################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2026-02-28 07:00:09 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-02-28 07:00:17", "1755638", "114.66.10.128:8080", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "75", "False", "https://search.censys.io/hosts/114.66.10.128", "AS136188,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-28 07:00:16", "1755637", "137.220.224.87:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "75", "False", "https://search.censys.io/hosts/137.220.224.87", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-28 07:00:09", "1755636", "114.132.222.244:30222", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/114.132.222.244", "AS45090,C2,censys", "0", "dyingbreeds_"
"2026-02-28 06:01:26", "1755627", "209.25.140.25:27034", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260228-eg7ataav9d", "AS400519,C2,triage,xworm", "0", "DonPasci"
"2026-02-28 04:44:28", "1755618", "152.53.82.239:3003", "ip:port", "botnet_cc", "win.castleloader", "None", "CASTLELOADER", "2026-02-28 06:44:28", "75", "False", "None", "CASTLELOADER,drb-ra", "0", "abuse_ch"
"2026-02-28 04:01:26", "1755615", "16.171.60.27:42833", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/16.171.60.27", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-28 04:00:58", "1755613", "116.102.239.155:6000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/116.102.239.155", "AS7552,C2,censys,RAT,Venom,VIETEL-AS-AP", "0", "DonPasci"
"2026-02-28 04:00:35", "1755612", "107.148.49.212:8443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "100", "False", "https://search.censys.io/hosts/107.148.49.212", "AS398478,C2,censys,PEG-HK,Pupy,RAT", "0", "DonPasci"
"2026-02-28 04:00:30", "1755611", "137.220.224.90:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-28 07:00:17", "100", "False", "https://search.censys.io/hosts/137.220.224.90", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Gh0st,RAT", "0", "DonPasci"
"2026-02-28 04:00:15", "1755610", "113.44.189.231:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 07:00:15", "100", "False", "https://search.censys.io/hosts/113.44.189.231", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci"
"2026-02-28 04:00:14", "1755609", "115.191.53.193:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 07:00:08", "100", "False", "https://search.censys.io/hosts/115.191.53.193", "AS137718,C2,censys,CobaltStrike,cs-watermark-666666666,VOLCANO-ENGINE", "0", "DonPasci"
"2026-02-28 03:00:50", "1755605", "115.231.70.49:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/115.231.70.49", "AS58461,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-28 03:00:50", "1755606", "8.219.102.252:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/8.219.102.252", "AS45102,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-28 03:00:29", "1755604", "89.223.95.22:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 04:00:57", "100", "False", "https://search.censys.io/hosts/89.223.95.22", "AS202422,C2,censys,GHOST", "0", "dyingbreeds_"
"2026-02-28 03:00:25", "1755603", "20.246.108.209:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 04:00:55", "100", "False", "https://search.censys.io/hosts/20.246.108.209", "AS8075,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-28 03:00:24", "1755602", "20.246.108.209:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 04:00:54", "100", "False", "https://search.censys.io/hosts/20.246.108.209", "AS8075,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-28 03:00:19", "1755601", "178.255.244.5:56260", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 04:00:47", "100", "False", "https://search.censys.io/hosts/178.255.244.5", "AS55933,C2,censys,Supershell", "0", "dyingbreeds_"
"2026-02-28 03:00:12", "1755600", "156.224.28.186:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 04:00:11", "100", "False", "https://search.censys.io/hosts/156.224.28.186", "AS134365,C2,censys", "0", "dyingbreeds_"
"2026-02-28 02:53:10", "1755599", "59.110.40.60:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 06:50:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-02-28 00:40:12", "1755560", "78.29.43.89:40978", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "None", "NjRAT", "0", "abuse_ch"
"2026-02-28 00:01:35", "1755559", "199.101.111.143:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.143", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-28 00:00:53", "1755558", "65.108.225.254:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/65.108.225.254", "AS24940,C2,censys,HETZNER-AS,payload,Sliver", "0", "DonPasci"
"2026-02-28 00:00:40", "1755557", "130.94.33.141:42208", "ip:port", "botnet_cc", "elf.gobrat", "None", "GobRAT", "", "100", "False", "https://search.censys.io/hosts/130.94.33.141", "AS154177,C2,censys,GobRAT,LIGHT4-AS-AP,RAT", "0", "DonPasci"
"2026-02-28 00:00:14", "1755556", "23.248.213.115:22560", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 03:00:10", "100", "False", "https://search.censys.io/hosts/23.248.213.115", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci"
"2026-02-27 23:01:00", "1755552", "197.0.81.220:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "False", "https://search.censys.io/hosts/197.0.81.220", "AS37705,C2,censys,TOPNET", "0", "dyingbreeds_"
"2026-02-27 23:00:35", "1755548", "94.154.35.160:81", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-28 00:01:08", "100", "False", "https://search.censys.io/hosts/94.154.35.160", "AS202412,C2,censys,OMEGATECH-AS,RAT", "0", "dyingbreeds_"
"2026-02-27 23:00:32", "1755546", "198.135.54.230:5000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-28 00:01:04", "100", "False", "https://search.censys.io/hosts/198.135.54.230", "AS396073,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 23:00:32", "1755547", "116.102.239.155:9999", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-28 00:01:05", "100", "False", "https://search.censys.io/hosts/116.102.239.155", "AS7552,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 23:00:15", "1755533", "162.212.153.138:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 00:00:46", "90", "False", "https://search.censys.io/hosts/162.212.153.138", "AS11878,C2,censys", "0", "dyingbreeds_"
"2026-02-27 21:12:13", "1755519", "176.114.91.69:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "90", "False", "None", "Earth Baxia", "0", "Rony"
"2026-02-27 20:01:08", "1755512", "27.124.20.143:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 23:00:28", "100", "False", "https://search.censys.io/hosts/27.124.20.143", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci"
