################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2025-05-07 20:53:05 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-05-07 20:53:05", "1518215", "81.19.141.47:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-05-07 20:52:41", "1518214", "70.31.125.238:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-07 20:48:12", "1518212", "188.49.76.30:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-07 20:46:59", "1518211", "173.187.25.146:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-07 20:01:36", "1518125", "103.77.241.172:443", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/103.77.241.172", "AS140810,C2,censys,MEGACORE-AS-VN,moobot", "0", "DonPasci" "2025-05-07 20:01:22", "1518124", "52.210.234.4:2761", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 20:52:07", "100", "https://search.censys.io/hosts/52.210.234.4", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-07 20:01:18", "1518123", "37.72.168.146:15443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/37.72.168.146", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-05-07 20:01:14", "1518121", "86.38.247.78:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/86.38.247.78", "AS212238,C2,CDNEXT,censys,Quasar,RAT", "0", "DonPasci" "2025-05-07 20:00:53", "1518120", "8.210.232.186:45209", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:52:57", "100", "https://search.censys.io/hosts/8.210.232.186", "ALIBABA-CN-NET,AS45102,C2,censys,Sliver", "0", "DonPasci" "2025-05-07 20:00:47", "1518118", "68.168.31.113:53284", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:52:38", "100", "https://search.censys.io/hosts/68.168.31.113", "AS-GLOBALTELEHOST,AS63023,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-07 20:00:47", "1518119", "186.169.63.68:8888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:48:07", "100", "https://search.censys.io/hosts/186.169.63.68", "AS3816,C2,censys,COLOMBIA,RAT,Remcos", "0", "DonPasci" "2025-05-07 20:00:46", "1518117", "77.220.212.80:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:52:45", "100", "https://search.censys.io/hosts/77.220.212.80", "AS211381,C2,censys,PODAON,RAT,Remcos", "0", "DonPasci" "2025-05-07 20:00:28", "1518116", "82.115.223.251:31332", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/82.115.223.251", "AS214927,C2,censys,CobaltStrike,cs-watermark-391144938,PSB-AS", "0", "DonPasci" "2025-05-07 19:50:13", "1518115", "192.248.152.36:37189", "ip:port", "botnet_cc", "win.xenorat", "None", "XenoRAT", "", "100", "None", "XenoRAT", "0", "abuse_ch" "2025-05-07 18:28:17", "1518104", "45.158.8.156:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/45.158.8.156#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 18:12:27", "1518097", "87.20.235.24:5060", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-07 18:12:27", "1518098", "87.20.235.24:5061", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-07 18:12:27", "1518099", "212.87.221.19:9999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-07 18:05:41", "1518082", "94.158.245.104:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg" "2025-05-07 18:05:11", "1518096", "103.68.181.215:1688", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-07 17:25:09", "1518089", "77.232.37.108:8080", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E" "2025-05-07 17:25:09", "1518090", "185.173.36.137:9035", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E" "2025-05-07 17:25:09", "1518091", "91.142.79.142:8001", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E" "2025-05-07 17:25:09", "1518092", "185.173.37.18:9035", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E" "2025-05-07 17:10:23", "1518088", "185.208.159.64:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-07 17:06:54", "1518087", "94.26.90.76:3128", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-07 16:30:13", "1518083", "8.218.198.125:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-07 16:01:17", "1518074", "13.244.151.202:51005", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.244.151.202", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-07 16:01:16", "1518073", "13.244.151.202:6005", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.244.151.202", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-07 16:01:10", "1518072", "51.79.196.122:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/51.79.196.122", "AS16276,C2,censys,Hookbot,OVH", "0", "DonPasci" "2025-05-07 16:01:08", "1518071", "164.215.103.160:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:46:23", "100", "https://search.censys.io/hosts/164.215.103.160", "AS213373,C2,censys,IPCONNECT,Mythic", "0", "DonPasci" "2025-05-07 16:01:01", "1518070", "128.90.122.247:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:44:22", "100", "https://search.censys.io/hosts/128.90.122.247", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-05-07 16:00:59", "1518069", "110.41.2.207:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/110.41.2.207", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci" "2025-05-07 16:00:45", "1518067", "94.102.49.177:5900", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:53:40", "100", "https://search.censys.io/hosts/94.102.49.177", "AS202425,C2,censys,INT-NETWORK,RAT,Remcos", "0", "DonPasci" "2025-05-07 16:00:45", "1518068", "104.234.114.229:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:26", "100", "https://search.censys.io/hosts/104.234.114.229", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci" "2025-05-07 16:00:34", "1518066", "103.118.29.177:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.118.29.177", "AS150834,C2,censys,CobaltStrike,IDATA-VN", "0", "DonPasci" "2025-05-07 16:00:29", "1518064", "38.55.192.237:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/38.55.192.237", "AS139659,C2,censys,CobaltStrike,cs-watermark-666666666,LUCID-AS-AP", "0", "DonPasci" "2025-05-07 16:00:29", "1518065", "1.94.96.91:2443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/1.94.96.91", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci" "2025-05-07 15:51:06", "1518063", "91.220.8.106:80", "ip:port", "botnet_cc", "win.kpot_stealer", "Khalesi,Kpot", "KPOT Stealer", "", "75", "https://x.com/500mk500/status/1920077799206924592", "KPOTStealer", "0", "abuse_ch" "2025-05-07 15:49:53", "1518060", "85.40.86.132:7005", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "75", "https://x.com/500mk500/status/1920077799206924592", "Rhadamanthys", "0", "abuse_ch" "2025-05-07 13:10:58", "1518026", "23.146.242.237:5817", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/429a93e7b3f98aaa621cf9c8e86b89d11d8b103207364c7d8a5f7a9949b3f16c/", "remcos", "0", "abuse_ch" "2025-05-07 13:05:23", "1518025", "81.71.246.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:57:39", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-07 13:03:55", "1518024", "43.100.29.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:56:39", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-07 13:00:19", "1518023", "106.52.207.50:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:54:37", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-07 12:30:28", "1518018", "206.238.115.163:954", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-07 12:01:19", "1518017", "18.181.128.244:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-05-07 20:47:38", "100", "https://search.censys.io/hosts/18.181.128.244", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2025-05-07 12:01:18", "1518016", "54.212.6.27:1913", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 20:52:14", "100", "https://search.censys.io/hosts/54.212.6.27", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-07 12:01:03", "1518015", "113.44.81.252:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/113.44.81.252", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci" "2025-05-07 12:00:34", "1518014", "89.40.31.70:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:44:54", "100", "https://search.censys.io/hosts/89.40.31.70", "AS215117,C2,censys,CobaltStrike,HOSTERDADDY", "0", "DonPasci" "2025-05-07 12:00:30", "1518012", "104.168.64.199:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/104.168.64.199", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-07 12:00:30", "1518013", "166.108.200.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/166.108.200.194", "AS136907,C2,censys,CobaltStrike,cs-watermark-666666666,HWCLOUDS-AS-AP", "0", "DonPasci" "2025-05-07 12:00:29", "1518011", "155.138.164.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/155.138.164.52", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-07 12:00:27", "1518010", "47.121.133.57:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.121.133.57", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-07 12:00:25", "1518007", "91.200.14.226:10443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/91.200.14.226", "AS215730,C2,censys,CobaltStrike,cs-watermark-987654321,H2NEXUS-AS", "0", "DonPasci" "2025-05-07 12:00:25", "1518008", "8.133.251.236:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.133.251.236", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-07 12:00:25", "1518009", "107.149.240.12:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/107.149.240.12", "AS398478,C2,censys,CobaltStrike,cs-watermark-987654321,PEG-HK", "0", "DonPasci" "2025-05-07 10:50:51", "1517751", "103.186.117.40:47666", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/7b914b902b12af16ff2f69624a886e07e69f9046e3703a598dbead0adb727119/", "remcos", "0", "abuse_ch" "2025-05-07 10:30:53", "1517749", "196.251.69.222:2005", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/99cf8856f15a937af5fc30dad4facf87307e43c63e2cfb6424723d9255d3b71a/", "remcos", "0", "abuse_ch" "2025-05-07 09:57:26", "1517736", "23.158.232.33:3840", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-07 09:53:00", "1517729", "27.102.138.155:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/27.102.138.155#80", "c2,kimsuky,shodan", "0", "juroots" "2025-05-07 09:52:45", "1517728", "103.28.90.181:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/103.28.90.181#80", "c2,mustangpanda,shodan", "0", "juroots" "2025-05-07 09:52:10", "1517727", "103.74.101.88:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-07 11:00:02", "50", "https://www.shodan.io/host/103.74.101.88#80", "c2,hookbot,shodan", "0", "juroots" "2025-05-07 09:51:09", "1517726", "94.98.211.222:3460", "ip:port", "botnet_cc", "win.poison_ivy", "SPIVY,pivy,poisonivy", "Poison Ivy", "", "50", "https://www.shodan.io/host/94.98.211.222#3460", "c2,poison_ivy,shodan", "0", "juroots" "2025-05-07 09:49:58", "1517725", "91.103.253.40:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/91.103.253.40#443", "c2,shodan,villain", "0", "juroots" "2025-05-07 09:49:42", "1517724", "146.70.213.35:8081", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/146.70.213.35#8081", "bruteratel,c2,shodan", "0", "juroots" "2025-05-07 09:48:45", "1517722", "45.61.165.177:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/45.61.165.177#9000", "c2,sectop,shodan", "0", "juroots" "2025-05-07 09:48:29", "1517721", "3.80.91.122:8142", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/3.80.91.122#8142", "c2,netsupport,shodan", "0", "juroots" "2025-05-07 09:48:28", "1517719", "34.245.181.229:19", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/34.245.181.229#19", "c2,netsupport,shodan", "0", "juroots" "2025-05-07 09:48:28", "1517720", "3.80.91.122:12242", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/3.80.91.122#12242", "c2,netsupport,shodan", "0", "juroots" "2025-05-07 09:47:50", "1517718", "51.38.225.20:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/51.38.225.20#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:49", "1517717", "84.46.243.167:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/84.46.243.167#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:47", "1517713", "207.180.248.69:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/207.180.248.69#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:47", "1517714", "193.29.58.245:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/193.29.58.245#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:47", "1517715", "147.45.178.32:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/147.45.178.32#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:47", "1517716", "66.42.80.79:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/66.42.80.79#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:46", "1517712", "185.146.232.129:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/185.146.232.129#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-07 09:47:17", "1517711", "85.143.249.12:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/85.143.249.12#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-07 09:46:47", "1517710", "121.40.112.176:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 09:46:48", "50", "https://www.shodan.io/host/121.40.112.176#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-07 09:46:12", "1517709", "185.196.11.181:6789", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:56:04", "50", "https://www.shodan.io/host/185.196.11.181#6789", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-05-07 09:44:45", "1517708", "104.200.73.200:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 09:46:46", "50", "https://www.shodan.io/host/104.200.73.200#443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-07 09:44:44", "1517707", "119.28.89.169:9527", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 09:46:44", "50", "https://www.shodan.io/host/119.28.89.169#9527", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-07 09:40:40", "1517706", "176.123.2.242:5939", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/324f40f7bb2056632449a02712d32fee5ea186d718346be31f89f8f7fab1f856/", "remcos", "0", "abuse_ch" "2025-05-07 08:54:04", "1517704", "83.217.213.230:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-07 20:53:08", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-07 08:52:36", "1517703", "50.232.172.115:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-07 20:52:00", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-07 08:47:21", "1517696", "176.65.144.221:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:47:24", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-07 