################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2026-03-21 00:01:45 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-03-21 00:01:45", "1772976", "54.249.164.12:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "False", "https://search.censys.io/hosts/54.249.164.12", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci"
"2026-03-21 00:01:42", "1772974", "102.98.192.93:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "https://search.censys.io/hosts/102.98.192.93", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2026-03-21 00:01:33", "1772973", "43.212.170.35:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/43.212.170.35", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2026-03-21 00:01:13", "1772972", "34.95.222.105:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/34.95.222.105", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,open-dir,payload,Sliver", "0", "DonPasci"
"2026-03-21 00:01:06", "1772971", "172.93.109.129:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/172.93.109.129", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci"
"2026-03-21 00:01:02", "1772970", "212.118.56.95:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/212.118.56.95", ",,AS48282,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-21 00:00:59", "1772969", "124.198.131.225:10002", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/124.198.131.225", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-21 00:00:57", "1772968", "5.101.86.63:9521", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/5.101.86.63", "AS-GLOBALTELEHOST,AS62563,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-21 00:00:54", "1772967", "31.57.219.227:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/31.57.219.227", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci"
"2026-03-21 00:00:49", "1772966", "61.160.194.6:8000", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://search.censys.io/hosts/61.160.194.6", "AS140293,C2,censys,CHINATELECOM-JIANGSU-CHANGZHOU-5G-NETWORK,Gh0st,RAT", "0", "DonPasci"
"2026-03-21 00:00:46", "1772965", "143.92.61.172:1439", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://search.censys.io/hosts/143.92.61.172", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Gh0st,RAT", "0", "DonPasci"
"2026-03-21 00:00:33", "1772964", "138.68.149.128:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/138.68.149.128", "AS14061,C2,censys,CobaltStrike,cs-watermark-305419896,DIGITALOCEAN-ASN", "0", "DonPasci"
"2026-03-21 00:00:22", "1772963", "111.229.48.203:10000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/111.229.48.203", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-20 22:07:03", "1772848", "183.90.186.160:4499", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/5666ea13363e66098c490f88821dd251b2082ef2fa4d9de797a5701a3584969b/", "valleyrat_s2", "0", "abuse_ch"
"2026-03-20 21:00:53", "1772764", "194.48.251.228:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-20 20:47:30", "1772751", "144.31.47.76:80", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "", "ClickFix,WebDAV", "0", "HuntYethHounds"
"2026-03-20 20:01:33", "1772737", "128.90.105.134:9999", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "False", "https://search.censys.io/hosts/128.90.105.134", "AS40861,C2,censys,DcRAT,PARAD-40-ASN,RAT", "0", "DonPasci"
"2026-03-20 20:01:31", "1772736", "128.90.105.134:8888", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "False", "https://search.censys.io/hosts/128.90.105.134", "AS40861,C2,censys,DcRAT,PARAD-40-ASN,RAT", "0", "DonPasci"
"2026-03-20 20:01:27", "1772735", "116.102.228.192:5000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/116.102.228.192", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-03-20 20:01:24", "1772734", "151.241.154.75:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://search.censys.io/hosts/151.241.154.75", "AS399486,C2,censys,Quasar,RAT,VIRTUO", "0", "DonPasci"
"2026-03-20 20:01:15", "1772733", "178.16.53.124:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/178.16.53.124", "AS202412,C2,censys,OMEGATECH-AS,RAT,Sectop", "0", "DonPasci"
"2026-03-20 20:01:13", "1772732", "85.137.253.116:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/85.137.253.116", "AS215428,C2,censys,RAT,Sectop,SHINOMIYA", "0", "DonPasci"
"2026-03-20 20:00:58", "1772731", "45.82.245.244:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/45.82.245.244", "AS209847,C2,censys,Sliver,THE", "0", "DonPasci"
"2026-03-20 20:00:52", "1772730", "172.111.139.129:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/172.111.139.129", ",,AS212238,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-20 20:00:50", "1772729", "64.118.149.20:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/64.118.149.20", "AS138997,C2,censys,EDCL-AS-AP,RAT,Remcos", "0", "DonPasci"
"2026-03-20 20:00:46", "1772728", "162.245.218.43:5000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/162.245.218.43", "AS153040,C2,censys,QLOUDIN1-AS-AP,RAT,Remcos", "0", "DonPasci"
"2026-03-20 20:00:25", "1772727", "8.209.212.234:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/8.209.212.234", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-0", "0", "DonPasci"
"2026-03-20 20:00:23", "1772726", "47.92.25.145:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/47.92.25.145", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-03-20 20:00:21", "1772725", "124.220.30.223:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/124.220.30.223", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-20 20:00:18", "1772724", "43.160.243.161:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/43.160.243.161", "AS132203,C2,censys,CobaltStrike,cs-watermark-100000,TENCENT-NET-AP-CN", "0", "DonPasci"
"2026-03-20 19:20:58", "1772713", "192.210.229.56:80", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "", "ClickFix", "0", "HuntYethHounds"
"2026-03-20 18:03:28", "1772686", "47.84.34.181:5001", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260320-pac4hafy2p", "AS45102,C2,rat,triage,valleyrat", "0", "DonPasci"
