################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2026-02-15 04:02:23 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter" "2026-02-15 04:02:23", "1748627", "13.230.146.162:44819", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/13.230.146.162", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-15 04:01:34", "1748626", "107.182.173.138:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/107.182.173.138", "AS18450,C2,censys,RAT,Remcos,WEBNX", "0", "DonPasci" "2026-02-15 04:01:18", "1748625", "101.132.167.9:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/101.132.167.9", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2026-02-15 04:01:01", "1748624", "72.62.119.168:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/72.62.119.168", "AS-HOSTINGER,AS47583,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2026-02-15 03:01:39", "1748623", "120.192.67.135:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/120.192.67.135", "AS9808,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-15 03:01:05", "1748620", "156.234.94.199:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:15", "100", "False", "https://search.censys.io/hosts/156.234.94.199", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:05", "1748621", "156.234.94.214:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:15", "100", "False", "https://search.censys.io/hosts/156.234.94.214", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:05", "1748622", "43.249.175.67:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:16", "100", "False", "https://search.censys.io/hosts/43.249.175.67", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:04", "1748617", "23.235.179.116:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:15", "100", "False", "https://search.censys.io/hosts/23.235.179.116", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:04", "1748618", "156.234.247.107:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:13", "100", "False", "https://search.censys.io/hosts/156.234.247.107", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:04", "1748619", "43.243.191.251:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:15", "100", "False", "https://search.censys.io/hosts/43.243.191.251", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:03", "1748614", "23.226.58.251:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:10", "100", "False", "https://search.censys.io/hosts/23.226.58.251", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:03", "1748615", "23.235.179.109:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:10", "100", "False", "https://search.censys.io/hosts/23.235.179.109", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:03", "1748616", "156.234.94.222:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:14", "100", "False", "https://search.censys.io/hosts/156.234.94.222", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:02", "1748613", "43.249.175.83:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:13", "100", "False", "https://search.censys.io/hosts/43.249.175.83", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:01", "1748610", "23.226.58.247:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:14", "100", "False", "https://search.censys.io/hosts/23.226.58.247", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:01", "1748611", "103.37.2.11:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:14", "100", "False", "https://search.censys.io/hosts/103.37.2.11", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:01", "1748612", "156.234.247.100:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:13", "100", "False", "https://search.censys.io/hosts/156.234.247.100", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:00", "1748608", "43.243.191.233:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:10", "100", "False", "https://search.censys.io/hosts/43.243.191.233", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:01:00", "1748609", "156.234.247.112:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:11", "100", "False", "https://search.censys.io/hosts/156.234.247.112", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:59", "1748606", "23.235.179.119:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:14", "100", "False", "https://search.censys.io/hosts/23.235.179.119", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:59", "1748607", "23.235.179.97:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:10", "100", "False", "https://search.censys.io/hosts/23.235.179.97", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:58", "1748604", "103.37.2.23:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:13", "100", "False", "https://search.censys.io/hosts/103.37.2.23", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:58", "1748605", "23.235.179.121:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:12", "100", "False", "https://search.censys.io/hosts/23.235.179.121", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:57", "1748602", "43.249.175.68:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:12", "100", "False", "https://search.censys.io/hosts/43.249.175.68", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:57", "1748603", "23.235.182.108:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:13", "100", "False", "https://search.censys.io/hosts/23.235.182.108", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:56", "1748601", "156.234.94.208:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:12", "100", "False", "https://search.censys.io/hosts/156.234.94.208", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:55", "1748600", "23.235.179.110:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:06", "100", "False", "https://search.censys.io/hosts/23.235.179.110", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:54", "1748599", "43.243.191.230:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:07", "100", "False", "https://search.censys.io/hosts/43.243.191.230", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:49", "1748598", "43.243.191.227:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:09", "100", "False", "https://search.censys.io/hosts/43.243.191.227", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:45", "1748597", "156.234.247.116:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:11", "100", "False", "https://search.censys.io/hosts/156.234.247.116", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:42", "1748596", "23.226.58.240:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:11", "100", "False", "https://search.censys.io/hosts/23.226.58.240", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:40", "1748595", "23.235.182.100:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:09", "100", "False", "https://search.censys.io/hosts/23.235.182.100", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:37", "1748594", "43.243.191.232:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:09", "100", "False", "https://search.censys.io/hosts/43.243.191.232", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:35", "1748593", "23.235.182.124:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:08", "100", "False", "https://search.censys.io/hosts/23.235.182.124", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:30", "1748592", "156.234.247.103:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:08", "100", "False", "https://search.censys.io/hosts/156.234.247.103", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:29", "1748588", "43.249.175.87:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:06", "100", "False", "https://search.censys.io/hosts/43.249.175.87", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:29", "1748589", "23.226.58.245:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:07", "100", "False", "https://search.censys.io/hosts/23.226.58.245", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:29", "1748590", "156.234.247.118:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:08", "100", "False", "https://search.censys.io/hosts/156.234.247.118", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:29", "1748591", "156.234.247.110:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:08", "100", "False", "https://search.censys.io/hosts/156.234.247.110", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:28", "1748586", "23.235.182.125:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:06", "100", "False", "https://search.censys.io/hosts/23.235.182.125", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:28", "1748587", "156.234.247.109:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:07", "100", "False", "https://search.censys.io/hosts/156.234.247.109", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:27", "1748582", "23.235.179.113:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:57", "100", "False", "https://search.censys.io/hosts/23.235.179.113", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:27", "1748583", "156.234.94.209:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:58", "100", "False", "https://search.censys.io/hosts/156.234.94.209", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:27", "1748584", "43.249.175.82:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:58", "100", "False", "https://search.censys.io/hosts/43.249.175.82", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:27", "1748585", "43.249.175.89:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:58", "100", "False", "https://search.censys.io/hosts/43.249.175.89", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:26", "1748578", "103.37.2.10:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:04", "100", "False", "https://search.censys.io/hosts/103.37.2.10", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:26", "1748579", "23.235.182.104:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:04", "100", "False", "https://search.censys.io/hosts/23.235.182.104", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:26", "1748580", "156.234.247.121:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:05", "100", "False", "https://search.censys.io/hosts/156.234.247.121", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:26", "1748581", "156.234.247.126:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:57", "100", "False", "https://search.censys.io/hosts/156.234.247.126", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:25", "1748576", "43.249.175.91:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:00", "100", "False", "https://search.censys.io/hosts/43.249.175.91", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:25", "1748577", "156.234.94.211:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:05", "100", "False", "https://search.censys.io/hosts/156.234.94.211", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:24", "1748573", "156.234.247.124:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:03", "100", "False", "https://search.censys.io/hosts/156.234.247.124", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:24", "1748574", "43.243.191.245:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:03", "100", "False", "https://search.censys.io/hosts/43.243.191.245", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:24", "1748575", "156.234.247.122:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:00", "100", "False", "https://search.censys.io/hosts/