08:45:20", "1517695", "146.185.218.222:49412", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-07 20:44:59", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-07 08:45:04", "1517694", "141.105.65.172:1720", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-07 20:44:41", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-07 08:43:48", "1517693", "107.173.101.225:8580", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:43:39", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-07 08:01:39", "1517691", "5.183.95.52:80", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-07 20:51:55", "100", "https://search.censys.io/hosts/5.183.95.52", "AS44066,BianLian,C2,censys,DE-FIRSTCOLO", "0", "DonPasci" "2025-05-07 08:01:26", "1517690", "113.44.39.1:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/113.44.39.1", "AS55990,c2,c2-redirector,censys,HWCSNET,RedGuard", "0", "DonPasci" "2025-05-07 08:01:21", "1517689", "158.51.125.27:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/158.51.125.27", "AS399804,C2,censys,HOSTODO,moobot", "0", "DonPasci" "2025-05-07 08:01:09", "1517688", "93.198.190.251:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 20:53:39", "100", "https://search.censys.io/hosts/93.198.190.251", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci" "2025-05-07 08:01:07", "1517687", "188.27.74.233:8080", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "100", "https://search.censys.io/hosts/188.27.74.233", "AS8708,C2,censys,Orcus,RAT,RCS-RDS", "0", "DonPasci" "2025-05-07 08:01:03", "1517686", "192.121.246.220:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/192.121.246.220", "AS42201,C2,censys,PVDATANET,Quasar,RAT", "0", "DonPasci" "2025-05-07 08:01:01", "1517685", "45.144.53.255:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-07 20:51:15", "100", "https://search.censys.io/hosts/45.144.53.255", "AS215730,C2,censys,H2NEXUS-AS,Hookbot", "0", "DonPasci" "2025-05-07 08:00:40", "1517681", "173.225.100.207:2681", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:47:01", "100", "https://search.censys.io/hosts/173.225.100.207", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci" "2025-05-07 08:00:40", "1517682", "172.94.53.66:3191", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:46:57", "100", "https://search.censys.io/hosts/172.94.53.66", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-07 08:00:40", "1517683", "87.98.236.198:110", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:53:20", "100", "https://search.censys.io/hosts/87.98.236.198", "AS16276,C2,censys,OVH,RAT,Remcos", "0", "DonPasci" "2025-05-07 08:00:40", "1517684", "188.93.233.249:8443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:48:12", "100", "https://search.censys.io/hosts/188.93.233.249", "AS47674,C2,censys,NETSOLUTIONS,RAT,Remcos", "0", "DonPasci" "2025-05-07 08:00:39", "1517679", "89.40.31.128:9373", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:53:26", "100", "https://search.censys.io/hosts/89.40.31.128", "AS215117,C2,censys,HOSTERDADDY,RAT,Remcos", "0", "DonPasci" "2025-05-07 08:00:39", "1517680", "23.95.162.101:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:50:07", "100", "https://search.censys.io/hosts/23.95.162.101", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci" "2025-05-07 07:11:52", "1517675", "45.130.145.52:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:50:13", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:54:20", "1517666", "93.115.0.18:443", "ip:port", "payload_delivery", "apk.fastspy", "None", "FastSpy", "", "100", "", "None", "0", "morelan" "2025-05-07 06:54:19", "1517674", "45.130.145.52:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:04:52", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:45:29", "1517673", "196.251.80.4:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/dfa1bafd51ce0ae7d24aa6494840a081ea45e6959cd5ca681c20b5d12705aa8a/", "asyncrat", "0", "abuse_ch" "2025-05-07 06:13:41", "1517597", "193.27.90.134:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:56:10", "100", "https://search.censys.io/hosts/193.27.90.134", "ALEXHOST,AS200019,C2,censys", "0", "dyingbreeds_" "2025-05-07 06:13:40", "1517598", "31.14.252.90:4444", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-05-07 04:00:39", "100", "https://search.censys.io/hosts/31.14.252.90", "AS9009,C2,censys,M247", "0", "dyingbreeds_" "2025-05-07 06:13:40", "1517599", "43.135.9.55:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:00:54", "100", "https://search.censys.io/hosts/43.135.9.55", "AS132203,C2,censys,Supershell", "0", "dyingbreeds_" "2025-05-07 06:13:40", "1517600", "129.226.189.66:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:00:54", "100", "https://search.censys.io/hosts/129.226.189.66", "AS132203,C2,censys,Supershell", "0", "dyingbreeds_" "2025-05-07 06:13:39", "1517601", "107.172.61.133:8000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:43:38", "100", "https://search.censys.io/hosts/107.172.61.133", "AS-COLOCROSSING,AS36352,C2,censys,RAT", "0", "dyingbreeds_" "2025-05-07 06:13:39", "1517602", "107.172.61.133:8080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:43:38", "100", "https://search.censys.io/hosts/107.172.61.133", "AS-COLOCROSSING,AS36352,C2,censys,RAT", "0", "dyingbreeds_" "2025-05-07 06:13:37", "1517605", "34.74.204.123:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:50:33", "100", "https://search.censys.io/hosts/34.74.204.123", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Mythic", "0", "dyingbreeds_" "2025-05-07 06:13:37", "1517606", "103.148.163.45:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:43:14", "100", "https://search.censys.io/hosts/103.148.163.45", "AS58212,C2,censys,DATAFOREST,Mythic", "0", "dyingbreeds_" "2025-05-07 06:13:36", "1517613", "129.212.136.19:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/129.212.136.19", "AS14061,censys,DIGITALOCEAN-ASN,Viper", "0", "dyingbreeds_" "2025-05-07 06:13:35", "1517614", "47.122.153.145:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.122.153.145", "AS37963,censys,Viper", "0", "dyingbreeds_" "2025-05-07 06:13:34", "1517615", "154.12.20.34:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.12.20.34", "AS142032,censys,Viper", "0", "dyingbreeds_" "2025-05-07 06:13:34", "1517616", "95.111.252.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/95.111.252.59", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:33", "1517617", "34.9.145.167:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.9.145.167", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:33", "1517618", "159.223.84.144:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.223.84.144", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:32", "1517619", "54.229.8.142:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.229.8.142", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:32", "1517620", "44.220.220.33:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/44.220.220.33", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:31", "1517621", "37.27.250.172:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/37.27.250.172", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:31", "1517622", "52.213.183.75:9001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.213.183.75", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:30", "1517623", "172.236.221.94:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.236.221.94", "AS63949,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:30", "1517624", "3.255.233.102:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.255.233.102", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:29", "1517625", "1.92.158.252:8081", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/1.92.158.252", "AS55990,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:29", "1517626", "181.32.51.159:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/181.32.51.159", "AS3816,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:28", "1517627", "34.28.218.71:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.28.218.71", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:27", "1517628", "46.114.52.114:3334", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.114.52.114", "AS6805,censys,GoPhish,Phishing,TDDE-ASN1", "0", "dyingbreeds_" "2025-05-07 06:13:27", "1517629", "46.247.134.249:4433", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.247.134.249", "AS202757,CASTLE-IT,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:26", "1517631", "54.161.15.236:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.161.15.236", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:25", "1517630", "161.97.73.16:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.97.73.16", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-07 06:13:24", "1517632", "24.4.238.148:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-07 20:50:11", "100", "https://search.censys.io/hosts/24.4.238.148", "AS7922,C2,censys,COMCAST-7922", "0", "dyingbreeds_" "2025-05-07 06:13:21", "1517634", "45.130.145.51:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:25:56", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:20", "1517636", "45.130.145.52:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:00:25", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:19", "1517635", "45.130.145.52:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:14:04", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:18", "1517637", "45.130.145.51:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 20:12:31", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:18", "1517638", "45.130.145.52:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:27:39", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:17", "1517639", "45.130.145.52:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:17", "1517640", "45.130.145.51:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 09:34:26", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:16", "1517641", "45.130.145.52:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:02:46", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:16", "1517642", "45.130.145.51:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:22:23", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:15", "1517643", "45.130.145.52:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:43:29", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:15", "1517645", "45.130.145.51:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:14", "1517646", "45.130.145.52:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 10:48:50", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:14", "1517647", "45.130.145.52:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:13", "1517649", "45.130.145.52:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:41:41", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:12", "1517648", "45.130.145.51:428", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:30:50", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:11", "1517650", "45.130.145.52:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:43:48", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:11", "1517651", "45.130.145.51:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:27:48", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:08", "1517663", "45.130.145.51:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:41:45", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:13:08", "1517664", "45.130.145.51:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:14:09", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-07 06:12:49", "1517541", "94.158.245.56:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114462461080208036", "SmartApeSG", "0", "monitorsg" "2025-05-07 05:59:50", "1517661", "47.112.99.0:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-07 05:59:50", "1517662", "118.24.89.121:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-07 05:59:49", "1517659", "163.179.244.131:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch" "2025-05-07 05:59:49", "1517660", "47.242.233.16:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:57:10", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-07 05:59:48", "1517658", "8.141.113.34:89", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2025-05-07 05:59:32", "1517657", "121.41.108.106:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2025-05-07 04:01:16", "1517612", "124.223.71.152:8082", "ip:port", "botnet_cc", "win.vshell", "None", "Vshell", "2025-05-07 04:01:29", "100", "https://search.censys.io/hosts/124.223.71.152", "AS45090,C2,censys,TENCENT-NET-AP,Vshell", "0", "DonPasci" "2025-05-07 04:01:10", "1517610", "144.172.101.67:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-07 04:01:22", "100", "https://search.censys.io/hosts/144.172.101.67", "AS14956,C2,censys,DcRAT,RAT,ROUTERHOSTING", "0", "DonPasci" "2025-05-07 04:01:10", "1517611", "144.172.101.67:8090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-07 04:01:22", "100", "https://search.censys.io/hosts/144.172.101.67", "AS14956,C2,censys,DcRAT,RAT,ROUTERHOSTING", "0", "DonPasci" "2025-05-07 04:01:07", "1517609", "177.45.128.151:7000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-05-07 04:01:19", "100", "https://search.censys.io/hosts/177.45.128.151", "AS19182,C2,censys,RAT,TELEFONICA,Venom", "0", "DonPasci" "2025-05-07 04:01:06", "1517608", "18.181.191.249:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-07 20:47:38", "100", "https://search.censys.io/hosts/18.181.191.249", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-05-07 01:35:24", "1517594", "80.64.18.173:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:01:21", "75", "https://bazaar.abuse.ch/sample/7b1bfc840ebe3750b60cda847df58d782cd9228e5c0ee5873bad581d72d3e6e4/", "asyncrat", "0", "abuse_ch" "2025-05-07 01:10:17", "1517592", "104.37.4.128:7011", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:32", "75", "https://bazaar.abuse.ch/sample/1069e377d82a278e287b5de25102e52b7d1f5bca2826763b4cb40276d54993c0/", "remcos", "0", "abuse_ch" "2025-05-07 01:10:17", "1517593", "104.37.4.128:7012", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:33", "75", "https://bazaar.abuse.ch/sample/1069e377d82a278e287b5de25102e52b7d1f5bca2826763b4cb40276d54993c0/", "remcos", "0", "abuse_ch" "2025-05-07 