"2026-02-27 20:01:07", "1755511", "27.124.20.136:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 23:00:27", "100", "False", "https://search.censys.io/hosts/27.124.20.136", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci"
"2026-02-27 20:01:06", "1755510", "159.65.245.86:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 23:00:28", "100", "False", "https://search.censys.io/hosts/159.65.245.86", "AS14061,C2,censys,DIGITALOCEAN-ASN,Quasar,RAT", "0", "DonPasci"
"2026-02-27 20:01:05", "1755509", "27.124.20.138:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 23:00:29", "100", "False", "https://search.censys.io/hosts/27.124.20.138", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Quasar,RAT", "0", "DonPasci"
"2026-02-27 20:01:00", "1755508", "172.239.98.123:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-27 23:00:25", "100", "False", "https://search.censys.io/hosts/172.239.98.123", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci"
"2026-02-27 20:00:59", "1755506", "85.137.249.45:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-27 23:00:23", "100", "False", "https://search.censys.io/hosts/85.137.249.45", "ALEXHOST,AS200019,C2,censys,Mythic", "0", "DonPasci"
"2026-02-27 20:00:59", "1755507", "3.21.178.110:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-27 23:00:24", "100", "False", "https://search.censys.io/hosts/3.21.178.110", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2026-02-27 20:00:49", "1755505", "38.148.247.212:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-27 23:00:19", "100", "False", "https://search.censys.io/hosts/38.148.247.212", "AS8796,C2,censys,FD-298-8796,Supershell", "0", "DonPasci"
"2026-02-27 20:00:40", "1755504", "161.35.221.116:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-27 23:00:16", "100", "False", "https://search.censys.io/hosts/161.35.221.116", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2026-02-27 20:00:35", "1755503", "162.245.218.22:1000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/162.245.218.22", "AS153040,C2,censys,QLOUDIN1-AS-AP,RAT,Remcos", "0", "DonPasci"
"2026-02-27 19:00:33", "1755499", "116.102.239.155:6001", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-27 20:01:11", "100", "False", "https://search.censys.io/hosts/116.102.239.155", "AS7552,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 19:00:33", "1755500", "116.102.239.155:8000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-27 20:01:12", "100", "False", "https://search.censys.io/hosts/116.102.239.155", "AS7552,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 19:00:31", "1755498", "185.49.165.41:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-27 20:01:09", "100", "False", "https://search.censys.io/hosts/185.49.165.41", "AS202223,C2,censys,GE-ODREX-AS", "0", "dyingbreeds_"
"2026-02-27 19:00:30", "1755497", "185.49.165.41:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-27 20:01:10", "100", "False", "https://search.censys.io/hosts/185.49.165.41", "AS202223,C2,censys,GE-ODREX-AS", "0", "dyingbreeds_"
"2026-02-27 19:00:23", "1755496", "147.124.219.156:31203", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-27 20:00:51", "100", "False", "https://search.censys.io/hosts/147.124.219.156", "AS396073,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 19:00:13", "1755495", "78.142.18.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-27 20:00:12", "100", "False", "https://search.censys.io/hosts/78.142.18.52", "AS213438,C2,censys", "0", "dyingbreeds_"
"2026-02-27 19:00:11", "1755494", "78.142.18.52:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-27 20:00:11", "100", "False", "https://search.censys.io/hosts/78.142.18.52", "AS213438,C2,censys", "0", "dyingbreeds_"
"2026-02-27 18:49:21", "1755488", "49.119.121.19:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:48:17", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-27 17:20:37", "1755478", "198.23.175.51:4078", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "False", "https://bazaar.abuse.ch/sample/6475ff60240e5415552a7fc540f397b7bf8a747ce4a3f06d7cce1718c3b359d8/", "xworm", "0", "abuse_ch"
"2026-02-27 17:15:39", "1755477", "45.13.237.121:8041", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://urlhaus.abuse.ch/url/3786964/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-27 16:45:38", "1755476", "46.31.77.130:1604", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-28 03:00:56", "75", "False", "https://bazaar.abuse.ch/sample/bca01021e4c5f68d94c67a71e305e9230c3a69e5fb5da9854ae606881dd8bd76/", "quasar", "0", "abuse_ch"
"2026-02-27 16:39:37", "1755474", "5.252.153.53:3333", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/04fffcd5e0509e3609e5dc106afb8bfa7fab3a948ab63627cdc424cb7709f94e/", "QatarRAT,RAT", "0", "abuse_ch"
"2026-02-27 16:33:11", "1755468", "192.159.99.98:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/061475b7f04838dc0cc4b0dcddb3f84422d2084aa96770e8a50dbcd0e1e5bc1b/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-27 16:21:42", "1755326", "206.189.177.137:37215", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 16:21:15", "1755422", "27.102.137.81:31231", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "Mirai", "0", "elfdigest"
"2026-02-27 16:01:19", "1755461", "24.199.98.175:4444", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/24.199.98.175", "AS14061,C2,censys,DIGITALOCEAN-ASN,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 16:00:53", "1755460", "139.64.13.176:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-02-28 06:44:01", "100", "False", "https://search.censys.io/hosts/139.64.13.176", "AS25019,C2,censys,Netsupport,RAT,SAUDINETSTC-AS", "0", "DonPasci"
"2026-02-27 16:00:50", "1755459", "45.158.8.74:6000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/45.158.8.74", "AS272547,C2,censys,RAT,Servicos,Venom", "0", "DonPasci"
"2026-02-27 15:00:56", "1755448", "111.10.16.104:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/111.10.16.104", "AS9808,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 15:00:52", "1755447", "76.13.198.70:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/76.13.198.70", "AS-HOSTINGER,AS47583,censys,Viper", "0", "dyingbreeds_"
"2026-02-27 15:00:38", "1755446", "5.89.184.186:49151", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-27 16:01:04", "100", "False", "https://search.censys.io/hosts/5.89.184.186", "AS30722,C2,censys,Unam,VODAFONE-IT-ASN", "0", "dyingbreeds_"
"2026-02-27 15:00:07", "1755434", "158.94.211.185:0207", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-27 19:00:27", "100", "False", "https://tria.ge/260227-r68amaby3b", "AsyncRAT", "0", "dyingbreeds_"
