################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2025-03-29 15:31:07 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-03-29 15:31:07", "1461052", "103.83.86.26:23", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "1049h,censys,mirai", "0", "NDA0E" "2025-03-29 14:49:54", "1461031", "205.185.117.53:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-03-29 13:34:41", "1460939", "18.192.93.86:19281", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:41", "1460940", "18.156.13.209:19281", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:38", "1460953", "3.71.225.231:18053", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:36", "1460955", "52.57.120.10:18053", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:36", "1460956", "18.192.31.30:18053", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:35", "1460961", "3.126.224.214:10780", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:34", "1460962", "35.157.111.131:10780", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:34", "1460963", "3.125.188.168:10780", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 13:34:34", "1460964", "3.124.67.191:10780", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-03-29 12:40:39", "1460957", "147.185.221.21:27180", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/62ab616a986ed8d7725c5c37122c385b7ad30b9e02d659e950fa099c9b8d9ed3/", "asyncrat", "0", "abuse_ch" "2025-03-29 12:01:54", "1460954", "89.110.76.90:80", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/89.110.76.90", "AS216071,C2,censys,hacktool,Mimikatz,open-dir,VDSINA", "0", "DonPasci" "2025-03-29 12:01:38", "1460952", "43.250.173.2:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/43.250.173.2", "AS62468,C2,censys,HKCLOUDX,moobot", "0", "DonPasci" "2025-03-29 12:01:31", "1460951", "195.35.56.181:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/195.35.56.181", "AS-HOSTINGER,AS47583,C2,censys,Ermac,panel", "0", "DonPasci" "2025-03-29 12:01:28", "1460950", "46.31.79.56:7777", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.31.79.56", "AS207326,C2,censys,DcRAT,HOSTLAB,RAT", "0", "DonPasci" "2025-03-29 12:01:26", "1460949", "92.213.96.141:3389", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/92.213.96.141", "AS3209,C2,censys,RAT,Venom,VODANET", "0", "DonPasci" "2025-03-29 12:01:08", "1460947", "128.90.113.25:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.113.25", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-03-29 12:01:08", "1460948", "195.3.223.146:4445", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/195.3.223.146", "AS201814,AsyncRAT,C2,censys,MEVSPACE,RAT", "0", "DonPasci" "2025-03-29 12:01:07", "1460945", "154.38.185.247:2022", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/154.38.185.247", "AS40021,AsyncRAT,C2,censys,NL-811-40021,RAT", "0", "DonPasci" "2025-03-29 12:01:07", "1460946", "128.90.113.25:4000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.113.25", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-03-29 12:00:43", "1460944", "172.234.244.49:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/172.234.244.49", "AKAMAI-LINODE-AP,AS63949,C2,censys,Sliver", "0", "DonPasci" "2025-03-29 10:57:41", "1460938", "64.176.228.13:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-29 09:39:18", "1460931", "45.196.222.158:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-03-29 09:39:11", "1460928", "42.51.40.85:90", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch" "2025-03-29 09:39:11", "1460929", "38.55.199.146:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-29 09:39:11", "1460930", "121.41.46.127:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch" "2025-03-29 09:39:03", "1460926", "84.46.236.139:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-03-29 09:39:03", "1460927", "148.135.86.38:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-29 09:39:01", "1460925", "113.45.11.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-29 09:39:00", "1460924", "47.109.82.220:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-03-29 09:38:59", "1460923", "47.104.246.77:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch" "2025-03-29 08:56:32", "1460922", "37.133.50.164:80", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-03-29 08:52:24", "1460921", "66.103.210.105:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "None", "drb-ra,RAT", "0", "abuse_ch" "2025-03-29 08:51:06", "1460920", "45.61.136.160:80", "ip:port", "botnet_cc", "win.broomstick", "CLEANBOOST,CleanUp,CleanUpLoader,Oyster", "Broomstick", "", "75", "None", "Broomstick,drb-ra,Oyster", "0", "abuse_ch" "2025-03-29 08:48:11", "1460919", "193.149.129.58:80", "ip:port", "botnet_cc", "win.broomstick", "CLEANBOOST,CleanUp,CleanUpLoader,Oyster", "Broomstick", "", "75", "None", "Broomstick,drb-ra,Oyster", "0", "abuse_ch" "2025-03-29 08:01:44", "1460912", "18.116.31.108:3260", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/18.116.31.108", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-29 08:01:37", "1460910", "93.183.81.23:4433", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/93.183.81.23", "AS9123,C2,censys,Havoc,TIMEWEB-AS", "0", "DonPasci" "2025-03-29 08:01:37", "1460911", "78.135.93.218:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/78.135.93.218", "AS214036,C2,censys,Havoc,ULTAHOST-AS", "0", "DonPasci" "2025-03-29 08:01:23", "1460909", "156.238.237.180:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/156.238.237.180", "AS142032,C2,censys,HFTCL-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-03-29 08:01:22", "1460908", "45.141.233.64:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/45.141.233.64", "AS214943,C2,censys,Hookbot,RAILNET", "0", "DonPasci" "2025-03-29 08:01:16", "1460907", "23.95.162.53:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/23.95.162.53", "AS19318,AsyncRAT,C2,censys,IS-AS-1,RAT", "0", "DonPasci" "2025-03-29 08:00:48", "1460906", "45.78.63.125:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "100", "https://search.censys.io/hosts/45.78.63.125", "AS25820,C2,censys,IT7NET,Pupy,RAT", "0", "DonPasci" "2025-03-29 08:00:47", "1460905", "173.225.102.145:5938", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/173.225.102.145", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci" "2025-03-29 08:00:46", "1460902", "176.65.143.147:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/176.65.143.147", "AS215208,C2,censys,DOLPHINNETWORKS,RAT,Remcos", "0", "DonPasci" "2025-03-29 08:00:46", "1460903", "206.123.152.106:2565", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/206.123.152.106", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-03-29 08:00:46", "1460904", "144.172.92.114:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/144.172.92.114", "AS14956,C2,censys,RAT,Remcos,ROUTERHOSTING", "0", "DonPasci" "2025-03-29 08:00:24", "1460900", "1.94.15.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/1.94.15.117", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci" "2025-03-29 08:00:24", "1460901", "1.12.233.147:8085", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/1.12.233.147", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci" "2025-03-29 07:19:17", "1460882", "77.96.238.78:8808", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "50", "", "c2,orcus", "0", "juroots" "2025-03-29 07:16:47", "1460878", "3.142.83.199:8406", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/3.142.83.199#8406", "c2,netbus,shodan", "0", "juroots" "2025-03-29 07:16:37", "1460877", "89.150.40.35:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/89.150.40.35#80", "c2,shodan,spicerat", "0", "juroots" "2025-03-29 07:16:23", "1460876", "23.227.203.148:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/23.227.203.148#443", "c2,havoc,shodan", "0", "juroots" "2025-03-29 07:16:10", "1460875", "114.96.88.155:50050", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/114.96.88.155#50050", "c2,quasar,shodan", "0", "juroots" "2025-03-29 07:15:57", "1460874", "35.183.112.54:12271", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/35.183.112.54#12271", "c2,netsupport,shodan", "0", "juroots" "2025-03-29 07:15:38", "1460873", "78.171.42.106:3001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/78.171.42.106#3001", "asyncrat,c2,shodan", "0", "juroots" "2025-03-29 07:15:25", "1460872", "27.44.204.13:22001", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "50", "https://www.shodan.io/host/27.44.204.13#22001", "c2,shadowpad,shodan", "0", "juroots" "2025-03-29 07:14:57", "1460871", "107.158.128.43:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/107.158.128.43#31337", "c2,shodan,sliver", "0", "juroots" "2025-03-29 07:14:45", "1460869", "210.114.12.10:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/210.114.12.10#80", "c2,kimsuky,shodan", "0", "juroots" "2025-03-29 07:14:45", "1460870", "158.247.243.122:443", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/158.247.243.122#443", "c2,kimsuky,shodan", "0", "juroots" "2025-03-29 07:14:26", "1460868", "222.118.241.116:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/222.118.241.116#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-03-29 