"2026-03-20 16:01:42", "1772656", "209.38.118.246:8467", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/209.38.118.246", "AS14061,C2,censys,DIGITALOCEAN-ASN,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-03-20 16:01:02", "1772654", "157.180.14.245:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/157.180.14.245", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2026-03-20 16:00:44", "1772653", "5.101.86.72:3305", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/5.101.86.72", "AS-GLOBALTELEHOST,AS62563,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-20 16:00:21", "1772652", "101.35.95.103:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/101.35.95.103", "AS45090,C2,censys,CobaltStrike,cs-watermark-0,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-20 15:20:15", "1772614", "91.92.241.12:5880", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:20:15", "1772615", "72.56.52.10:5880", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:20:15", "1772616", "72.56.52.10:6969", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:20:15", "1772617", "65.222.202.53:5880", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:18:32", "1772612", "45.153.34.187:13121", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:18:32", "1772613", "45.153.34.187:13122", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:18:31", "1772610", "87.121.84.74:13122", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:18:31", "1772611", "87.121.84.74:13123", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:17:54", "1772606", "87.121.84.74:80", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "2026-03-20 15:18:32", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:17:54", "1772607", "87.121.84.74:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "2026-03-20 15:18:32", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:17:54", "1772608", "45.153.34.187:80", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "2026-03-20 15:18:32", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:17:54", "1772609", "45.153.34.187:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "2026-03-20 15:18:32", "75", "False", "https://github.com/deepfield/public-research/blob/main/katana/iocs/ips.csv", "Katana", "0", "abuse_ch"
"2026-03-20 15:00:32", "1772476", "87.120.187.0:7391", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260320-jwt19acv4k", "quasar", "0", "dyingbreeds_"
"2026-03-20 15:00:07", "1772475", "95.142.45.231:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260320-q3zcwagx3t", "Remcos", "0", "dyingbreeds_"
"2026-03-20 14:59:20", "1772474", "5.61.209.96:15392", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772456", "157.230.52.185:33811", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772457", "192.241.128.57:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772458", "192.241.128.57:8443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772459", "203.188.174.195:3923", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772460", "203.188.174.195:9248", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772461", "203.188.174.195:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772462", "203.188.174.236:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772463", "203.188.174.237:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772464", "203.188.174.238:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772465", "203.188.174.239:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772466", "203.188.174.240:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772467", "203.188.174.241:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772468", "203.188.174.242:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772469", "206.81.9.186:3923", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772470", "206.81.9.186:3924", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772471", "206.81.9.186:11111", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772472", "206.81.9.186:33811", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:19", "1772473", "141.98.11.123:21874", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772440", "192.206.117.19:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772441", "192.206.117.19:2222", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772442", "192.206.117.19:8081", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772443", "192.206.117.19:8082", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772444", "192.206.117.19:8443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772445", "160.22.79.29:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772446", "160.22.79.29:6767", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772447", "160.22.79.29:8443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772448", "103.77.175.243:34567", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772449", "103.77.175.243:21874", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772450", "103.77.175.243:15392", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772451", "103.77.175.243:3925", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772452", "147.182.169.126:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772453", "147.182.169.126:3389", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772454", "147.182.169.126:8443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:18", "1772455", "157.230.52.185:11111", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772424", "5.187.35.166:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772425", "5.187.35.166:8473", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772426", "5.187.35.166:48384", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772427", "5.187.35.166:1003", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772428", "5.187.35.166:3923", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772429", "5.187.35.133:3924", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772430", "5.187.35.133:1004", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772431", "87.121.84.74:13121", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "2026-03-20 15:18:31", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772432", "5.187.35.158:1337", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772433", "5.187.35.158:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772434", "5.187.35.158:8473", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772435", "5.187.35.158:8090", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772436", "5.187.35.158:2441", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772437", "5.187.35.158:2448", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772438", "5.187.35.158:15", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:17", "1772439", "5.187.35.158:18", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:16", "1772420", "5.187.35.167:2450", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:16", "1772421", "5.187.35.167:3924", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:16", "1772422", "5.187.35.167:1004", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:59:16", "1772423", "5.187.35.166:2450", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/jackskid/iocs/ips.csv", "Jackskid", "0", "abuse_ch"