156.234.247.122", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:23", "1748571", "103.37.2.4:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:57", "100", "False", "https://search.censys.io/hosts/103.37.2.4", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:23", "1748572", "43.249.175.71:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:59", "100", "False", "https://search.censys.io/hosts/43.249.175.71", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:22", "1748569", "43.243.191.247:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:01", "100", "False", "https://search.censys.io/hosts/43.243.191.247", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:22", "1748570", "23.226.58.243:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:01", "100", "False", "https://search.censys.io/hosts/23.226.58.243", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:21", "1748566", "23.235.179.98:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:05", "100", "False", "https://search.censys.io/hosts/23.235.179.98", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:21", "1748567", "23.235.179.114:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:04", "100", "False", "https://search.censys.io/hosts/23.235.179.114", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:21", "1748568", "156.234.247.98:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:00", "100", "False", "https://search.censys.io/hosts/156.234.247.98", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:20", "1748563", "23.235.179.106:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:02", "100", "False", "https://search.censys.io/hosts/23.235.179.106", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:20", "1748564", "23.235.182.110:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:05", "100", "False", "https://search.censys.io/hosts/23.235.182.110", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:20", "1748565", "156.234.94.205:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:06", "100", "False", "https://search.censys.io/hosts/156.234.94.205", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:19", "1748561", "43.249.175.80:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:58", "100", "False", "https://search.censys.io/hosts/43.249.175.80", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:19", "1748562", "43.249.175.78:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:59", "100", "False", "https://search.censys.io/hosts/43.249.175.78", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:18", "1748558", "156.234.247.119:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:59", "100", "False", "https://search.censys.io/hosts/156.234.247.119", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:18", "1748559", "43.243.191.229:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:59", "100", "False", "https://search.censys.io/hosts/43.243.191.229", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:18", "1748560", "43.243.191.252:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:02", "100", "False", "https://search.censys.io/hosts/43.243.191.252", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:17", "1748556", "156.234.94.194:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:56", "100", "False", "https://search.censys.io/hosts/156.234.94.194", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:17", "1748557", "23.226.58.248:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:54", "100", "False", "https://search.censys.io/hosts/23.226.58.248", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:16", "1748554", "156.234.94.202:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:55", "100", "False", "https://search.censys.io/hosts/156.234.94.202", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:16", "1748555", "43.249.175.90:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:53", "100", "False", "https://search.censys.io/hosts/43.249.175.90", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:15", "1748552", "103.37.2.14:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:54", "100", "False", "https://search.censys.io/hosts/103.37.2.14", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:15", "1748553", "43.249.175.85:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:52", "100", "False", "https://search.censys.io/hosts/43.249.175.85", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:14", "1748549", "156.234.247.117:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:54", "100", "False", "https://search.censys.io/hosts/156.234.247.117", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:14", "1748550", "156.234.94.203:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:54", "100", "False", "https://search.censys.io/hosts/156.234.94.203", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:14", "1748551", "23.226.58.226:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:56", "100", "False", "https://search.censys.io/hosts/23.226.58.226", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:13", "1748547", "23.235.182.98:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:56", "100", "False", "https://search.censys.io/hosts/23.235.182.98", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:13", "1748548", "23.235.179.120:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:53", "100", "False", "https://search.censys.io/hosts/23.235.179.120", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:12", "1748545", "23.235.182.107:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:51", "100", "False", "https://search.censys.io/hosts/23.235.182.107", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:12", "1748546", "23.235.182.123:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:55", "100", "False", "https://search.censys.io/hosts/23.235.182.123", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:11", "1748543", "103.37.2.18:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:52", "100", "False", "https://search.censys.io/hosts/103.37.2.18", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:11", "1748544", "156.234.94.217:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:55", "100", "False", "https://search.censys.io/hosts/156.234.94.217", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:10", "1748541", "43.249.175.65:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:57", "100", "False", "https://search.censys.io/hosts/43.249.175.65", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:10", "1748542", "23.235.179.103:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:56", "100", "False", "https://search.censys.io/hosts/23.235.179.103", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:09", "1748539", "43.243.191.244:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:52", "100", "False", "https://search.censys.io/hosts/43.243.191.244", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:09", "1748540", "43.249.175.88:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:51", "100", "False", "https://search.censys.io/hosts/43.249.175.88", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:08", "1748538", "23.235.182.114:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:01", "100", "False", "https://search.censys.io/hosts/23.235.182.114", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:07", "1748537", "103.37.2.19:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:56", "100", "False", "https://search.censys.io/hosts/103.37.2.19", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 03:00:06", "1748536", "43.249.175.69:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:00:53", "100", "False", "https://search.censys.io/hosts/43.249.175.69", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-15 02:49:38", "1748534", "23.226.58.225:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:07", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2026-02-15 00:02:05", "1748368", "107.174.53.198:4444", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/107.174.53.198", "AdaptixC2,AS-COLOCROSSING,AS36352,C2,censys", "0", "DonPasci" "2026-02-15 00:02:04", "1748367", "185.141.216.8:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/185.141.216.8", "AdaptixC2,AS26832,C2,censys,RICAWEBSERVICES", "0", "DonPasci" "2026-02-15 00:01:58", "1748366", "130.12.180.55:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "2026-02-15 02:02:45", "100", "False", "https://search.censys.io/hosts/130.12.180.55", "AS214943,C2,censys,Gafgyt,open-dir,RAILNET", "0", "DonPasci" "2026-02-15 00:01:51", "1748365", "62.60.148.99:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:01:32", "100", "False", "https://search.censys.io/hosts/62.60.148.99", "AEZA-AS,AS210644,C2,censys,panel,Unam", "0", "DonPasci" "2026-02-15 00:01:22", "1748364", "16.58.237.124:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/16.58.237.124", "AMAZON-02,AS16509,C2,censys,open-dir,payload,Sliver", "0", "DonPasci" "2026-02-15 00:00:53", "1748363", "23.235.179.126:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:00:52", "100", "False", "https://search.censys.io/hosts/23.235.179.126", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-15 00:00:52", "1748362", "156.234.94.200:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:00:25", "100", "False", "https://search.censys.io/hosts/156.234.94.200", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-15 00:00:50", "1748361", "23.226.58.252:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:00:08", "100", "False", "https://search.censys.io/hosts/23.226.58.252", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-14 23:00:28", "1748353", "45.142.44.125:7777", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-15 00:01:41", "100", "False", "https://search.censys.io/hosts/45.142.44.125", "AS35278,C2,censys,RAT,SPRINTHOST", "0", "dyingbreeds_" "2026-02-14 23:00:26", "1748352", "135.125.188.227:5090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260214-yrpy3afy7f", "Remcos", "0", "dyingbreeds_" "2026-02-14 23:00:09", "1748350", "18.142.177.189:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 00:00:53", "100", "False", "https://search.censys.io/hosts/18.142.177.189", "AS16509,C2,censys", "0", "dyingbreeds_" "2026-02-14 23:00:08", "1748348", "103.37.2.20:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 00:00:51", "100", "False", "https://search.censys.io/hosts/103.37.2.20", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 23:00:08", "1748349", "69.148.168.199:25565", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260214-yg4z8sfx6a", "AsyncRAT", "0", "dyingbreeds_" "2026-02-14 23:00:07", "1748347", "23.235.179.125:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 00:00:51", "100", "False", "https://search.censys.io/hosts/23.235.179.125", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 23:00:06", "1748346", "103.37.2.25:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 00:00:49", "100", "False", "https://search.censys.io/hosts/103.37.2.25", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 20:01:58", "1748329", "199.101.111.99:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.99", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 20:01:57", "1748328", "103.177.46.26:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/103.177.46.26", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 