################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2025-12-05 02:48:39 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-12-05 02:48:39", "1667875", "116.230.254.66:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-12-05 02:45:17", "1667872", "23.132.164.55:5763", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch" "2025-12-05 00:17:29", "1667853", "194.26.192.195:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-05 00:17:28", "1667852", "45.138.16.81:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-05 00:03:18", "1667849", "93.113.180.31:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "https://search.censys.io/hosts/93.113.180.31", "AdaptixC2,AS215703,C2,censys,FREAKHOSTING", "0", "DonPasci" "2025-12-05 00:03:08", "1667848", "212.11.64.108:5555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/212.11.64.108", "Albiriox,Android,AS42624,censys,SWISSNETWORK02", "0", "DonPasci" "2025-12-05 00:02:45", "1667847", "134.122.200.237:65503", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/134.122.200.237", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,DcRAT,RAT", "0", "DonPasci" "2025-12-05 00:02:28", "1667846", "162.243.28.13:5010", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/162.243.28.13", "AS14061,AsyncRAT,C2,censys,DIGITALOCEAN-ASN,RAT", "0", "DonPasci" "2025-12-05 00:01:42", "1667845", "176.117.107.18:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/176.117.107.18", "AS208191,C2,censys,GOHOST,RAT,Remcos", "0", "DonPasci" "2025-12-04 23:47:24", "1667841", "83.97.20.154:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-12-05 01:48:33", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-04 23:40:14", "1667840", "191.101.51.135:7705", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch" "2025-12-04 21:10:26", "1667792", "178.250.188.214:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/29615df272e5a8c6a57803cc6fa08061975c2382625462570fab88d78bf5be24/", "xworm", "0", "abuse_ch" "2025-12-04 21:05:09", "1667789", "193.37.69.43:96", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch" "2025-12-04 20:57:44", "1667787", "151.243.113.71:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://bazaar.abuse.ch/sample/c6a83d4a310f3dbeaef1f73bfcbfc96d37856f2dbd32bbd1aa994ff7af15113c/", "None", "0", "abuse_ch" "2025-12-04 20:45:07", "1667783", "69.164.241.252:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "None", "NetSupport", "0", "abuse_ch" "2025-12-04 20:38:40", "1667782", "85.208.84.110:56001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://bazaar.abuse.ch/sample/0b1ecb1d5505123ee64955f4cca064997b0139a31a8bf199097c7ab3d61d6a91/", "None", "0", "abuse_ch" "2025-12-04 20:10:15", "1667776", "188.127.224.49:1998", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch" "2025-12-04 20:03:44", "1667774", "51.195.115.244:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-12-04 23:02:15", "100", "https://search.censys.io/hosts/51.195.115.244", "AS16276,BianLian,C2,censys,OVH", "0", "DonPasci" "2025-12-04 20:03:33", "1667773", "94.237.121.155:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/94.237.121.155", "AS202053,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUD", "0", "DonPasci" "2025-12-04 20:03:29", "1667772", "23.132.164.41:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/23.132.164.41", "AS60223,C2,censys,Gafgyt,NETIFACE-AS,open-dir", "0", "DonPasci" "2025-12-04 20:02:38", "1667771", "136.115.26.211:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-04 23:00:36", "100", "https://search.censys.io/hosts/136.115.26.211", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Havoc", "0", "DonPasci" "2025-12-04 20:02:35", "1667770", "5.129.251.54:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-12-04 23:00:32", "100", "https://search.censys.io/hosts/5.129.251.54", "AS9123,C2,censys,Hookbot,TIMEWEB-AS", "0", "DonPasci" "2025-12-04 20:02:15", "1667768", "62.84.188.193:8201", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/62.84.188.193", "AS51167,C2,censys,CONTABO,RAT,Remcos", "0", "DonPasci" "2025-12-04 20:02:15", "1667769", "108.174.56.170:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/108.174.56.170", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-12-04 20:01:57", "1667767", "91.92.242.29:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-12-04 20:01:58", "90", "None", "latrodectus", "0", "Rony" "2025-12-04 20:01:56", "1667766", "173.44.141.136:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 23:00:13", "100", "https://search.censys.io/hosts/173.44.141.136", "AS62904,C2,censys,CobaltStrike", "0", "DonPasci" "2025-12-04 20:01:20", "1667765", "103.235.73.228:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:25", "100", "https://search.censys.io/hosts/103.235.73.228", "ARGONDATANETWORK-AS-AP,AS135360,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci" "2025-12-04 20:01:18", "1667763", "8.148.24.82:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 23:00:12", "100", "https://search.censys.io/hosts/8.148.24.82", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-04 20:01:18", "1667764", "47.115.175.62:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:38", "100", "https://search.censys.io/hosts/47.115.175.62", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-04 19:05:08", "1667754", "192.71.211.249:4252", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-12-04 18:48:50", "1667745", "95.214.55.246:2305", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:47:57", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-12-04 18:48:30", "1667744", "85.133.214.108:9031", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:47:40", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:46:13", "1667742", "195.201.9.229:10022", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:45:42", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:45:35", "1667741", "185.123.102.239:33315", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-12-05 02:45:13", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch" "2025-12-04 18:43:20", "1667740", "104.140.154.31:30049", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:20", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:43:17", "1667739", "104.140.154.206:30069", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:18", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:43:16", "1667737", "104.140.154.177:30073", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:16", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:43:16", "1667738", "104.140.154.180:30065", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:17", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:43:14", "1667735", "104.140.154.140:30085", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:15", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:43:14", "1667736", "104.140.154.141:30079", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:15", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:43:13", "1667734", "104.140.154.115:30170", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:43:14", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 18:01:35", "1667724", "45.145.225.236:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/251204-tgyq1aar9x", "AS44486,asyncrat,C2,rat,triage", "0", "DonPasci" "2025-12-04 18:01:22", "1667722", "194.9.6.97:8080", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/251204-whwn5svpfj", "AS58212,C2,triage,xworm", "0", "DonPasci" "2025-12-04 16:03:49", "1667709", "91.99.166.113:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:47:51", "100", "https://search.censys.io/hosts/91.99.166.113", "AS24940,censys,EvilGoPhish,HETZNER-AS,panel,Phishing", "0", "DonPasci" "2025-12-04 16:02:15", "1667708", "54.252.59.77:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:47:12", "100", "https://search.censys.io/hosts/54.252.59.77", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci" "2025-12-04 16:02:14", "1667707", "84.201.25.12:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:47:39", "100", "https://search.censys.io/hosts/84.201.25.12", "AS214036,C2,censys,Sliver,ULTAHOST-AS", "0", "DonPasci" "2025-12-04 16:02:10", "1667706", "84.32.5.