"2026-03-20 14:45:58", "1772394", "45.142.195.101:8082", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/mossadproxy/iocs/hashes.csv", "Cecilio,Jackskid,MossadProxy", "0", "abuse_ch"
"2026-03-20 14:45:58", "1772395", "45.142.195.101:8083", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/mossadproxy/iocs/hashes.csv", "Cecilio,Jackskid,MossadProxy", "0", "abuse_ch"
"2026-03-20 14:45:58", "1772396", "45.142.195.102:8082", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/mossadproxy/iocs/hashes.csv", "Cecilio,Jackskid,MossadProxy", "0", "abuse_ch"
"2026-03-20 14:45:58", "1772397", "45.142.195.102:8083", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "https://github.com/deepfield/public-research/blob/main/mossadproxy/iocs/hashes.csv", "Cecilio,Jackskid,MossadProxy", "0", "abuse_ch"
"2026-03-20 13:14:00", "1772353", "103.215.77.214:8848", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "False", "https://www.virustotal.com/gui/file/0f04b091eb533d7c4d1aaf3230844d55e21dc69d94d3bacbba998c9fcdffb2fc", "AROSS-AS,AS400619,c2,virustotal,VShell", "0", "DonPasci"
"2026-03-20 13:10:31", "1772351", "45.192.169.50:8000", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "False", "https://www.virustotal.com/gui/file/25d82de7ee6408715b57cd27be84f6f09435cb6e2ebc37d2ad1085e0af53a693", "ANTBOX1-AS-AP,AS138995,c2,virustotal,VShell", "0", "DonPasci"
"2026-03-20 13:03:20", "1772337", "15.229.150.214:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://x.com/K_N1kolenko/status/2034973451065114663", "AMAZON-02,AS16509,c2,xworm", "0", "DonPasci"
"2026-03-20 13:03:20", "1772338", "38.247.145.235:7007", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://x.com/K_N1kolenko/status/2034973451065114663", "AS32097,c2,WII,xworm", "0", "DonPasci"
"2026-03-20 13:03:20", "1772339", "146.70.143.166:1012", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://x.com/K_N1kolenko/status/2034973451065114663", "AS9009,c2,M247,xworm", "0", "DonPasci"
"2026-03-20 13:03:20", "1772340", "167.114.48.166:7007", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://x.com/K_N1kolenko/status/2034973451065114663", "AS16276,c2,OVH,xworm", "0", "DonPasci"
"2026-03-20 13:03:20", "1772341", "172.93.164.102:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://x.com/K_N1kolenko/status/2034973451065114663", "AS18450,c2,WEBNX,xworm", "0", "DonPasci"
"2026-03-20 12:58:05", "1772335", "107.172.13.234:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://x.com/K_N1kolenko/status/2034964003030552641", "AS-COLOCROSSING,AS36352,c2,rat,remcos", "0", "DonPasci"
"2026-03-20 12:57:31", "1772328", "8.219.170.249:505", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "ALIBABA-CN-NET,AS45102,c2,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:57:31", "1772329", "8.222.143.232:8668", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "ALIBABA-CN-NET,AS45102,c2,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:57:31", "1772330", "47.237.17.191:389", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "ALIBABA-CN-NET,AS45102,c2,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:57:31", "1772331", "47.237.185.140:8888", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "ALIBABA-CN-NET,AS45102,c2,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:57:31", "1772332", "108.187.40.45:447", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "ANTBOX1-AS-AP,AS138995,c2,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:57:31", "1772333", "192.238.178.243:5050", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "ANTBOX1-AS-AP,AS138995,c2,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:57:31", "1772334", "192.252.181.40:447", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://x.com/K_N1kolenko/status/2034958837128503633", "AS152194,c2,CTGSERVERLIMITED-AS-AP,Farfli,Gh0st,RAT", "0", "DonPasci"
"2026-03-20 12:02:17", "1772017", "119.45.169.164:7000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/119.45.169.164", "AS45090,C2,censys,CobaltStrike,open-dir,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-20 12:02:13", "1772016", "44.204.57.133:22313", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/44.204.57.133", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-03-20 12:01:45", "1772015", "116.102.228.192:9999", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/116.102.228.192", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-03-20 12:01:42", "1772014", "193.233.112.28:5000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/193.233.112.28", "AS205775,C2,censys,NEONCORENETWORKS,RAT,Venom", "0", "DonPasci"
"2026-03-20 12:01:39", "1772013", "82.29.94.14:4444", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "False", "https://search.censys.io/hosts/82.29.94.14", "AS212238,C2,CDNEXT,censys,Havoc", "0", "DonPasci"
"2026-03-20 12:01:33", "1772012", "185.100.157.29:8080", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "False", "https://search.censys.io/hosts/185.100.157.29", "AS205775,C2,censys,Hookbot,NEONCORENETWORKS", "0", "DonPasci"
"2026-03-20 12:01:08", "1772011", "116.62.83.112:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/116.62.83.112", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci"
"2026-03-20 12:01:04", "1772010", "107.174.252.2:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/107.174.252.2", "AS-COLOCROSSING,AS36352,C2,censys,Sliver", "0", "DonPasci"