20:01:53", "1748327", "134.199.219.201:4444", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/134.199.219.201", "AdaptixC2,AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "DonPasci" "2026-02-14 20:01:32", "1748326", "95.85.244.160:8888", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-14 23:00:28", "100", "False", "https://search.censys.io/hosts/95.85.244.160", "AS208885,C2,censys,DcRAT,NFS-AS,RAT", "0", "DonPasci" "2026-02-14 20:00:49", "1748325", "43.243.191.254:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:56", "100", "False", "https://search.censys.io/hosts/43.243.191.254", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-14 19:55:04", "1748324", "62.164.177.230:80", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "https://urlhaus.abuse.ch/host/quicrob.com/", "NetSupport,NetSupportrat", "0", "NDA0E" "2026-02-14 19:02:03", "1748319", "91.89.111.120:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260214-wvwvnsdw2e", "XWorm", "0", "dyingbreeds_" "2026-02-14 19:00:41", "1748317", "119.167.205.169:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/119.167.205.169", "AS4837,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-14 19:00:23", "1748316", "217.91.52.249:2404", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-14 20:01:32", "100", "False", "https://search.censys.io/hosts/217.91.52.249", "AS3320,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-14 19:00:05", "1748315", "156.234.94.218:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:38", "100", "False", "https://search.censys.io/hosts/156.234.94.218", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 18:46:07", "1748314", "27.221.15.199:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:47:28", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-14 18:44:33", "1748313", "165.245.130.101:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 03:44:36", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch" "2026-02-14 18:43:22", "1748312", "107.172.31.101:8891", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:43:23", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2026-02-14 18:08:34", "1748309", "38.76.193.175:7777", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-pgj6dsbx7a", "AS401701,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 18:08:27", "1748308", "38.76.193.175:8888", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-pgj6dsbx7a", "AS401701,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 18:08:20", "1748307", "38.76.193.175:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-pgj6dsbx7a", "AS401701,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 16:01:58", "1748299", "199.101.111.135:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.135", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 16:01:53", "1748298", "150.109.63.68:64443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-02-15 03:44:12", "100", "False", "https://search.censys.io/hosts/150.109.63.68", "AdaptixC2,AS132203,C2,censys,TENCENT-NET-AP-CN", "0", "DonPasci" "2026-02-14 16:01:51", "1748297", "105.68.228.221:80", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "False", "https://search.censys.io/hosts/105.68.228.221", "AS36884,C2,censys,hacktool,MAROCCONNECT,Mimikatz,open-dir", "0", "DonPasci" "2026-02-14 16:01:32", "1748285", "102.98.205.122:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-02-15 03:43:08", "100", "False", "https://search.censys.io/hosts/102.98.205.122", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci" "2026-02-14 16:01:31", "1748281", "69.167.10.162:443", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-14 19:00:24", "100", "False", "https://search.censys.io/hosts/69.167.10.162", "AS40861,C2,censys,DcRAT,PARAD-40-ASN,RAT", "0", "DonPasci" "2026-02-14 16:01:23", "1748274", "46.151.28.66:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/46.151.28.66", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci" "2026-02-14 16:01:07", "1748261", "45.88.186.230:1000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:48:00", "100", "False", "https://search.censys.io/hosts/45.88.186.230", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT,Remcos", "0", "DonPasci" "2026-02-14 16:00:47", "1748260", "23.226.52.148:27981", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 19:00:07", "100", "False", "https://search.censys.io/hosts/23.226.52.148", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-14 15:40:39", "1748258", "45.74.19.28:443", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-14 16:14:48", "75", "False", "https://bazaar.abuse.ch/sample/d6c8c18dbc47521d80575eee4f4267e8076eaf360d72d423e4b7056cbc8bc830/", "xworm", "0", "abuse_ch" "2026-02-14 15:24:53", "1747941", "144.172.105.225:4001", "ip:port", "botnet_cc", "win.systembc", "Coroxy,DroxiDat", "SystemBC", "2026-02-14 15:20:04", "100", "False", "https://www.threat.rip/file/f8cc41bd09cdc151422a813652150a579775d6c9ff4a6f0e86306533f72f671c/config", "DISCOVERY,SYSTEMBC,TROJAN", "0", "Neiki" "2026-02-14 15:24:52", "1747943", "141.94.23.83:14433", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/c41bdae3a8c738db247ce311db878cda9c7c4954ec0eeed58999b336360846bc/config", "AUTO-REG,AUTO-STARTUP,BINDER,DEFENSE_EVASION,DISCOVERY,EVASION,EXECUTION,GENERIC,xworm", "0", "Neiki" "2026-02-14 15:24:51", "1747944", "54.38.55.91:14433", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/c41bdae3a8c738db247ce311db878cda9c7c4954ec0eeed58999b336360846bc/config", "AUTO-REG,AUTO-STARTUP,BINDER,DEFENSE_EVASION,DISCOVERY,EVASION,EXECUTION,GENERIC,xworm", "0", "Neiki" "2026-02-14 15:24:50", "1747955", "147.185.221.211:60581", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/392326e3ed5971ee4db782f24e797d94023ca0ecda384dcbd7581510bf7ea083/config", "EVASION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:24:49", "1747958", "78.29.43.89:1488", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/3654043fcb7b64e52502ca2618950e21c188c6afc98a24296fa00594c319d1b6/config", "AUTO-REG,AUTO-STARTUP,EVASION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:24:41", "1747967", "158.94.210.195:3778", "ip:port", "botnet_cc", "win.mirai", "None", "Mirai", "2026-02-13 22:09:02", "100", "False", "https://www.threat.rip/file/702c0550add611f3b021d1abf1cf35179f77fd43f1c010856eac1f5129b0310c/config", "BOTNET,DEFENSE_EVASION,DISCOVERY,LINUX,LZRD,MIRAI", "0", "Neiki" "2026-02-14 15:24:39", "1747970", "52.84.143.48:443", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/9e2b30f5951154013048269efdde278ef71f97faf078cc6698d167ffafffa5e3/config", "ANTI-EVASION,EXECUTION,LOADER,PERSISTENCE,RAT,XWORM", "0", "Neiki" "2026-02-14 15:24:39", "1747987", "78.29.43.89:40544", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-13 21:33:10", "100", "False", "https://www.threat.rip/file/16719074933a01b72e0f9cf8848c8ce990ef89d70deedee2b2580e33edca3e4e/config", "CRYPTER,EVASION,PROTECTOR,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:24:38", "1747991", "185.208.159.174:1337", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-14 03:30:07", "100", "False", "https://www.threat.rip/file/8a7dae108770ac6546dd4465a27f29ad722f883e3eb2d9568e4182108ae552a7/config", "AUTO-REG,AUTO-STARTUP,EXECUTION,PERSISTENCE,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:24:36", "1748000", "104.168.7.222:15407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-14 11:38:54", "100", "False", "https://www.threat.rip/file/74d7b713819de54638b17cc723cf6989f5b72bab1552c80ab7f99e26c2f71d51/config", "COLLECTION,DISCOVERY,RAT,REMCOS,REMOTEHOST", "0", "Neiki" "2026-02-14 15:24:36", "1748001", "193.187.91.209:54073", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://www.threat.rip/file/98de923b737ba99d3bac77c8e162d2c967416b1b2c62a3b55082d8768813c646/config", "COLLECTION,D1,DISCOVERY,RAT,REMCOS", "0", "Neiki" "2026-02-14 15:24:33", "1748060", "198.244.201.139:3964", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://www.threat.rip/file/ecc6431012cf98ec5ce44cd78304ee9d9be662bff28b0a1bd34cfe3f1cad66ef/config", "AUTO-REG,HOSTING,PERSISTENCE,RAT,REMCOS", "0", "Neiki" "2026-02-14 15:24:30", "1748064", "104.250.167.52:9095", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://www.threat.rip/file/e25378f1651177010bbf8db5b9018e9700860d08f42bdf3dfcb697faa5d52b12/config", "AUTO-REG,PERSISTENCE,RAT,REMCOS,REMOTEHOST", "0", "Neiki" "2026-02-14 15:23:49", "1748070", "176.65.148.31:51321", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle" "2026-02-14 15:23:48", "1748080", "172.235.171.65:40639", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://www.threat.rip/file/4fc138703abce3dc49c8e6960992b575053af476b3347f2b84f2814ccd841e61/config", "AUTO-SCH,EXECUTION,PERSISTENCE,RAT,SHEET,SHEETRAT,TROJAN", "0", "Neiki" "2026-02-14 15:23:45", "1748082", "146.70.226.138:5103", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/650316ebfb7fc834a7cd0b4f9db79c0374cb92e1a671719f95939c0c8ff4ab24/config", "AUTO-STARTUP,AUTOIT,DEFENSE_EVASION,DISCOVERY,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:23:39", "1748108", "147.185.221.181:9539", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/2f31f023fc1754e604690e721a09d2088d39839e1f54865b15085bdcea960c21/config", "AUTO-REG,AUTO-STARTUP,EVASION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:23:33", "1748113", "155.117.44.130:1337", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/170cb89c2818229321f5660b0e11dc468cfa0472ec7e1d603ff1bf83d3678dc9/config", "AUTO-REG,AUTO-STARTUP,EXECUTION,PERSISTENCE,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:23:30", "1748116", "169.224.4.4:37625", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "https://www.threat.rip/file/cf8c6c396c3affbda2bb8dc7972fe91e13b5be53d6e098f309920354b6712236/config", "AUTO-REG,AUTO-STARTUP,BLADABINDI,DEFENSE_EVASION,DISCOVERY,NJRAT,PACKER,PERSISTENCE", "0", "Neiki" "2026-02-14 15:23:27", "1748136", "107.152.32.98:2557", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/24ac9942ec362def302448c35dd9c5bc71ea41cb9f943f949971a98362adc462/config", "DEFENSE_EVASION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:23:20", "1748199", "34.41.139.193:5202", "ip:port", "botnet_cc", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "2026-02-15 04:06:47", "100", "False", "https://www.threat.rip/file/42c6506adc777a13ce35b2bb1c0eb0476cc5055858a9fd0309a934cb2b9dece8/config", "AUTOIT,BOTNET,DISCOVERY,DYNDNS,EXECUTION,INFOSTEALER,NETWIRE,PERSISTENCE", "0", "Neiki" "2026-02-14 15:23:15", "1748216", "141.227.129.198:14433", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/b291b864abd5de39810dde3f77b9027d1aa3c63107c97841a003103822414f1c/config", "AUTO-REG,AUTO-STARTUP,BINDER,DEFENSE_EVASION,DISCOVERY,EVASION,EXECUTION,GENERIC,xworm", "0", "Neiki" "2026-02-14 15:23:12", "1748223", "147.185.221.29:34986", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-14 14:29:16", "100", "False", "https://www.threat.rip/file/18f44dcfa07edabd659d289931b0276fabf48491e02ee0735cb44665453b58c5/config", "AUTO-REG,AUTO-STARTUP,EVASION,INNOSETUP,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:23:01", "1748194", "198.244.201.139:3913", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/8bc544386ccb4eb630c4b8df83be99b28e8c0f1b45a17126178bcfb25ea668a6/config", "AUTO-REG,AUTO-STARTUP,CRYPTER,EVASION,PROTECTOR,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:22:12", "1748250", "161.35.110.36:24598", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/be3d3c364972a128bdc2a7831fe49a5dbcf71d4af20419702b7d54fc1053bd7f/config", "DEFENSE_EVASION,EXECUTION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-14 