07:14:07", "1460867", "212.192.15.218:8848", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/212.192.15.218#8848", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:05", "1460862", "39.105.6.249:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/39.105.6.249#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:05", "1460863", "16.63.123.202:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/16.63.123.202#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:05", "1460864", "39.104.59.203:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/39.104.59.203#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:05", "1460865", "116.205.188.204:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/116.205.188.204#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:05", "1460866", "66.135.9.239:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/66.135.9.239#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:04", "1460857", "120.26.248.136:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/120.26.248.136#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:04", "1460858", "103.241.74.142:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/103.241.74.142#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:04", "1460859", "154.219.96.211:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.219.96.211#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:04", "1460860", "139.159.139.153:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/139.159.139.153#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:04", "1460861", "118.25.85.198:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/118.25.85.198#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:03", "1460853", "154.23.161.106:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.23.161.106#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:03", "1460854", "154.21.200.165:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.21.200.165#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:03", "1460855", "113.44.151.118:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/113.44.151.118#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:03", "1460856", "39.107.68.127:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/39.107.68.127#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:02", "1460850", "113.45.157.84:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/113.45.157.84#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:02", "1460851", "47.96.145.94:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.96.145.94#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:02", "1460852", "111.229.78.104:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/111.229.78.104#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:01", "1460847", "104.168.96.138:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/104.168.96.138#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:01", "1460848", "115.120.251.67:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/115.120.251.67#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:01", "1460849", "103.12.149.85:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/103.12.149.85#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:00", "1460842", "47.92.71.92:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.92.71.92#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:00", "1460843", "172.245.82.84:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/172.245.82.84#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:00", "1460844", "101.200.220.44:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/101.200.220.44#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:00", "1460845", "46.101.75.53:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/46.101.75.53#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:14:00", "1460846", "106.75.61.100:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/106.75.61.100#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:59", "1460838", "115.120.236.12:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/115.120.236.12#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:59", "1460839", "123.60.176.13:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/123.60.176.13#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:59", "1460840", "121.37.182.16:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/121.37.182.16#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:59", "1460841", "47.93.25.72:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.93.25.72#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:58", "1460834", "111.229.149.66:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/111.229.149.66#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:58", "1460835", "103.82.53.18:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/103.82.53.18#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:58", "1460836", "47.103.98.3:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.103.98.3#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:58", "1460837", "156.238.233.5:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/156.238.233.5#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:57", "1460833", "106.54.238.71:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/106.54.238.71#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-29 07:13:33", "1460832", "117.72.13.112:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/117.72.13.112#50050", "c2,cobaltstrike,cs-watermark-391144938,shodan", "0", "juroots" "2025-03-29 07:13:14", "1460828", "111.170.148.151:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/111.170.148.151#18443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-03-29 07:13:14", "1460829", "154.9.25.218:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.9.25.218#18443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-03-29 07:13:14", "1460830", "107.172.140.197:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/107.172.140.197#18443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-03-29 07:13:14", "1460831", "118.178.187.223:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/118.178.187.223#18443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-03-29 07:13:13", "1460826", "23.95.193.207:9178", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/23.95.193.207#9178", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-03-29 07:13:13", "1460827", "101.126.87.67:8002", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/101.126.87.67#8002", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-03-29 07:12:47", "1460823", "154.9.254.157:10012", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.9.254.157#10012", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-29 07:12:47", "1460824", "154.12.39.134:10011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.12.39.134#10011", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-29 07:12:47", "1460825", "107.175.83.194:4400", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/107.175.83.194#4400", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-29 06:37:29", "1460815", "117.173.245.176:9205", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/117.173.245.176", "AS9808,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:29", "1460816", "200.91.114.57:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "https://search.censys.io/hosts/200.91.114.57", "AS11830,C2,censys", "0", "dyingbreeds_" "2025-03-29 06:37:28", "1460812", "13.71.133.198:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.71.133.198", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:28", "1460814", "20.83.174.144:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.83.174.144", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:27", "1460813", "154.38.182.185:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.38.182.185", "AS40021,censys,GoPhish,NL-811-40021,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:26", "1460810", "20.222.176.207:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.222.176.207", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:26", "1460811", "159.69.3.57:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.69.3.57", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:25", "1460808", "156.59.152.18:8090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/156.59.152.18", "AS21859,Botnet,byob,C2,censys,ZEN-ECN", "0", "dyingbreeds_" "2025-03-29 06:37:25", "1460809", "64.227.147.245:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/64.227.147.245", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-29 06:37:24", "1460807", "196.251.72.5:5555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.5", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_" "2025-03-29 06:37:11", "1460691", "104.234.168.3:1337", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "c2,ssh,succubus", "0", "redrabytes" "2025-03-29 06:09:15", "1460817", "91.212.166.183:443", "ip:port", "botnet_cc", "win.ghostsocks", "None", "GhostSocks", "", "100", "", "tier-1", "0", "Rony" "2025-03-29 06:09:15", "1460818", "91.212.166.184:443", "ip:port", "botnet_cc", "win.ghostsocks", "None", "GhostSocks", "", "100", "", "tier-1", "0", "Rony" "2025-03-29 04:02:07", "1460806", "195.82.147.26:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/195.82.147.26", "AS203834,C2,censys,DEDBROPRO-AS,rhadamanthys,stealer", "0", "DonPasci" "2025-03-29 04:02:06", "1460805", "195.82.147.36:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/195.82.147.36", "AS203834,C2,censys,DEDBROPRO-AS,rhadamanthys,stealer", "0", "DonPasci" "2025-03-29 