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:47:40", "100", "https://search.censys.io/hosts/84.32.5.105", "AS62164,C2,censys,HEYMMAN-2,RAT,Remcos", "0", "DonPasci" "2025-12-04 16:02:09", "1667705", "103.83.87.23:24047", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:43:13", "100", "https://search.censys.io/hosts/103.83.87.23", "AS44382,C2,censys,RAT,Remcos,WHITELABEL", "0", "DonPasci" "2025-12-04 16:01:55", "1667704", "81.70.186.19:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:54", "100", "https://search.censys.io/hosts/81.70.186.19", "AS45090,C2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci" "2025-12-04 16:01:51", "1667703", "45.64.52.174:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 23:00:15", "100", "https://search.censys.io/hosts/45.64.52.174", "AS152194,C2,censys,CobaltStrike,cs-watermark-426352781,CTGSERVERLIMITED-AS-AP", "0", "DonPasci" "2025-12-04 16:01:17", "1667702", "179.43.182.27:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:11", "100", "https://search.censys.io/hosts/179.43.182.27", "AS51852,C2,censys,CobaltStrike,cs-watermark-987654321,PLI-AS", "0", "DonPasci" "2025-12-04 15:14:21", "1667690", "80.94.92.103:55555", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "None", "mirai", "0", "seckle" "2025-12-04 15:10:13", "1667691", "45.119.98.147:1688", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-12-04 14:34:19", "1667683", "185.207.136.217:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-04 14:34:18", "1667682", "185.207.136.222:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-04 14:34:17", "1667681", "185.207.136.220:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-04 14:34:15", "1667680", "185.207.136.221:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-04 14:34:14", "1667679", "185.207.136.216:8443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b/", "Mirai", "0", "abuse_ch" "2025-12-04 14:25:37", "1667677", "46.62.240.214:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-04 13:20:17", "1667660", "87.120.93.222:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "None", "NetSupport", "0", "abuse_ch" "2025-12-04 13:05:29", "1667657", "43.156.74.19:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:32", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-12-04 13:00:43", "1667656", "109.173.161.202:4444", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-12-05 02:48:33", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-12-04 12:05:09", "1667647", "186.26.107.31:7771", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://tria.ge/251204-g5e8caby8d", "android,AS270939,C2,spynote,triage", "0", "DonPasci" "2025-12-04 12:02:05", "1667646", "185.157.162.16:57441", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:45:14", "100", "https://search.censys.io/hosts/185.157.162.16", "AS42675,C2,censys,OBEHOSTING,RAT,Remcos", "0", "DonPasci" "2025-12-04 12:01:41", "1667645", "83.229.122.234:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 23:00:11", "100", "https://search.censys.io/hosts/83.229.122.234", "AS139659,C2,censys,CobaltStrike,cs-watermark-666666666,LUCID-AS-AP", "0", "DonPasci" "2025-12-04 12:01:39", "1667644", "121.199.168.99:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:46", "100", "https://search.censys.io/hosts/121.199.168.99", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-12-04 11:20:19", "1667631", "134.122.128.202:4567", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-12-04 11:15:34", "1667629", "198.23.177.212:49587", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/ee6185134ac3070a52a5f5dff8091fdd7eb2002a7e0246cedb34192cd36fc63d/", "xworm", "0", "abuse_ch" "2025-12-04 11:02:41", "1667627", "74.225.248.130:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/74.225.248.130", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:40", "1667626", "132.232.190.24:4433", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/132.232.190.24", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:39", "1667625", "162.220.13.10:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/162.220.13.10", "AS26666,censys,GoPhish,INTERSERVER-LAX,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:37", "1667624", "65.0.219.47:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/65.0.219.47", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:35", "1667623", "178.16.52.30:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/178.16.52.30", "AS214943,censys,GoPhish,Phishing,RAILNET", "0", "dyingbreeds_" "2025-12-04 11:02:34", "1667622", "206.84.36.102:81", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/206.84.36.102", "AS265175,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:32", "1667621", "217.76.57.31:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/217.76.57.31", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:31", "1667620", "13.232.24.152:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.232.24.152", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 11:02:29", "1667619", "156.67.219.156:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/156.67.219.156", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 11:01:33", "1667618", "191.8.228.50:7000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-12-04 12:02:36", "100", "https://search.censys.io/hosts/191.8.228.50", "AS26599,C2,censys,RAT", "0", "dyingbreeds_" "2025-12-04 11:01:27", "1667617", "185.72.199.74:1717", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-04 12:02:32", "100", "https://search.censys.io/hosts/185.72.199.74", "AS50599,C2,censys,RAT", "0", "dyingbreeds_" "2025-12-04 11:00:53", "1667616", "46.224.76.2:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:46:54", "100", "https://search.censys.io/hosts/46.224.76.2", "AS24940,C2,censys,HETZNER-AS,Mythic", "0", "dyingbreeds_" "2025-12-04 11:00:52", "1667615", "208.85.19.188:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:46:01", "100", "https://search.censys.io/hosts/208.85.19.188", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "dyingbreeds_" "2025-12-04 11:00:36", "1667614", "23.235.188.168:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:35", "100", "https://search.censys.io/hosts/23.235.188.168", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:33", "1667613", "103.48.135.218:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:34", "100", "https://search.censys.io/hosts/103.48.135.218", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:30", "1667612", "198.12.121.168:7878", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:16", "100", "https://search.censys.io/hosts/198.12.121.168", "AS-COLOCROSSING,AS36352,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:29", "1667611", "23.235.174.18:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:30", "100", "https://search.censys.io/hosts/23.235.174.18", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:28", "1667610", "23.235.188.189:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:29", "100", "https://search.censys.io/hosts/23.235.188.189", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:27", "1667609", "156.234.152.168:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:33", "100", "https://search.censys.io/hosts/156.234.152.168", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:25", "1667607", "23.235.163.196:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:24", "100", "https://search.censys.io/hosts/23.235.163.196", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:25", "1667608", "23.235.163.212:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:22", "100", "https://search.censys.io/hosts/23.235.163.212", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:24", "1667606", "156.234.209.112:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:28", "100", "https://search.censys.io/hosts/156.234.209.112", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:22", "1667605", "103.184.47.49:888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:32", "100", "https://search.censys.io/hosts/103.184.47.49", "AS146817,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:20", "1667604", "23.235.163.215:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:26", "100", "https://search.censys.io/hosts/23.235.163.215", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:14", "1667603", "103.48.135.197:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:20", "100", "https://search.censys.io/hosts/103.48.135.197", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 11:00:12", "1667602", "103.41.6.40:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:18", "100", "https://search.censys.io/hosts/103.41.6.40", "AS138415,C2,censys", "0", "dyingbreeds_" "2025-12-04 