15:13:37", "1747623", "43.228.157.33:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle" "2026-02-14 15:13:36", "1747542", "64.190.113.206:79", "ip:port", "payload_delivery", "js.mints_loader", "None", "MintsLoader", "", "100", "False", "https://infosec.exchange/@netresec/115905237000922504", "GhostWeaver,MintsLoader", "0", "netresec" "2026-02-14 15:13:35", "1747537", "124.198.132.104:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "2026-02-13 17:00:05", "100", "False", "None", "1,c2,loader,StealC,stealer", "0", "Bitsight" "2026-02-14 15:13:34", "1747514", "104.156.155.94:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://www.threat.rip/file/55ac21196b46a7cee1b177805cb6b440cd7d90fb0b833a6e0f226142e9c6de1b/config", "AUTO-REG,DEFENSE_EVASION,DISCOVERY,JEEFO,M0YV,PERSISTENCE,RANSOMWARE,SINKHOLE", "0", "Neiki" "2026-02-14 15:13:34", "1747515", "156.247.41.106:8000", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "77", "False", "https://tria.ge/260213-nlntpscz6c", "Gh0stCringe", "0", "netresec" "2026-02-14 15:13:32", "1747485", "185.177.57.70:23", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-02-13 10:27:05", "88", "False", "https://tria.ge/260213-k9a1zaas8e", "beszart.govt.hu", "0", "netresec" "2026-02-14 15:13:32", "1747487", "85.120.81.158:18916", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "Mirai", "0", "elfdigest" "2026-02-14 15:11:17", "1748256", "101.200.193.211:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2026-02-14 15:00:17", "1748252", "95.31.213.79:8000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-14 16:01:26", "100", "False", "https://search.censys.io/hosts/95.31.213.79", "AS8402,C2,censys,Mythic", "0", "dyingbreeds_" "2026-02-14 15:00:15", "1748251", "138.252.132.50:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:43:46", "100", "False", "https://search.censys.io/hosts/138.252.132.50", "AS154339,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-14 14:29:20", "1748246", "147.185.221.29:3765", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260214-n495naa15g", "XWorm", "0", "dyingbreeds_" "2026-02-14 12:49:20", "1748234", "185.196.8.2:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:42", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2026-02-14 12:05:16", "1748227", "151.242.152.131:79", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-jxpsxsd14e", "AS400342,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 12:05:15", "1748225", "151.242.152.131:1234", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-jxpsxsd14e", "AS400342,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 12:05:15", "1748226", "151.242.152.131:2345", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-jxpsxsd14e", "AS400342,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 12:05:14", "1748224", "47.237.82.83:520", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-mjeycahx7g", "AS45102,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 12:01:54", "1748220", "18.180.199.50:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-02-15 03:44:56", "100", "False", "https://search.censys.io/hosts/18.180.199.50", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2026-02-14 12:01:40", "1748218", "45.151.236.233:3765", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-14 14:29:20", "100", "False", "https://tria.ge/260214-n253xsa12d", "AS206257,C2,triage,xworm", "0", "DonPasci" "2026-02-14 12:01:40", "1748219", "210.87.69.224:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:47:13", "100", "False", "https://search.censys.io/hosts/210.87.69.224", "AS63969,AsyncRAT,C2,censys,RACEONLINE-BD,RAT", "0", "DonPasci" "2026-02-14 11:00:18", "1748207", "107.172.31.102:8881", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:43:25", "100", "False", "https://search.censys.io/hosts/107.172.31.102", "AS36352,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-14 11:00:09", "1748206", "80.97.160.68:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 12:01:05", "100", "False", "https://search.censys.io/hosts/80.97.160.68", "AS48753,AVAHOHST,C2,censys", "0", "dyingbreeds_" "2026-02-14 11:00:07", "1748205", "213.64.72.46:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:46", "100", "False", "https://search.censys.io/hosts/213.64.72.46", "AS3301,C2,censys", "0", "dyingbreeds_" "2026-02-14 11:00:06", "1748204", "156.234.94.213:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:37", "100", "False", "https://search.censys.io/hosts/156.234.94.213", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 09:20:36", "1748188", "172.67.223.20:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:36", "1748189", "172.67.223.20:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:35", "1748186", "172.67.135.231:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:35", "1748187", "172.67.135.231:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:29", "1748185", "104.21.70.134:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:28", "1748183", "104.21.7.84:4782", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:28", "1748184", "104.21.70.134:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 09:20:27", "1748182", "104.21.7.84:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/3fa82d62627cf04ad9a08e3260756f1ccf7ff28adda8d48d02f3c75e5de5211d/", "asyncrat", "0", "abuse_ch" "2026-02-14 08:47:51", "1748176", "65.153.151.24:8800", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:48:25", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-14 08:47:26", "1748175", "46.148.231.117:587", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:48:02", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-14 08:45:00", "1748174", "23.235.179.118:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 12:01:00", "100", "False", "https://search.censys.io/hosts/23.235.179.118", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 08:44:48", "1748173", "163.181.123.15:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:44:31", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-14 08:43:48", "1748172", "13.115.210.186:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:43:39", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-14 08:01:42", "1748166", "195.177.94.132:8443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/195.177.94.132", "AdaptixC2,AS214961,C2,censys,STELLARGROUPSAS", "0", "DonPasci" "2026-02-14 08:01:22", "1748165", "91.92.242.165:8090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-15 03:48:53", "100", "False", "https://search.censys.io/hosts/91.92.242.165", "AS202412,C2,censys,DcRAT,OMEGATECH-AS,RAT", "0", "DonPasci" "2026-02-14 08:01:14", "1748164", "89.124.67.107:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/89.124.67.107", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci" "2026-02-14 07:00:22", "1748149", "160.191.77.61:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-15 03:44:26", "100", "False", "https://search.censys.io/hosts/160.191.77.61", "AS149020,C2,censys", "0", "dyingbreeds_" "2026-02-14 07:00:19", "1748148", "196.251.107.159:2222", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-14 08:01:19", "100", "False", "https://search.censys.io/hosts/196.251.107.159", "AS214351,C2,censys,FEMOIT,RAT", "0", "dyingbreeds_" "2026-02-14 07:00:07", "1748147", "23.226.58.249:28713", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 08:00:45", "100", "False", "https://search.censys.io/hosts/23.226.58.249", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-14 06:04:05", "1748144", "192.252.181.116:448", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-anp8nab12f", "AS152194,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 06:04:04", "1748142", "192.252.181.120:448", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-cd1yhsez3d", "AS152194,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 06:04:04", "1748143", "192.252.181.116:447", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260214-anp8nab12f", "AS152194,C2,rat,triage,valleyrat", "0", "DonPasci" "2026-02-14 04:01:05", "1748139", "172.111.213.110:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:44:44", "100", "False", "https://search.censys.io/hosts/172.111.213.110", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2026-02-14 04:01:04", "1748138", "152.89.162.5:50987", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:44:13", "100", "False", "https://search.censys.io/hosts/152.89.162.5", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2026-02-14 03:01:02", "1748132", "107.163.241.194:6520", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "False", "https://tria.ge/260213-3p4rnaay6c", "GHOST", "0", "dyingbreeds_" "2026-02-14 03:00:40", "1748131", "212.28.186.94:7004", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-14 08:48:31", "100", "False", "https://tria.ge/260214-alrnpsbw8c", "quasar", "0", "dyingbreeds_" "2026-02-14 03:00:39", "1748130", "192.144.211.249:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/192.144.211.249", "AS45090,censys,Viper", "0", "dyingbreeds_" "2026-02-14 03:00:25", "1748129", "128.90.115.3:4433", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-15 03:43:38", "100", "False", "https://search.censys.io/hosts/128.90.115.3", "AS40861,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-14 03:00:17", "1748128", "195.66.215.248:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:46:53", "100", "False", "https://search.censys.io/hosts/195.66.215.248", "AS30860,C2,censys,RAT,YURTEH-AS", "0", "dyingbreeds_" "2026-02-14 03:00:16", "1748127", "169.40.135.7:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:44:41", "100", "False", "https://search.censys.io/hosts/169.40.135.7", "AS209274,C2,censys,KRAKEN-NETWORK-ISP,RAT", "0", "dyingbreeds_" "2026-02-14 03:00:15", "1748126", "194.164.96.98:1803", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:46:46", "100", "False", "https://search.censys.io/hosts/194.164.96.98", "AS212027,C2,censys,PEBBLEHOST,RAT", "0", "dyingbreeds_" "2026-02-14 03:00:11", "1748125", "172.96.137.80:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 03:44:49", "90", "False", "https://search.censys.io/hosts/172.96.137.80", "AS395092,C2,censys", "0", "dyingbreeds_" "2026-02-14 02:51:47", "1748119", "156.234.94.210:37812", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:37", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2026-02-14 02:51:46", "1748118", "156.234.56.34:19273", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:37", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2026-02-14 00:02:15", "1748107", "199.101.111.60:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.60", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 00:02:14", "1748106", "43.201.5.24:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/43.201.5.24", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 00:02:13", "1748105", "168.245.203.77:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/168.245.203.77", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 00:02:12", "1748104", "199.101.111.55:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.55", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-14 