04:01:27", "1460795", "175.178.37.75:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/175.178.37.75", "AS45090,C2,censys,DcRAT,RAT,TENCENT-NET-AP", "0", "DonPasci" "2025-03-29 04:01:27", "1460796", "186.169.47.146:8090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/186.169.47.146", "AS3816,C2,censys,COLOMBIA,DcRAT,RAT", "0", "DonPasci" "2025-03-29 04:01:13", "1460794", "181.162.184.208:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/181.162.184.208", "AS7418,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci" "2025-03-29 04:00:40", "1460793", "194.26.192.250:1000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/194.26.192.250", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci" "2025-03-29 04:00:39", "1460792", "172.111.244.134:46167", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/172.111.244.134", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-03-29 02:54:18", "1460791", "148.66.2.196:8083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-29 02:53:07", "1460790", "1.92.96.35:8033", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-29 00:01:44", "1460775", "84.27.0.166:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/84.27.0.166", "AS33915,C2,censys,panel,TNF-AS,Unam", "0", "DonPasci" "2025-03-29 00:01:37", "1460774", "118.31.70.79:8082", "ip:port", "botnet_cc", "win.vshell", "None", "Vshell", "", "100", "https://search.censys.io/hosts/118.31.70.79", "ALIBABA-CN-NET,AS37963,C2,censys,Vshell", "0", "DonPasci" "2025-03-29 00:01:32", "1460772", "54.193.120.169:15927", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/54.193.120.169", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-29 00:01:32", "1460773", "54.193.120.169:59877", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/54.193.120.169", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-29 00:01:26", "1460769", "23.227.202.141:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.202.141", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-03-29 00:01:26", "1460770", "23.227.202.141:10443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.202.141", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-03-29 00:01:26", "1460771", "23.227.202.141:15443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.202.141", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-03-29 00:01:25", "1460766", "23.227.203.148:15443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.203.148", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-03-29 00:01:25", "1460767", "52.224.246.136:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/52.224.246.136", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci" "2025-03-29 00:01:25", "1460768", "52.224.246.136:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/52.224.246.136", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci" "2025-03-29 00:01:24", "1460765", "23.227.203.148:10443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.203.148", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-03-29 00:01:14", "1460763", "185.147.125.101:45051", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/185.147.125.101", "AS49505,C2,censys,Hookbot,SELECTEL", "0", "DonPasci" "2025-03-29 00:01:14", "1460764", "45.150.34.163:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/45.150.34.163", "AS215826,C2,censys,Hookbot,PARTNER-HOSTING-LTD", "0", "DonPasci" "2025-03-29 00:01:08", "1460762", "198.23.227.175:8801", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/198.23.227.175", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-03-29 00:01:07", "1460760", "196.251.72.213:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.213", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-29 00:01:07", "1460761", "196.251.72.213:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.213", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-29 00:01:06", "1460759", "193.233.254.124:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/193.233.254.124", "AS215826,AsyncRAT,C2,censys,PARTNER-HOSTING-LTD,RAT", "0", "DonPasci" "2025-03-29 00:01:05", "1460758", "66.103.194.37:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/66.103.194.37", "AS35916,C2,censys,MULTA-ASN1,Supershell", "0", "DonPasci" "2025-03-29 00:01:04", "1460757", "123.60.23.234:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/123.60.23.234", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci" "2025-03-29 00:00:43", "1460753", "134.199.223.40:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/134.199.223.40", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-03-29 00:00:42", "1460752", "92.112.53.174:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/92.112.53.174", "AS212238,C2,CDNEXT,censys,Sliver", "0", "DonPasci" "2025-03-29 00:00:38", "1460750", "194.59.31.18:2026", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/194.59.31.18", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci" "2025-03-29 00:00:38", "1460751", "172.111.139.254:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/172.111.139.254", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci" "2025-03-29 00:00:37", "1460749", "45.83.31.38:4000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/45.83.31.38", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci" "2025-03-29 00:00:23", "1460746", "207.180.235.180:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/207.180.235.180", "AS51167,C2,censys,CobaltStrike,CONTABO,cs-watermark-987654321", "0", "DonPasci" "2025-03-29 00:00:23", "1460747", "207.180.235.180:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/207.180.235.180", "AS51167,C2,censys,CobaltStrike,CONTABO,cs-watermark-987654321", "0", "DonPasci" "2025-03-29 00:00:22", "1460745", "120.26.248.136:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/120.26.248.136", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-03-28 20:52:19", "1460728", "8.217.245.162:11601", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-03-28 20:51:40", "1460727", "61.182.130.83:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-03-28 20:51:03", "1460726", "47.117.146.230:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-03-28 20:49:42", "1460725", "31.130.150.13:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-03-28 20:49:18", "1460723", "219.229.81.200:8868", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-03-28 20:49:18", "1460724", "219.229.81.201:8868", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-03-28 20:48:57", "1460722", "206.71.148.110:80", "ip:port", "botnet_cc", "win.broomstick", "CLEANBOOST,CleanUp,CleanUpLoader,Oyster", "Broomstick", "", "75", "None", "Broomstick,drb-ra,Oyster", "0", "abuse_ch" "2025-03-28 20:47:37", "1460721", "190.31.201.122:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-03-28 20:47:19", "1460720", "185.223.207.107:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "None", "drb-ra,RAT", "0", "abuse_ch" "2025-03-28 20:47:15", "1460719", "185.196.8.217:80", "ip:port", "botnet_cc", "win.broomstick", "CLEANBOOST,CleanUp,CleanUpLoader,Oyster", "Broomstick", "", "75", "None", "Broomstick,drb-ra,Oyster", "0", "abuse_ch" "2025-03-28 20:44:02", "1460718", "118.178.184.126:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "None", "drb-ra,RAT", "0", "abuse_ch" "2025-03-28 20:01:51", "1460711", "158.255.2.21:8088", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "", "100", "https://search.censys.io/hosts/158.255.2.21", "AS50867,censys,Chaos,ORG-LVA15-AS,panel", "0", "DonPasci" "2025-03-28 20:01:18", "1460709", "191.17.93.14:5000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/191.17.93.14", "AS27699,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci" "2025-03-28 20:01:16", "1460708", "37.60.254.174:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/37.60.254.174", "AS51167,C2,censys,CONTABO,Mythic", "0", "DonPasci" "2025-03-28 20:01:09", "1460707", "45.77.36.30:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.77.36.30", "AS-VULTR,AS20473,C2,censys,Supershell", "0", "DonPasci" "2025-03-28 20:00:40", "1460705", "3.99.173.173:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/3.99.173.173", "AMAZON-02,AS16509,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-03-28 20:00:40", "1460706", "54.39.19.186:47824", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/54.39.19.186", "AS16276,C2,censys,OVH,RAT,Remcos", "0", "DonPasci" "2025-03-28 20:00:22", "1460703", "115.120.251.67:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/115.120.251.67", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci" "2025-03-28 20:00:21", "1460702", "41.143.215.45:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/41.143.215.45", "AS36903,C2,censys,CobaltStrike,cs-watermark-987654321,MT-MPLS", "0", "DonPasci" "2025-03-28 16:57:12", "1460690", "54.93.36.37:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-28 16:56:55", "1460689", "47.237.86.35:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-28 16:55:58", "1460686", "196.251.70.183:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-28 16:55:52", "1460685", "191.251.70.183:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-28 16:26:16", "1460679", "130.195.222.202:80", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/cd78e094-adc0-4cd8-934a-5dd079790c64", "c2", "0", "boruch" "2025-03-28 