09:04:10", "1667581", "59.13.206.72:9100", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:47:14", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-04 09:03:14", "1667580", "49.232.6.238:8443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-12-05 02:46:59", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-12-04 08:54:26", "1667576", "192.177.26.121:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:45:31", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-04 08:52:38", "1667575", "173.254.215.95:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:44:55", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-04 08:51:21", "1667574", "185.208.156.239:5555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://urlhaus.abuse.ch/url/3724913/", "APK", "0", "abuse_ch" "2025-12-04 08:46:28", "1667572", "128.199.245.52:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:43:49", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-04 08:22:03", "1667562", "78.47.232.226:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-04 08:22:03", "1667563", "185.207.139.114:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-04 08:22:02", "1667560", "69.5.189.154:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-04 08:22:02", "1667561", "23.88.62.111:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-04 08:14:30", "1667540", "159.75.236.93:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-12-04 08:14:24", "1667539", "158.160.193.205:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-12-04 08:12:27", "1667533", "116.230.254.66:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 12:01:42", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-12-04 08:12:18", "1667532", "47.239.145.155:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2025-12-04 08:11:48", "1667531", "43.251.225.85:800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-12-04 08:07:41", "1667529", "37.221.93.5:666", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/46c4b7833b6b70391c2d8dd1b9dddb9a650569c7af6ff926cf692600c5f0566f/", "Gafgyt", "0", "abuse_ch" "2025-12-04 08:03:24", "1667528", "196.75.236.254:2222", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/196.75.236.254", "AS36903,C2,censys,hacktool,MetaSploit,Meterpreter,MT-MPLS", "0", "DonPasci" "2025-12-04 08:03:23", "1667527", "199.101.109.155:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/199.101.109.155", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:22", "1667526", "103.177.47.142:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.142", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:21", "1667525", "3.95.233.161:32830", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/3.95.233.161", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:20", "1667524", "103.177.47.101:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.101", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:19", "1667523", "103.177.46.122:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.46.122", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:18", "1667522", "119.28.152.138:6000", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/119.28.152.138", "AS132203,C2,censys,hacktool,MetaSploit,Meterpreter,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-12-04 08:03:17", "1667521", "103.177.47.106:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.106", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:16", "1667520", "103.177.47.134:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.134", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:15", "1667519", "103.177.47.102:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.102", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 08:03:05", "1667518", "80.94.92.103:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/80.94.92.103", "AS47890,C2,censys,Gafgyt,open-dir,UNMANAGED-DEDICATED-SERVERS", "0", "DonPasci" "2025-12-04 08:02:42", "1667517", "170.0.219.68:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-12-04 11:00:55", "100", "https://search.censys.io/hosts/170.0.219.68", "AS265141,C2,censys,Hookbot,RBT", "0", "DonPasci" "2025-12-04 08:02:20", "1667516", "89.117.21.2:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:47:44", "100", "https://search.censys.io/hosts/89.117.21.2", "AS40021,C2,censys,CONTABO-40021,RAT,Remcos", "0", "DonPasci" "2025-12-04 08:02:14", "1667515", "118.128.151.41:8080", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-12-04 11:00:38", "100", "https://search.censys.io/hosts/118.128.151.41", "AS138195,C2,censys,Gh0st,MOACKCOLTD-AS-AP,RAT", "0", "DonPasci" "2025-12-04 08:01:32", "1667514", "156.238.229.180:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:27", "100", "https://search.censys.io/hosts/156.238.229.180", "AS8796,C2,censys,CobaltStrike,cs-watermark-6,FD-298-8796", "0", "DonPasci" "2025-12-04 08:01:29", "1667513", "101.43.226.227:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:24", "100", "https://search.censys.io/hosts/101.43.226.227", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci" "2025-12-04 08:01:26", "1667512", "23.235.188.182:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:32", "100", "https://search.censys.io/hosts/23.235.188.182", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2025-12-04 08:01:24", "1667511", "23.235.174.24:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:31", "100", "https://search.censys.io/hosts/23.235.174.24", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2025-12-04 08:01:23", "1667510", "23.226.59.228:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:16", "100", "https://search.censys.io/hosts/23.226.59.228", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2025-12-04 08:01:21", "1667509", "103.48.135.207:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:21", "100", "https://search.censys.io/hosts/103.48.135.207", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2025-12-04 08:01:20", "1667508", "23.235.163.208:6003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:23", "100", "https://search.censys.io/hosts/23.235.163.208", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2025-12-04 08:01:18", "1667507", "111.228.26.26:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:21", "100", "https://search.censys.io/hosts/111.228.26.26", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-04 08:01:16", "1667506", "39.105.7.149:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:27", "100", "https://search.censys.io/hosts/39.105.7.149", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-04 07:48:52", "1667502", "143.20.37.113:1302", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/4ce8e52bc027e61ed898a967a35ccc826c52d9d5021cabaf8c6001d6558a0bb1/", "Mirai", "0", "abuse_ch" "2025-12-04 07:39:37", "1667499", "169.40.135.30:550", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/0c2fc7a67744d1f8f7c1e65c74d33eca19ee18aba95ca6f60d66d967ffd2c738/", "Mirai", "0", "abuse_ch" "2025-12-04 07:33:52", "1667497", "151.244.72.224:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/485600a97866207f946d6552fc71bdd876d7466ebe3f7c832c52399f538bcd2a/", "Gafgyt", "0", "abuse_ch" "2025-12-04 06:55:09", "1667492", "172.245.93.109:9990", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-12-04 06:45:46", "1667488", "140.233.190.96:69", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/9f64ea43d9ba0bed705b94251dfbcdc596fc594df8c0d94c512e4573c55b30e5/", "Mirai", "0", "abuse_ch" "2025-12-04 06:37:15", "1667487", "195.24.237.46:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://bazaar.abuse.ch/sample/21ac5563cde511f024577ec38b888745db32793e8b7f54228d2c3cce67d0502c/", "CoinMiner", "0", "abuse_ch" "2025-12-04 06:29:50", "1667483", "87.121.84.155:9772", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/dce4f4bd10ff192033fb20e9b2443a3965bdcd456ff0c1048e371151ad9ba4d1/", "Mirai", "0", "abuse_ch" "2025-12-04 06:12:35", "1667480", "198.46.221.26:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://bazaar.abuse.ch/sample/8f20209a07c8fadfbdda7d28786abdf0fedb7bb83b104e2ea458ffda0840c1ac/", "Supershell", "0", "abuse_ch" "2025-12-04 06:10:03", "1667160", "144.172.107.116:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:44:07", "100", "https://search.censys.io/hosts/144.172.107.116", "AS14956,C2,censys,ROUTERHOSTING", "0", "dyingbreeds_" "2025-12-04 06:10:03", "1667161", "187.116.67.182:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:45:25", "100", "https://search.censys.io/hosts/187.116.67.182", "AS27699,C2,censys", "0", "dyingbreeds_" "2025-12-04 