"2026-02-27 14:20:11", "1755431", "8.148.64.76:12656", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2026-02-27 14:18:36", "1755428", "94.154.35.161:443", "ip:port", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "ClearFake", "0", "threatcat_ch"
"2026-02-27 13:21:38", "1755419", "185.72.8.101:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "False", "None", "SocGholish", "0", "threatcat_ch"
"2026-02-27 12:01:37", "1755415", "13.112.19.112:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/13.112.19.112", "AMAZON-02,AS16509,C2,censys,clickfix,first-stage", "0", "DonPasci"
"2026-02-27 12:01:28", "1755414", "222.80.156.9:8800", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/222.80.156.9", "AS4134,C2,censys,CHINANET-BACKBONE,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 12:01:27", "1755413", "199.101.111.153:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.153", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 12:00:50", "1755412", "89.124.74.114:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/89.124.74.114", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci"
"2026-02-27 12:00:49", "1755411", "78.46.66.146:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/78.46.66.146", "AS24940,C2,censys,HETZNER-AS,RAT,Sectop", "0", "DonPasci"
"2026-02-27 12:00:20", "1755409", "31.57.97.69:34245", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260227-hll28aey2h", "AS213200,C2,triage,xworm", "0", "DonPasci"
"2026-02-27 12:00:19", "1755408", "158.94.211.151:1605", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260227-m7hzxad15e", "AS202412,C2,triage,xworm", "0", "DonPasci"
"2026-02-27 12:00:13", "1755407", "66.154.110.34:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-27 15:00:10", "100", "False", "https://search.censys.io/hosts/66.154.110.34", "AS7393,C2,censys,CobaltStrike,cs-watermark-666666666,CYBERCON", "0", "DonPasci"
"2026-02-27 11:00:43", "1755404", "110.43.68.67:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/110.43.68.67", "AS23724,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 11:00:22", "1755403", "102.189.154.199:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 12:00:56", "100", "False", "https://search.censys.io/hosts/102.189.154.199", "AS24835,C2,censys,RAT,RAYA-AS", "0", "dyingbreeds_"
"2026-02-27 10:28:14", "1755397", "193.161.193.99:64203", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "False", "", "c2,xworm", "0", "juroots"
"2026-02-27 10:26:15", "1755391", "172.67.149.125:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:15", "1755392", "172.67.149.125:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:15", "1755393", "172.67.149.125:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755381", "104.21.47.177:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755382", "104.21.47.177:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755383", "104.21.47.177:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755384", "104.21.47.177:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755385", "104.21.47.177:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755386", "104.21.47.177:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755388", "172.67.149.125:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755389", "172.67.149.125:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 10:26:14", "1755390", "172.67.149.125:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "", "asyncrat,c2", "0", "juroots"
"2026-02-27 08:52:36", "1755363", "91.108.242.41:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:49:13", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-27 08:50:26", "1755362", "45.59.117.195:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:48:03", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-27 08:50:25", "1755361", "45.59.117.195:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:48:03", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-27 08:01:31", "1755320", "144.126.220.138:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/144.126.220.138", "AS14061,C2,censys,DIGITALOCEAN-ASN,PowershellEmpire", "0", "DonPasci"
"2026-02-27 08:01:27", "1755319", "95.40.96.246:49502", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/95.40.96.246", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 08:01:26", "1755318", "103.177.47.229:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/103.177.47.229", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 08:00:46", "1755317", "212.34.134.3:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/212.34.134.3", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci"
"2026-02-27 07:10:15", "1755125", "206.189.177.137:8443", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 06:56:57", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:15", "1755127", "46.101.85.248:9034", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 06:25:15", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:14", "1755129", "206.189.177.137:34567", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-27 21:57:53", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:13", "1755170", "46.101.85.248:34567", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 04:37:44", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:12", "1755189", "161.35.171.177:9034", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:11", "1755208", "68.183.45.80:8443", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 06:44:07", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:11", "1755212", "206.189.177.137:8080", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 04:33:08", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:10", "1755214", "68.183.45.80:34567", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-27 22:37:40", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:08", "1755217", "46.101.85.248:9035", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 02:38:59", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:05", "1755222", "206.189.177.137:9035", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 00:06:55", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:04", "1755225", "68.183.45.80:12345", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-27 07:15:39", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:03", "1755224", "68.183.45.80:9035", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 01:59:21", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:10:01", "1755246", "68.183.45.80:5555", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-27 13:03:26", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:59", "1755248", "206.189.177.137:12345", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-27 11:29:10", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:58", "1755253", "46.101.85.248:37215", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-27 05:54:45", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:56", "1755266", "176.65.148.52:1915", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle"