16:26:16", "1460680", "130.195.222.202:443", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/cd78e094-adc0-4cd8-934a-5dd079790c64", "c2", "0", "boruch" "2025-03-28 16:26:15", "1460681", "130.195.222.199:80", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/cd78e094-adc0-4cd8-934a-5dd079790c64", "c2", "0", "boruch" "2025-03-28 16:26:15", "1460682", "130.195.222.199:443", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/cd78e094-adc0-4cd8-934a-5dd079790c64", "c2", "0", "boruch" "2025-03-28 16:02:08", "1460677", "95.216.19.115:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/95.216.19.115", "AS24940,C2,censys,HETZNER-AS,rhadamanthys,stealer", "0", "DonPasci" "2025-03-28 16:02:03", "1460676", "2.59.135.10:1337", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/2.59.135.10", "AS58212,C2,censys,DATAFOREST,Nosviak,Panel", "0", "DonPasci" "2025-03-28 16:01:33", "1460674", "93.232.98.162:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/93.232.98.162", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci" "2025-03-28 16:01:32", "1460673", "3.127.145.44:1201", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/3.127.145.44", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-28 16:01:19", "1460669", "107.189.25.189:9010", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:19", "1460670", "95.181.164.107:15777", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:19", "1460671", "185.112.83.134:7772", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:19", "1460672", "45.33.120.118:8173", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:15", "1460625", "37.59.186.230:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:15", "1460626", "68.63.132.222:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:15", "1460627", "46.228.199.142:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:14", "1460622", "217.66.231.239:888", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:14", "1460623", "174.127.99.161:555", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:14", "1460624", "79.180.167.177:80", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:13", "1460614", "213.152.43.231:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:13", "1460615", "45.11.229.181:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:13", "1460616", "45.135.194.39:5555", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460607", "190.95.6.173:3460", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460608", "88.28.37.138:80", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460609", "24.208.80.10:82", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460610", "85.17.136.169:2121", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460611", "122.3.6.90:9000", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460612", "194.180.158.53:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:12", "1460613", "185.121.13.205:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:11", "1460605", "196.251.73.189:50", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.73.189", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci" "2025-03-28 16:01:11", "1460606", "176.65.144.32:8008", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/176.65.144.32", "AS215240,AsyncRAT,C2,censys,NETRESEARCH,RAT", "0", "DonPasci" "2025-03-28 16:01:10", "1460589", "5.78.134.229:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/5.78.134.229", "AS212317,AsyncRAT,C2,censys,HETZNER-CLOUD3-AS,RAT", "0", "DonPasci" "2025-03-28 16:01:09", "1460583", "94.154.173.50:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/94.154.173.50", "1GSERVERS,AS14315,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-03-28 16:01:08", "1460555", "154.201.69.66:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.201.69.66", "AS142032,C2,censys,HFTCL-AS-AP,Supershell", "0", "DonPasci" "2025-03-28 16:01:07", "1460546", "193.42.96.15:12434", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:06", "1460543", "167.71.56.116:22364", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:06", "1460544", "188.92.191.202:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:01:06", "1460545", "37.46.211.91:80", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:59", "1460495", "217.138.212.60:53956", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:59", "1460496", "45.61.136.244:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:59", "1460497", "45.61.136.244:7070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:59", "1460498", "196.251.90.107:44839", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:58", "1460491", "45.61.136.244:7777", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:58", "1460492", "196.251.83.79:7812", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:58", "1460493", "176.65.144.143:5800", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:58", "1460494", "37.1.207.4:1708", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:57", "1460490", "45.61.136.244:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:53", "1460458", "147.185.221.26:4444", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:53", "1460459", "77.83.242.113:2020", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:53", "1460460", "195.177.94.6:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460447", "185.84.160.71:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460448", "89.190.158.149:6666", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460449", "147.185.221.26:60364", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460450", "147.185.221.27:7605", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460451", "45.139.104.175:3703", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460452", "193.161.193.99:24267", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460453", "94.159.113.64:4411", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460454", "147.185.221.27:9999", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460455", "31.166.229.37:1252", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460456", "147.185.221.27:7252", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:52", "1460457", "212.224.93.247:5605", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460436", "107.172.44.175:4489", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460437", "176.65.134.217:7011", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460438", "174.89.92.252:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460439", "147.185.221.27:10546", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460440", "176.65.143.140:7232", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460441", "192.3.101.149:3535", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460442", "196.251.92.5:1111", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460443", "45.141.27.117:1919", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460444", "147.185.221.26:58041", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460445", "45.125.216.17:7888", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:51", "1460446", "80.76.49.46:1000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460426", "89.39.121.169:9000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460427", "216.250.251.96:49916", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460428", "109.61.108.85:8848", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460429", "147.185.221.26:20448", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460430", "196.251.113.41:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460431", "196.251.70.206:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460432", "147.185.221.23:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460433", "147.185.221.25:27380", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460434", "147.185.221.26:29882", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:50", "1460435", "195.177.94.1:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460414", "147.185.221.2:5123", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460415", "92.255.85.2:4372", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460416", "147.185.221.26:14704", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460417", "147.30.233.79:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460418", "83.147.240.230:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460419", "174.89.92.252:5123", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460420", "195.62.48.222:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460421", "46.197.220.52:1000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460422", "147.185.221.27:5300", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460423", "84.67.89.127:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460424", "103.78.0.137:5151", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:49", "1460425", "142.147.96.74:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460405", "82.21.151.21:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460406", "154.201.68.225:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460407", "37.48.64.102:3960", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460408", "217.195.153.81:50002", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460409", "147.185.221.23:26347", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460410", "147.185.221.27:2926", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460411", "45.141.215.86:5823", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460412", "147.185.221.26:6222", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:48", "1460413", "142.202.240.81:7232", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:43", "1460363", "118.178.57.137:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/118.178.57.137", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci" "2025-03-28 