06:10:03", "1667162", "8.140.250.105:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/8.140.250.105", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 06:10:02", "1667163", "57.128.225.231:7777", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/57.128.225.231", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-12-04 06:10:01", "1667164", "3.79.30.144:8001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.79.30.144", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 06:10:01", "1667165", "188.245.186.17:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/188.245.186.17", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-12-04 06:10:00", "1667166", "206.189.148.30:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/206.189.148.30", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 06:10:00", "1667167", "74.162.44.116:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/74.162.44.116", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-12-04 06:09:59", "1667168", "3.224.46.25:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.224.46.25", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-04 06:09:59", "1667169", "85.193.88.41:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/85.193.88.41", "AS9123,censys,GoPhish,Phishing,TIMEWEB-AS", "0", "dyingbreeds_" "2025-12-04 06:09:58", "1667159", "45.74.9.54:81", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:46:50", "100", "https://search.censys.io/hosts/45.74.9.54", "AS212238,C2,CDNEXT,censys,RAT", "0", "dyingbreeds_" "2025-12-04 06:09:56", "1667156", "114.132.90.105:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:37", "100", "https://search.censys.io/hosts/114.132.90.105", "AS45090,C2,censys", "0", "dyingbreeds_" "2025-12-04 06:09:54", "1667143", "95.217.39.238:80", "ip:port", "payload_delivery", "win.stealc", "None", "Stealc", "", "90", "https://analytics.dugganusa.com/api/v1/stix-feed", "dropper,dugganusa,pattern-38,stealc", "0", "duggusa" "2025-12-04 06:09:54", "1667144", "196.251.107.94:80", "ip:port", "payload_delivery", "win.stealc", "None", "Stealc", "", "85", "https://analytics.dugganusa.com/api/v1/stix-feed", "build-server,dugganusa,pattern-38,stealc", "0", "duggusa" "2025-12-04 06:09:53", "1667142", "158.220.93.201:80", "ip:port", "payload_delivery", "win.stealc", "None", "Stealc", "", "90", "https://analytics.dugganusa.com/api/v1/stix-feed", "dropper,dugganusa,pattern-38,stealc", "0", "duggusa" "2025-12-04 06:09:51", "1667145", "107.167.83.34:80", "ip:port", "payload_delivery", "win.stealc", "None", "Stealc", "", "85", "https://analytics.dugganusa.com/api/v1/stix-feed", "bulletproof,dugganusa,pattern-38,stealc", "0", "duggusa" "2025-12-04 06:09:41", "1667463", "194.116.236.109:1024", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "None", "mirai", "0", "seckle" "2025-12-04 06:09:41", "1667479", "103.77.241.151:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "None", "mirai", "0", "seckle" "2025-12-04 06:08:50", "1667478", "212.192.28.2:25567", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/3d31d4c410ac9a896ec58d1dece1e980f126272723c9249f48c8fed7f3abca90/", "Mirai", "0", "abuse_ch" "2025-12-04 06:00:55", "1667473", "86.54.42.82:5467", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch" "2025-12-04 05:24:21", "1667468", "167.99.204.247:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-05 03:21:40", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-04 05:24:20", "1667467", "68.183.172.217:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-05 03:21:40", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-04 05:24:19", "1667466", "104.248.92.224:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-05 03:21:39", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-04 05:24:18", "1667465", "167.99.48.121:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-05 03:21:39", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-04 04:04:30", "1667455", "168.245.201.111:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/168.245.201.111", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 04:04:29", "1667454", "168.245.200.204:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/168.245.200.204", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 04:04:28", "1667452", "103.177.47.11:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.11", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 04:04:28", "1667453", "168.245.201.109:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/168.245.201.109", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-04 04:02:59", "1667451", "72.61.210.186:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:47:25", "100", "https://search.censys.io/hosts/72.61.210.186", "AS-HOSTINGER,AS47583,C2,censys,Havoc", "0", "DonPasci" "2025-12-04 04:02:50", "1667449", "51.68.213.83:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:47:06", "100", "https://search.censys.io/hosts/51.68.213.83", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci" "2025-12-04 04:01:36", "1667448", "172.111.139.160:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:44:46", "100", "https://search.censys.io/hosts/172.111.139.160", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci" "2025-12-04 04:01:33", "1667447", "78.187.29.22:90", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-12-04 11:00:40", "100", "https://search.censys.io/hosts/78.187.29.22", "AS9121,C2,censys,DarkComet,RAT,TTNET", "0", "DonPasci" "2025-12-04 04:01:18", "1667446", "114.132.90.105:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:26", "100", "https://search.censys.io/hosts/114.132.90.105", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci" "2025-12-04 04:01:17", "1667445", "43.163.0.162:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 11:00:19", "100", "https://search.censys.io/hosts/43.163.0.162", "AS132203,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-12-04 04:01:14", "1667444", "123.56.226.71:55552", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:49", "100", "https://search.censys.io/hosts/123.56.226.71", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-04 03:45:07", "1667439", "192.227.217.229:17229", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 00:02:28", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-12-04 00:55:26", "1667190", "104.250.161.176:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/72303dc0e874c30864de3a18978aeb36fd175c6d9f071abcb309ea5774cd58f9/", "xworm", "0", "abuse_ch" "2025-12-04 00:03:19", "1667182", "216.238.89.173:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "https://search.censys.io/hosts/216.238.89.173", "AdaptixC2,AS-VULTR,AS20473,C2,censys", "0", "DonPasci" "2025-12-04 00:03:12", "1667181", "156.226.175.32:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/156.226.175.32", "AS58212,C2,censys,DATAFOREST,Gafgyt,open-dir", "0", "DonPasci" "2025-12-04 00:02:56", "1667180", "213.209.157.78:1911", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://search.censys.io/hosts/213.209.157.78", "AS214940,C2,censys,KPRONET,redline,stealer", "0", "DonPasci" "2025-12-04 00:02:48", "1667179", "65.2.170.10:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:47:20", "100", "https://search.censys.io/hosts/65.2.170.10", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-12-04 00:02:10", "1667178", "185.177.239.226:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:45:16", "100", "https://search.censys.io/hosts/185.177.239.226", "AS215826,C2,censys,Mythic,PARTNER-HOSTING-LTD", "0", "DonPasci" "2025-12-04 00:02:04", "1667177", "45.74.9.54:102", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:46:50", "100", "https://search.censys.io/hosts/45.74.9.54", "AS212238,AsyncRAT,C2,CDNEXT,censys,RAT", "0", "DonPasci" "2025-12-04 00:01:59", "1667176", "125.44.157.208:5873", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-04 11:00:46", "100", "https://search.censys.io/hosts/125.44.157.208", "AS4837,C2,censys,CHINA169-BACKBONE,Supershell", "0", "DonPasci" "2025-12-03 20:03:02", "1667127", "54.160.180.123:11557", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/54.160.180.123", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 20:03:01", "1667126", "196.75.86.165:2222", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/196.75.86.165", "AS36903,C2,censys,hacktool,MetaSploit,Meterpreter,MT-MPLS", "0", "DonPasci" "2025-12-03 