"2026-03-20 12:00:53", "1772009", "31.57.38.10:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/31.57.38.10", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci"
"2026-03-20 12:00:30", "1772008", "47.93.9.48:53434", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/47.93.9.48", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-03-20 12:00:24", "1772007", "45.221.118.180:1111", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/45.221.118.180", "AS55933,C2,censys,CLOUDIE-AS-AP,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2026-03-20 12:00:19", "1772006", "103.41.7.144:9671", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/103.41.7.144", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci"
"2026-03-20 11:30:48", "1771999", "8.148.64.76:14725", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "None", "NjRAT", "0", "abuse_ch"
"2026-03-20 08:57:18", "1771956", "77.91.96.222:7777", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "90", "False", "None", "clipper,Electron,stealer", "0", "Skynet11"
"2026-03-20 08:10:49", "1771940", "135.181.202.57:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:49", "1771941", "96.126.176.24:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771931", "178.104.61.207:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771932", "5.9.170.141:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771933", "5.9.170.143:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771934", "178.104.70.6:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771935", "138.201.165.68:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771936", "74.0.48.172:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771937", "150.241.64.10:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771938", "185.198.234.245:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:10:48", "1771939", "5.9.170.142:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-03-20 08:09:52", "1771922", "51.79.197.182:56001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/b9116582a5b629ca0983e34037ea467a5b2da12f6bed8904b85e35429c08c4f3/", "None", "0", "abuse_ch"
"2026-03-20 08:08:31", "1771921", "158.255.208.153:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/fa72b18f53eeca7273818be2bf00b8bc14de8b33ff417e40ec97feabbaa33de0/", "dropped-by-Amadey", "0", "abuse_ch"
"2026-03-20 08:02:12", "1771917", "157.22.174.205:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/157.22.174.205", "ADMINVPS,AS211183,C2,censys,PowershellEmpire", "0", "DonPasci"
"2026-03-20 08:01:26", "1771916", "178.16.55.108:7008", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/178.16.55.108", "AS202412,AsyncRAT,C2,censys,OMEGATECH-AS,RAT", "0", "DonPasci"
"2026-03-20 08:01:20", "1771915", "206.123.152.135:5900", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/206.123.152.135", "AS9009,AsyncRAT,C2,censys,M247,RAT", "0", "DonPasci"
"2026-03-20 08:01:11", "1771914", "65.20.97.249:443", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "90", "False", "https://search.censys.io/hosts/65.20.97.249", "AS-VULTR,AS20473,C2,censys,RAT,ShadowPad", "0", "DonPasci"
"2026-03-20 08:00:56", "1771912", "146.190.202.235:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/146.190.202.235", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2026-03-20 08:00:23", "1771911", "141.195.112.192:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-03-21 03:10:06", "100", "False", "https://search.censys.io/hosts/141.195.112.192", "AS26383,ASNET,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2026-03-20 07:55:02", "1771908", "78.153.150.32:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/b0e1beb8efa31915bb0391e97993f6a6774feda87f1b61d67f9d3c8bb6308b12/", "ACRStealer", "0", "abuse_ch"
"2026-03-20 07:52:02", "1771899", "192.238.184.156:448", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/abbef9af947ab757f9d1f1149db7e622d2977ac3fc1a194ea8463388af4ea2e4/", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-03-20 07:52:01", "1771898", "192.238.184.156:447", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/abbef9af947ab757f9d1f1149db7e622d2977ac3fc1a194ea8463388af4ea2e4/", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-03-20 07:35:42", "1771894", "185.241.211.6:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/f82bd5500ac7b83605b746db603f9ff4c008ebfb185c006cd52b5d02f04f3b08/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-03-20 07:16:14", "1771889", "31.57.216.27:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:14", "1771890", "176.65.150.25:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:13", "1771883", "130.12.180.85:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:13", "1771884", "31.57.216.28:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:13", "1771885", "130.12.182.175:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:13", "1771886", "46.151.182.19:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:13", "1771887", "130.12.180.119:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 07:16:13", "1771888", "46.151.182.245:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-20 06:44:34", "1771878", "38.60.224.110:6443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-20 06:44:30", "1771877", "118.178.108.248:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-20 06:44:28", "1771876", "77.91.97.4:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-20 06:42:00", "1771875", "182.255.44.96:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-20 06:41:57", "1771874", "43.156.245.214:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-20 06:41:55", "1771873", "111.228.5.127:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-03-20 06:41:28", "1771871", "8.130.68.100:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-03-20 06:20:49", "1771670", "118.122.8.154:8142", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "", "NetBus", "0", "whoamix302"
"2026-03-20 06:20:49", "1771674", "217.119.129.76:80", "ip:port", "botnet_cc", "win.smartloader", "None", "SmartLoader", "2026-03-20 08:17:16", "75", "True", "", "SmartLoader", "0", "tcains1"