"2026-02-27 07:09:55", "1755267", "176.65.148.52:2000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle"
"2026-02-27 07:09:54", "1755269", "46.101.85.248:5555", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 03:09:39", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:52", "1755291", "68.183.45.80:37215", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:46", "1755112", "46.101.85.248:8443", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 05:46:28", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:46", "1755113", "206.189.177.137:9034", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 05:09:00", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:44", "1755115", "68.183.45.80:9034", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 05:36:13", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:44", "1755117", "46.101.85.248:8080", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 06:40:14", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:09:43", "1755119", "212.104.141.101:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "None", "Gafgyt", "0", "elfdigest"
"2026-02-27 07:09:33", "1755105", "68.183.45.80:8080", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-28 06:31:46", "100", "False", "None", "Aisuru,c2", "0", "Bitsight"
"2026-02-27 07:00:57", "1755308", "221.229.53.191:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/221.229.53.191", "AS146966,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 07:00:57", "1755309", "183.134.55.233:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/183.134.55.233", "AS58461,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 07:00:49", "1755307", "5.89.184.186:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-27 08:01:10", "100", "False", "https://search.censys.io/hosts/5.89.184.186", "AS30722,C2,censys,Unam,VODAFONE-IT-ASN", "0", "dyingbreeds_"
"2026-02-27 07:00:36", "1755304", "116.102.239.155:6002", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-27 08:00:59", "100", "False", "https://search.censys.io/hosts/116.102.239.155", "AS7552,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 07:00:35", "1755303", "116.102.239.155:5001", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-27 08:00:56", "100", "False", "https://search.censys.io/hosts/116.102.239.155", "AS7552,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 07:00:28", "1755302", "68.183.11.151:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 06:48:45", "100", "False", "https://search.censys.io/hosts/68.183.11.151", "AS14061,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-27 07:00:24", "1755301", "85.217.171.59:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-28 06:49:08", "100", "False", "https://search.censys.io/hosts/85.217.171.59", "AS44901,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 07:00:15", "1755300", "23.226.136.169:50051", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 06:50:11", "100", "False", "https://search.censys.io/hosts/23.226.136.169", "AS36352,C2,censys", "0", "dyingbreeds_"
"2026-02-27 06:00:17", "1755295", "193.222.99.44:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260227-bmal9afs7a", "AS215439,C2,triage,xworm", "0", "DonPasci"
"2026-02-27 06:00:16", "1755293", "185.249.197.163:666", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260227-gl741scz6f", "AS206996,C2,triage,xworm", "0", "DonPasci"
"2026-02-27 04:50:12", "1755287", "78.153.155.131:2096", "ip:port", "botnet_cc", "win.castleloader", "None", "CASTLELOADER", "2026-02-28 06:48:51", "75", "False", "None", "CASTLELOADER,drb-ra", "0", "abuse_ch"
"2026-02-27 04:50:12", "1755288", "78.153.155.131:8069", "ip:port", "botnet_cc", "win.castleloader", "None", "CASTLELOADER", "2026-02-28 06:48:51", "75", "False", "None", "CASTLELOADER,drb-ra", "0", "abuse_ch"
"2026-02-27 04:01:35", "1755282", "52.201.156.70:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/52.201.156.70", "AMAZON-AES,AS14618,C2,censys,PowershellEmpire", "0", "DonPasci"
"2026-02-27 04:01:31", "1755280", "15.223.202.30:83", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/15.223.202.30", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 04:01:31", "1755281", "44.202.153.116:2455", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/44.202.153.116", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 04:01:30", "1755279", "3.253.237.197:501", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/3.253.237.197", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-27 04:01:04", "1755278", "84.154.178.222:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-02-28 06:49:04", "100", "False", "https://search.censys.io/hosts/84.154.178.222", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci"
"2026-02-27 04:01:00", "1755276", "34.81.189.83:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:47:35", "100", "False", "https://search.censys.io/hosts/34.81.189.83", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Havoc", "0", "DonPasci"
"2026-02-27 04:01:00", "1755277", "141.98.190.251:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:44:04", "100", "False", "https://search.censys.io/hosts/141.98.190.251", "AS33993,C2,censys,Havoc,UFO-AS", "0", "DonPasci"
"2026-02-27 04:00:52", "1755275", "77.105.139.80:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/77.105.139.80", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci"
"2026-02-27 04:00:35", "1755274", "45.83.31.94:10002", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:48:06", "100", "False", "https://search.censys.io/hosts/45.83.31.94", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-27 04:00:34", "1755272", "162.245.218.27:4000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:44:49", "100", "False", "https://search.censys.io/hosts/162.245.218.27", "AS153040,C2,censys,QLOUDIN1-AS-AP,RAT,Remcos", "0", "DonPasci"
"2026-02-27 04:00:34", "1755273", "185.241.211.23:5000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:46:17", "100", "False", "https://search.censys.io/hosts/185.241.211.23", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-27 04:00:33", "1755271", "3.133.141.57:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:47:25", "100", "False", "https://search.censys.io/hosts/3.133.141.57", "AMAZON-02,AS16509,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-27 03:05:11", "1755265", "195.177.94.66:4000", "ip:port", "botnet_cc", "win.loda", "LodaRAT,Nymeria", "Loda", "2026-02-27 16:52:14", "100", "False", "None", "Loda", "0", "abuse_ch"