20:02:43", "1667125", "45.156.87.36:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-12-03 23:01:04", "100", "https://search.censys.io/hosts/45.156.87.36", "AS51396,C2,censys,moobot,PFCLOUD", "0", "DonPasci" "2025-12-03 20:02:37", "1667124", "185.39.19.188:51144", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.39.19.188", "AS216341,c2,censys,JokerRAT,OPTIMA-AS,panel", "0", "DonPasci" "2025-12-03 20:02:27", "1667123", "82.112.253.169:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:47:37", "100", "https://search.censys.io/hosts/82.112.253.169", "AS-HOSTINGER,AS47583,C2,censys,Havoc", "0", "DonPasci" "2025-12-03 20:02:26", "1667122", "149.28.138.70:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:44:13", "100", "https://search.censys.io/hosts/149.28.138.70", "AS-VULTR,AS20473,C2,censys,Havoc", "0", "DonPasci" "2025-12-03 20:02:25", "1667121", "51.161.0.22:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:47:05", "100", "https://search.censys.io/hosts/51.161.0.22", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci" "2025-12-03 20:02:21", "1667118", "85.192.60.211:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 23:00:43", "100", "https://search.censys.io/hosts/85.192.60.211", "AEZA-AS,AS210644,C2,censys,Quasar,RAT", "0", "DonPasci" "2025-12-03 20:02:18", "1667117", "45.76.33.33:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:46:50", "100", "https://search.censys.io/hosts/45.76.33.33", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci" "2025-12-03 20:02:12", "1667115", "209.222.97.74:103", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:46:02", "100", "https://search.censys.io/hosts/209.222.97.74", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-12-03 20:02:12", "1667116", "193.26.115.51:8080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:45:39", "100", "https://search.censys.io/hosts/193.26.115.51", "AS210558,AsyncRAT,C2,censys,RAT,SERVICES-1337-GMBH", "0", "DonPasci" "2025-12-03 20:02:00", "1667114", "38.242.153.111:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:46:31", "100", "https://search.censys.io/hosts/38.242.153.111", "AS51167,C2,censys,CONTABO,Sliver", "0", "DonPasci" "2025-12-03 20:01:58", "1667113", "128.199.245.52:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:43:49", "100", "https://search.censys.io/hosts/128.199.245.52", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-12-03 20:01:48", "1667112", "202.189.9.234:20022", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-12-03 23:00:20", "100", "https://search.censys.io/hosts/202.189.9.234", "AS139180,C2,censys,Gh0st,RAT,SDYXT", "0", "DonPasci" "2025-12-03 20:01:31", "1667111", "91.92.242.28:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-12-03 20:02:07", "100", "https://search.censys.io/hosts/91.92.242.28", "AS214943,C2,censys,Latrodectus,RAILNET", "0", "DonPasci" "2025-12-03 20:01:30", "1667110", "158.94.208.144:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-12-03 20:02:07", "100", "https://search.censys.io/hosts/158.94.208.144", "AS214943,C2,censys,Latrodectus,RAILNET", "0", "DonPasci" "2025-12-03 20:01:27", "1667109", "167.179.73.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 23:00:11", "100", "https://search.censys.io/hosts/167.179.73.103", "AS-VULTR,AS20473,C2,censys,CobaltStrike", "0", "DonPasci" "2025-12-03 20:01:21", "1667108", "43.163.0.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:32", "100", "https://search.censys.io/hosts/43.163.0.162", "AS132203,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-12-03 20:01:19", "1667107", "47.97.113.42:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:44", "100", "https://search.censys.io/hosts/47.97.113.42", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-12-03 20:01:18", "1667106", "47.97.113.42:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:44", "100", "https://search.censys.io/hosts/47.97.113.42", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-12-03 20:01:15", "1667105", "115.190.161.178:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:38", "100", "https://search.censys.io/hosts/115.190.161.178", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci" "2025-12-03 20:01:13", "1667104", "192.228.96.59:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:14", "100", "https://search.censys.io/hosts/192.228.96.59", "AS53340,C2,censys,CobaltStrike,cs-watermark-987654321,FIBERHUB", "0", "DonPasci" "2025-12-03 19:45:30", "1667101", "45.83.28.172:8041", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "https://bazaar.abuse.ch/sample/0bf813a35b9343fa17cce21cf8a7ef723779769c253146ae504791cf6b980c23/", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-12-03 19:39:26", "1667100", "196.251.107.99:8443", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "75", "https://bazaar.abuse.ch/sample/2cbdf96c80d1e9167282ecb6f5f1033d4b747c5417ef5849d91b7a6104f99870/", "XoriumStealer", "0", "abuse_ch" "2025-12-03 19:29:46", "1667088", "196.251.107.23:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "2025-12-04 11:53:05", "100", "None", "loader,StealC,stealer", "0", "Bitsight" "2025-12-03 19:29:46", "1667089", "151.240.151.15:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "2025-12-04 11:53:02", "100", "None", "loader,StealC,stealer", "0", "Bitsight" "2025-12-03 19:29:45", "1667091", "77.83.207.252:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "2025-12-04 11:54:08", "100", "None", "loader,StealC,stealer", "0", "Bitsight" "2025-12-03 19:27:03", "1667094", "45.153.34.13:58007", "ip:port", "botnet_cc", "win.pure_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "75", "https://bazaar.abuse.ch/sample/243b1a20ab7ccf16dcead3eb45ddb5c5a6389ab89c9ba0354c841b879c966de7/", "PureHVNC,PureRAT,RAT", "0", "abuse_ch" "2025-12-03 19:27:03", "1667095", "45.153.34.13:58008", "ip:port", "botnet_cc", "win.pure_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "75", "https://bazaar.abuse.ch/sample/243b1a20ab7ccf16dcead3eb45ddb5c5a6389ab89c9ba0354c841b879c966de7/", "PureHVNC,PureRAT,RAT", "0", "abuse_ch" "2025-12-03 19:27:03", "1667096", "45.153.34.13:58009", "ip:port", "botnet_cc", "win.pure_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "75", "https://bazaar.abuse.ch/sample/243b1a20ab7ccf16dcead3eb45ddb5c5a6389ab89c9ba0354c841b879c966de7/", "PureHVNC,PureRAT,RAT", "0", "abuse_ch" "2025-12-03 19:15:17", "1667090", "156.255.0.28:1688", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-12-03 18:56:55", "1667084", "89.208.106.13:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:47:45", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-03 18:54:50", "1667083", "5.101.86.96:59364", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:47:01", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-12-03 18:53:59", "1667082", "45.12.146.14:53015", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:46:42", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-03 18:52:05", "1667081", "209.222.97.74:101", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:46:02", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-12-03 18:48:43", "1667080", "171.105.25.171:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-12-05 02:44:45", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-12-03 18:46:12", "1667078", "13.49.46.176:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:43:51", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-12-03 18:01:38", "1667072", "147.124.214.248:5126", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 00:01:43", "100", "https://tria.ge/251203-vryz7a1pgs", "AS396073,C2,rat,remcos,triage", "0", "DonPasci" "2025-12-03 17:45:16", "1667068", "38.181.24.114:448", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-12-03 17:45:11", "1667067", "38.181.24.114:449", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-12-03 16:31:27", "1667041", "185.208.158.230:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "https://app.any.run/tasks/707ace3e-1fe2-4f6a-af5d-46957960f2fb", "c2,vidar", "0", "burger" "2025-12-03 16:02:58", "1667040", "47.84.87.182:5858", "ip:port", "botnet_cc", "win.donut_injector", "Donut", "donut_injector", "", "100", "https://search.censys.io/hosts/47.84.87.182", "ALIBABA-CN-NET,AS45102,C2,censys,Donut", "0", "DonPasci" "2025-12-03 16:02:43", "1667039", "114.66.38.106:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/114.66.38.106", "AS136188,c2,c2-redirector,censys,CHINATELECOM-ZHEJIANG-NINGBO-IDC,RedGuard", "0", "DonPasci" "2025-12-03 