01:10:16", "1517591", "104.37.4.128:7010", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:32", "75", "https://bazaar.abuse.ch/sample/1069e377d82a278e287b5de25102e52b7d1f5bca2826763b4cb40276d54993c0/", "remcos", "0", "abuse_ch" "2025-05-07 00:30:08", "1517589", "178.255.245.115:2135", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-07 00:01:38", "1517588", "18.119.192.75:8081", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/18.119.192.75", "AMAZON-02,AS16509,C2,censys,hacktool,Mimikatz,open-dir", "0", "DonPasci" "2025-05-07 00:01:25", "1517587", "154.53.165.98:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:38", "100", "https://search.censys.io/hosts/154.53.165.98", "AS62425,C2,censys,KUZEYDC,panel,Unam", "0", "DonPasci" "2025-05-07 00:01:12", "1517586", "93.198.182.192:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 20:53:39", "100", "https://search.censys.io/hosts/93.198.182.192", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci" "2025-05-07 00:01:07", "1517585", "180.188.179.113:40056", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-07 20:47:43", "100", "https://search.censys.io/hosts/180.188.179.113", "AS10118,C2,censys,Havoc,HTCL-IAS-HK-AP", "0", "DonPasci" "2025-05-07 00:01:02", "1517583", "165.22.90.113:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:02", "100", "https://search.censys.io/hosts/165.22.90.113", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-05-07 00:00:56", "1517582", "157.20.182.6:1931", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:45:51", "100", "https://search.censys.io/hosts/157.20.182.6", "AS152485,AsyncRAT,C2,censys,HOSTER-AS-IN,RAT", "0", "DonPasci" "2025-05-07 00:00:55", "1517581", "176.65.134.77:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:47:11", "100", "https://search.censys.io/hosts/176.65.134.77", "-Reserved,AS215240,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-07 00:00:24", "1517579", "198.12.121.168:8686", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:56:13", "100", "https://search.censys.io/hosts/198.12.121.168", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-06 21:40:09", "1517574", "23.133.4.98:4433", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-06 20:01:57", "1517570", "196.251.70.216:443", "ip:port", "botnet_cc", "win.xmrig", "None", "xmrig", "", "100", "https://search.censys.io/hosts/196.251.70.216", "AS401120,C2,censys,CHEAPY-HOST,open-dir,Xmrig", "0", "DonPasci" "2025-05-06 20:01:37", "1517569", "2.45.248.130:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:37", "100", "https://search.censys.io/hosts/2.45.248.130", "AS30722,C2,censys,panel,Unam,VODAFONE-IT-ASN", "0", "DonPasci" "2025-05-06 20:01:23", "1517568", "13.245.196.23:1911", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 20:44:27", "100", "https://search.censys.io/hosts/13.245.196.23", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-06 20:01:19", "1517567", "91.84.97.102:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-07 20:53:33", "100", "https://search.censys.io/hosts/91.84.97.102", "AS216071,C2,censys,Havoc,VDSINA", "0", "DonPasci" "2025-05-06 20:01:14", "1517564", "20.120.225.17:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:03", "100", "https://search.censys.io/hosts/20.120.225.17", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "DonPasci" "2025-05-06 20:01:14", "1517565", "161.132.51.146:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:04", "100", "https://search.censys.io/hosts/161.132.51.146", "AS3132,C2,censys,Mythic,Red", "0", "DonPasci" "2025-05-06 20:01:14", "1517566", "161.35.218.205:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:05", "100", "https://search.censys.io/hosts/161.35.218.205", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-05-06 20:01:13", "1517563", "52.221.250.95:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:00:59", "100", "https://search.censys.io/hosts/52.221.250.95", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci" "2025-05-06 20:01:06", "1517561", "124.198.131.216:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:44:14", "100", "https://search.censys.io/hosts/124.198.131.216", "AS210558,AsyncRAT,C2,censys,RAT,SERVICES-1337-GMBH", "0", "DonPasci" "2025-05-06 20:01:06", "1517562", "196.251.117.147:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:48:56", "100", "https://search.censys.io/hosts/196.251.117.147", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-05-06 20:01:01", "1517559", "195.10.205.102:7977", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/195.10.205.102", "AS215826,C2,censys,PARTNER-HOSTING-LTD,payload,Sliver", "0", "DonPasci" "2025-05-06 20:01:01", "1517560", "149.88.71.241:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/149.88.71.241", "AS142032,C2,censys,HFTCL-AS-AP,payload,Sliver", "0", "DonPasci" "2025-05-06 20:00:48", "1517558", "23.27.48.77:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:50:04", "100", "https://search.censys.io/hosts/23.27.48.77", "AS149440,C2,censys,EVOXTENTERPRISE-AS-AP,RAT,Remcos", "0", "DonPasci" "2025-05-06 20:00:47", "1517556", "108.181.199.16:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:45", "100", "https://search.censys.io/hosts/108.181.199.16", "AS40676,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-06 20:00:47", "1517557", "194.59.30.111:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:48:40", "100", "https://search.censys.io/hosts/194.59.30.111", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci" "2025-05-06 20:00:24", "1517555", "121.43.152.186:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:55:10", "100", "https://search.censys.io/hosts/121.43.152.186", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-06 20:00:21", "1517552", "47.103.60.249:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:19", "100", "https://search.censys.io/hosts/47.103.60.249", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-06 20:00:21", "1517553", "103.140.154.111:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:14", "100", "https://search.censys.io/hosts/103.140.154.111", "AS151804,C2,censys,CobaltStrike,cs-watermark-987654321,SNOTIONPTELTD-AS-AP", "0", "DonPasci" "2025-05-06 20:00:21", "1517554", "47.112.99.0:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:16", "100", "https://search.censys.io/hosts/47.112.99.0", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-06 18:52:54", "1517534", "176.65.134.25:26425", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E" "2025-05-06 18:11:17", "1377375", "8.210.236.220:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:52:57", "50", "https://www.shodan.io/host/8.210.236.220#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-06 18:11:16", "1377390", "8.222.138.62:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:53:00", "50", "https://www.shodan.io/host/8.222.138.62#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-06 17:07:38", "1517528", "41.216.188.194:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "", "XWorm", "0", "NDA0E" "2025-05-06 16:32:59", "1517509", "213.212.57.101:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:58", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:59", "1517510", "213.212.57.124:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:58", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:59", "1517511", "216.185.217.60:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:58", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:59", "1517512", "220.127.201.28:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:58", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:59", "1517513", "221.146.139.30:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:58", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517496", "195.91.206.60:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517497", "195.133.215.16:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517498", "196.251.116.138:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517499", "198.231.30.218:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517500", "198.231.30.222:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517501", "204.10.179.232:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517502", "206.189.11.93:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517503", "210.6.166.148:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517504", "213.67.94.181:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517505", "213.67.127.76:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517506", "213.112.189.147:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517507", "213.204.193.47:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:58", "1517508", "213.204.214.195:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517484", "185.179.247.147:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517485", "185.189.226.76:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517486", "185.210.90.127:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517487", "185.232.37.79:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517488", "185.232.38.138:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517489", "192.121.10.231:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517490", "192.165.0.69:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517491", "192.165.0.176:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517492", "193.183.210.158:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517493", "193.200.78.28:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517494", "194.68.24.35:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:57", "1517495", "194.132.68.15:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517474", "185.128.170.87:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517475", "185.128.170.89:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517476", "185.128.170.90:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517477", "185.128.170.113:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517478", "185.128.170.119:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517479", "185.154.206.42:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517480", "185.179.247.33:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517481", "185.179.247.39:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517482", "185.179.247.99:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:56", "1517483", "185.179.247.131:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:57", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517464", "185.128.170.76:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517465", "185.128.170.77:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517466", "185.128.170.78:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517467", "185.128.170.79:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517468", "185.128.170.80:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517469", "185.128.170.81:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517470", "185.128.170.82:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517471", "185.128.170.84:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517472", "185.128.170.85:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:55", "1517473", "185.128.170.86:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:56", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517453", "185.128.170.60:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517454", "185.128.170.61:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517455", "185.128.170.62:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517456", "185.128.170.63:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517457", "185.128.170.64:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517458", "185.128.170.65:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517459", "185.128.170.67:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517460", "185.128.170.70:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517461", "185.128.170.71:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517462", "185.128.170.74:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:54", "1517463", "185.128.170.75:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517443", "184.105.68.187:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517444", "184.105.68.199:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517445", "184.105.68.228:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517446", "185.26.227.26:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517447", "185.83.95.40:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517448", "185.122.90.35:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517449", "185.128.170.36:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517450", "185.128.170.54:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517451", "185.128.170.55:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:53", "1517452", "185.128.170.56:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517430", "170.39.13.3:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517431", "170.39.13.4:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517432", "170.52.65.250:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517433", "171.25.157.154:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517434", "176.101.165.180:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517435", "176.120.170.203:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517436", "178.42.34.154:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517437", "181.41.245.5:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517438", "184.104.239.240:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517439", "184.105.68.62:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517440", "184.105.68.67:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517441", "184.105.68.138:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:52", "1517442", "184.105.68.163:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:55", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517417", "158.51.68.228:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517418", "158.51.68.249:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517419", "160.7.243.251:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