"2026-03-20 04:19:09", "1771846", "51.222.87.16:433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-03-21 03:13:15", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-03-20 04:01:54", "1771842", "187.77.174.248:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/187.77.174.248", "AS-HOSTINGER,AS47583,C2,censys,PowershellEmpire", "0", "DonPasci"
"2026-03-20 04:01:37", "1771841", "45.133.251.211:8080", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "https://search.censys.io/hosts/45.133.251.211", "AS215439,C2,censys,Gafgyt,open-dir,PLAY2GO-NET", "0", "DonPasci"
"2026-03-20 04:01:26", "1771840", "121.37.40.52:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "False", "https://search.censys.io/hosts/121.37.40.52", "AS55990,C2,censys,HWCSNET,moobot", "0", "DonPasci"
"2026-03-20 04:01:13", "1771839", "93.232.103.235:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "https://search.censys.io/hosts/93.232.103.235", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci"
"2026-03-20 04:01:05", "1771838", "52.66.212.26:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "False", "https://search.censys.io/hosts/52.66.212.26", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci"
"2026-03-20 04:00:41", "1771836", "172.86.94.94:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/172.86.94.94", "AS30823,AUROLOGIC,C2,censys,Sliver", "0", "DonPasci"
"2026-03-20 03:16:45", "1771829", "8.210.237.3:8443", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-03-20 03:16:29", "1771828", "23.248.202.170:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-03-20 03:16:06", "1771827", "137.220.155.75:8081", "ip:port", "botnet_cc", "win.fatal_rat", "Sainbox RAT", "FatalRat", "", "100", "False", "None", "FatalRAT", "0", "abuse_ch"
"2026-03-20 03:15:54", "1771826", "188.214.35.67:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2026-03-20 08:10:35", "100", "False", "None", "BumbleBee", "0", "abuse_ch"
"2026-03-20 03:15:37", "1771825", "45.74.48.106:3421", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2026-03-20 00:02:22", "1771794", "199.101.111.80:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.80", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-03-20 00:02:19", "1771793", "199.101.111.187:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.187", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-03-20 00:02:12", "1771791", "8.136.13.87:7001", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/8.136.13.87", "AdaptixC2,ALIBABA-CN-NET,AS37963,C2,censys", "0", "DonPasci"
"2026-03-20 00:02:02", "1771790", "45.133.251.211:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "https://search.censys.io/hosts/45.133.251.211", "AS215439,C2,censys,Gafgyt,open-dir,PLAY2GO-NET", "0", "DonPasci"
"2026-03-20 00:01:52", "1771789", "45.141.26.218:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "False", "https://search.censys.io/hosts/45.141.26.218", "AS142299,C2,censys,CLOUDFORESTCOLTD-AS-AP,moobot", "0", "DonPasci"
"2026-03-20 00:01:42", "1771788", "86.38.225.182:1234", "ip:port", "botnet_cc", "win.bit_rat", "None", "BitRAT", "", "100", "False", "https://search.censys.io/hosts/86.38.225.182", "AS396073,BitRAT,C2,censys,MAJESTIC-HOSTING-01,RAT", "0", "DonPasci"
"2026-03-20 00:01:34", "1771787", "116.102.228.192:6002", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/116.102.228.192", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-03-20 00:01:30", "1771786", "116.102.228.192:6001", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/116.102.228.192", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-03-20 00:01:26", "1771785", "84.32.131.94:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "False", "https://search.censys.io/hosts/84.32.131.94", "AS204770,C2,censys,CHERRYSERVERS3-AS,Havoc", "0", "DonPasci"
"2026-03-20 00:01:19", "1771784", "43.213.167.187:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/43.213.167.187", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2026-03-20 00:00:56", "1771783", "172.111.232.228:8201", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/172.111.232.228", "AS7040,C2,censys,NETMINDERS,RAT,Remcos", "0", "DonPasci"
"2026-03-20 00:00:52", "1771782", "172.111.139.74:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/172.111.139.74", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-19 23:02:26", "1771771", "94.154.32.93:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260319-zrt4fsew2z", "XWorm", "0", "dyingbreeds_"
"2026-03-19 23:00:50", "1771766", "94.154.32.93:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260319-2mw4csfv2w", "quasar", "0", "dyingbreeds_"
"2026-03-19 23:00:50", "1771767", "94.154.32.93:7000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260319-2mw4csfv2w", "quasar", "0", "dyingbreeds_"
"2026-03-19 23:00:36", "1771765", "2.58.56.102:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-20 20:00:48", "100", "False", "https://tria.ge/260319-zrxvcaev2k", "Remcos", "0", "dyingbreeds_"
"2026-03-19 21:31:15", "1771741", "45.138.16.218:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-03-19 23:00:57", "100", "False", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2026-03-19 20:28:34", "1771728", "159.203.135.187:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:24", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:30", "1771727", "104.248.52.185:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:20", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:27", "1771726", "137.184.105.220:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:17", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:23", "1771725", "142.93.134.222:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:14", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:19", "1771724", "209.97.177.38:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:10", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:15", "1771723", "104.248.64.104:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:07", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:10", "1771722", "178.128.163.225:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:16:02", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:07", "1771721", "157.230.180.19:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:15:58", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:28:03", "1771720", "104.248.216.4:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:15:55", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:27:58", "1771719", "178.128.241.188:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 21:15:52", "75", "False", "None", "AISURU", "0", "abuse_ch"