"2026-02-27 03:00:26", "1755263", "89.167.50.14:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 06:49:12", "100", "False", "https://search.censys.io/hosts/89.167.50.14", "AS24940,C2,censys,HETZNER-AS,Mythic", "0", "dyingbreeds_"
"2026-02-27 03:00:19", "1755262", "195.226.92.128:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:46:47", "90", "False", "https://search.censys.io/hosts/195.226.92.128", "AS209378,C2,censys,INIOS-AS", "0", "dyingbreeds_"
"2026-02-27 03:00:14", "1755261", "118.107.29.191:7372", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-27 04:00:29", "75", "False", "https://search.censys.io/hosts/118.107.29.191", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-27 03:00:08", "1755260", "8.138.112.209:1112", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-27 04:00:09", "100", "False", "https://search.censys.io/hosts/8.138.112.209", "AS37963,C2,censys", "0", "dyingbreeds_"
"2026-02-27 01:25:06", "1755251", "45.131.214.60:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "None", "NetSupport", "0", "abuse_ch"
"2026-02-27 00:01:34", "1755242", "15.168.235.170:20259", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/15.168.235.170", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 23:00:48", "1755238", "188.26.197.24:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 15:01:05", "100", "False", "https://tria.ge/260226-yh4e4ady4c", "quasar", "0", "dyingbreeds_"
"2026-02-26 23:00:40", "1755237", "103.237.86.35:2245", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-27 03:00:43", "100", "False", "https://tria.ge/260226-y49h8sex7c", "Remcos", "0", "dyingbreeds_"
"2026-02-26 23:00:33", "1755233", "107.172.135.16:4550", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-27 07:00:51", "100", "False", "https://tria.ge/260226-zfqxnaft8g", "Remcos", "0", "dyingbreeds_"
"2026-02-26 23:00:33", "1755234", "107.172.135.16:4551", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-27 07:00:51", "100", "False", "https://tria.ge/260226-zfqxnaft8g", "Remcos", "0", "dyingbreeds_"
"2026-02-26 23:00:33", "1755235", "107.172.135.16:4553", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-27 07:00:51", "100", "False", "https://tria.ge/260226-zfqxnaft8g", "Remcos", "0", "dyingbreeds_"
"2026-02-26 23:00:29", "1755231", "103.27.177.116:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 00:01:04", "100", "False", "https://search.censys.io/hosts/103.27.177.116", "AS135357,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 23:00:19", "1755229", "62.60.153.192:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:48:38", "90", "False", "https://search.censys.io/hosts/62.60.153.192", "AS203273,C2,censys,NETCRAFTERSOUE", "0", "dyingbreeds_"
"2026-02-26 20:06:25", "1755209", "36.147.16.28:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:47:40", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-26 20:02:10", "1755207", "103.23.255.74:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/103.23.255.74", "AMARNETSYSTEM-AS-AP,AS135019,C2,censys,PowershellEmpire", "0", "DonPasci"
"2026-02-26 20:02:04", "1755205", "18.167.54.193:8088", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/18.167.54.193", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 20:01:34", "1755204", "94.154.35.160:9999", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-28 06:49:20", "100", "False", "https://search.censys.io/hosts/94.154.35.160", "AS202412,C2,censys,DcRAT,OMEGATECH-AS,RAT", "0", "DonPasci"
"2026-02-26 20:01:27", "1755203", "54.196.199.151:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-26 23:00:26", "100", "False", "https://search.censys.io/hosts/54.196.199.151", "AMAZON-AES,AS14618,C2,censys,Mythic", "0", "DonPasci"
"2026-02-26 20:01:23", "1755202", "179.61.145.140:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/179.61.145.140", "AS202051,C2,censys,NETGRID-HOST-LT,RAT,Sectop", "0", "DonPasci"
"2026-02-26 20:00:54", "1755201", "35.185.182.234:1961", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:47:37", "100", "False", "https://search.censys.io/hosts/35.185.182.234", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,RAT,Remcos", "0", "DonPasci"
"2026-02-26 20:00:52", "1755200", "176.65.132.29:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:45:43", "100", "False", "https://search.censys.io/hosts/176.65.132.29", "AS51396,C2,censys,PFCLOUD,RAT,Remcos", "0", "DonPasci"
"2026-02-26 20:00:49", "1755199", "103.47.146.161:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:43:16", "100", "False", "https://search.censys.io/hosts/103.47.146.161", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2026-02-26 20:00:48", "1755198", "23.106.45.121:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:47:18", "100", "False", "https://search.censys.io/hosts/23.106.45.121", "AS7203,C2,censys,LEASEWEB-USA-SFO,RAT,Remcos", "0", "DonPasci"
"2026-02-26 20:00:46", "1755197", "163.5.56.206:5938", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:44:51", "100", "False", "https://search.censys.io/hosts/163.5.56.206", "AS136557,C2,censys,HOST-AS-AP,RAT,Remcos", "0", "DonPasci"
"2026-02-26 20:00:42", "1755196", "130.94.66.244:80", "ip:port", "botnet_cc", "elf.gobrat", "None", "GobRAT", "", "100", "False", "https://search.censys.io/hosts/130.94.66.244", "AS154177,C2,censys,GobRAT,LIGHT4-AS-AP,RAT", "0", "DonPasci"
"2026-02-26 20:00:41", "1755195", "130.94.66.244:443", "ip:port", "botnet_cc", "elf.gobrat", "None", "GobRAT", "", "100", "False", "https://search.censys.io/hosts/130.94.66.244", "AS154177,C2,censys,GobRAT,LIGHT4-AS-AP,RAT", "0", "DonPasci"
"2026-02-26 20:00:16", "1755194", "47.238.234.29:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 06:50:32", "100", "False", "https://search.censys.io/hosts/47.238.234.29", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2026-02-26 20:00:10", "1755193", "47.93.147.226:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 06:50:35", "100", "False", "https://search.censys.io/hosts/47.93.147.226", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2026-02-26 19:59:28", "1755192", "192.243.122.101:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:46:35", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-26 19:58:43", "1755191", "187.156.122.63:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-02-28 06:46:24", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-02-26 19:58:17", "1755190", "185.218.138.25:5000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:46:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-02-26 19:54:32", "1755188", "169.55.114.216:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:45:18", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-26 19:51:20", "1755187", "158.247.211.91:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:44:37", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-02-26 19:35:06", "1755184", "158.94.209.22:39888", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "False", "None", "NanoCore,RAT", "0", "abuse_ch"