517420", "160.32.224.157:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517421", "160.119.4.89:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517422", "160.119.18.57:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517423", "160.119.24.236:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517424", "162.247.146.163:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517425", "162.247.147.72:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517426", "162.247.150.146:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517427", "166.48.102.53:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517428", "166.141.177.23:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:51", "1517429", "166.168.97.57:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517404", "143.110.176.223:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517405", "149.115.83.82:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517406", "152.89.181.226:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517407", "156.228.232.70:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517408", "156.228.232.72:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517409", "156.228.232.73:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517410", "158.51.68.24:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517411", "158.51.68.48:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517412", "158.51.68.54:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517413", "158.51.68.109:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517414", "158.51.68.132:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517415", "158.51.68.147:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:50", "1517416", "158.51.68.152:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:54", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517392", "125.228.223.50:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517393", "137.220.191.21:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517394", "137.220.191.26:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517395", "137.220.191.30:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517396", "137.220.191.36:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517397", "137.220.191.45:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517398", "137.220.191.51:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517399", "137.220.191.67:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517400", "137.220.191.70:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517401", "138.19.184.18:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517402", "139.59.228.111:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:49", "1517403", "141.170.215.16:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517379", "109.69.15.148:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517380", "109.69.15.151:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517381", "109.69.15.163:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517382", "109.69.15.218:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517383", "109.70.232.146:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517384", "109.70.234.54:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517385", "109.70.234.80:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517386", "116.86.217.203:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517387", "119.207.185.25:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517388", "120.86.173.46:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517389", "121.136.18.225:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517390", "121.171.78.222:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:48", "1517391", "124.244.34.165:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517366", "91.237.16.41:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517367", "94.255.193.204:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517368", "95.38.193.164:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517369", "95.56.22.114:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517370", "99.116.228.38:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517371", "99.228.226.19:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517372", "99.232.231.14:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517373", "99.250.64.81:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517374", "106.105.76.24:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517375", "108.168.17.23:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517376", "109.8.197.115:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517377", "109.69.15.134:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:47", "1517378", "109.69.15.140:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:53", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517353", "83.223.27.127:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517354", "83.233.99.58:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517355", "84.218.124.234:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517356", "85.197.178.8:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517357", "85.197.184.196:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517358", "85.226.151.8:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517359", "85.230.218.203:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517360", "85.231.122.188:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517361", "85.239.33.160:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517362", "87.239.29.156:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517363", "90.141.12.196:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517364", "90.227.23.168:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:46", "1517365", "91.130.48.21:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517340", "74.221.78.181:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517341", "74.221.78.187:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517342", "74.221.78.207:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517343", "75.155.149.184:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517344", "76.8.213.131:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517345", "77.38.177.94:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517346", "77.38.221.244:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517347", "78.67.14.89:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517348", "80.51.119.148:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517349", "81.224.52.110:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517350", "81.228.202.52:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517351", "82.64.145.87:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:45", "1517352", "82.199.117.108:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:52", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517328", "74.221.76.86:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517329", "74.221.76.91:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517330", "74.221.76.93:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517331", "74.221.76.96:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517332", "74.221.76.152:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517333", "74.221.76.174:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517334", "74.221.77.137:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517335", "74.221.77.152:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517336", "74.221.77.206:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517337", "74.221.78.131:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517338", "74.221.78.151:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:44", "1517339", "74.221.78.180:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517316", "74.221.75.126:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517317", "74.221.76.53:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517318", "74.221.76.55:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517319", "74.221.76.68:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517320", "74.221.76.69:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517321", "74.221.76.71:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517322", "74.221.76.74:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517323", "74.221.76.79:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517324", "74.221.76.80:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517325", "74.221.76.82:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517326", "74.221.76.83:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:43", "1517327", "74.221.76.84:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:51", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517303", "74.221.73.117:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517304", "74.221.73.123:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517305", "74.221.73.126:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517306", "74.221.73.249:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517307", "74.221.75.19:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517308", "74.221.75.21:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517309", "74.221.75.69:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517310", "74.221.75.83:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517311", "74.221.75.92:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517312", "74.221.75.108:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517313", "74.221.75.119:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517314", "74.221.75.120:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:42", "1517315", "74.221.75.122:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517291", "74.221.71.198:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517292", "74.221.72.147:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517293", "74.221.72.183:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517294", "74.221.73.66:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517295", "74.221.73.73:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517296", "74.221.73.80:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517297", "74.221.73.90:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517298", "74.221.73.102:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517299", "74.221.73.103:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517300", "74.221.73.105:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517301", "74.221.73.110:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:41", "1517302", "74.221.73.116:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:50", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517278", "74.221.64.89:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517279", "74.221.64.94:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517280", "74.221.64.95:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517281", "74.221.67.41:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517282", "74.221.67.53:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517283", "74.221.68.81:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517284", "74.221.69.104:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517285", "74.221.70.7:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517286", "74.221.70.11:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517287", "74.221.71.30:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517288", "74.221.71.162:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517289", "74.221.71.170:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:40", "1517290", "74.221.71.179:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517266", "69.18.10.132:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517267", "69.45.225.218:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517268", "69.45.225.219:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517269", "69.45.225.220:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517270", "69.138.127.249:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517271", "71.11.235.130:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517272", "72.9.114.153:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517273", "72.9.114.232:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517274", "72.9.121.132:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517275", "72.9.126.183:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517276", "72.53.231.104:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:39", "1517277", "73.127.130.247:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:49", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517255", "64.89.252.89:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517256", "64.89.252.92:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517257", "64.89.253.42:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517258", "64.89.253.45:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517259", "64.89.253.80:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517260", "64.89.253.121:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517261", "64.89.253.123:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517262", "64.89.253.204:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517263", "64.89.254.190:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517264", "65.87.61.184:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:38", "1517265", "68.84.153.228:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517242", "64.89.249.185:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517243", "64.89.249.206:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517244", "64.89.249.242:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517245", "64.89.250.75:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517246", "64.89.250.84:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517247", "64.89.250.101:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517248", "64.89.251.11:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517249", "64.89.251.37:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517250", "64.89.251.107:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