16:02:41", "1667038", "85.121.5.5:5555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/85.121.5.5", "Albiriox,ALEXHOST,Android,AS200019,censys", "0", "DonPasci" "2025-12-03 16:02:37", "1667037", "14.225.20.10:55555", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-12-03 23:01:05", "100", "https://search.censys.io/hosts/14.225.20.10", "AS135905,C2,censys,moobot,VNPT-AS-VN", "0", "DonPasci" "2025-12-03 16:01:51", "1667036", "104.234.46.159:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:43:28", "100", "https://search.censys.io/hosts/104.234.46.159", "AS43350,C2,censys,Mythic,NFORCE", "0", "DonPasci" "2025-12-03 16:01:48", "1667035", "62.60.135.114:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/62.60.135.114", "AS208137,C2,censys,FPS12,RAT,Sectop", "0", "DonPasci" "2025-12-03 16:01:36", "1667034", "64.31.63.239:52125", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:47:20", "100", "https://search.censys.io/hosts/64.31.63.239", "AS136258,C2,censys,ONEPROVIDER-AS,Sliver", "0", "DonPasci" "2025-12-03 16:01:11", "1667032", "193.135.174.51:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 23:00:10", "100", "https://search.censys.io/hosts/193.135.174.51", "AS44901,BELCLOUD,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-03 16:01:11", "1667033", "120.55.169.216:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 23:00:09", "100", "https://search.censys.io/hosts/120.55.169.216", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-03 15:04:12", "1666987", "58.22.95.171:6868", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://threatquery.com/engines/ip.html?value=58.22.95.171&type=ip", "AS4837,c2,LokiBot,threatquery", "0", "threatquery" "2025-12-03 14:56:31", "1666983", "46.224.34.145:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-03 14:51:58", "1666974", "5.135.69.40:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "https://app.any.run/tasks/69d8da6c-1f58-47aa-9490-8844c1db61ce", "c2,vidar", "0", "burger" "2025-12-03 14:10:48", "1666964", "91.92.243.134:9672", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 00:01:42", "75", "https://bazaar.abuse.ch/sample/999c04854a14a50e67c4efb840139402b256ae8c84582b36f1f4ab3878fd2af1/", "remcos", "0", "abuse_ch" "2025-12-03 14:10:40", "1666963", "83.147.243.110:1002", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/5f6e7232d0fd57d8b46e8fbd1f7c917b4bddb4c426b9ea7d73e1276a197ca84d/", "xworm", "0", "abuse_ch" "2025-12-03 14:05:26", "1666956", "185.241.208.212:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/cc7d970b366fac85dffbfef76441a241827cad22ca0797f8c19d5b1bad4b8b89/", "remcos", "0", "abuse_ch" "2025-12-03 13:37:50", "1666951", "77.110.126.46:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-12-03 12:31:15", "1666902", "122.114.10.199:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:43:46", "90", "https://search.censys.io/hosts/122.114.10.199", "AS4837,C2,censys", "0", "dyingbreeds_" "2025-12-03 12:31:15", "1666903", "140.99.164.101:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:44:01", "100", "https://search.censys.io/hosts/140.99.164.101", "AS396356,C2,censys,Covenant,LATITUDE-SH", "0", "dyingbreeds_" "2025-12-03 12:31:15", "1666904", "167.172.123.193:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/167.172.123.193", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:14", "1666905", "193.160.119.76:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/193.160.119.76", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:14", "1666906", "98.130.133.65:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/98.130.133.65", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:13", "1666907", "172.235.37.102:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.235.37.102", "AS63949,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:12", "1666908", "213.199.55.221:33348", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/213.199.55.221", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:12", "1666909", "107.128.196.243:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/107.128.196.243", "AS7018,ATT-INTERNET4,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:12", "1666910", "3.67.72.215:4567", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.67.72.215", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:10", "1666911", "2.32.103.166:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/2.32.103.166", "AS30722,censys,GoPhish,Phishing,VODAFONE-IT-ASN", "0", "dyingbreeds_" "2025-12-03 12:31:10", "1666914", "207.154.235.243:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/207.154.235.243", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:31:09", "1666913", "139.59.76.147:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/139.59.76.147", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 12:30:28", "1666940", "185.81.113.73:7003", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/defa2e29e45168471ce451196e1617b9659b3553b125e5464b1db032d7eac90a/", "xworm", "0", "abuse_ch" "2025-12-03 12:02:24", "1666932", "104.233.169.83:12201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/251203-m289xawlby", "AS398993,C2,quasar,rat,triage", "0", "DonPasci" "2025-12-03 12:01:33", "1666925", "64.176.16.221:50115", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:47:18", "100", "https://search.censys.io/hosts/64.176.16.221", "AS-VULTR,AS20473,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-12-03 12:01:12", "1666923", "60.205.166.136:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 23:00:17", "100", "https://search.censys.io/hosts/60.205.166.136", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-12-03 10:41:00", "1666893", "118.107.45.42:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "50", "https://ti.qianxin.com/blog/articles/setcoderat-customized-for-chinese-speaking-regions-en/", "c2,SetcodeRat", "0", "juroots" "2025-12-03 10:41:00", "1666894", "38.45.122.162:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "50", "https://ti.qianxin.com/blog/articles/setcoderat-customized-for-chinese-speaking-regions-en/", "c2,SetcodeRat", "0", "juroots" "2025-12-03 08:52:25", "1666869", "47.92.90.193:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:43", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-12-03 08:51:53", "1666868", "38.165.33.58:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:22", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-12-03 08:50:04", "1666867", "45.136.68.30:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "None", "NetSupport", "0", "abuse_ch" "2025-12-03 08:49:42", "1666866", "95.164.55.127:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:47:56", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-03 08:49:03", "1666865", "66.42.51.183:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:47:21", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-03 08:48:09", "1666864", "45.135.180.207:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:46:43", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-03 08:47:44", "1666862", "35.192.204.197:443", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2025-12-05 02:46:26", "75", "None", "DanBot,drb-ra", "0", "abuse_ch" "2025-12-03 08:46:42", "1666861", "194.26.141.203:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:45:40", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-03 08:44:33", "1666859", "142.171.7.147:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-12-05 02:44:03", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-12-03 08:43:03", "1666858", "1.161.69.200:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-12-05 02:43:03", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-12-03 08:37:35", "1666855", "54.169.204.105:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 08:11:49", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-12-03 08:37:09", "1666854", "154.94.237.231:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2025-12-03 08:37:04", "1666853", "114.66.38.114:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-12-03 08:36:51", "1666852", "3.79.56.