"2026-02-26 19:17:58", "1755171", "194.33.61.36:7000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/5eb0919a29cb127fbd394bd30efcb11d8330afb8ef485da1e7d213795f7833c4/", "None", "0", "abuse_ch"
"2026-02-26 19:12:30", "1755160", "45.156.87.31:443", "ip:port", "botnet_cc", "win.count_loader", "None", "CountLoader", "", "75", "False", "https://bazaar.abuse.ch/sample/6ba13af0263cd61f957f2ce738120c8a419e1eb157e489bc79f1d57ad8277324/", "CountLoader", "0", "abuse_ch"
"2026-02-26 19:10:36", "1755158", "185.90.162.118:25180", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/6ba13af0263cd61f957f2ce738120c8a419e1eb157e489bc79f1d57ad8277324/", "None", "0", "abuse_ch"
"2026-02-26 19:09:55", "1755157", "37.221.66.27:3000", "ip:port", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "75", "False", "https://bazaar.abuse.ch/sample/6ba13af0263cd61f957f2ce738120c8a419e1eb157e489bc79f1d57ad8277324/", "DeepLoader", "0", "abuse_ch"
"2026-02-26 19:00:55", "1755136", "187.77.209.119:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 06:46:24", "100", "False", "https://search.censys.io/hosts/187.77.209.119", "AS-HOSTINGER,AS47583,C2,censys,Covenant", "0", "dyingbreeds_"
"2026-02-26 19:00:40", "1755134", "165.232.45.1:5800", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-28 06:45:04", "100", "False", "https://search.censys.io/hosts/165.232.45.1", "AS14061,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 19:00:26", "1755133", "213.136.80.73:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:47:10", "90", "False", "https://search.censys.io/hosts/213.136.80.73", "AS51167,C2,censys,CONTABO", "0", "dyingbreeds_"
"2026-02-26 18:57:10", "1755130", "154.31.222.217:443", "ip:port", "botnet_cc", "win.spark_rat", "None", "SparkRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/91a2945d99ee794a0461427a14ca731187b8143b847b85993ea7d5367c2c1c0c/", "RAT,SparkRAT", "0", "abuse_ch"
"2026-02-26 17:06:38", "1755111", "85.209.231.42:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-26 19:00:06", "75", "False", "https://bazaar.abuse.ch/sample/242a0eb362b8b4f7e56ba606ccde16557ccc38f0c3bb7c420d031aa646a3702f/", "asyncrat", "0", "abuse_ch"
"2026-02-26 17:06:26", "1755110", "85.209.231.42:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-26 19:00:06", "75", "False", "https://bazaar.abuse.ch/sample/242a0eb362b8b4f7e56ba606ccde16557ccc38f0c3bb7c420d031aa646a3702f/", "asyncrat", "0", "abuse_ch"
"2026-02-26 17:00:13", "1755107", "85.209.231.42:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-26 19:00:06", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2026-02-26 16:13:46", "1755104", "65.108.151.50:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2026-02-28 06:50:40", "75", "False", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2026-02-26 16:06:27", "1755095", "45.83.207.111:3128", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/ea33418e5ff8a0bab6cf0455ce466cea1c2f81715980ac66e0822425c73a7d6c/", "None", "0", "abuse_ch"
"2026-02-26 16:03:34", "1755093", "146.70.145.165:8083", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/e1764a57275e778eb5f0fcf06c325de639fa8baf47f46ffb23c56e93dd985047/", "None", "0", "abuse_ch"
"2026-02-26 16:01:39", "1755092", "15.237.253.59:20547", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/15.237.253.59", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 16:01:24", "1755091", "156.224.19.112:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-28 06:49:56", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-02-26 16:00:41", "1755090", "176.65.132.31:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:45:43", "100", "False", "https://search.censys.io/hosts/176.65.132.31", "AS51396,C2,censys,PFCLOUD,RAT,Remcos", "0", "DonPasci"
"2026-02-26 16:00:36", "1755089", "195.177.94.209:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:46:46", "100", "False", "https://search.censys.io/hosts/195.177.94.209", "AS214961,C2,censys,RAT,Remcos,STELLARGROUPSAS", "0", "DonPasci"
"2026-02-26 15:36:14", "1755084", "77.90.185.24:80", "ip:port", "botnet_cc", "osx.odyssey_stealer", "None", "Odyssey Stealer", "", "100", "False", "", "ClearFake,Odyssey,xxxblyat", "0", "Gi7w0rm"
"2026-02-26 15:36:13", "1755085", "77.90.185.24:443", "ip:port", "botnet_cc", "osx.odyssey_stealer", "None", "Odyssey Stealer", "", "100", "False", "", "ClearFake,Odyssey,xxxblyat", "0", "Gi7w0rm"
"2026-02-26 15:15:57", "1755081", "75.2.11.125:8120", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:48:49", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-26 15:14:44", "1755077", "151.242.30.234:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle"
"2026-02-26 15:12:00", "1755080", "156.239.0.38:1266", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/4ff3ce11ecc591dbcd331ae8d10bede96519d706678ab483aa0169cbbbaa4f47/", "valleyrat_s2", "0", "abuse_ch"
"2026-02-26 15:11:45", "1755079", "156.239.0.38:1256", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/4ff3ce11ecc591dbcd331ae8d10bede96519d706678ab483aa0169cbbbaa4f47/", "valleyrat_s2", "0", "abuse_ch"
"2026-02-26 15:02:54", "1755076", "185.216.71.155:54321", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260226-qlvclafs5d", "XWorm", "0", "dyingbreeds_"
"2026-02-26 15:01:23", "1755074", "41.62.43.21:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "False", "https://search.censys.io/hosts/41.62.43.21", "AS37705,C2,censys,TOPNET", "0", "dyingbreeds_"