517251", "64.89.251.157:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517252", "64.89.251.185:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517253", "64.89.251.186:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:37", "1517254", "64.89.251.187:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517228", "64.89.245.227:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517229", "64.89.246.4:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517230", "64.89.246.46:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517231", "64.89.246.58:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517232", "64.89.246.171:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517233", "64.89.247.67:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517234", "64.89.247.112:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517235", "64.89.247.131:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517236", "64.89.247.196:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517237", "64.89.247.198:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517238", "64.89.248.142:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517239", "64.89.248.178:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517240", "64.89.248.203:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:36", "1517241", "64.89.248.234:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:48", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517216", "64.89.243.93:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517217", "64.89.243.114:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517218", "64.89.243.122:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517219", "64.89.243.238:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517220", "64.89.244.2:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517221", "64.89.244.47:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517222", "64.89.244.90:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517223", "64.89.244.125:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517224", "64.89.244.163:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517225", "64.89.244.172:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517226", "64.89.244.181:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:35", "1517227", "64.89.244.184:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517202", "64.89.241.12:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517203", "64.89.241.36:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517204", "64.89.241.202:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517205", "64.89.241.210:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517206", "64.89.241.212:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517207", "64.89.241.217:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517208", "64.89.241.218:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517209", "64.89.241.220:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517210", "64.89.241.222:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517211", "64.89.241.234:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517212", "64.89.243.51:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517213", "64.89.243.53:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517214", "64.89.243.62:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:34", "1517215", "64.89.243.91:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:47", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517189", "59.148.115.109:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517190", "59.149.184.223:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517191", "61.239.102.47:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517192", "61.239.241.35:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517193", "64.72.55.47:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517194", "64.89.240.117:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517195", "64.89.240.123:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517196", "64.89.240.169:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517197", "64.89.240.171:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517198", "64.89.240.173:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517199", "64.89.240.183:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517200", "64.89.240.190:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:33", "1517201", "64.89.240.198:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517178", "38.54.71.20:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517179", "38.85.167.3:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517180", "41.216.189.170:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517181", "45.8.161.254:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517182", "45.11.229.248:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517183", "45.50.221.254:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517184", "45.154.38.94:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517185", "46.36.74.122:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517186", "57.138.218.16:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517187", "58.152.227.100:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:32", "1517188", "58.177.4.245:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:46", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517165", "5.57.243.106:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517166", "14.53.228.71:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517167", "24.48.18.64:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517168", "24.224.176.17:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517169", "24.224.185.147:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517170", "24.234.90.194:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517171", "31.28.4.146:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517172", "31.44.225.220:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517173", "31.44.229.84:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517174", "31.44.230.191:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517175", "31.208.4.144:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517176", "38.2.39.210:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:31", "1517177", "38.2.40.166:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:30", "1517163", "2.133.254.229:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:32:30", "1517164", "5.57.242.144:1311", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-06 16:33:45", "75", "", "censys,HailBot,mirai", "0", "NDA0E" "2025-05-06 16:15:07", "1517157", "69.165.70.166:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-06 16:01:32", "1517156", "154.53.165.98:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 04:01:39", "100", "https://search.censys.io/hosts/154.53.165.98", "AS62425,C2,censys,KUZEYDC,panel,Unam", "0", "DonPasci" "2025-05-06 16:01:19", "1517155", "13.115.238.27:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-05-07 20:44:23", "100", "https://search.censys.io/hosts/13.115.238.27", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2025-05-06 16:01:13", "1517154", "103.57.251.96:2096", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-07 20:43:20", "100", "https://search.censys.io/hosts/103.57.251.96", "AS9009,C2,censys,Havoc,M247", "0", "DonPasci" "2025-05-06 16:01:09", "1517153", "212.224.107.135:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-07 04:01:10", "100", "https://search.censys.io/hosts/212.224.107.135", "AS44066,C2,censys,DE-FIRSTCOLO,Hookbot", "0", "DonPasci" "2025-05-06 16:01:08", "1517152", "176.65.144.114:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-07 04:01:09", "100", "https://search.censys.io/hosts/176.65.144.114", "-Reserved,AS215240,C2,censys,Hookbot", "0", "DonPasci" "2025-05-06 16:01:06", "1517151", "45.135.180.12:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:51:10", "100", "https://search.censys.io/hosts/45.135.180.12", "AS43641,C2,censys,Mythic,SOLLUTIUM-NL", "0", "DonPasci" "2025-05-06 16:01:00", "1517149", "196.251.71.236:222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:49:03", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci" "2025-05-06 16:01:00", "1517150", "196.251.71.236:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:49:04", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci" "2025-05-06 16:00:54", "1517148", "94.237.83.115:4443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/94.237.83.115", "AS202053,C2,censys,payload,Sliver,UPCLOUD", "0", "DonPasci" "2025-05-06 16:00:47", "1517147", "134.209.189.235:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:44:31", "100", "https://search.censys.io/hosts/134.209.189.235", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-05-06 16:00:42", "1517146", "154.30.4.223:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:45:35", "100", "https://search.censys.io/hosts/154.30.4.223", "AS397423,C2,censys,RAT,Remcos,TIER-NET", "0", "DonPasci" "2025-05-06 16:00:21", "1517145", "8.130.12.218:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 05:59:50", "100", "https://search.censys.io/hosts/8.130.12.218", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-06 16:00:20", "1517143", "39.100.69.50:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:08", "100", "https://search.censys.io/hosts/39.100.69.50", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-06 16:00:20", "1517144", "171.213.129.161:33300", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:23", "100", "https://search.censys.io/hosts/171.213.129.161", "AS4134,C2,censys,CHINANET-BACKBONE,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-06 15:42:43", "1517141", "194.62.248.235:777", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:43", "1517142", "198.251.81.118:59669", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:42", "1517136", "45.90.12.104:1338", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:42", "1517137", "51.81.100.197:777", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:42", "1517138", "51.81.100.197:4123", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:42", "1517139", "51.81.100.197:8080", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:42", "1517140", "194.62.248.235:4123", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:41", "1517131", "185.14.92.111:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:41", "1517132", "147.135.3.193:7070", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:41", "1517133", "77.239.114.204:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:41", "1517134", "77.105.146.126:7777", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:41", "1517135", "78.40.116.170:25565", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:40", "1517126", "172.65.150.137:22", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:40", "1517127", "83.168.69.117:22", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:40", "1517128", "15.204.12.151:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:40", "1517129", "94.156.170.148:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:40", "1517130", "45.90.12.81:6969", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:39", "1517122", "82.27.2.184:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:39", "1517123", "209.141.38.239:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:39", "1517124", "198.251.81.96:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 15:42:39", "1517125", "178.236.244.39:40138", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-06 14:50:13", "1517106", "23.146.184.108:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-06 15:01:18", "100", "None", "FAKEUPDATES,SocGholish", "0", "pancak3lullz" "2025-05-06 13:10:44", "1517112", "217.156.123.148:443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,mirai", "0", "NDA0E" "2025-05-06 13:10:44", "1517113", "217.156.123.150:443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,mirai", "0", "NDA0E" "2025-05-06 12:56:35", "1517111", "176.65.141.32:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:55:58", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-06 12:55:15", "1517110", "114.66.58.218:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:54:52", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-06 12:01:23", "1517104", "85.239.33.253:9000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:53:17", "100", "https://search.censys.io/hosts/85.239.33.253", "ALEXHOST,AS200019,censys,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-05-06 12:01:11", "1517103", "77.83.207.24:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "2025-05-07 04:01:23", "100", "https://search.censys.io/hosts/77.83.207.24", "AS216341,C2,censys,OPTIMA-AS,Posh", "0", "DonPasci" "2025-05-06 12:01:05", "1517102", "34.68.63.205:3389", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-07 20:50:32", "100", "https://search.censys.io/hosts/34.68.63.205", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Havoc", "0", "DonPasci" "2025-05-06 12:01:00", "1517099", "102.117.173.199:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:43:10", "100", "https://search.censys.io/hosts/102.117.173.199", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-05-06 12:01:00", "1517100", "165.22.227.238:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:46:29", "100", "https://search.censys.io/hosts/165.22.227.238", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-05-06 12:01:00", "1517101", "103.134.22.156:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:43:12", "100", "https://search.censys.io/hosts/103.134.22.156", "AS136000,C2,censys,LIGHTNING-AS-AP,Mythic", "0", "DonPasci" "2025-05-06 12:00:54", "1517098", "196.251.117.147:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:48:56", "100", "https://search.censys.io/hosts/196.251.117.147", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-05-06 12:00:40", "1517097", "104.243.254.107:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:28", "100", "https://search.censys.io/hosts/104.243.254.107", "AS7040,C2,censys,NETMINDERS,RAT,Remcos", "0", "DonPasci" "2025-05-06 12:00:39", "1517095", "27.102.127.137:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:50:12", "100", "https://search.censys.io/hosts/27.102.127.137", "AS45996,C2,censys,DAOU-AS-KR,RAT,Remcos", "0", "DonPasci" "2025-05-06 12:00:39", "1517096", "154.30.4.199:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:45:34", "100", "https://search.censys.io/hosts/154.30.4.199", "AS397423,C2,censys,RAT,Remcos,TIER-NET", "0", "DonPasci" "2025-05-06 12:00:38", "1517094", "185.244.30.103:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:48:02", "100", "https://search.censys.io/hosts/185.244.30.103", "AS211619,C2,censys,MAXKO,RAT,Remcos", "0", "DonPasci" "2025-05-06 12:00:22", "1517092", "118.178.227.