00:01:37", "1748103", "45.227.253.115:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/45.227.253.115", "AS-ALVIVA,AS209272,C2,censys,RAT,Sectop", "0", "DonPasci" "2026-02-14 00:01:34", "1748102", "213.142.151.94:1337", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:47:16", "100", "False", "https://search.censys.io/hosts/213.142.151.94", "AS212219,AsyncRAT,C2,censys,HOSTINGDUNYAM,RAT", "0", "DonPasci" "2026-02-14 00:01:14", "1748101", "149.28.254.111:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 03:44:10", "100", "False", "https://search.censys.io/hosts/149.28.254.111", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci" "2026-02-14 00:01:10", "1748100", "172.93.222.219:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:44:49", "100", "False", "https://search.censys.io/hosts/172.93.222.219", "AS23033,C2,censys,RAT,Remcos,WOW", "0", "DonPasci" "2026-02-14 00:01:08", "1748099", "149.50.96.57:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:44:11", "100", "False", "https://search.censys.io/hosts/149.50.96.57", "AS201814,C2,censys,MEVSPACE,RAT,Remcos", "0", "DonPasci" "2026-02-14 00:00:44", "1748098", "43.249.175.83:37812", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 03:00:06", "100", "False", "https://search.censys.io/hosts/43.249.175.83", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-13 23:00:16", "1748094", "185.241.211.85:10001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:46:06", "100", "False", "https://search.censys.io/hosts/185.241.211.85", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 23:00:10", "1748093", "103.236.92.166:83", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-14 00:01:04", "75", "False", "https://search.censys.io/hosts/103.236.92.166", "AS134768,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 23:00:08", "1748092", "43.249.175.92:37812", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 00:00:45", "100", "False", "https://search.censys.io/hosts/43.249.175.92", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-13 23:00:06", "1748091", "47.113.98.240:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 00:00:46", "100", "False", "https://search.censys.io/hosts/47.113.98.240", "AS37963,C2,censys", "0", "dyingbreeds_" "2026-02-13 22:47:36", "1748090", "104.168.7.222:15409", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-14 08:48:22", "100", "False", "https://tria.ge/260213-ys3ljsex2h", "Remcos", "0", "dyingbreeds_" "2026-02-13 21:16:41", "1748075", "135.125.88.35:8013", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "90", "False", "None", "Earth Baxia", "0", "Rony" "2026-02-13 21:13:47", "1748073", "172.81.182.63:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "False", "None", "SocGholish", "0", "threatcat_ch" "2026-02-13 21:13:46", "1748072", "38.135.54.246:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "2026-02-13 21:23:04", "100", "False", "None", "SocGholish", "0", "threatcat_ch" "2026-02-13 21:12:14", "1748071", "209.141.57.1:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "False", "None", "SocGholish", "0", "threatcat_ch" "2026-02-13 20:02:04", "1747999", "99.79.77.16:20971", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/99.79.77.16", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 20:02:03", "1747998", "43.210.93.81:24042", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/43.210.93.81", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 20:01:49", "1747997", "27.223.85.234:62443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/27.223.85.234", "AS4837,c2,c2-redirector,censys,CHINA169-BACKBONE,RedGuard", "0", "DonPasci" "2026-02-13 20:01:36", "1747996", "13.230.133.203:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-02-15 03:43:39", "100", "False", "https://search.censys.io/hosts/13.230.133.203", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2026-02-13 20:01:26", "1747995", "18.118.117.51:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:44:56", "100", "False", "https://search.censys.io/hosts/18.118.117.51", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci" "2026-02-13 20:01:06", "1747994", "67.213.113.231:1982", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:48:26", "100", "False", "https://search.censys.io/hosts/67.213.113.231", "AS396356,C2,censys,LATITUDE-SH,RAT,Remcos", "0", "DonPasci" "2026-02-13 20:00:42", "1747993", "23.226.58.239:37812", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 23:00:07", "100", "False", "https://search.censys.io/hosts/23.226.58.239", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-13 20:00:04", "1747990", "144.31.1.147:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "False", "None", "NetSupport", "0", "abuse_ch" "2026-02-13 19:02:15", "1747980", "187.170.215.28:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "False", "https://search.censys.io/hosts/187.170.215.28", "AS8151,C2,censys,UNINET", "0", "dyingbreeds_" "2026-02-13 19:02:00", "1747979", "1.14.236.218:38886", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/1.14.236.218", "AS45090,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 19:01:52", "1747978", "1.14.236.218:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/1.14.236.218", "AS45090,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 19:01:42", "1747977", "193.43.104.157:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:46:46", "100", "False", "https://search.censys.io/hosts/193.43.104.157", "AS16276,censys,EvilGinx,OVH,Phishing", "0", "dyingbreeds_" "2026-02-13 19:01:25", "1747976", "160.250.134.125:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2026-02-13 20:01:44", "100", "False", "https://search.censys.io/hosts/160.250.134.125", "AS135918,C2,censys", "0", "dyingbreeds_" "2026-02-13 19:01:00", "1747975", "45.88.186.203:9999", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-15 03:48:00", "100", "False", "https://search.censys.io/hosts/45.88.186.203", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 19:00:09", "1747973", "186.123.85.29:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:42", "100", "False", "https://search.censys.io/hosts/186.123.85.29", "AS11664,C2,censys", "0", "dyingbreeds_" "2026-02-13 18:53:50", "1747972", "202.91.34.52:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:47:01", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-13 18:53:44", "1747971", "20.211.49.27:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-02-15 03:46:59", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch" "2026-02-13 18:49:10", "1747969", "172.236.114.73:11602", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:44:46", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-13 18:49:09", "1747968", "172.233.12.93:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 03:44:46", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch" "2026-02-13 18:43:24", "1747965", "104.131.172.70:8384", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:43:14", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-13 18:43:21", "1747963", "103.245.38.125:6197", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-15 03:43:12", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch" "2026-02-13 18:43:10", "1747962", "102.117.162.28:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:43:05", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch" "2026-02-13 18:00:51", "1747949", "144.31.164.226:56778", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-13 19:03:29", "100", "False", "https://tria.ge/260213-ss7ydafy6c", "AS215439,C2,triage,xworm", "0", "DonPasci" "2026-02-13 17:03:53", "1747937", "178.128.69.245:80", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "False", "https://bazaar.abuse.ch/sample/d5e76679fbd2f3070f64e06eea4ad435b416063b5e9576614bcb44837c8c65b4/", "Rat,TrustConnect", "1", "NDA0E" "2026-02-13 17:03:53", "1747938", "178.128.69.245:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "False", "https://bazaar.abuse.ch/sample/d5e76679fbd2f3070f64e06eea4ad435b416063b5e9576614bcb44837c8c65b4/", "Rat,TrustConnect", "1", "NDA0E" "2026-02-13 16:02:05", "1747794", "54.255.55.251:119", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.255.55.251", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 16:02:04", "1747792", "54.255.55.251:31969", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.255.55.251", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 16:02:04", "1747793", "54.255.55.251:44819", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.255.55.251", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 16:02:03", "1747790", "51.112.178.33:7001", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/51.112.178.33", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 16:02:03", "1747791", "51.112.178.33:47001", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/51.112.178.33", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 16:01:37", "1747789", "69.167.10.211:443", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-13 19:01:08", "100", "False", "https://search.censys.io/hosts/69.167.10.211", "AS40861,C2,censys,DcRAT,PARAD-40-ASN,RAT", "0", "DonPasci" "2026-02-13 16:01:17", "1747788", "213.10.177.103:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/213.10.177.103", "AS1136,C2,censys,KPN,open-dir,payload,Sliver", "0", "DonPasci" "2026-02-13 16:01:16", "1747787", "181.214.100.216:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/181.214.100.216", "AS21859,C2,censys,open-dir,payload,Sliver,ZEN-ECN", "0", "DonPasci" "2026-02-13 16:00:44", "1747786", "156.234.33.82:19273", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:37", "100", "False", "https://search.censys.io/hosts/156.234.33.82", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-13 15:02:03", "1747745", "213.14.185.201:1604", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260213-q9w64abt5e", "XWorm", "0", "dyingbreeds_" "2026-02-13 15:00:23", "1747743", "23.236.64.252:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:47:23", "100", "False", "https://search.censys.io/hosts/23.236.64.252", "AS136897,C2,censys,Mythic", "0", "dyingbreeds_" "2026-02-13 15:00:20", "1747742", "74.81.49.19:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:48:30", "100", "False", "https://search.censys.io/hosts/74.81.49.19", "AS22439,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 15:00:12", "1747741", "13.232.97.61:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:31", "100", "False", "https://search.censys.io/hosts/13.232.97.61", "AS16509,C2,censys", "0", "dyingbreeds_" "2026-02-13 15:00:11", "1747740", "8.148.251.204:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 16:00:55", "100", "False", "https://search.censys.io/hosts/8.148.251.204", "AS37963,C2,censys", "0", "dyingbreeds_" "2026-02-13 15:00:09", "1747739", "16.171.54.42:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 16:00:53", "100", "False", "https://search.censys.io/hosts/16.171.54.42", "AS16509,C2,censys", "0", "dyingbreeds_" "2026-02-13 15:00:07", "1747738", "23.235.182.118:37812", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 16:00:48", "100", "False", "https://search.censys.io/hosts/23.235.182.118", "AS138415,C2,censys", "0", "dyingbreeds_" "2026-02-13 12:56:09", "1747527", "4.154.22.123:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2026-02-15 03:49:53", "75", "False", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2026-02-13 