16:00:40", "1460346", "172.94.17.217:26076", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/172.94.17.217", "AS3223,C2,censys,RAT,Remcos,VOXILITY", "0", "DonPasci" "2025-03-28 16:00:39", "1460333", "108.171.192.252:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/108.171.192.252", "AS18450,C2,censys,RAT,Remcos,WEBNX", "0", "DonPasci" "2025-03-28 16:00:39", "1460338", "216.9.225.163:57090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/216.9.225.163", "AS44382,C2,censys,FIBA,RAT,Remcos", "0", "DonPasci" "2025-03-28 16:00:38", "1460327", "216.9.225.168:7070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/216.9.225.168", "AS44382,C2,censys,FIBA,RAT,Remcos", "0", "DonPasci" "2025-03-28 16:00:30", "1460256", "176.65.134.178:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:30", "1460257", "164.92.194.184:8213", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:30", "1460258", "104.245.240.66:6661", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:29", "1460251", "45.137.70.108:6125", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:29", "1460252", "103.125.217.116:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:29", "1460253", "82.68.20.104:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:29", "1460254", "185.246.113.247:10788", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:29", "1460255", "139.224.164.225:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:28", "1460246", "139.59.240.97:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:28", "1460247", "104.245.240.66:6662", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:28", "1460248", "147.185.221.27:3368", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:28", "1460249", "82.68.20.104:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:28", "1460250", "69.197.174.136:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:27", "1460241", "195.88.218.126:3232", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:27", "1460242", "82.68.20.104:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:27", "1460243", "185.246.113.247:8088", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:27", "1460244", "147.185.221.27:5050", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:27", "1460245", "212.64.201.61:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:26", "1460235", "45.133.247.28:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:26", "1460236", "45.133.247.28:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:26", "1460237", "151.243.81.87:4400", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:26", "1460238", "147.185.221.27:12362", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:26", "1460239", "201.14.241.58:1120", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:26", "1460240", "164.92.194.184:2298", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:25", "1460232", "74.248.137.135:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:25", "1460233", "85.235.74.114:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:25", "1460234", "147.185.221.25:45714", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:24", "1460231", "194.105.5.199:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:22", "1460217", "47.113.229.136:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.113.229.136", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-03-28 16:00:20", "1460206", "38.55.199.146:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/38.55.199.146", "AS139659,C2,censys,CobaltStrike,cs-watermark-987654321,LUCID-AS-AP", "0", "DonPasci" "2025-03-28 16:00:16", "1460170", "5.178.111.227:1604", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:16", "1460171", "193.161.193.99:41287", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:16", "1460172", "213.209.150.112:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:16", "1460173", "185.246.113.135:1604", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460161", "212.102.63.147:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460162", "159.196.23.241:2021", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460163", "77.79.6.57:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460164", "212.56.35.232:101", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460165", "172.221.202.55:2222", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460166", "195.211.191.164:4783", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460167", "137.184.183.22:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460168", "216.38.7.246:1616", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:15", "1460169", "185.231.252.213:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:14", "1460158", "94.31.108.129:52427", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:14", "1460159", "147.185.221.26:12171", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 16:00:14", "1460160", "194.59.31.106:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "28March2025,iocbottest", "0", "Gi7w0rm" "2025-03-28 13:44:58", "1460043", "46.203.233.30:1337", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "c2,ssh,succubus", "0", "redrabytes" "2025-03-28 13:44:57", "1460044", "46.203.233.30:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "c2,ssh,succubus", "0", "redrabytes" "2025-03-28 12:02:07", "1460036", "178.224.123.45:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/178.224.123.45", "AS50266,C2,censys,CobaltStrike,ODIDO,open-dir", "0", "DonPasci" "2025-03-28 12:01:24", "1460033", "78.128.112.209:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/78.128.112.209", "AS_4MEDIA,AS202325,C2,censys,Havoc", "0", "DonPasci" "2025-03-28 12:01:13", "1460032", "196.221.48.72:8081", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/196.221.48.72", "AS24835,C2,censys,Quasar,RAT,RAYA-AS", "0", "DonPasci" "2025-03-28 12:01:11", "1460031", "84.32.190.92:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/84.32.190.92", "AS59642,C2,censys,CHERRYSERVERS2-AS,Mythic", "0", "DonPasci" "2025-03-28 12:01:04", "1460030", "163.172.125.253:405", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/163.172.125.253", "AS12876,AsyncRAT,C2,censys,Online,RAT", "0", "DonPasci" "2025-03-28 12:00:40", "1460029", "47.117.146.230:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/47.117.146.230", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci" "2025-03-28 12:00:37", "1460027", "193.142.146.35:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.142.146.35", "AS213438,C2,censys,COLOCATEL-INC,RAT,Remcos", "0", "DonPasci" "2025-03-28 12:00:34", "1460026", "4.231.238.232:80", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "https://search.censys.io/hosts/4.231.238.232", "AS8075,C2,censys,DarkComet,MICROSOFT-CORP-MSN-AS-BLOCK,RAT", "0", "DonPasci" "2025-03-28 12:00:25", "1460025", "42.51.44.204:8019", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/42.51.44.204", "AS56005,C2,censys,CobaltStrike,FASTIDC", "0", "DonPasci" "2025-03-28 12:00:22", "1460024", "43.138.54.95:8070", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.138.54.95", "AS45090,C2,censys,CobaltStrike,cs-watermark-1234567890,TENCENT-NET-AP", "0", "DonPasci" "2025-03-28 11:44:37", "1460019", "166.88.132.172:443", "ip:port", "botnet_cc", "win.doplugs", "None", "DOPLUGS", "", "100", "None", "DarkPeony,Operation ControlPlug", "0", "Rony" "2025-03-28 08:56:01", "1459999", "38.114.103.150:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-03-28 08:49:57", "1459997", "37.56.106.1:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-03-28 08:49:53", "1459996", "35.93.209.149:4840", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "75", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch" "2025-03-28 08:49:15", "1459995", "217.61.60.69:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-03-28 08:48:08", "1459994", "195.158.82.221:8081", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch" "2025-03-28 08:32:23", "1459993", "154.204.35.215:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-28 08:32:08", "1459991", "27.106.116.66:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch" "2025-03-28 08:32:08", "1459992", "105.158.175.70:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-28 08:32:07", "1459990", "198.12.121.86:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-28 08:32:05", "1459989", "159.138.34.52:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-28 08:32:04", "1459988", "122.51.162.169:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-03-28 08:01:31", "1459982", "43.200.254.212:13384", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/43.200.254.212", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-28 08:01:31", "1459983", "54.82.229.132:1098", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/54.82.229.132", "AMAZON-AES,AS14618,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-28 