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-12-03 08:34:08", "1666848", "195.201.255.161:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-03 08:34:08", "1666849", "116.202.187.51:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-03 08:34:08", "1666850", "116.203.71.61:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-03 08:34:08", "1666851", "49.13.38.230:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-03 08:34:07", "1666847", "49.13.35.182:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-12-03 08:03:00", "1666829", "15.235.198.126:1336", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/15.235.198.126", "AS16276,C2,censys,OVH,PowershellEmpire", "0", "DonPasci" "2025-12-03 08:02:57", "1666828", "103.177.47.58:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.58", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 08:02:56", "1666825", "103.177.47.39:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.39", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 08:02:56", "1666826", "103.177.47.20:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.20", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 08:02:56", "1666827", "3.95.63.150:41760", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/3.95.63.150", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 08:02:55", "1666824", "103.177.47.92:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.47.92", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 08:02:54", "1666823", "103.177.46.54:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/103.177.46.54", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2025-12-03 08:02:29", "1666822", "41.250.128.10:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-12-05 02:46:37", "100", "https://search.censys.io/hosts/41.250.128.10", "AS36903,C2,censys,MT-MPLS,Netsupport,RAT", "0", "DonPasci" "2025-12-03 08:02:28", "1666821", "79.241.97.243:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-12-05 02:47:31", "100", "https://search.censys.io/hosts/79.241.97.243", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci" "2025-12-03 08:02:21", "1666819", "108.61.198.77:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:43:37", "100", "https://search.censys.io/hosts/108.61.198.77", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci" "2025-12-03 08:02:21", "1666820", "34.222.248.75:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-03 11:00:27", "100", "https://search.censys.io/hosts/34.222.248.75", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci" "2025-12-03 08:01:46", "1666818", "172.111.156.249:81", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-12-05 02:44:47", "100", "https://search.censys.io/hosts/172.111.156.249", "AS9009,AsyncRAT,C2,censys,M247,RAT", "0", "DonPasci" "2025-12-03 08:01:32", "1666816", "81.92.219.143:8080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:47:37", "100", "https://search.censys.io/hosts/81.92.219.143", "AS27176,C2,censys,DATAWAGON,RAT,Remcos", "0", "DonPasci" "2025-12-03 08:01:32", "1666817", "216.126.237.122:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-05 02:46:07", "100", "https://search.censys.io/hosts/216.126.237.122", "AS14956,C2,censys,RAT,Remcos,ROUTERHOSTING", "0", "DonPasci" "2025-12-03 08:01:18", "1666815", "81.70.186.19:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 11:00:13", "100", "https://search.censys.io/hosts/81.70.186.19", "AS45090,C2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci" "2025-12-03 08:01:14", "1666814", "64.176.48.137:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 11:00:08", "100", "https://search.censys.io/hosts/64.176.48.137", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-12-03 08:01:11", "1666813", "43.251.225.85:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-04 08:13:30", "100", "https://search.censys.io/hosts/43.251.225.85", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-987654321", "0", "DonPasci" "2025-12-03 08:01:10", "1666812", "3.37.87.106:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:20", "100", "https://search.censys.io/hosts/3.37.87.106", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-03 08:01:09", "1666811", "47.100.183.39:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:35", "100", "https://search.censys.io/hosts/47.100.183.39", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-12-03 07:56:44", "1666809", "156.226.175.32:25596", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-12-04 07:57:25", "75", "https://bazaar.abuse.ch/sample/c48e7e301c663a0edc7a4372d7e1fcf837c0a5c4a56bfc1f8c2c7e2e2b7ccf8a/", "Hailbot,Mirai", "0", "abuse_ch" "2025-12-03 07:25:07", "1666798", "196.251.100.233:11200", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch" "2025-12-03 07:14:39", "1666402", "154.94.19.243:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-12-03 00:01:28", "100", "https://search.censys.io/hosts/154.94.19.243", "AS133180,C2,censys", "0", "dyingbreeds_" "2025-12-03 07:14:37", "1666400", "38.190.198.35:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 00:01:06", "100", "https://search.censys.io/hosts/38.190.198.35", "AS133199,C2,censys", "0", "dyingbreeds_" "2025-12-03 07:14:37", "1666401", "120.48.43.140:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-03 00:01:10", "100", "https://search.censys.io/hosts/120.48.43.140", "AS38365,C2,censys", "0", "dyingbreeds_" "2025-12-03 07:14:36", "1666403", "162.243.106.164:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:44:33", "100", "https://search.censys.io/hosts/162.243.106.164", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "dyingbreeds_" "2025-12-03 07:14:35", "1666404", "147.185.221.224:33213", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-12-03 00:01:58", "100", "https://search.censys.io/hosts/147.185.221.224", "AS400519,C2,censys,PLAYIT-GG,RAT", "0", "dyingbreeds_" "2025-12-03 07:14:35", "1666405", "139.159.183.246:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/139.159.183.246", "AS55990,censys,Viper", "0", "dyingbreeds_" "2025-12-03 07:14:34", "1666406", "122.51.124.118:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/122.51.124.118", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:34", "1666407", "39.100.86.6:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/39.100.86.6", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:34", "1666408", "72.12.121.210:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/72.12.121.210", "AS23481,censys,GoPhish,HCTC-LINK1,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:33", "1666410", "172.171.233.183:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.171.233.183", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:32", "1666409", "54.38.52.163:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.38.52.163", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:31", "1666411", "45.133.73.143:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.133.73.143", "AS211507,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:31", "1666412", "54.90.250.174:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.90.250.174", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:31", "1666414", "117.250.244.55:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/117.250.244.55", "AS9829,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:30", "1666413", "20.193.255.164:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.193.255.164", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:29", "1666415", "92.205.228.9:3344", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/92.205.228.9", "AS21499,censys,GODADDY-SXB,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:29", "1666416", "74.249.119.149:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/74.249.119.149", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:28", "1666417", "13.49.181.249:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.49.181.249", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-12-03 07:14:24", "1666184", "81.94.156.24:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "None", "mirai", "0", "seckle" "2025-12-03 07:14:23", "1666206", "178.16.55.188:2024", "ip:port", "botnet_cc", "win.socks5_systemz", "None", "Socks5 Systemz", "", "99", "https://tria.ge/251201-zl42gasjcz/behavioral1", "None", "0", "netresec" "2025-12-03 07:02:54", "1666791", "216.9.224.26:22000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-12-04 20:02:15", "50", "", "c2,remcos", "0", "juroots" "2025-12-03 06:08:42", "1666734", "146.190.225.123:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 05:08:22", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 06:08:35", "1666733", "64.227.41.225:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 05:08:14", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 