12:02:14", "1747513", "155.117.40.221:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/155.117.40.221", "AS32097,C2,censys,Starkillerc2,WII", "0", "DonPasci" "2026-02-13 12:02:09", "1747512", "157.241.106.252:8013", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/157.241.106.252", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 12:02:08", "1747510", "54.93.123.57:30005", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.93.123.57", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 12:02:08", "1747511", "54.93.123.57:50805", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.93.123.57", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 12:02:07", "1747509", "13.245.28.15:18084", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/13.245.28.15", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 12:02:06", "1747508", "3.71.79.244:34009", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/3.71.79.244", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 12:01:30", "1747507", "196.251.107.148:2222", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-13 15:00:26", "100", "False", "https://search.censys.io/hosts/196.251.107.148", "AS214351,C2,censys,FEMOIT,Quasar,RAT", "0", "DonPasci" "2026-02-13 12:01:07", "1747506", "195.184.233.126:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:46:50", "100", "False", "https://search.censys.io/hosts/195.184.233.126", "AS55286,C2,censys,RAT,Remcos,SERVER-MANIA", "0", "DonPasci" "2026-02-13 11:02:04", "1747502", "58.144.179.206:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/58.144.179.206", "AS4837,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 11:01:54", "1747501", "58.144.179.206:36915", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "False", "https://search.censys.io/hosts/58.144.179.206", "AS4837,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 11:01:34", "1747500", "43.164.1.146:8082", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-13 12:01:42", "100", "False", "https://search.censys.io/hosts/43.164.1.146", "AS132203,C2,censys,Vshell", "0", "dyingbreeds_" "2026-02-13 11:01:22", "1747499", "109.107.161.96:8090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-13 12:01:35", "100", "False", "https://search.censys.io/hosts/109.107.161.96", "AS216334,C2,censys,LANDVPS-AS,RAT", "0", "dyingbreeds_" "2026-02-13 11:01:11", "1747498", "206.189.213.116:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-15 03:47:03", "100", "False", "https://search.censys.io/hosts/206.189.213.116", "AS14061,C2,censys", "0", "dyingbreeds_" "2026-02-13 11:01:04", "1747497", "78.128.113.150:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-15 03:48:33", "100", "False", "https://search.censys.io/hosts/78.128.113.150", "AS209160,C2,censys,MITI2000", "0", "dyingbreeds_" "2026-02-13 11:00:54", "1747495", "62.102.148.166:3066", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260213-h2zy1se14b", "Remcos", "0", "dyingbreeds_" "2026-02-13 11:00:54", "1747496", "94.185.80.230:3066", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://tria.ge/260213-h2zy1se14b", "Remcos", "0", "dyingbreeds_" "2026-02-13 11:00:52", "1747494", "51.45.54.250:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:48:13", "100", "False", "https://search.censys.io/hosts/51.45.54.250", "AS16509,C2,censys,Mythic", "0", "dyingbreeds_" "2026-02-13 11:00:30", "1747493", "107.172.31.102:8891", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-15 03:43:25", "100", "False", "https://search.censys.io/hosts/107.172.31.102", "AS36352,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 11:00:17", "1747492", "154.86.18.142:14994", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-13 12:01:03", "75", "False", "https://search.censys.io/hosts/154.86.18.142", "AS140227,C2,censys,RAT", "0", "dyingbreeds_" "2026-02-13 11:00:14", "1747491", "139.196.37.127:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 12:00:43", "100", "False", "https://search.censys.io/hosts/139.196.37.127", "AS37963,C2,censys", "0", "dyingbreeds_" "2026-02-13 11:00:12", "1747490", "38.60.206.124:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260213-klt4yag17e", "AsyncRAT", "0", "dyingbreeds_" "2026-02-13 11:00:07", "1747488", "107.174.176.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 12:00:47", "100", "False", "https://search.censys.io/hosts/107.174.176.19", "AS36352,C2,censys", "0", "dyingbreeds_" "2026-02-13 10:04:18", "1747111", "46.203.233.102:1337", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-13 07:02:21", "100", "False", "https://www.threat.rip/file/8b94b447cf5bc88314e5ed5618d7c25d8db6cc15845f87cffe7f57f473869d20/config", "AUTO-REG,AUTO-STARTUP,EXECUTION,INNOSETUP,PERSISTENCE,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-13 10:04:14", "1747465", "194.59.30.214:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://www.threat.rip/file/1ae0ea0b093ec70869d063af5cef9255c6857e3b43e7f910bc2174cf05ee2ac3/config", "AUTOIT,RAT,REMCOS", "0", "Neiki" "2026-02-13 10:04:12", "1747468", "158.94.211.18:5909", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/2d80a9e5f2d7d40da131a8ed7ea8b67a25ff001263bec22589bfbaae4b89e963/config", "AUTO-STARTUP,DISCOVERY,NETREACTOR,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-13 09:24:31", "1747472", "52.90.129.186:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-15 03:48:16", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch" "2026-02-13 09:08:47", "1747469", "204.76.203.41:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 03:47:03", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch" "2026-02-13 08:48:45", "1747459", "12.7.27.147:7220", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:43:34", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-13 08:48:40", "1747458", "116.26.10.158:36010", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-15 03:43:32", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch" "2026-02-13 08:12:17", "1747453", "46.224.11.92:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-02-13 08:12:17", "1747454", "151.247.22.188:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-02-13 08:12:17", "1747455", "151.247.22.211:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-02-13 08:12:17", "1747456", "46.225.137.109:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-02-13 08:03:45", "1747442", "154.90.32.188:8443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-02-15 03:44:15", "100", "False", "https://search.censys.io/hosts/154.90.32.188", "AS138915,BianLian,C2,censys,KAOPU-HK", "0", "DonPasci" "2026-02-13 08:03:40", "1747441", "52.196.110.202:60000", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/52.196.110.202", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 08:03:36", "1747440", "52.196.110.202:51200", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/52.196.110.202", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 08:03:32", "1747439", "52.196.110.202:2000", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/52.196.110.202", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 08:03:25", "1747438", "143.198.148.203:4443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/143.198.148.203", "AS14061,C2,censys,DIGITALOCEAN-ASN,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 08:03:20", "1747437", "40.177.153.83:1962", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/40.177.153.83", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci" "2026-02-13 08:03:02", "1747436", "5.175.192.114:1337", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "https://search.censys.io/hosts/5.175.192.114", "AS211066,C2,censys,Gafgyt,RYZEHOSTING-TRADING", "0", "DonPasci" "2026-02-13 08:02:53", "1747435", "83.147.19.146:5555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/83.147.19.146", "Albiriox,Android,AS215311,censys,REGXA-CLOUD", "0", "DonPasci" "2026-02-13 08:01:31", "1747434", "198.244.243.243:4056", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 03:46:56", "100", "False", "https://search.censys.io/hosts/198.244.243.243", "AS16276,C2,censys,OVH,RAT,Remcos", "0", "DonPasci" "2026-02-13 08:01:04", "1747433", "83.229.127.46:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 11:00:09", "100", "False", "https://search.censys.io/hosts/83.229.127.46", "AS139659,C2,censys,CobaltStrike,cs-watermark-666666666,LUCID-AS-AP", "0", "DonPasci" "2026-02-13 08:00:47", "1747432", "43.243.191.236:37812", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 03:49:56", "100", "False", "https://search.censys.io/hosts/43.243.191.236", "AS138415,C2,censys,CobaltStrike,cs-watermark-987654321,YANCYLIMITED-AS-HK", "0", "DonPasci" "2026-02-13 07:24:27", "1747411", "94.103.83.166:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-14 16:01:35", "50", "False", "", "c2,remcos", "0", "juroots" "2026-02-13 07:21:13", "1747265", "179.247.245.136:4444", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-02-13 07:21:13", "1747266", "179.247.245.136:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-02-13 07:21:13", "1747267", "179.247.245.136:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-02-13 07:21:13", "1747268", "26.2.109.252:3232", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-14 16:01:28", "50", "False", "", "c2,dcrat", "0", "juroots" "2026-02-13 07:12:08", "1747216", "103.106.191.10:444", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "50", "False", "https://www.shodan.io/host/103.106.191.10#444", "c2,setcoderat,shodan", "0", "juroots" "2026-02-13 07:11:31", "1747215", "185.100.233.121:443", "ip:port", "botnet_cc", "win.fickle", "None", "Fickle Stealer", "", "50", "False", "https://www.shodan.io/host/185.100.233.121#443", "c2,fickle,shodan", "0", "juroots" "2026-02-13 07:09:54", "1747214", "102.117.15.139:7434", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "False", "https://www.shodan.io/host/102.117.15.139#7434", "c2,havoc,shodan", "0", "juroots" "2026-02-13 07:09:37", "1747213", "180.131.145.105:2012", "ip:port", "botnet_cc", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "50", "False", "https://www.shodan.io/host/180.131.145.105#2012", "c2,crimson,shodan", "0", "juroots" "2026-02-13 07:09:13", "1747212", "186.169.55.212:9002", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "False", "https://www.shodan.io/host/186.169.55.212#9002", "c2,dcrat,shodan", "0", "juroots" "2026-02-13 07:09:02", "1747211", "147.50.253.97:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "False", "https://www.shodan.io/host/147.50.253.97#1177", "c2,njrat,shodan", "0", "juroots" "2026-02-13 07:08:37", "1747210", "45.94.31.17:5555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/45.94.31.17#5555", "c2,evilginx,shodan", "0", "juroots" "2026-02-13 07:08:09", "1747209", "4.247.145.101:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/4.247.145.101#4443", "c2,shodan,villain", "0", "juroots" "2026-02-13 07:07:45", "1747208", "140.238.72.142:8083", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "50", "False", "https://www.shodan.io/host/140.238.72.142#8083", "c2,shadowpad,shodan", "0", "juroots" "2026-02-13 07:07:37", "1747207", "121.89.205.206:1244", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/121.89.205.206#1244", "c2,netbus,shodan", "0", "juroots" "2026-02-13 07:07:30", "1747206", "118.122.8.224:8008", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/118.122.8.224#8008", "c2,netbus,shodan", "0", "juroots" "2026-02-13 