08:01:24", "1459979", "3.36.95.115:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/3.36.95.115", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-03-28 08:01:24", "1459980", "146.70.113.133:40090", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/146.70.113.133", "AS9009,C2,censys,Havoc,M247", "0", "DonPasci" "2025-03-28 08:01:15", "1459977", "196.251.72.201:7007", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/196.251.72.201", "AS401115,C2,censys,EKABI,Quasar,RAT", "0", "DonPasci" "2025-03-28 08:01:15", "1459978", "79.32.224.230:8484", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/79.32.224.230", "AS3269,ASN-IBSNAZ,C2,censys,Quasar,RAT", "0", "DonPasci" "2025-03-28 08:01:14", "1459975", "212.67.17.157:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/212.67.17.157", "AS56694,C2,censys,Hookbot,SMARTAPE", "0", "DonPasci" "2025-03-28 08:01:14", "1459976", "161.97.187.28:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/161.97.187.28", "AS51167,C2,censys,CONTABO,Hookbot", "0", "DonPasci" "2025-03-28 08:01:09", "1459974", "185.7.214.25:15747", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/185.7.214.25", "AS207566,C2,censys,LD007-AS,RAT,Sectop", "0", "DonPasci" "2025-03-28 08:01:08", "1459972", "196.251.72.213:5555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.213", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-28 08:01:08", "1459973", "196.251.72.213:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.213", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-28 08:01:07", "1459970", "128.90.113.185:2000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.113.185", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-03-28 08:01:07", "1459971", "196.251.72.213:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.213", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-28 08:01:06", "1459969", "103.201.24.165:41205", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.201.24.165", "AS133115,C2,censys,HKKFGL-AS-AP,Supershell", "0", "DonPasci" "2025-03-28 08:01:04", "1459968", "158.247.192.122:443", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "90", "https://search.censys.io/hosts/158.247.192.122", "AS-VULTR,AS20473,C2,censys,RAT,ShadowPad", "0", "DonPasci" "2025-03-28 08:00:37", "1459965", "160.30.192.52:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/160.30.192.52", "AS150862,C2,censys,MAYTINHVPSTTT-VN,RAT,Remcos", "0", "DonPasci" "2025-03-28 08:00:37", "1459966", "173.225.102.145:8172", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/173.225.102.145", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci" "2025-03-28 08:00:37", "1459967", "173.214.166.105:5525", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/173.214.166.105", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci" "2025-03-28 08:00:24", "1459964", "154.12.47.131:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.12.47.131", "AS979,C2,censys,CobaltStrike,cs-watermark-426352781,NETLAB-SDN", "0", "DonPasci" "2025-03-28 08:00:20", "1459963", "8.134.98.235:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.134.98.235", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-03-28 08:00:19", "1459962", "113.46.145.222:83", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/113.46.145.222", "AS55990,C2,censys,CobaltStrike,cs-watermark-391144938,HWCSNET", "0", "DonPasci" "2025-03-28 06:22:53", "1459812", "26.68.29.70:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-03-28 06:22:53", "1459813", "26.68.29.70:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-03-28 06:22:53", "1459814", "26.68.29.70:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-03-28 06:21:37", "1459747", "23.254.226.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/23.254.226.59", "AS54290,censys,GoPhish,HOSTWINDS,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:37", "1459748", "3.110.175.188:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.110.175.188", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:36", "1459749", "51.91.98.68:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.91.98.68", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:36", "1459750", "1.234.53.84:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/1.234.53.84", "AS9318,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:35", "1459751", "175.178.210.153:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/175.178.210.153", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:34", "1459752", "217.77.10.47:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/217.77.10.47", "AS40021,censys,GoPhish,NL-811-40021,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:34", "1459753", "57.152.53.24:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/57.152.53.24", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:34", "1459755", "159.65.128.101:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.65.128.101", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:33", "1459754", "57.128.224.32:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/57.128.224.32", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:31", "1459756", "23.254.227.248:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/23.254.227.248", "AS54290,censys,GoPhish,HOSTWINDS,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:31", "1459757", "80.147.22.137:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/80.147.22.137", "AS3320,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:30", "1459758", "188.166.167.90:1724", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/188.166.167.90", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:30", "1459759", "3.96.52.62:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.96.52.62", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:29", "1459760", "213.209.129.104:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/213.209.129.104", "AS214943,censys,GoPhish,Phishing,RAILNET", "0", "dyingbreeds_" "2025-03-28 06:21:29", "1459761", "34.72.13.80:10443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.72.13.80", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:29", "1459762", "161.35.141.82:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.141.82", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:28", "1459763", "103.127.136.86:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.136.86", "AS133800,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:28", "1459764", "52.237.129.18:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.237.129.18", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:27", "1459765", "15.207.72.211:4433", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/15.207.72.211", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:27", "1459766", "38.137.234.19:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.137.234.19", "AS263767,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:27", "1459767", "34.148.215.191:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.148.215.191", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:26", "1459768", "45.162.207.20:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.162.207.20", "AS267692,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:26", "1459769", "54.196.225.206:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.196.225.206", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:25", "1459770", "155.138.214.214:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/155.138.214.214", "AS-VULTR,AS20473,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:24", "1459771", "13.51.121.129:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.51.121.129", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:24", "1459772", "103.150.93.29:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.150.93.29", "AS133800,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:24", "1459773", "184.82.96.109:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/184.82.96.109", "AS133481,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-03-28 06:21:13", "1459746", "38.60.253.53:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.60.253.53", "AS138915,censys,Viper", "0", "dyingbreeds_" "2025-03-28 06:21:12", "1459744", "18.188.74.173:5000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.188.74.173", "AMAZON-02,AS16509,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-03-28 06:21:12", "1459745", "38.55.194.229:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.55.194.229", "AS139659,censys,Viper", "0", "dyingbreeds_" "2025-03-28 06:21:10", "1459741", "113.44.139.241:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/113.44.139.241", "AS55990,C2,censys", "0", "dyingbreeds_" "2025-03-28 06:21:10", "1459742", "172.200.208.236:80", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/172.200.208.236", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "dyingbreeds_" "2025-03-28 06:21:10", "1459743", "141.98.11.95:5000", "ip:port", "botnet_cc", "win.ares", "None", "Ares", "", "90", "https://search.censys.io/hosts/141.98.11.95", "AS209605,C2,censys,HOSTBALTIC,RAT", "0", "dyingbreeds_" "2025-03-28 06:20:44", "1459511", "198.98.51.68:1302", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes" "2025-03-28 06:20:43", "1459512", "46.203.233.30:9931", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes" "2025-03-28 06:20:23", "1459806", "13.247.61.214:902", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.247.61.214#902", "c2,netbus,shodan", "0", "juroots" "2025-03-28 