"2026-02-26 15:00:26", "1755070", "46.109.54.25:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-28 06:48:09", "100", "False", "https://search.censys.io/hosts/46.109.54.25", "AS12578,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 14:02:40", "1755066", "198.55.109.156:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:46:54", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-26 12:56:48", "1755062", "91.232.103.250:3250", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-27 23:00:28", "100", "False", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2026-02-26 12:45:40", "1755061", "157.151.245.77:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:44:33", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-26 12:33:21", "1755058", "146.185.166.110:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:44:18", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-26 12:11:04", "1755057", "116.62.78.178:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-28 06:43:39", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-26 12:02:37", "1755055", "43.210.62.20:7000", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/43.210.62.20", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 12:02:30", "1755054", "52.214.48.133:1962", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/52.214.48.133", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 12:02:23", "1755053", "160.178.220.69:2222", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/160.178.220.69", "AS36903,C2,censys,hacktool,MetaSploit,Meterpreter,MT-MPLS", "0", "DonPasci"
"2026-02-26 12:02:16", "1755052", "54.207.167.146:18017", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.207.167.146", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 12:02:09", "1755051", "199.101.111.152:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.152", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 12:01:58", "1755050", "146.190.17.255:4444", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/146.190.17.255", "AdaptixC2,AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "DonPasci"
"2026-02-26 12:01:27", "1755049", "121.127.33.235:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:43:41", "100", "False", "https://search.censys.io/hosts/121.127.33.235", "AS210083,C2,censys,Havoc,PRIVEX", "0", "DonPasci"
"2026-02-26 12:01:20", "1755048", "5.175.234.128:4783", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-26 15:00:39", "100", "False", "https://search.censys.io/hosts/5.175.234.128", "ACERDP,AS206479,C2,censys,Quasar,RAT", "0", "DonPasci"
"2026-02-26 12:01:09", "1755047", "193.5.65.119:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/193.5.65.119", "AS207461,C2,censys,HOST-INDUSTRY,RAT,Sectop", "0", "DonPasci"
"2026-02-26 12:00:47", "1755046", "38.68.47.4:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:47:49", "100", "False", "https://search.censys.io/hosts/38.68.47.4", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2026-02-26 11:02:48", "1755044", "216.250.252.227:80", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260226-kdl4csf15b", "XWorm", "0", "dyingbreeds_"
"2026-02-26 11:01:17", "1755042", "172.0.172.15:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260226-jdfe5se14a", "quasar", "0", "dyingbreeds_"
"2026-02-26 11:01:10", "1755041", "223.109.90.190:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/223.109.90.190", "AS56046,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 11:00:16", "1755039", "43.240.239.245:2905", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 12:00:16", "100", "False", "https://search.censys.io/hosts/43.240.239.245", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 10:30:24", "1755033", "95.216.251.50:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-02-26 10:30:24", "1755034", "46.224.192.164:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-02-26 10:30:24", "1755035", "188.34.207.58:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-02-26 10:30:24", "1755036", "46.225.57.98:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-02-26 10:30:24", "1755037", "74.0.48.48:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x"
"2026-02-26 09:28:11", "1755015", "198.50.204.123:203", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-26 11:00:55", "50", "False", "", "c2,remcos", "0", "juroots"
"2026-02-26 08:18:14", "1755004", "45.83.31.248:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/fdb6d3a74405b0607fc15912326f00c1700bfa175020dfccd3db4f819d45a72f/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-26 08:05:50", "1755003", "196.65.216.170:2222", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/196.65.216.170", "AS36903,C2,censys,hacktool,MetaSploit,Meterpreter,MT-MPLS", "0", "DonPasci"
"2026-02-26 08:05:42", "1755002", "199.101.111.120:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.120", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-26 08:05:29", "1755001", "206.237.13.242:43211", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/206.237.13.242", "AdaptixC2,AS932,C2,censys,XNNET", "0", "DonPasci"
"2026-02-26 08:05:04", "1755000", "54.168.38.97:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-02-28 06:48:30", "100", "False", "https://search.censys.io/hosts/54.168.38.97", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci"
"2026-02-26 08:04:55", "1754999", "150.241.226.4:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:44:26", "100", "False", "https://search.censys.io/hosts/150.241.226.4", "AS397423,C2,censys,Havoc,TIER-NET", "0", "DonPasci"
"2026-02-26 08:04:09", "1754998", "20.163.58.233:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/20.163.58.233", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,payload,Sliver", "0", "DonPasci"
"2026-02-26 08:03:31", "1754997", "104.128.191.55:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:43:19", "100", "False", "https://search.censys.io/hosts/104.128.191.55", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2026-02-26 08:03:23", "1754996", "162.216.243.39:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-28 06:44:47", "100", "False", "https://search.censys.io/hosts/162.216.243.39", "AS398019,C2,censys,DYNU,RAT,Remcos", "0", "DonPasci"
"2026-02-26 07:17:23", "1754992", "193.26.115.225:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/5ec41c20f12c70c9766504186a0bb59d3023f17c522c88681c594d2099739409/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-26 07:05:52", "1754990", "195.177.94.72:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/7fbe48260200f1585372843baecec20b1dfdd4549dddb7353a1493f76c22d5e8/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-26 07:04:59", "1754989", "49.86.40.207:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/49.86.40.207", "AS146966,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:04:39", "1754988", "154.36.188.169:65503", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-26 08:05:00", "100", "False", "https://search.censys.io/hosts/154.36.188.169", "AS979,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:04:33", "1754986", "47.84.183.211:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:48:16", "100", "False", "https://search.censys.io/hosts/47.84.183.211", "AS45102,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:04:28", "1754985", "66.154.117.64:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-28 