"2026-03-19 20:02:51", "1771714", "45.136.13.247:43211", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/45.136.13.247", "AdaptixC2,AS139659,C2,censys,LUCID-AS-AP", "0", "DonPasci"
"2026-03-19 20:02:47", "1771713", "167.17.47.121:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/167.17.47.121", "AdaptixC2,AS43180,C2,censys,TRUNKNETWORKS-AS", "0", "DonPasci"
"2026-03-19 20:02:33", "1771712", "91.92.34.130:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "", "100", "False", "https://search.censys.io/hosts/91.92.34.130", "AS207043,censys,Chaos,DEDIK-IO,panel", "0", "DonPasci"
"2026-03-19 20:02:18", "1771711", "128.90.105.236:8888", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "False", "https://search.censys.io/hosts/128.90.105.236", "AS40861,C2,censys,DcRAT,PARAD-40-ASN,RAT", "0", "DonPasci"
"2026-03-19 20:02:13", "1771710", "116.102.228.192:8000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/116.102.228.192", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-03-19 20:02:05", "1771709", "43.212.170.35:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/43.212.170.35", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2026-03-19 20:01:58", "1771708", "144.31.159.15:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/144.31.159.15", "AS202051,C2,censys,NETGRID-HOST-LT,RAT,Sectop", "0", "DonPasci"
"2026-03-19 20:01:54", "1771707", "146.103.126.131:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/146.103.126.131", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci"
"2026-03-19 20:01:50", "1771706", "141.11.197.133:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/141.11.197.133", "AS202051,C2,censys,NETGRID-HOST-LT,RAT,Sectop", "0", "DonPasci"
"2026-03-19 20:01:46", "1771705", "46.149.78.104:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/46.149.78.104", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci"
"2026-03-19 20:01:40", "1771704", "172.111.201.64:8081", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/172.111.201.64", "AS3223,AsyncRAT,C2,censys,RAT,VOXILITY", "0", "DonPasci"
"2026-03-19 20:01:36", "1771703", "206.123.152.135:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/206.123.152.135", "AS9009,AsyncRAT,C2,censys,M247,RAT", "0", "DonPasci"
"2026-03-19 20:01:22", "1771702", "20.236.7.186:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/20.236.7.186", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Sliver", "0", "DonPasci"
"2026-03-19 20:01:18", "1771701", "185.225.226.148:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/185.225.226.148", "AS207560,C2,censys,Sliver,VIKHOST", "0", "DonPasci"
"2026-03-19 20:01:06", "1771699", "85.17.162.226:2121", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/85.17.162.226", "AS60781,C2,censys,LEASEWEB-NL-AMS-01,RAT,Remcos", "0", "DonPasci"
"2026-03-19 20:01:02", "1771698", "185.222.58.37:7070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/185.222.58.37", "AS51447,C2,censys,RAT,Remcos,ROOTLAYERNET", "0", "DonPasci"
"2026-03-19 20:00:58", "1771697", "185.222.58.37:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/185.222.58.37", "AS51447,C2,censys,RAT,Remcos,ROOTLAYERNET", "0", "DonPasci"
"2026-03-19 20:00:26", "1771695", "43.156.245.214:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/43.156.245.214", "AS132203,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP-CN", "0", "DonPasci"
"2026-03-19 20:00:20", "1771694", "156.234.190.100:48712", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/156.234.190.100", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci"
"2026-03-19 19:01:09", "1771678", "38.240.55.119:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "False", "https://tria.ge/260319-wqafwaaw2l", "RedLineStealer", "0", "dyingbreeds_"
"2026-03-19 19:00:15", "1771677", "130.12.180.36:4556", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-03-20 20:01:09", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2026-03-19 18:01:01", "1771654", "192.3.136.197:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-03-19 19:02:09", "100", "False", "https://tria.ge/260319-sf5x9adz3q", "AS36352,C2,triage,xworm", "0", "DonPasci"
"2026-03-19 16:00:47", "1771500", "192.241.120.148:10443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/192.241.120.148", "AS55286,C2,censys,RAT,Remcos,SERVER-MANIA", "0", "DonPasci"
"2026-03-19 15:40:37", "1771495", "144.31.0.81:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "None", "NetSupport", "0", "abuse_ch"
"2026-03-19 14:10:52", "1771479", "69.61.36.229:2080", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-03-19 15:02:03", "75", "False", "https://bazaar.abuse.ch/sample/292f0dc47472057b493e1858eda6c1843531ad0f9ddcb1f7959b3677d2e0b0f3/", "xworm", "0", "abuse_ch"
"2026-03-19 13:19:44", "1771462", "45.150.34.2:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/7504898b17a9ce05eb9209128bcd0fb67d675a70c8c64f6f624d08b47b2fe3af/", "ACRStealer", "0", "abuse_ch"
"2026-03-19 13:05:34", "1771420", "87.121.79.201:39001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://bazaar.abuse.ch/sample/2e1e891da17c20d5d8eacc82374b84cfb30536c9b642cfb26e8ba6d8d3bf0a90/", "c2,WeedHack", "0", "burger"
"2026-03-19 13:05:34", "1771421", "87.121.79.201:39002", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://bazaar.abuse.ch/sample/2e1e891da17c20d5d8eacc82374b84cfb30536c9b642cfb26e8ba6d8d3bf0a90/", "c2,WeedHack", "0", "burger"
"2026-03-19 13:05:34", "1771422", "87.121.79.201:39003", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://bazaar.abuse.ch/sample/2e1e891da17c20d5d8eacc82374b84cfb30536c9b642cfb26e8ba6d8d3bf0a90/", "c2,WeedHack", "0", "burger"
"2026-03-19 13:03:15", "1771444", "176.65.132.144:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/63066d64377e314bc34b7e2257910324f8ca73dea9ef41586df6be5785ee868a/", "ACRStealer", "0", "abuse_ch"
"2026-03-19 13:03:06", "1771442", "103.83.86.16:60046", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-20 12:00:57", "100", "False", "", "None", "0", "proxylife"