06:08:28", "1666732", "167.172.120.248:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 05:08:26", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 06:01:19", "1666723", "185.157.162.18:57441", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/251203-gh48yssmg1", "AS42675,C2,rat,remcos,triage", "0", "DonPasci" "2025-12-03 06:01:12", "1666721", "82.153.71.161:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/251203-fw72bsvlhn", "AS13649,C2,triage,xworm", "0", "DonPasci" "2025-12-03 05:37:38", "1666717", "165.232.108.168:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 04:36:26", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 05:37:37", "1666716", "46.101.25.65:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 04:36:26", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 05:37:36", "1666715", "143.198.170.34:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 04:36:25", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 05:37:35", "1666714", "206.189.97.139:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 04:36:25", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 05:22:12", "1666711", "77.83.240.188:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2025-12-04 04:36:24", "75", "None", "AISURU", "0", "abuse_ch" "2025-12-03 04:25:09", "1666513", "212.11.64.201:5018", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch" "2025-12-03 04:03:05", "1666510", "23.132.164.33:4433", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/23.132.164.33", "AS60223,C2,censys,hacktool,MetaSploit,Meterpreter,NETIFACE-AS", "0", "DonPasci" "2025-12-03 04:03:00", "1666509", "66.63.162.235:54321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "https://search.censys.io/hosts/66.63.162.235", "AdaptixC2,AS-COLOCROSSING,AS36352,C2,censys", "0", "DonPasci" "2025-12-03 04:02:37", "1666508", "125.24.160.33:7443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-12-05 02:43:49", "100", "https://search.censys.io/hosts/125.24.160.33", "AS23969,C2,censys,Netsupport,RAT,TOT-NET", "0", "DonPasci" "2025-12-03 04:02:33", "1666506", "95.182.115.191:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-12-05 02:47:57", "100", "https://search.censys.io/hosts/95.182.115.191", "AS56971,C2,censys,Havoc", "0", "DonPasci" "2025-12-03 04:02:29", "1666502", "102.205.170.10:9301", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:32", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:29", "1666503", "102.205.170.10:28149", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:41", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:29", "1666504", "102.205.170.10:8082", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:35", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:29", "1666505", "102.205.170.10:15499", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:33", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:28", "1666497", "102.205.170.10:2079", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:39", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:28", "1666498", "102.205.170.10:8433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:32", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:28", "1666499", "102.205.170.10:17778", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:30", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:28", "1666500", "102.205.170.10:37215", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:33", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:28", "1666501", "102.205.170.10:38444", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:39", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:27", "1666494", "102.205.170.10:38677", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:36", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:27", "1666495", "102.205.170.10:50001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:30", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:27", "1666496", "102.205.170.10:49600", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:36", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:26", "1666491", "102.205.170.10:587", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:32", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:26", "1666492", "102.205.170.10:15717", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:36", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:26", "1666493", "102.205.170.10:24467", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:37", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:25", "1666487", "102.205.170.10:1200", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:34", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:25", "1666488", "102.205.170.10:2281", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:38", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:25", "1666489", "102.205.170.10:18082", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:38", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:25", "1666490", "102.205.170.10:62842", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:40", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:24", "1666483", "102.205.170.10:49501", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:34", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:24", "1666484", "102.205.170.10:143", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:31", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:24", "1666485", "102.205.170.10:554", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:34", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:24", "1666486", "102.205.170.10:631", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:41", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:23", "1666480", "102.205.170.10:27730", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:40", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:23", "1666481", "102.205.170.10:30495", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:30", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:23", "1666482", "102.205.170.10:36031", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:38", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:22", "1666478", "102.205.170.10:54224", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:37", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:22", "1666479", "102.205.170.10:62290", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:35", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:21", "1666474", "102.205.170.10:110", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:39", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:21", "1666475", "102.205.170.10:315", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:34", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:21", "1666476", "102.205.170.10:1961", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:39", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:21", "1666477", "102.205.170.10:24531", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-12-03 11:00:37", "100", "https://search.censys.io/hosts/102.205.170.10", "AS329556,C2,censys,Newworks-Limited,Quasar,RAT", "0", "DonPasci" "2025-12-03 04:02:19", "1666473", "24.144.80.194:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-05 02:46:15", "100", "https://search.censys.io/hosts/24.144.80.194", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-12-03 04:02:18", "1666472", "62.60.232.124:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-12-03 11:00:25", "100", "https://search.censys.io/hosts/62.60.232.124", "AS215540,C2,censys,GCS-AS,Mythic", "0", "DonPasci" "2025-12-03 04:02:15", "1666471", "138.226.238.96:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/138.226.238.96", "AS214196,C2,censys,RAT,Sectop,VLADYLSAV-NAUMETS", "0", "DonPasci" "2025-12-03 04:01:11", "1666470", "125.40.44.177:54002", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:48:53", "100", "https://search.censys.io/hosts/125.40.44.177", "AS4837,C2,censys,CHINA169-BACKBONE,CobaltStrike,cs-watermark-1234567890", "0", "DonPasci" "2025-12-03 04:01:08", "1666469", "156.225.19.17:4396", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-12-05 02:49:01", "100", "https://search.censys.io/hosts/156.225.19.17", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-987654321", "0", "DonPasci" "2025-12-03 03:50:05", "1666464", "147.185.221.16:16069", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" # Number of entries: 374