06:20:08", "1459805", "77.83.198.35:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/77.83.198.35#80", "c2,shodan,spicerat", "0", "juroots" "2025-03-28 06:19:52", "1459804", "52.34.205.214:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/52.34.205.214#443", "c2,havoc,shodan", "0", "juroots" "2025-03-28 06:19:42", "1459803", "3.26.57.58:15", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/3.26.57.58#15", "blackshades,c2,shodan", "0", "juroots" "2025-03-28 06:19:18", "1459802", "149.210.40.144:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "https://www.shodan.io/host/149.210.40.144#443", "c2,gh0st,shodan", "0", "juroots" "2025-03-28 06:19:04", "1459801", "41.109.246.219:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "https://www.shodan.io/host/41.109.246.219#1177", "c2,njrat,shodan", "0", "juroots" "2025-03-28 06:18:49", "1459800", "84.46.239.239:5986", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/84.46.239.239#5986", "bruteratel,c2,shodan", "0", "juroots" "2025-03-28 06:18:32", "1459798", "158.247.199.105:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/158.247.199.105#80", "c2,kimsuky,shodan", "0", "juroots" "2025-03-28 06:18:32", "1459799", "158.247.242.169:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/158.247.242.169#80", "c2,kimsuky,shodan", "0", "juroots" "2025-03-28 06:17:55", "1459796", "159.203.148.17:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/159.203.148.17#31337", "c2,shodan,sliver", "0", "juroots" "2025-03-28 06:17:55", "1459797", "196.251.72.233:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/196.251.72.233#31337", "c2,shodan,sliver", "0", "juroots" "2025-03-28 06:17:35", "1459794", "91.228.113.199:9031", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/91.228.113.199#9031", "c2,netsupport,shodan", "0", "juroots" "2025-03-28 06:17:35", "1459795", "24.112.49.153:5150", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/24.112.49.153#5150", "c2,netsupport,shodan", "0", "juroots" "2025-03-28 06:17:34", "1459793", "13.56.159.44:5858", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/13.56.159.44#5858", "c2,netsupport,shodan", "0", "juroots" "2025-03-28 06:17:16", "1459792", "85.217.170.214:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/85.217.170.214#7777", "asyncrat,c2,shodan", "0", "juroots" "2025-03-28 06:17:15", "1459790", "157.20.182.31:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/157.20.182.31#7777", "asyncrat,c2,shodan", "0", "juroots" "2025-03-28 06:17:15", "1459791", "72.167.40.98:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/72.167.40.98#7777", "asyncrat,c2,shodan", "0", "juroots" "2025-03-28 06:16:58", "1459788", "45.32.36.91:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/45.32.36.91#443", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:58", "1459789", "198.12.73.140:22001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/198.12.73.140#22001", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:57", "1459785", "45.157.148.200:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/45.157.148.200#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:57", "1459786", "42.186.17.183:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/42.186.17.183#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:57", "1459787", "47.121.138.97:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.121.138.97#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:56", "1459784", "45.157.148.200:4499", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/45.157.148.200#4499", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:55", "1459783", "62.234.27.146:3307", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/62.234.27.146#3307", "c2,cobaltstrike,shodan", "0", "juroots" "2025-03-28 06:16:37", "1459782", "8.152.194.88:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/8.152.194.88#8443", "c2,cobaltstrike,cs-watermark-100000,shodan", "0", "juroots" "2025-03-28 06:16:36", "1459781", "42.51.44.204:8488", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/42.51.44.204#8488", "c2,cobaltstrike,cs-watermark-100000,shodan", "0", "juroots" "2025-03-28 06:15:59", "1459780", "148.66.2.198:8083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/148.66.2.198#8083", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-28 06:15:58", "1459779", "148.66.2.195:8083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/148.66.2.195#8083", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-28 06:15:57", "1459778", "148.66.2.194:8083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/148.66.2.194#8083", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-28 06:15:56", "1459777", "113.45.7.54:3141", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/113.45.7.54#3141", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-03-28 05:40:23", "1459774", "196.251.86.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/2edffaa16ba62436a4744e31d76dfaba8748534e4d6c752ca5b11949c25a4a7a/", "remcos", "0", "abuse_ch" "2025-03-28 04:01:28", "1459735", "38.180.188.172:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/38.180.188.172", "AS9009,C2,censys,Ermac,M247,panel", "0", "DonPasci" "2025-03-28 04:01:25", "1459733", "146.70.49.42:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/146.70.49.42", "AS9009,C2,censys,DcRAT,M247,RAT", "0", "DonPasci" "2025-03-28 04:01:25", "1459734", "18.138.230.180:41964", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/18.138.230.180", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-28 04:01:11", "1459731", "172.105.74.13:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/172.105.74.13", "AKAMAI-LINODE-AP,AS63949,C2,censys,Hookbot", "0", "DonPasci" "2025-03-28 04:01:11", "1459732", "176.65.138.82:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/176.65.138.82", "AS215462,BUGGZ-HOSTING,C2,censys,Hookbot", "0", "DonPasci" "2025-03-28 04:01:05", "1459728", "128.90.113.185:4000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.113.185", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-03-28 04:01:05", "1459729", "128.90.113.185:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.113.185", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-03-28 04:01:05", "1459730", "78.171.42.106:2003", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/78.171.42.106", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-03-28 04:01:04", "1459726", "115.79.198.51:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/115.79.198.51", "AS7552,AsyncRAT,C2,censys,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-03-28 04:01:04", "1459727", "45.88.186.85:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/45.88.186.85", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-03-28 04:01:03", "1459725", "94.158.247.5:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/94.158.247.5", "AS39798,C2,censys,MIVOCLOUD,Supershell", "0", "DonPasci" "2025-03-28 04:00:36", "1459723", "80.76.49.131:5900", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/80.76.49.131", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci" "2025-03-28 04:00:36", "1459724", "68.168.223.108:30330", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/68.168.223.108", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci" "2025-03-28 04:00:35", "1459721", "176.65.141.138:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/176.65.141.138", "AS215240,C2,censys,NETRESEARCH,RAT,Remcos", "0", "DonPasci" "2025-03-28 04:00:35", "1459722", "193.142.146.70:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.142.146.70", "AS213438,C2,censys,COLOCATEL-INC,RAT,Remcos", "0", "DonPasci" "2025-03-28 04:00:34", "1459720", "185.244.29.219:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.244.29.219", "AS214366,C2,censys,PRIVACYFIRST,RAT,Remcos", "0", "DonPasci" "2025-03-28 04:00:22", "1459719", "47.104.246.77:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.104.246.77", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-426352781", "0", "DonPasci" "2025-03-28 04:00:20", "1459718", "205.198.65.161:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/205.198.65.161", "AS138997,C2,censys,CobaltStrike,cs-watermark-666666666,EDCL-AS-AP", "0", "DonPasci" "2025-03-28 03:35:22", "1459717", "176.65.142.14:6060", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/2f423571a318924318504db10008bc4cc48afd550c59caf89b40a04c94a890f7/", "remcos", "0", "abuse_ch" "2025-03-28 02:54:10", "1459712", "140.143.249.143:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-03-28 00:01:55", "1459534", "195.82.147.21:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/195.82.147.21", "AS203834,C2,censys,DEDBROPRO-AS,rhadamanthys,stealer", "0", "DonPasci" "2025-03-28 00:01:40", "1459533", "94.154.34.47:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/94.154.34.47", "AS210538,C2,censys,Gafgyt,KEYUBU,open-dir", "0", "DonPasci" "2025-03-28 00:01:35", "1459532", "167.88.164.138:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/167.88.164.138", "AS14956,censys,EvilGoPhish,panel,Phishing,ROUTERHOSTING", "0", "DonPasci" "2025-03-28 00:01:34", "1459531", "34.58.136.79:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "", "100", "https://search.censys.io/hosts/34.58.136.79", "AS396982,censys,Chaos,GOOGLE-CLOUD-PLATFORM,panel", "0", "DonPasci" "2025-03-28 