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-18 09:15:33", "1570660", "146.70.143.132:7705", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 08:49:04", "1570659", "54.248.115.247:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:47:46", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 08:47:12", "1570658", "217.165.152.225:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:46:22", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-18 08:46:47", "1570657", "202.10.47.169:9000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-19 19:46:30", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-08-18 08:30:34", "1570656", "8.149.137.211:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 08:20:18", "1570655", "196.251.92.69:28288", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-08-18 08:02:36", "1570652", "51.84.175.155:20277", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:40", "100", "https://search.censys.io/hosts/51.84.175.155", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:36", "1570653", "18.171.204.198:1244", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:58", "100", "https://search.censys.io/hosts/18.171.204.198", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:36", "1570654", "16.63.157.158:3128", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.157.158", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:35", "1570651", "3.28.136.187:2281", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:36", "100", "https://search.censys.io/hosts/3.28.136.187", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:25", "1570650", "134.122.207.55:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 07:00:04", "100", "https://search.censys.io/hosts/134.122.207.55", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Supershell", "0", "DonPasci"
"2025-08-18 08:02:13", "1570649", "176.46.158.66:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:44:52", "100", "https://search.censys.io/hosts/176.46.158.66", "AS208317,C2,censys,RAT,Remcos,SF-DIGITALSERVICES", "0", "DonPasci"
"2025-08-18 08:01:58", "1570648", "156.238.243.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:59", "100", "https://search.censys.io/hosts/156.238.243.63", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-18 08:01:57", "1570647", "202.182.127.147:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:10", "100", "https://search.censys.io/hosts/202.182.127.147", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-08-18 08:01:56", "1570646", "45.93.138.140:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:11", "100", "https://search.censys.io/hosts/45.93.138.140", "AS-HOSTINGER,AS47583,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 07:20:14", "1570645", "196.251.114.106:5085", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-08-18 06:55:12", "1570642", "8.137.13.182:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2025-08-18 06:55:11", "1570640", "8.148.153.196:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-08-18 06:55:11", "1570641", "1.94.112.86:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:09", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-08-18 06:54:33", "1570639", "198.98.57.26:4434", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-18 06:05:06", "1570638", "80.253.246.79:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-18 06:02:37", "1570636", "51.21.167.88:11913", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-dfry3abq71", "AS16509,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 06:02:09", "1570632", "46.247.108.46:5888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:47:24", "100", "https://tria.ge/250818-d4tgssck31", "AS58087,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-18 06:02:02", "1570629", "174.138.185.97:25144", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250818-cnllksbm5x", "AS19318,C2,triage,xworm", "0", "DonPasci"
"2025-08-18 05:20:45", "1570627", "160.25.72.95:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:44:26", "75", "https://bazaar.abuse.ch/sample/caef8879c0d342104b19377c5854b3b500d1c66f46ba1f0eea7dba6ab3562bf3/", "remcos", "0", "abuse_ch"
"2025-08-18 04:50:25", "1570625", "216.250.251.108:62520", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 04:15:35", "1570624", "154.23.184.28:8880", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 04:02:55", "1570621", "91.107.131.27:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/91.107.131.27", "AS24940,C2,censys,hacktool,HETZNER-AS,Mimikatz,open-dir", "0", "DonPasci"
"2025-08-18 04:02:35", "1570618", "108.137.69.124:59345", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:23", "100", "https://search.censys.io/hosts/108.137.69.124", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:35", "1570619", "16.63.157.158:45628", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.157.158", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:35", "1570620", "16.63.157.158:50478", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.157.158", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:34", "1570617", "18.171.204.198:31594", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:58", "100", "https://search.censys.io/hosts/18.171.204.198", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:12", "1570616", "206.123.152.38:33672", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:07", "100", "https://search.censys.io/hosts/206.123.152.38", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-08-18 04:01:08", "1570614", "168.231.85.187:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/168.231.85.187", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:08", "1570615", "51.254.117.114:6969", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.254.117.114", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:07", "1570611", "40.127.11.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/40.127.11.59", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:07", "1570612", "104.40.48.31:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.40.48.31", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:07", "1570613", "164.92.178.59:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.92.178.59", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:06", "1570609", "18.211.27.156:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.211.27.156", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:06", "1570610", "89.116.33.68:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/89.116.33.68", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:05", "1570607", "52.59.154.37:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.59.154.37", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:05", "1570608", "91.134.61.204:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/91.134.61.204", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:04", "1570606", "52.59.154.37:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.59.154.37", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:03", "1570604", "42.51.33.254:4300", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/42.51.33.254", "AS56005,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:03", "1570605", "185.252.146.196:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.252.146.196", "AS204997,censys,FIRSTBYTE-AS,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:02", "1570603", "191.253.20.150:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/191.253.20.150", "AS263526,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:01", "1570602", "54.253.42.246:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.253.42.246", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:00:43", "1570601", "140.112.72.144:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/140.112.72.144", "AS17716,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-08-18 04:00:32", "1570600", "103.90.72.175:2053", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-18 04:02:30", "100", "https://search.censys.io/hosts/103.90.72.175", "AS216154,C2,censys,CLODO,RAT", "0", "dyingbreeds_"
"2025-08-18 04:00:26", "1570599", "185.208.159.71:20000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:19", "100", "https://search.censys.io/hosts/185.208.159.71", "AS42624,C2,censys,RAT,SWISSNETWORK02", "0", "dyingbreeds_"
"2025-08-18 04:00:25", "1570598", "185.208.159.71:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:19", "100", "https://search.censys.io/hosts/185.208.159.71", "AS42624,C2,censys,RAT,SWISSNETWORK02", "0", "dyingbreeds_"
"2025-08-18 04:00:24", "1570597", "95.217.57.151:102", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,C2,censys,HETZNER-AS,RAT", "0", "dyingbreeds_"
"2025-08-18 04:00:11", "1570595", "43.160.245.171:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:37", "100", "https://search.censys.io/hosts/43.160.245.171", "AS132203,C2,censys", "0", "dyingbreeds_"
"2025-08-18 04:00:10", "1570594", "192.238.128.167:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:14", "100", "https://search.censys.io/hosts/192.238.128.167", "AS138995,C2,censys", "0", "dyingbreeds_"
"2025-08-18 02:50:18", "1570590", "185.141.24.28:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:11", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
# Number of entries: 332