06:48:44", "100", "False", "https://search.censys.io/hosts/66.154.117.64", "AS7393,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:04:15", "1754984", "185.234.9.180:7777", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-26 08:04:44", "100", "False", "https://search.censys.io/hosts/185.234.9.180", "ALEXHOST,AS200019,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:04:06", "1754983", "103.27.177.16:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-26 08:04:41", "100", "False", "https://search.censys.io/hosts/103.27.177.16", "AS135357,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:03:53", "1754982", "45.79.130.92:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-28 06:48:05", "100", "False", "https://search.censys.io/hosts/45.79.130.92", "AS63949,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-26 07:03:42", "1754981", "38.165.42.12:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-26 08:04:20", "100", "False", "https://search.censys.io/hosts/38.165.42.12", "AS400619,C2,censys,Supershell", "0", "dyingbreeds_"
"2026-02-26 07:03:38", "1754980", "195.177.94.155:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/73dce02a9757a89e5c4c5dd8b77b76ca7ad56303846d3fe1b8801264a3da7f9b/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-26 07:03:34", "1754979", "64.81.30.195:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-26 08:04:27", "100", "False", "https://search.censys.io/hosts/64.81.30.195", "AS979,C2,censys,Supershell", "0", "dyingbreeds_"
"2026-02-26 07:03:23", "1754978", "46.250.245.172:9001", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-28 06:48:12", "90", "False", "https://search.censys.io/hosts/46.250.245.172", "AS141995,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:03:03", "1754977", "43.226.125.42:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-26 08:03:09", "75", "False", "https://search.censys.io/hosts/43.226.125.42", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:02:55", "1754976", "134.122.173.45:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-26 08:03:02", "75", "False", "https://search.censys.io/hosts/134.122.173.45", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:02:46", "1754975", "43.226.125.51:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-26 08:02:51", "75", "False", "https://search.censys.io/hosts/43.226.125.51", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-26 07:02:40", "1754974", "45.88.186.42:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/8c7e33983da6b0626a2313ad8bfb578a3567296b46da1ec5548faa889bdc36bb/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-26 07:02:37", "1754973", "103.39.16.252:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:02:18", "100", "False", "https://search.censys.io/hosts/103.39.16.252", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:02:27", "1754972", "121.43.58.124:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:02:29", "100", "False", "https://search.censys.io/hosts/121.43.58.124", "AS37963,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:02:19", "1754971", "43.240.239.229:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:02:03", "100", "False", "https://search.censys.io/hosts/43.240.239.229", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:02:11", "1754970", "103.39.16.250:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:02:11", "100", "False", "https://search.censys.io/hosts/103.39.16.250", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:02:02", "1754969", "43.240.239.242:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:39", "100", "False", "https://search.censys.io/hosts/43.240.239.242", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:01:53", "1754968", "23.226.48.202:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:55", "100", "False", "https://search.censys.io/hosts/23.226.48.202", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:01:41", "1754967", "103.41.7.228:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:00:42", "100", "False", "https://search.censys.io/hosts/103.41.7.228", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:01:30", "1754966", "103.39.16.251:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:23", "100", "False", "https://search.censys.io/hosts/103.39.16.251", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:01:20", "1754965", "23.226.58.115:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:32", "100", "False", "https://search.censys.io/hosts/23.226.58.115", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:01:12", "1754964", "156.234.21.210:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:47", "100", "False", "https://search.censys.io/hosts/156.234.21.210", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:01:07", "1754963", "195.177.94.234:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/7ee1178ee63a34661bed83078dcaa3fb772dd671a4916b26e55eee7c047d4988/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-02-26 07:01:03", "1754962", "103.41.7.237:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:07", "100", "False", "https://search.censys.io/hosts/103.41.7.237", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:00:55", "1754961", "103.39.16.237:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:00:23", "100", "False", "https://search.censys.io/hosts/103.39.16.237", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:00:47", "1754960", "23.226.48.220:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:01:15", "100", "False", "https://search.censys.io/hosts/23.226.48.220", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:00:40", "1754959", "156.234.21.197:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:00:50", "100", "False", "https://search.censys.io/hosts/156.234.21.197", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:00:34", "1754958", "103.41.7.234:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:00:12", "100", "False", "https://search.censys.io/hosts/103.41.7.234", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:00:28", "1754957", "23.248.213.122:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:00:58", "100", "False", "https://search.censys.io/hosts/23.248.213.122", "AS138415,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:00:22", "1754956", "23.226.48.213:29541", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-26 08:00:36", "100", "False", "https://search.censys.io/hosts/23.226.48.213", "AS138415,C2,censys", "0", "dyingbreeds_"
# Number of entries: 275