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:13", "100", "https://search.censys.io/hosts/118.178.227.25", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-06 12:00:22", "1517093", "47.109.82.220:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 04:00:17", "100", "https://search.censys.io/hosts/47.109.82.220", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-06 11:42:23", "1517088", "34.32.58.81:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-05-06 11:42:22", "1517087", "34.51.181.116:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-05-06 11:42:21", "1517089", "64.188.96.35:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-05-06 11:42:21", "1517090", "122.116.204.121:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "75", "", "C2,Netlas,SectopRAT", "0", "m1r3dk" "2025-05-06 11:11:47", "1517081", "193.186.4.126:49419", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:46", "1517078", "154.39.0.186:4488", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:46", "1517079", "154.39.0.186:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:46", "1517080", "216.9.225.163:54040", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:45", "1517077", "196.251.69.149:8002", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:44", "1517075", "196.251.69.149:8001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:44", "1517076", "5.249.160.134:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:43", "1517073", "154.39.0.186:6666", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:43", "1517074", "62.60.226.140:30305", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:42", "1517070", "185.241.208.118:9683", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:42", "1517071", "185.196.9.68:27374", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:42", "1517072", "37.120.151.102:27374", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:35", "1517045", "147.185.221.19:16347", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:35", "1517046", "31.57.97.8:443", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:35", "1517047", "23.95.63.196:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:35", "1517048", "31.57.97.8:3333", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:35", "1517049", "194.59.31.36:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517038", "104.28.244.231:63378", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517039", "94.26.90.81:7774", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517040", "45.138.16.71:1522", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517041", "103.217.111.54:7771", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517042", "37.1.210.16:5552", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517043", "104.168.32.88:1001", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:34", "1517044", "45.154.98.79:9000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517030", "194.59.30.200:1684", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517031", "147.185.221.27:8888", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517032", "84.241.201.218:8090", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517033", "23.137.100.54:4281", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517034", "77.105.164.112:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517035", "37.235.156.47:1488", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517036", "146.103.38.9:2467", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:33", "1517037", "46.8.194.222:4040", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517022", "94.111.48.173:443", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517023", "143.244.39.10:1234", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517024", "89.190.158.16:443", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517025", "208.91.189.14:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517026", "193.158.181.218:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517027", "185.243.99.45:5000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517028", "107.172.44.175:1889", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:32", "1517029", "206.119.52.249:6888", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517013", "147.185.221.27:24615", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517014", "197.48.206.37:5505", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517015", "134.175.85.30:8999", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517016", "192.241.152.251:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517017", "216.219.83.116:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517018", "196.251.81.30:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517019", "86.176.87.131:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517020", "147.185.221.27:61136", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:31", "1517021", "107.175.65.160:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:30", "1517007", "104.28.212.228:2137", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:30", "1517008", "45.80.158.80:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:30", "1517009", "147.185.221.22:6666", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:30", "1517010", "94.26.90.81:6663", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:30", "1517011", "176.96.138.105:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:30", "1517012", "178.228.11.184:8090", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1516999", "185.208.158.139:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517000", "147.185.221.27:31149", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517001", "89.23.100.148:4790", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517002", "89.117.49.234:4322", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517003", "85.203.4.241:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517004", "80.85.154.131:2618", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517005", "194.59.31.249:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:29", "1517006", "141.95.59.234:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516990", "45.201.0.219:1000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516991", "3.17.160.56:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516992", "147.45.78.193:9000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516993", "91.202.25.209:5552", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516994", "147.185.221.25:63795", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516995", "108.181.199.16:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516996", "185.208.156.210:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516997", "104.28.212.228:36691", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:28", "1516998", "38.68.49.121:7777", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516982", "147.185.221.24:53983", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516983", "193.26.115.44:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516984", "92.119.178.3:52663", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516985", "46.226.167.193:9000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516986", "45.133.251.174:9000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516987", "85.203.4.56:4444", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516988", "41.250.150.18:9321", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:27", "1516989", "185.254.97.125:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516974", "44.244.152.122:3989", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516975", "146.103.25.63:2467", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516976", "87.251.78.226:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516977", "149.22.84.147:1255", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516978", "147.185.221.18:5059", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516979", "147.185.221.22:21456", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516980", "147.185.221.27:37005", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:26", "1516981", "185.241.208.97:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:25", "1516970", "147.185.221.27:14606", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:25", "1516971", "80.76.49.30:420", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:25", "1516972", "61.69.170.155:1255", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:25", "1516973", "104.194.144.105:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:00", "1516808", "26.252.73.241:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:00", "1516809", "176.65.134.80:4447", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:11:00", "1516810", "91.215.202.4:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:59", "1516805", "79.127.246.68:23451", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:59", "1516806", "87.121.103.228:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:59", "1516807", "70.93.125.101:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:57", "1516802", "66.113.31.17:21", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:57", "1516803", "85.203.4.56:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:57", "1516804", "200.223.103.60:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516793", "45.190.102.144:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516794", "154.197.69.148:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516795", "185.94.29.209:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516796", "85.203.4.56:1834", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516797", "185.27.134.137:21", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516798", "70.93.125.101:1910", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516799", "176.65.144.121:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:01:19", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516800", "184.90.251.249:4455", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:56", "1516801", "136.144.165.163:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:55", "1516788", "80.64.16.35:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:55", "1516789", "104.238.23.6:3232", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:55", "1516790", "45.190.102.144:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:55", "1516791", "37.114.41.201:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:55", "1516792", "81.109.5.62:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516781", "81.10.54.124:6969", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516782", "70.93.125.101:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516783", "1.2.1.4:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516784", "147.185.221.27:25036", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516785", "193.161.193.99:2020", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516786", "185.165.241.219:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:54", "1516787", "193.161.193.99:21812", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516774", "147.185.221.27:9586", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516775", "216.244.84.181:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516776", "88.214.48.26:1414", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516777", "26.252.73.241:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516778", "196.251.115.13:2024", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516779", "26.252.73.241:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:53", "1516780", "80.64.16.35:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:52", "1516769", "193.161.193.99:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:52", "1516770", "209.145.53.198:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:52", "1516771", "94.54.4.95:1111", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:52", "1516772", "79.127.246.68:32452", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:52", "1516773", "147.185.221.26:30496", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:51", "1516764", "13.53.182.212:3939", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:51", "1516765", "82.6.188.15:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:51", "1516766", "80.64.16.35:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:51", "1516767", "147.185.221.26:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:51", "1516768", "147.185.221.27:8000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:50", "1516758", "185.94.29.209:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:50", "1516759", "91.215.202.4:81", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:50", "1516760", "31.58.91.75:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:50", "1516761", "37.114.41.201:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:50", "1516762", "196.251.118.41:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:50", "1516763", "1.2.1.4:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516750", "196.251.118.41:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516751", "184.90.251.249:1337", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516752", "154.29.79.7:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516753", "178.83.80.11:8100", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516754", "37.114.41.201:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516755", "185.93.69.20:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:01:19", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516756", "196.251.118.41:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:49", "1516757", "70.93.125.101:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:48", "1516744", "147.185.221.27:38046", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:48", "1516745", "87.121.103.228:3785", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:48", "1516746", "185.94.29.209:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:48", "1516747", "196.251.118.41:4447", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:48", "1516748", "185.165.241.219:45", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:48", "1516749", "185.27.134.137:7547", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:45", "1516738", "143.244.39.10:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:45", "1516739", "26.214.10.127:1604", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:45", "1516740", "45.61.169.197:30", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-07 