07:07:28", "1747205", "159.89.45.99:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:39", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:07:22", "1747204", "149.210.45.202:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "False", "https://www.shodan.io/host/149.210.45.202#443", "c2,gh0st,shodan", "0", "juroots" "2026-02-13 07:07:20", "1747203", "165.232.111.88:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:36", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:07:15", "1747202", "203.123.105.20:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "False", "https://www.shodan.io/host/203.123.105.20#80", "c2,gh0st,shodan", "0", "juroots" "2026-02-13 07:07:12", "1747201", "167.99.217.75:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:34", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:07:04", "1747199", "158.94.211.97:54984", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "False", "https://www.shodan.io/host/158.94.211.97#54984", "c2,nanocore,shodan", "0", "juroots" "2026-02-13 07:07:04", "1747200", "161.35.46.30:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:31", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:57", "1747198", "144.79.12.69:54984", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "False", "https://www.shodan.io/host/144.79.12.69#54984", "c2,nanocore,shodan", "0", "juroots" "2026-02-13 07:06:56", "1747197", "143.110.167.245:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:29", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:49", "1747196", "45.10.164.177:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:47:49", "50", "False", "https://www.shodan.io/host/45.10.164.177#7443", "c2,mythic,shodan", "0", "juroots" "2026-02-13 07:06:48", "1747194", "198.199.122.33:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:26", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:43", "1747193", "167.86.110.155:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:44:39", "50", "False", "https://www.shodan.io/host/167.86.110.155#7443", "c2,mythic,shodan", "0", "juroots" "2026-02-13 07:06:41", "1747192", "167.172.154.26:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:24", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:33", "1747191", "157.245.176.16:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:24", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:25", "1747190", "161.35.12.194:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:23", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:18", "1747189", "209.38.33.240:8001", "ip:port", "botnet_cc", "elf.aisuru", "None", "Aisuru", "2026-02-15 04:10:22", "75", "False", "None", "AISURU", "0", "abuse_ch" "2026-02-13 07:06:11", "1747188", "151.59.35.193:8080", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "False", "https://www.shodan.io/host/151.59.35.193#8080", "c2,sectop,shodan", "0", "juroots" "2026-02-13 07:06:04", "1747187", "212.193.31.163:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "False", "https://www.shodan.io/host/212.193.31.163#9000", "c2,sectop,shodan", "0", "juroots" "2026-02-13 07:05:57", "1747186", "151.59.32.237:8080", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "False", "https://www.shodan.io/host/151.59.32.237#8080", "c2,sectop,shodan", "0", "juroots" "2026-02-13 07:05:50", "1747185", "42.237.107.188:55442", "ip:port", "botnet_cc", "elf.mozi", "None", "Mozi", "2026-02-13 07:06:18", "50", "False", "https://www.shodan.io/host/42.237.107.188#55442", "c2,mozi,shodan", "0", "juroots" "2026-02-13 07:05:43", "1747184", "117.217.90.148:50009", "ip:port", "botnet_cc", "elf.mozi", "None", "Mozi", "", "50", "False", "https://www.shodan.io/host/117.217.90.148#50009", "c2,mozi,shodan", "0", "juroots" "2026-02-13 07:05:37", "1747183", "117.196.134.17:33060", "ip:port", "botnet_cc", "elf.mozi", "None", "Mozi", "", "50", "False", "https://www.shodan.io/host/117.196.134.17#33060", "c2,mozi,shodan", "0", "juroots" "2026-02-13 07:05:30", "1747182", "117.215.51.164:42901", "ip:port", "botnet_cc", "elf.mozi", "None", "Mozi", "", "50", "False", "https://www.shodan.io/host/117.215.51.164#42901", "c2,mozi,shodan", "0", "juroots" "2026-02-13 07:05:23", "1747181", "31.57.33.235:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "False", "https://www.shodan.io/host/31.57.33.235#1604", "c2,darkcomet,shodan", "0", "juroots" "2026-02-13 07:05:16", "1747180", "95.130.225.145:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "False", "https://www.shodan.io/host/95.130.225.145#1604", "c2,darkcomet,shodan", "0", "juroots" "2026-02-13 07:05:11", "1747179", "189.150.83.128:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "False", "https://www.shodan.io/host/189.150.83.128#1604", "c2,darkcomet,shodan", "0", "juroots" "2026-02-13 07:04:54", "1747177", "2.143.154.174:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "False", "https://www.shodan.io/host/2.143.154.174#6001", "c2,netsupport,shodan", "0", "juroots" "2026-02-13 07:04:54", "1747178", "211.197.155.214:6000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "False", "https://www.shodan.io/host/211.197.155.214#6000", "c2,netsupport,shodan", "0", "juroots" "2026-02-13 07:04:53", "1747176", "118.122.8.157:992", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "False", "https://www.shodan.io/host/118.122.8.157#992", "c2,netsupport,shodan", "0", "juroots" "2026-02-13 07:04:52", "1747175", "121.89.205.206:3115", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "False", "https://www.shodan.io/host/121.89.205.206#3115", "c2,netsupport,shodan", "0", "juroots" "2026-02-13 07:04:13", "1747173", "163.53.152.206:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/163.53.152.206#443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:13", "1747174", "52.202.90.227:4435", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/52.202.90.227#4435", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:12", "1747171", "216.250.226.35:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/216.250.226.35#443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:12", "1747172", "13.235.103.217:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/13.235.103.217#80", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:11", "1747170", "199.91.200.230:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/199.91.200.230#8443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:10", "1747168", "20.241.207.58:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/20.241.207.58#8443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:10", "1747169", "38.103.18.147:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/38.103.18.147#8443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:09", "1747167", "199.167.131.71:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/199.167.131.71#8443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:04:08", "1747166", "4.246.141.209:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/4.246.141.209#8443", "c2,powersploit,shodan", "0", "juroots" "2026-02-13 07:03:41", "1747164", "139.99.86.89:443", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "False", "https://www.shodan.io/host/139.99.86.89#443", "c2,kimsuky,shodan", "0", "juroots" "2026-02-13 07:03:41", "1747165", "27.102.138.230:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "False", "https://www.shodan.io/host/27.102.138.230#80", "c2,kimsuky,shodan", "0", "juroots" "2026-02-13 07:03:37", "1747163", "27.102.138.125:443", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "False", "https://www.shodan.io/host/27.102.138.125#443", "c2,kimsuky,shodan", "0", "juroots" "2026-02-13 07:03:36", "1747162", "27.102.138.125:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "False", "https://www.shodan.io/host/27.102.138.125#80", "c2,kimsuky,shodan", "0", "juroots" "2026-02-13 07:03:21", "1747161", "51.161.11.238:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/51.161.11.238#443", "c2,gophish,phishing,shodan", "0", "juroots" "2026-02-13 07:03:17", "1747160", "2.59.119.38:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/2.59.119.38#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2026-02-13 07:03:12", "1747159", "58.59.44.132:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/58.59.44.132#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2026-02-13 07:03:02", "1747158", "143.198.65.74:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/143.198.65.74#80", "c2,gophish,phishing,shodan", "0", "juroots" "2026-02-13 07:02:15", "1747157", "109.131.141.80:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/109.131.141.80#8443", "c2,gophish,phishing,shodan", "0", "juroots" "2026-02-13 07:01:49", "1747156", "144.172.101.78:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/144.172.101.78#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:01:42", "1747155", "172.245.228.213:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/172.245.228.213#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:01:35", "1747154", "107.189.25.81:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/107.189.25.81#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:01:28", "1747153", "204.76.203.41:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/204.76.203.41#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:01:21", "1747152", "89.163.214.74:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/89.163.214.74#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:01:14", "1747151", "38.190.254.97:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/38.190.254.97#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:01:06", "1747150", "185.239.239.35:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/185.239.239.35#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:59", "1747149", "47.109.148.39:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 04:01:38", "50", "False", "https://www.shodan.io/host/47.109.148.39#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:58", "1747148", "91.92.243.10:1234", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260213-hltr3aex7f", "quasar", "0", "dyingbreeds_" "2026-02-13 07:00:53", "1747147", "217.217.254.115:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/217.217.254.115#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:46", "1747146", "164.92.151.15:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/164.92.151.15#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:41", "1747145", "103.245.251.195:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 04:01:38", "50", "False", "https://www.shodan.io/host/103.245.251.195#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:38", "1747144", "45.12.138.150:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:47:49", "100", "False", "https://search.censys.io/hosts/45.12.138.150", "AS209847,C2,censys,Mythic,THE", "0", "dyingbreeds_" "2026-02-13 07:00:35", "1747143", "57.129.86.34:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/57.129.86.34#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:32", "1747142", "102.117.163.154:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:43:06", "100", "False", "https://search.censys.io/hosts/102.117.163.154", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "dyingbreeds_" "2026-02-13 07:00:30", "1747141", "150.136.164.223:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/150.136.164.223#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:26", "1747140", "121.43.182.95:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/121.43.182.95#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:24", "1747139", "45.66.164.17:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-15 