"2026-03-19 13:03:06", "1771443", "103.83.86.16:60047", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-03-19 15:00:11", "100", "False", "", "None", "0", "proxylife"
"2026-03-19 12:59:27", "1771435", "83.217.209.92:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/3d7e9e61ddc414e65a76eb579c0fa65edb1298d4b000b85105c7b7aad468b1d2/", "ACRStealer", "0", "abuse_ch"
"2026-03-19 12:01:55", "1771409", "199.101.111.89:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.89", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-03-19 12:01:25", "1771408", "27.75.110.255:5000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/27.75.110.255", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-03-19 12:01:20", "1771406", "185.111.212.127:25565", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/185.111.212.127", "AS20818,C2,censys,NSS,RAT,Venom", "0", "DonPasci"
"2026-03-19 12:01:02", "1771403", "139.84.131.21:443", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "90", "False", "https://search.censys.io/hosts/139.84.131.21", "AS-VULTR,AS20473,C2,censys,RAT,ShadowPad", "0", "DonPasci"
"2026-03-19 12:00:28", "1771402", "156.234.233.189:48712", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/156.234.233.189", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci"
"2026-03-19 12:00:24", "1771401", "117.72.34.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/117.72.34.117", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2026-03-19 12:00:19", "1771400", "78.155.221.66:8078", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/78.155.221.66", "AS49505,C2,censys,CobaltStrike,cs-watermark-987654321,SELECTEL", "0", "DonPasci"
"2026-03-19 11:00:20", "1771381", "87.121.79.176:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-03-20 20:01:23", "100", "False", "https://tria.ge/260319-kwhtnacz6p", "quasar", "0", "dyingbreeds_"
"2026-03-19 09:30:46", "1771351", "151.242.122.227:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.zscaler.com/blogs/security-research/technical-analysis-snappyclient", "c2,SnappyClient", "0", "juroots"
"2026-03-19 09:30:46", "1771352", "151.242.122.227:3334", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.zscaler.com/blogs/security-research/technical-analysis-snappyclient", "c2,SnappyClient", "0", "juroots"
"2026-03-19 09:13:37", "1771347", "85.239.144.81:80", "ip:port", "payload_delivery", "js.iclickfix", "None", "IClickFix", "", "100", "False", "", "ClickFix,IClickFix,NetSupport RAT,payload", "0", "HuntYethHounds"
"2026-03-19 08:07:09", "1771327", "89.124.82.166:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "50", "False", "", "Vidar", "0", "crep1x"
"2026-03-19 08:01:34", "1771324", "103.177.47.67:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/103.177.47.67", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-03-19 08:01:29", "1771323", "103.73.161.139:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/103.73.161.139", "AdaptixC2,AS401696,C2,censys,COGNETCLOUD", "0", "DonPasci"
"2026-03-19 08:01:10", "1771322", "175.41.255.54:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "False", "https://search.censys.io/hosts/175.41.255.54", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci"
"2026-03-19 08:00:58", "1771320", "141.11.197.134:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/141.11.197.134", "AS202051,C2,censys,NETGRID-HOST-LT,RAT,Sectop", "0", "DonPasci"
"2026-03-19 08:00:56", "1771319", "159.100.22.59:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/159.100.22.59", "AS214036,AsyncRAT,C2,censys,RAT,ULTAHOST-AS", "0", "DonPasci"
"2026-03-19 08:00:55", "1771318", "43.112.66.41:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/43.112.66.41", "ALIBABA-CN-NET,AS45102,C2,censys,Supershell", "0", "DonPasci"
"2026-03-19 08:00:42", "1771317", "217.60.61.184:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "False", "https://search.censys.io/hosts/217.60.61.184", "AS56971,C2,censys,RAT,SpiceRAT", "0", "DonPasci"
"2026-03-19 08:00:40", "1771316", "209.145.53.103:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/209.145.53.103", "AS40021,C2,censys,CONTABO-40021,RAT,Remcos", "0", "DonPasci"
"2026-03-19 08:00:18", "1771315", "113.44.178.174:808", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/113.44.178.174", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci"
"2026-03-19 06:57:49", "1771297", "176.65.150.25:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "75", "False", "", "Tofsee", "0", "abuse_ch"
"2026-03-19 06:44:30", "1771293", "85.137.252.164:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/ebb03085c9091d87e29f79ffc36f35277aaf46ec4356abf29c3bc93e87e8cd82/", "ACRStealer", "0", "abuse_ch"
"2026-03-19 06:44:30", "1771294", "46.29.235.240:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/ebb03085c9091d87e29f79ffc36f35277aaf46ec4356abf29c3bc93e87e8cd82/", "ACRStealer", "0", "abuse_ch"
"2026-03-19 06:32:34", "1771287", "46.30.188.99:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/27a5d818f690b4c0b1679381ee48ffafb8d3b4ad6247797c32698bd6992a224f/", "None", "0", "abuse_ch"
"2026-03-19 06:25:28", "1771245", "150.241.94.112:80", "ip:port", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "ClearFake,Fragtor,staging,WebDAV", "0", "Lenard"
"2026-03-19 06:25:27", "1771247", "195.200.28.78:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:27", "1771248", "178.236.252.157:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:26", "1771249", "77.91.96.237:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:26", "1771250", "141.98.234.8:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:26", "1771251", "45.150.34.50:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:25", "1771252", "147.45.67.90:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:25", "1771253", "89.124.76.53:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:25", "1771256", "147.45.67.91:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:24", "1771254", "195.10.205.247:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:23", "1771255", "77.91.96.218:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:22", "1771257", "193.221.201.166:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:22", "1771258", "178.236.252.151:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:21", "1771259", "141.98.234.19:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:21", "1771260", "81.19.141.151:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:20", "1771261", "45.130.60.32:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:20", "1771262", "45.94.47.236:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:20", "1771265", "94.103.80.119:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:19", "1771263", "89.124.79.28:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:18", "1771264", "89.124.82.199:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:17", "1771266", "109.234.38.250:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:17", "1771267", "185.161.251.28:443", "ip:port", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "False", "None", "ACRStealer,nginx,POST-only,vdsina,wke-sideload", "0", "Lenard"