20:01:14", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:45", "1516741", "174.61.118.194:4872", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516731", "47.92.222.219:33251", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516732", "80.76.49.30:3535", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516733", "26.214.10.127:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516734", "176.126.103.171:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516735", "139.99.66.103:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516736", "51.91.251.234:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:44", "1516737", "74.128.84.83:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516723", "182.253.58.227:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516724", "94.26.90.81:5437", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-07 20:01:14", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516725", "78.101.165.174:55847", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516726", "193.161.193.99:45572", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516727", "94.26.90.81:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516728", "45.51.59.242:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516729", "193.151.108.40:6666", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:43", "1516730", "151.236.21.144:10212", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516715", "178.255.126.210:1234", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516716", "213.209.143.58:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516717", "82.15.146.164:4444", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516718", "143.244.39.16:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516719", "45.51.59.242:5900", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516720", "147.185.221.28:6965", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516721", "147.185.221.27:57598", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:42", "1516722", "143.244.39.10:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516707", "45.51.59.242:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516708", "195.177.94.169:3434", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516709", "176.65.142.12:2633", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516710", "86.11.53.138:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516711", "94.26.90.81:7772", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516712", "100.96.1.217:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516713", "100.75.67.51:9999", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:41", "1516714", "3.88.227.97:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 11:10:40", "1516706", "82.15.146.164:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "6May2025,iocbottest", "0", "Gi7w0rm" "2025-05-06 10:56:25", "1516488", "196.251.83.129:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-07 20:56:12", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-05-06 09:21:41", "1516467", "45.130.145.19:483", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 19:53:14", "100", "None", "c2,Tofsee", "0", "Bitsight" "2025-05-06 09:21:40", "1516473", "88.214.50.26:419", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:00:54", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 09:06:08", "1516474", "188.214.39.228:10101", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/f6b63b291d9596ec5ab7aa65997850c9ac23feb8e5e67a1bf09dfc84221d10bd/", "remcos", "0", "abuse_ch" "2025-05-06 08:55:06", "1516472", "196.251.117.50:5211", "ip:port", "botnet_cc", "win.ave_maria", "AVE_MARIA,AveMariaRAT,Warzone RAT,WarzoneRAT,avemaria", "Ave Maria", "", "100", "None", "AveMariaRAT,RAT", "0", "abuse_ch" "2025-05-06 08:52:50", "1516471", "67.61.156.61:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-07 20:52:37", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-06 08:50:25", "1516470", "3.255.173.2:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-05-07 20:50:19", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch" "2025-05-06 08:47:43", "1516469", "185.10.185.94:7443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-07 20:47:46", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-06 08:44:21", "1516468", "128.199.7.255:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-07 20:44:18", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-05-06 08:00:56", "1516465", "161.132.51.146:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-07 20:46:05", "100", "https://search.censys.io/hosts/161.132.51.146", "AS3132,C2,censys,Mythic,Red", "0", "DonPasci" "2025-05-06 08:00:50", "1516463", "107.172.61.133:6661", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:43:38", "100", "https://search.censys.io/hosts/107.172.61.133", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-06 08:00:50", "1516464", "35.179.154.120:8001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:50:34", "100", "https://search.censys.io/hosts/35.179.154.120", "AMAZON-02,AS16509,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-06 08:00:45", "1516462", "51.21.29.251:6666", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/51.21.29.251", "AMAZON-02,AS16509,C2,censys,payload,Sliver", "0", "DonPasci" "2025-05-06 08:00:37", "1516461", "207.148.96.97:8888", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2025-05-07 20:49:36", "100", "https://search.censys.io/hosts/207.148.96.97", "AS-VULTR,AS20473,C2,censys,Pupy,RAT", "0", "DonPasci" "2025-05-06 08:00:35", "1516460", "195.133.194.205:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:48:43", "100", "https://search.censys.io/hosts/195.133.194.205", "ADMAN-AS,AS57494,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-06 08:00:34", "1516457", "104.168.81.231:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:23", "100", "https://search.censys.io/hosts/104.168.81.231", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-06 08:00:34", "1516458", "212.162.151.143:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:49:44", "100", "https://search.censys.io/hosts/212.162.151.143", "AS64236,C2,censys,RAT,Remcos,UNREAL-SERVERS", "0", "DonPasci" "2025-05-06 08:00:34", "1516459", "196.251.83.60:8787", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:49:09", "100", "https://search.censys.io/hosts/196.251.83.60", "AS401120,C2,censys,CHEAPY-HOST,RAT,Remcos", "0", "DonPasci" "2025-05-06 07:11:04", "1516456", "196.251.85.241:4440", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:01:19", "75", "https://bazaar.abuse.ch/sample/e29d1db9e13282e9c4f4246a09d115941c03834b602cd29fd911a10f544e9d93/", "asyncrat", "0", "abuse_ch" "2025-05-06 07:06:29", "1516447", "80.64.30.111:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:53:15", "1516443", "88.214.50.26:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 12:08:43", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:53:14", "1516445", "92.255.85.15:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:31:25", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:26:08", "1516432", "80.64.30.111:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:00:32", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:25:31", "1516442", "104.37.4.27:4508", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:43:33", "75", "https://bazaar.abuse.ch/sample/e45974c34c30f662121b99b8c6b2e95014243903977746d7cdd7bc3c434ce4af/", "remcos", "0", "abuse_ch" "2025-05-06 06:23:30", "1516430", "78.46.233.21:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "2025-05-07 15:21:42", "100", "", "Vidar", "0", "crep1x" "2025-05-06 06:23:30", "1516431", "5.75.211.124:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "2025-05-07 15:21:42", "100", "", "Vidar", "0", "crep1x" "2025-05-06 06:16:30", "1516425", "80.64.30.111:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:15:10", "1516426", "80.64.18.25:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-05-06 06:11:06", "1516388", "88.214.50.27:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:26:52", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:11:03", "1516390", "80.64.30.111:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:49:38", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 06:11:02", "1516421", "80.64.18.111:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-05-06 06:11:01", "1516422", "88.214.50.24:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:49:49", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:59:44", "1516404", "123.58.218.108:3306", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-06 05:59:44", "1516405", "185.196.8.100:1424", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:47:55", "50", "", "c2,remcos", "0", "juroots" "2025-05-06 05:57:07", "1516398", "35.75.191.152:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/35.75.191.152#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-06 05:56:50", "1516397", "27.102.138.156:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/27.102.138.156#80", "c2,kimsuky,shodan", "0", "juroots" "2025-05-06 05:56:35", "1516396", "118.122.8.154:389", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/118.122.8.154#389", "c2,netbus,shodan", "0", "juroots" "2025-05-06 05:55:42", "1516395", "196.251.85.133:1235", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/196.251.85.133#1235", "c2,darkcomet,shodan", "0", "juroots" "2025-05-06 05:55:27", "1516394", "109.199.117.74:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/109.199.117.74#4443", "c2,shodan,villain", "0", "juroots" "2025-05-06 05:55:11", "1516393", "45.55.98.63:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-07 20:51:22", "50", "https://www.shodan.io/host/45.55.98.63#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-06 05:54:07", "1516392", "124.71.200.1:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/124.71.200.1#4444", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-06 05:54:04", "1516391", "154.222.16.194:8865", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:00:27", "50", "https://www.shodan.io/host/154.222.16.194#8865", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-06 05:36:43", "1516387", "8.219.232.189:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-06 05:36:20", "1516386", "8.219.93.92:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-06 05:36:10", "1516385", "8.134.70.73:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch" "2025-05-06 05:33:52", "1516311", "47.89.194.207:55555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 20:57:12", "100", "https://search.censys.io/hosts/47.89.194.207", "AS45102,C2,censys", "0", "dyingbreeds_" "2025-05-06 05:33:50", "1516312", "121.41.108.106:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-06 04:00:18", "100", "https://search.censys.io/hosts/121.41.108.106", "AS37963,C2,censys", "0", "dyingbreeds_" "2025-05-06 05:33:50", "1516313", "196.251.71.236:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:49:04", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_" "2025-05-06 05:33:49", "1516314", "196.251.71.236:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:49:03", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_" "2025-05-06 05:33:48", "1516315", "196.251.71.236:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:49:03", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_" "2025-05-06 05:33:42", "1516321", "85.192.48.2:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-06 04:00:57", "100", "https://search.censys.io/hosts/85.192.48.2", "AS215730,C2,censys,H2NEXUS-AS,Hookbot", "0", "dyingbreeds_" "2025-05-06 05:33:40", "1516323", "31.57.228.145:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-06 04:00:58", "100", "https://search.censys.io/hosts/31.57.228.145", "AS21859,C2,censys,Hookbot,ZEN-ECN", "0", "dyingbreeds_" "2025-05-06 05:33:39", "1516324", "103.137.249.202:8443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-06 04:00:59", "100", "https://search.censys.io/hosts/103.137.249.202", "AS216154,C2,censys,CLODO,RAT", "0", "dyingbreeds_" "2025-05-06 05:33:38", "1516325", "18.184.225.196:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-07 20:47:39", "100", "https://search.censys.io/hosts/18.184.225.196", "AMAZON-02,AS16509,C2,censys", "0", "dyingbreeds_" "2025-05-06 05:33:37", "1516326", "181.206.158.190:2000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-07 20:47:44", "100", "https://search.censys.io/hosts/181.206.158.190", "AS27831,C2,censys,RAT", "0", "dyingbreeds_" "2025-05-06 05:33:36", "1516329", "43.224.227.176:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.224.227.176", "AROSS-AS,AS400619,censys,Viper", "0", "dyingbreeds_" "2025-05-06 05:33:30", "1516331", "18.196.103.121:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.196.103.121", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-06 05:33:29", "1516332", "51.124.120.213:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.124.120.213", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-05-06 05:33:26", "1516333", "185.198.234.150:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.198.234.150", "AS212477,censys,GoPhish,Phishing,ROYALE-AS", "0", "dyingbreeds_" "2025-05-06 05:33:25", "1516334", "85.110.180.99:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-07 20:53:14", "100", "https://search.censys.io/hosts/85.110.180.99", "AS9121,C2,censys,TTNET", "0", "dyingbreeds_" "2025-05-06 