03:47:56", "100", "False", "https://search.censys.io/hosts/45.66.164.17", "AS63023,C2,censys,Mythic", "0", "dyingbreeds_" "2026-02-13 07:00:22", "1747138", "34.87.24.96:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 04:01:39", "50", "False", "https://www.shodan.io/host/34.87.24.96#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:18", "1747137", "194.164.123.21:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/194.164.123.21#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:15", "1747136", "80.91.79.31:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/80.91.79.31#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:14", "1747135", "212.86.116.106:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/212.86.116.106#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:12", "1747134", "5.199.173.120:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/5.199.173.120#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:11", "1747133", "45.112.194.82:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 04:01:39", "50", "False", "https://www.shodan.io/host/45.112.194.82#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:09", "1747132", "95.214.181.93:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-15 04:01:39", "50", "False", "https://www.shodan.io/host/95.214.181.93#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:07", "1747130", "213.176.16.120:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/213.176.16.120#31337", "c2,shodan,sliver", "0", "juroots" "2026-02-13 07:00:07", "1747131", "106.13.223.195:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 08:01:11", "100", "False", "https://search.censys.io/hosts/106.13.223.195", "AS38365,C2,censys", "0", "dyingbreeds_" "2026-02-13 06:59:47", "1747129", "50.212.4.1:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/50.212.4.1#8081", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:45", "1747128", "114.66.31.135:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/114.66.31.135#443", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:42", "1747127", "101.34.92.139:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:47", "50", "False", "https://www.shodan.io/host/101.34.92.139#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:41", "1747126", "117.72.191.140:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:46", "50", "False", "https://www.shodan.io/host/117.72.191.140#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:39", "1747125", "103.69.194.63:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/103.69.194.63#443", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:37", "1747124", "52.151.31.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:45", "50", "False", "https://www.shodan.io/host/52.151.31.52#443", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:36", "1747122", "78.192.214.83:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/78.192.214.83#443", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:36", "1747123", "52.151.31.52:2222", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/52.151.31.52#2222", "c2,cobaltstrike,shodan", "0", "juroots" "2026-02-13 06:59:13", "1747121", "117.72.191.140:8028", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-15 04:01:16", "50", "False", "https://www.shodan.io/host/117.72.191.140#8028", "c2,cobaltstrike,cs-watermark-391144938,shodan", "0", "juroots" "2026-02-13 06:58:36", "1747119", "172.245.242.117:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:42", "50", "False", "https://www.shodan.io/host/172.245.242.117#8443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2026-02-13 06:58:31", "1747118", "156.234.247.125:38080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:44", "50", "False", "https://www.shodan.io/host/156.234.247.125#38080", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2026-02-13 06:58:30", "1747117", "23.235.179.112:38080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:44", "50", "False", "https://www.shodan.io/host/23.235.179.112#38080", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2026-02-13 06:58:29", "1747116", "23.226.58.237:38080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-13 06:59:43", "50", "False", "https://www.shodan.io/host/23.226.58.237#38080", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2026-02-13 06:58:23", "1747115", "104.248.223.60:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 15:11:18", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2026-02-13 06:58:20", "1747114", "112.125.18.189:9998", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2026-02-13 06:58:17", "1747113", "120.55.195.205:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-14 15:11:15", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2026-02-13 06:10:35", "1747062", "206.123.145.65:6621", "ip:port", "botnet_cc", "win.mirai", "None", "Mirai", "", "100", "False", "https://www.threat.rip/file/9a1bd4bf9ecb0a37952279df8d813f3e1bcdc32a33cf133063007c05fc4dbe78/config", "BOTNET,DEFENSE_EVASION,DISCOVERY,LINUX,MIRAI", "0", "Neiki" "2026-02-13 06:10:35", "1747064", "87.242.106.13:21285", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://www.threat.rip/file/a87fed3ea0827996de35553d510511d517a64757eb82386db710fbefb0dc83d3/config", "AUTO-SCH,EXECUTION,PERSISTENCE,RAT,SHEET,SHEETRAT,TROJAN", "0", "Neiki" "2026-02-13 06:10:32", "1747087", "38.60.134.155:12121", "ip:port", "botnet_cc", "win.mirai", "None", "Mirai", "", "100", "False", "https://www.threat.rip/file/8f3840174b5d8d5cef2bd978c79841f161a68e0cde8b6556906a1b1051df6744/config", "BOTNET,DEFENSE_EVASION,DISCOVERY,LINUX,MIRAI", "0", "Neiki" "2026-02-13 06:10:29", "1747094", "82.165.51.16:7974", "ip:port", "botnet_cc", "win.nworm", "nw0rm,NWorm", "N-W0rm", "", "100", "False", "https://www.threat.rip/file/55b60e27eae1f9fdd63470a9553dc0a3e0750c0ff8d079a016663c1e8db78b55/config", "AHK,ANTI-EVASION,AUTO-REG,AUTO-STARTUP,DEFENSE_EVASION,DISCOVERY,DOWNLOADER,EXECUTION,nworm", "0", "Neiki" "2026-02-13 06:10:28", "1747096", "82.165.51.16:1981", "ip:port", "botnet_cc", "win.nworm", "nw0rm,NWorm", "N-W0rm", "", "100", "False", "https://www.threat.rip/file/55b60e27eae1f9fdd63470a9553dc0a3e0750c0ff8d079a016663c1e8db78b55/config", "AHK,ANTI-EVASION,AUTO-REG,AUTO-STARTUP,DEFENSE_EVASION,DISCOVERY,DOWNLOADER,EXECUTION,nworm", "0", "Neiki" "2026-02-13 06:10:26", "1747098", "82.165.51.16:6000", "ip:port", "botnet_cc", "win.nworm", "nw0rm,NWorm", "N-W0rm", "", "100", "False", "https://www.threat.rip/file/55b60e27eae1f9fdd63470a9553dc0a3e0750c0ff8d079a016663c1e8db78b55/config", "AHK,ANTI-EVASION,AUTO-REG,AUTO-STARTUP,DEFENSE_EVASION,DISCOVERY,DOWNLOADER,EXECUTION,nworm", "0", "Neiki" "2026-02-13 06:09:57", "1747056", "209.25.140.20:1025", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/2f4943b7dbb6a451e558c82943236956a3737e19fa261e8966f49fc84411db34/config", "AUTO-REG,AUTO-STARTUP,EVASION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-13 06:09:56", "1747055", "209.25.140.20:1028", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/40852da996f6e1f75dc674eb9b57a59a05aa86b42b560b3723bb4f59285ba349/config", "AUTO-REG,AUTO-STARTUP,EVASION,RAT,TROJAN,XWORM", "0", "Neiki" "2026-02-13 06:09:55", "1747053", "146.59.151.2:14433", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-14 11:44:59", "100", "False", "https://www.threat.rip/file/a0bb1a57ce9f24c426e6a396bece5ad8ff28e04789c83ebae2180c2a8b51d881/config", "AUTO-REG,AUTO-STARTUP,BINDER,DEFENSE_EVASION,DISCOVERY,EVASION,EXECUTION,GENERIC,xworm", "0", "Neiki" "2026-02-13 06:09:53", "1747052", "51.89.23.91:14433", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://www.threat.rip/file/a0bb1a57ce9f24c426e6a396bece5ad8ff28e04789c83ebae2180c2a8b51d881/config", "AUTO-REG,AUTO-STARTUP,BINDER,DEFENSE_EVASION,DISCOVERY,EVASION,EXECUTION,GENERIC,xworm", "0", "Neiki" "2026-02-13 06:09:48", "1747036", "185.208.156.187:8771", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-13 07:38:07", "100", "False", "https://www.threat.rip/file/bf9ebf995e7ddb5222f0aadd2dade006ac376fc8e26555fba5dbcd0403edd1f8/config", "AUTOIT,RAT,REMCOS", "0", "Neiki" "2026-02-13 06:09:46", "1747031", "52.28.247.255:10859", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "https://www.threat.rip/file/642814a99cb7c8afa90d4058da672a3bbb908dd75d5cdedbd13b760fb07cdbeb/config", "AUTO-REG,AUTO-STARTUP,BLADABINDI,DEFENSE_EVASION,DISCOVERY,HACKED,NJRAT,PERSISTENCE", "0", "Neiki" "2026-02-13 06:09:44", "1747029", "185.53.179.128:443", "ip:port", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "False", "https://www.threat.rip/file/bc4938515098bc1f4081cd3f32d2021ccdfbe77973a5724b48532d04f9a19fd4/config", "ARCH-DOC,ARCH-EXEC,DISCOVERY,FINGERPRINTING,LUMMA,STEALER", "0", "Neiki" "2026-02-13 06:09:41", "1747010", "91.92.241.159:18129", "ip:port", "botnet_cc", "win.mirai", "None", "Mirai", "", "100", "False", "https://www.threat.rip/file/1e1b81b52962d3594db6f023a96a29b4b42ec4d6f2c82f59cde7f58155d265b3/config", "BOTNET,DEFENSE_EVASION,DISCOVERY,LINUX,MIRAI,UPX", "0", "Neiki" "2026-02-13 06:09:38", "1747008", "192.169.69.26:7839", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://www.threat.rip/file/9ff72e851d121f9266f05f6564f6c84c06d6f062a6e62a937ce6edefdbd9dc69/config", "DISCOVERY,RAT,REMCOS,REMOTEHOST", "0", "Neiki" "2026-02-13 06:09:14", "1746944", "193.58.121.235:52162", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://www.threat.rip/file/cb95df583132c48c1d581ed88fd31b15f69c53bb1330546377ed32558af01b75/config", "ASYNCRAT,AUTO-SCH,DEFENSE_EVASION,DISCOVERY,EVASION,EXECUTION,PERSISTENCE", "0", "Neiki" "2026-02-13 06:09:09", "1746953", "198.46.173.21:4607", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-15 04:01:33", "100", "False", "https://www.threat.rip/file/8f8028d875820d3ee93b3d82dfbbf0cfc9a37400cb8cec5bcd4b893c19c1fa36/config", "DISCOVERY,EXECUTION,OYEEGO,RAT,REMCOS", "0", "Neiki" "2026-02-13 06:09:07", "1746968", "158.94.210.195:1312", "ip:port", "botnet_cc", "win.mirai", "None", "Mirai", "", "100", "False", "https://www.threat.rip/file/99fbcc2aa0582ff5e0a38d83b10c6b0886a45a8979d2b1e37a5e6d1dddcaa6a7/config", "ANTIVM,BOTNET,DEFENSE_EVASION,DISCOVERY,LINUX,MIRAI,SORA,UPX", "0", "Neiki" "2026-02-13 06:08:53", "1746996", "158.94.210.195:1024", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "Mirai", "0", "elfdigest" "2026-02-13 06:08:52", "1747019", "158.94.210.195:3007", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle" "2026-02-13 06:08:50", "1747063", "45.83.207.188:1312", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "None", "Mirai", "0", "elfdigest" "2026-02-13 06:02:58", "1747104", "185.242.3.72:1003", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2026-02-13 07:02:53", "100", "False", "https://tria.ge/260213-ezskdabt2a", "C2,triage,xworm", "0", "DonPasci" "2026-02-13 05:08:16", "1747091", "192.252.181.4:8089", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/516201070aaa2085711cd65d71b59ae200cd1894a7b2f28a7c1ee4560fb6d5ae/", "valleyrat_s2", "0", "abuse_ch" "2026-02-13 05:08:13", "1747090", "192.252.181.4:3389", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/516201070aaa2085711cd65d71b59ae200cd1894a7b2f28a7c1ee4560fb6d5ae/", "valleyrat_s2", "0", "abuse_ch" # Number of entries: 451