"2026-03-19 06:25:16", "1771270", "185.178.208.162:443", "ip:port", "botnet_cc", "jar.qealler", "Pyrogenic Infostealer", "Qealler", "", "75", "False", "None", "crypto,Minecraft,stealer", "0", "Skynet11"
"2026-03-19 06:25:12", "1771215", "45.150.34.158:8080", "ip:port", "botnet_cc", "js.glassworm", "None", "GlassWorm", "", "100", "False", "https://codeberg.org/tip-o-deincognito/glassworm-writeup/src/branch/main/REPORT_led_win32.md", "GlassWorm,wave3-exfil", "0", "tipo_deincognito"
"2026-03-19 06:25:08", "1771207", "172.94.9.4:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "", "None", "1", "aduma"
"2026-03-19 06:25:04", "1771200", "95.169.204.198:443", "ip:port", "botnet_cc", "elf.chaos", "None", "Chaos", "", "75", "False", "https://search.censys.io/hosts/45.153.186.237", "c2,Chaos,FakeAppleTLS,Iran", "0", "Lenard"
"2026-03-19 06:25:03", "1771198", "45.153.186.215:8080", "ip:port", "botnet_cc", "elf.chaos", "None", "Chaos", "", "75", "False", "https://search.censys.io/hosts/45.153.186.237", "c2,Chaos,FakeAppleTLS,Iran", "0", "Lenard"
"2026-03-19 06:25:01", "1771192", "64.227.93.6:8080", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-03-19 19:34:48", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-03-19 06:25:00", "1771178", "157.245.71.216:8080", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-03-19 06:24:47", "1771126", "45.151.106.127:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:46", "1771127", "45.131.214.189:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:46", "1771128", "86.54.25.43:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:45", "1771129", "91.92.243.14:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:44", "1771130", "138.124.88.111:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:44", "1771131", "89.46.38.100:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:43", "1771132", "196.251.107.217:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:42", "1771133", "193.143.1.33:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:42", "1771134", "213.165.47.174:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "", "Stealc", "0", "RacWatchin8872"
"2026-03-19 06:24:35", "1771107", "64.89.161.130:44300", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-03-19 04:00:12", "100", "False", "None", "Mirai", "0", "elfdigest"
"2026-03-19 06:24:30", "1771095", "165.227.54.160:12345", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-03-19 06:24:29", "1771080", "206.189.117.106:8080", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-03-19 06:24:29", "1771082", "68.183.1.7:9034", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-03-19 06:24:28", "1771052", "198.211.100.209:9034", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-03-19 06:24:27", "1771041", "213.176.73.145:80", "ip:port", "botnet_cc", "win.smartloader", "None", "SmartLoader", "", "75", "True", "", "SmartLoader", "0", "tcains1"
"2026-03-19 06:15:47", "1771283", "182.92.119.28:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-19 06:15:44", "1771281", "36.140.162.173:9001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-19 06:15:44", "1771282", "43.134.75.173:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-19 06:15:19", "1771280", "39.100.68.138:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-03-20 06:41:45", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-03-19 06:01:56", "1771275", "103.210.238.29:22012", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260319-gn5rnshw3w", "AS142403,C2,rat,triage,valleyrat", "0", "DonPasci"
"2026-03-19 06:01:56", "1771276", "156.247.40.59:5050", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260319-fzx1jaav2p", "AS401739,C2,rat,triage,valleyrat", "0", "DonPasci"
"2026-03-19 06:00:18", "1771273", "34.39.197.251:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260319-ezsv5shx9q", "AS396982,C2,triage,xworm", "0", "DonPasci"
"2026-03-19 04:01:40", "1771242", "196.75.151.163:2222", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/196.75.151.163", "AS36903,C2,censys,hacktool,MetaSploit,Meterpreter,MT-MPLS", "0", "DonPasci"
"2026-03-19 04:01:13", "1771241", "193.203.15.153:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "False", "https://search.censys.io/hosts/193.203.15.153", "AS51167,C2,censys,CONTABO,Havoc", "0", "DonPasci"
"2026-03-19 04:01:07", "1771240", "43.213.167.187:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/43.213.167.187", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2026-03-19 04:01:05", "1771239", "79.72.86.54:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/79.72.86.54", "AS31898,C2,censys,Mythic,ORACLE-BMC-31898", "0", "DonPasci"
"2026-03-19 04:00:56", "1771238", "161.248.239.240:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/161.248.239.240", "AS150895,AsyncRAT,C2,censys,EZTECH-VN,RAT", "0", "DonPasci"
"2026-03-19 04:00:54", "1771237", "178.16.55.211:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://search.censys.io/hosts/178.16.55.211", "AS202412,AsyncRAT,C2,censys,OMEGATECH-AS,RAT", "0", "DonPasci"
"2026-03-19 04:00:40", "1771236", "172.111.213.123:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/172.111.213.123", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2026-03-19 04:00:37", "1771235", "85.206.168.238:888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/85.206.168.238", "AS61272,C2,censys,IST-AS,RAT,Remcos", "0", "DonPasci"
# Number of entries: 334