05:33:25", "1516335", "92.255.85.15:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:42:21", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:23", "1516336", "88.214.50.26:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:57:45", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:23", "1516337", "88.214.50.26:428", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:02:58", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:23", "1516338", "80.64.30.111:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:25:52", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:21", "1516339", "88.214.50.27:428", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:23:15", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:18", "1516318", "88.214.50.26:423", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:06:26", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:15", "1516327", "80.64.30.111:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:02:12", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:11", "1516340", "88.214.50.26:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:10:28", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:10", "1516341", "88.214.50.27:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 09:21:48", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:10", "1516342", "92.255.85.15:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:06:30", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:09", "1516343", "88.214.50.27:423", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 10:28:01", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:08", "1516344", "88.214.50.27:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 09:29:12", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:07", "1516345", "80.64.30.111:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:43:51", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:06", "1516346", "88.214.50.27:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 09:24:58", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:05", "1516347", "88.214.50.24:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 21:05:31", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:04", "1516348", "88.214.50.26:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:45:04", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:04", "1516349", "88.214.50.26:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 20:53:15", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:03", "1516350", "88.214.50.24:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:23:48", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:02", "1516351", "92.255.85.15:419", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:42:44", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:01", "1516352", "88.214.50.27:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:54:03", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:33:00", "1516353", "88.214.50.24:419", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:54:58", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:59", "1516354", "88.214.50.24:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 04:53:27", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:58", "1516355", "92.255.85.15:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:23:45", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:57", "1516356", "88.214.50.27:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 10:10:34", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:56", "1516357", "88.214.50.24:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 13:37:37", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:56", "1516358", "92.255.85.15:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:51:46", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:55", "1516359", "88.214.50.24:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 09:18:36", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:54", "1516360", "80.64.30.111:423", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:39:27", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:53", "1516361", "88.214.50.26:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 09:09:11", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:52", "1516362", "80.64.30.111:428", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:15:34", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:51", "1516363", "88.214.50.26:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 05:18:12", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:50", "1516364", "92.255.85.15:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:11:57", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:49", "1516365", "88.214.50.24:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:10:35", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:48", "1516366", "88.214.50.26:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:48:03", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:47", "1516367", "80.64.30.111:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:15:43", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:46", "1516368", "88.214.50.26:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:18:00", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:46", "1516369", "88.214.50.27:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:24:19", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:45", "1516370", "88.214.50.27:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 21:17:49", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:44", "1516371", "88.214.50.26:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:07:17", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:43", "1516372", "88.214.50.24:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:27:23", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:42", "1516373", "88.214.50.24:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 21:02:20", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:41", "1516374", "92.255.85.15:423", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 05:23:46", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:41", "1516375", "88.214.50.26:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:04:21", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:40", "1516376", "88.214.50.27:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 11:04:33", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:39", "1516377", "88.214.50.26:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:19:48", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:38", "1516378", "80.64.30.111:419", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:41:05", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:37", "1516379", "88.214.50.24:428", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 20:52:43", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:35", "1516381", "88.214.50.24:423", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:05:36", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:31", "1516289", "88.214.50.26:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 09:57:12", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:30", "1516290", "88.214.50.27:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 13:17:11", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:30", "1516291", "80.64.30.111:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:57:20", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:29", "1516292", "80.64.30.111:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:33:34", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:28", "1516293", "88.214.50.24:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:07:43", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:27", "1516294", "88.214.50.24:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:28:19", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:25", "1516295", "88.214.50.27:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 08:49:01", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:24", "1516296", "92.255.85.15:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:09:44", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:23", "1516297", "92.255.85.15:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 04:04:52", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:22", "1516298", "92.255.85.15:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:48:34", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:20", "1516299", "88.214.50.24:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 12:23:47", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:18", "1516300", "88.214.50.27:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:39:06", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:17", "1516301", "88.214.50.24:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 08:46:16", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:16", "1516302", "80.64.30.111:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 05:06:16", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:15", "1516303", "88.214.50.27:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 06:36:22", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:14", "1516304", "88.214.50.27:419", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-07 07:54:29", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:13", "1516305", "80.64.30.111:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:04:22", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:12", "1516307", "92.255.85.15:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:43:58", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:11", "1516308", "92.255.85.15:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:20:26", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:10", "1516309", "80.64.30.111:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 07:35:10", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:10", "1516310", "92.255.85.15:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-06 06:49:58", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-06 05:32:00", "1516281", "176.65.142.234:1997", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2025-05-06 11:11:30", "100", "https://app.any.run/tasks/8679ce6c-05d1-4567-bf0e-17faef24c20d?malconf=true", "None", "0", "JaffaCakes118" "2025-05-06 05:31:44", "1516225", "5.181.156.158:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "", "c2,censys,mivocloud,Sliver", "0", "MAM" "2025-05-06 05:31:39", "1516219", "156.253.227.62:1111", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "2025-05-05 19:20:05", "75", "None", "Gafgyt", "0", "elfdigest" "2025-05-06 04:00:39", "1516322", "165.22.37.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/165.22.37.20", "AS14061,C2,censys,DIGITALOCEAN-ASN,open-dir,payload,Sliver", "0", "DonPasci" "2025-05-06 00:05:10", "1516278", "185.208.156.153:1857", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:47:57", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-05-06 00:01:29", "1516277", "213.163.192.75:888", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/213.163.192.75", "AS202053,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUD", "0", "DonPasci" "2025-05-06 00:01:03", "1516276", "3.26.197.43:44818", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 20:50:20", "100", "https://search.censys.io/hosts/3.26.197.43", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-06 00:00:56", "1516275", "45.80.158.118:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-06 04:00:39", "100", "https://search.censys.io/hosts/45.80.158.118", "AS210558,C2,censys,Hookbot,SERVICES-1337-GMBH", "0", "DonPasci" "2025-05-06 00:00:55", "1516273", "79.133.46.33:2053", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-06 04:00:36", "100", "https://search.censys.io/hosts/79.133.46.33", "AS44066,C2,censys,DE-FIRSTCOLO,Hookbot", "0", "DonPasci" "2025-05-06 00:00:55", "1516274", "154.58.204.239:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-06 04:00:37", "100", "https://search.censys.io/hosts/154.58.204.239", "AS214036,C2,censys,Hookbot,ULTAHOST-AS", "0", "DonPasci" "2025-05-06 00:00:54", "1516272", "79.133.46.33:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-06 04:00:36", "100", "https://search.censys.io/hosts/79.133.46.33", "AS44066,C2,censys,DE-FIRSTCOLO,Hookbot", "0", "DonPasci" "2025-05-06 00:00:47", "1516271", "186.169.92.72:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-07 20:48:08", "100", "https://search.censys.io/hosts/186.169.92.72", "AS3816,AsyncRAT,C2,censys,COLOMBIA,RAT", "0", "DonPasci" "2025-05-06 00:00:32", "1516270", "80.76.49.13:10505", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:53:03", "100", "https://search.censys.io/hosts/80.76.49.13", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci" "2025-05-05 23:40:25", "1516269", "196.251.81.84:4002", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:49:08", "75", "https://bazaar.abuse.ch/sample/de747320d88438cd053dd0e4b331b883ffba9e81c6b328b85e54f9cc66fd3529/", "remcos", "0", "abuse_ch" "2025-05-05 23:40:24", "1516268", "196.251.81.84:4001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:49:08", "75", "https://bazaar.abuse.ch/sample/de747320d88438cd053dd0e4b331b883ffba9e81c6b328b85e54f9cc66fd3529/", "remcos", "0", "abuse_ch" "2025-05-05 22:56:59", "1516264", "45.144.48.88:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-07 20:56:52", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-05-05 21:50:35", "1516261", "176.65.141.93:9012", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:00:48", "75", "https://bazaar.abuse.ch/sample/1eec47ea978478dd0ce43a64b6da8088db801928902bebf4157b1c684d364e64/", "remcos", "0", "abuse_ch" "2025-05-05 21:50:35", "1516262", "176.65.141.93:9013", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:47:16", "75", "https://bazaar.abuse.ch/sample/1eec47ea978478dd0ce43a64b6da8088db801928902bebf4157b1c684d364e64/", "remcos", "0", "abuse_ch" "2025-05-05 21:50:34", "1516260", "176.65.141.93:9011", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-07 20:47:16", "75", "https://bazaar.abuse.ch/sample/1eec47ea978478dd0ce43a64b6da8088db801928902bebf4157b1c684d364e64/", "remcos", "0", "abuse_ch" "2025-05-05 21:50:09", "1516259", "196.251.86.174:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-06 11:10:52", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" # Number of entries: 954