00:01:33", "1459530", "20.83.181.241:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.83.181.241", "AS8075,censys,EvilGinx,MICROSOFT-CORP-MSN-AS-BLOCK,panel,Phishing", "0", "DonPasci" "2025-03-28 00:01:22", "1459529", "195.82.146.32:4444", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/195.82.146.32", "AS47105,C2,censys,DcRAT,DEDBROPRO,RAT", "0", "DonPasci" "2025-03-28 00:01:19", "1459528", "74.248.137.135:4444", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/74.248.137.135", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,RAT,Venom", "0", "DonPasci" "2025-03-28 00:01:08", "1459527", "144.123.101.10:60001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/144.123.101.10", "AS4134,C2,censys,CHINANET-BACKBONE,Quasar,RAT", "0", "DonPasci" "2025-03-28 00:01:07", "1459525", "43.224.227.246:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/43.224.227.246", "AROSS-AS,AS400619,C2,censys,Hookbot", "0", "DonPasci" "2025-03-28 00:01:07", "1459526", "43.224.227.246:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/43.224.227.246", "AROSS-AS,AS400619,C2,censys,Hookbot", "0", "DonPasci" "2025-03-28 00:01:06", "1459523", "176.65.138.82:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/176.65.138.82", "AS215462,BUGGZ-HOSTING,C2,censys,Hookbot", "0", "DonPasci" "2025-03-28 00:01:06", "1459524", "45.33.122.33:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/45.33.122.33", "AKAMAI-LINODE-AP,AS63949,C2,censys,Hookbot", "0", "DonPasci" "2025-03-28 00:01:05", "1459522", "185.126.82.230:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.126.82.230", "AS63473,C2,censys,HOSTHATCH,Mythic", "0", "DonPasci" "2025-03-28 00:01:00", "1459521", "78.171.42.106:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/78.171.42.106", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-03-28 00:00:36", "1459520", "195.114.193.239:48876", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/195.114.193.239", "AS212238,C2,CDNEXT,censys,Sliver", "0", "DonPasci" "2025-03-28 00:00:34", "1459519", "142.93.15.10:5000", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "100", "https://search.censys.io/hosts/142.93.15.10", "AS14061,C2,censys,DIGITALOCEAN-ASN,Pupy,RAT", "0", "DonPasci" "2025-03-28 00:00:23", "1459518", "106.54.238.71:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/106.54.238.71", "AS45090,C2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci" "2025-03-28 00:00:20", "1459517", "196.251.86.168:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/196.251.86.168", "AS401120,C2,censys,CHEAPY-HOST,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-03-28 00:00:18", "1459515", "101.37.31.139:5376", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.37.31.139", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-03-28 00:00:18", "1459516", "121.37.189.77:9010", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/121.37.189.77", "AS55990,C2,censys,CobaltStrike,cs-watermark-391144938,HWCSNET", "0", "DonPasci" "2025-03-28 00:00:17", "1459514", "113.45.11.103:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/113.45.11.103", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci" "2025-03-28 00:00:16", "1459513", "8.137.38.111:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.137.38.111", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-03-27 20:49:13", "1459481", "222.126.140.44:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-03-27 20:47:32", "1459480", "188.49.62.65:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-03-27 20:44:05", "1459479", "119.23.189.216:7443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-03-27 20:43:57", "1459478", "114.132.166.230:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "None", "drb-ra,RAT", "0", "abuse_ch" "2025-03-27 20:01:07", "1459475", "83.147.53.67:8808", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/83.147.53.67", "AS399486,C2,censys,Quasar,RAT,VIRTUO", "0", "DonPasci" "2025-03-27 20:01:06", "1459474", "43.224.227.246:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/43.224.227.246", "AROSS-AS,AS400619,C2,censys,Hookbot", "0", "DonPasci" "2025-03-27 20:01:00", "1459472", "78.171.42.106:2004", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/78.171.42.106", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-03-27 20:01:00", "1459473", "193.42.36.133:2000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/193.42.36.133", "AS59711,AsyncRAT,C2,censys,HZ-EU-AS,RAT", "0", "DonPasci" "2025-03-27 20:00:36", "1459471", "13.229.224.94:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/13.229.224.94", "AMAZON-02,AS16509,C2,censys,open-dir,payload,Sliver", "0", "DonPasci" "2025-03-27 20:00:32", "1459470", "188.93.233.42:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/188.93.233.42", "AS47674,C2,censys,NETSOLUTIONS,RAT,Remcos", "0", "DonPasci" "2025-03-27 20:00:31", "1459468", "192.227.168.165:1070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/192.227.168.165", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-03-27 20:00:31", "1459469", "192.227.168.165:14646", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/192.227.168.165", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-03-27 20:00:16", "1459467", "39.106.15.73:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/39.106.15.73", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-03-27 20:00:15", "1459465", "75.127.89.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/75.127.89.194", "AS979,C2,censys,CobaltStrike,cs-watermark-987654321,NETLAB-SDN", "0", "DonPasci" "2025-03-27 20:00:15", "1459466", "156.238.233.21:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/156.238.233.21", "AS142032,C2,censys,CobaltStrike,cs-watermark-987654321,HFTCL-AS-AP", "0", "DonPasci" "2025-03-27 17:22:18", "1459460", "88.99.125.82:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-27 16:01:26", "1459446", "35.93.230.174:33389", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/35.93.230.174", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-03-27 16:01:25", "1459445", "195.82.146.32:8090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/195.82.146.32", "AS47105,C2,censys,DcRAT,DEDBROPRO,RAT", "0", "DonPasci" "2025-03-27 16:01:19", "1459443", "38.54.86.240:2096", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/38.54.86.240", "AS138915,C2,censys,Havoc,KAOPU-HK", "0", "DonPasci" "2025-03-27 16:01:10", "1459442", "194.195.241.185:8010", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/194.195.241.185", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci" "2025-03-27 16:01:05", "1459441", "156.245.11.12:3955", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/156.245.11.12", "AS133199,AsyncRAT,C2,censys,RAT,SONDERCLOUDLIMITED-AS-AP", "0", "DonPasci" "2025-03-27 16:01:04", "1459439", "196.251.69.124:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.69.124", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-27 16:01:04", "1459440", "196.251.69.124:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.69.124", "AS401115,AsyncRAT,C2,censys,EKABI,RAT", "0", "DonPasci" "2025-03-27 16:01:03", "1459438", "78.171.42.106:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/78.171.42.106", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-03-27 16:01:01", "1459436", "115.120.251.188:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/115.120.251.188", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci" "2025-03-27 16:01:01", "1459437", "47.239.54.235:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.239.54.235", "ALIBABA-CN-NET,AS45102,C2,censys,Supershell", "0", "DonPasci" "2025-03-27 16:00:37", "1459435", "51.92.38.49:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/51.92.38.49", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci" "2025-03-27 16:00:21", "1459433", "45.197.150.76:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/45.197.150.76", "ANSHENG-AS-AP,AS134365,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci" "2025-03-27 16:00:21", "1459434", "47.108.39.159:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.108.39.159", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci" "2025-03-27 16:00:20", "1459432", "8.130.107.173:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.130.107.173", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-0", "0", "DonPasci" "2025-03-27 16:00:19", "1459431", "23.95.193.207:2087", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/23.95.193.207", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-03-27 16:00:17", "1459430", "101.133.229.117:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.133.229.117", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-03-27 16:00:16", "1459429", "154.82.92.74:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.82.92.74", "AS399077,C2,censys,CobaltStrike,cs-watermark-987654321,TERAEXCH", "0", "DonPasci" "2025-03-27 16:00:15", "1459427", "154.37.219.98:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.37.219.98", "AS979,C2,censys,CobaltStrike,cs-watermark-987654321,NETLAB-SDN", "0", "DonPasci" "2025-03-27 16:00:15", "1459428", "8.138.9.113:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.138.9.113", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-03-27 15:45:43", "1459378", "196.251.86.49:36063", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes" # Number of entries: 523