################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2025-01-23 00:06:05 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-01-23 00:06:05", "1391816", "176.100.37.89:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/176.100.37.89", "AS58087,censys,EvilGinx,FLORIANKOLB,panel,Phishing", "0", "DonPasci" "2025-01-23 00:05:20", "1391815", "159.65.230.103:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/159.65.230.103", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci" "2025-01-23 00:05:13", "1391814", "45.202.32.96:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/45.202.32.96", "AS215208,C2,censys,DOLPHINNETWORKS,Hookbot", "0", "DonPasci" "2025-01-23 00:05:10", "1391811", "182.60.9.165:808", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:10", "1391812", "182.60.9.165:6006", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:10", "1391813", "182.60.9.165:8088", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:09", "1391808", "182.60.9.165:9720", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:09", "1391809", "182.60.9.165:3390", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:09", "1391810", "182.60.9.165:6379", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:08", "1391804", "182.60.9.165:143", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:08", "1391805", "182.60.9.165:1357", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:08", "1391806", "182.60.9.165:2405", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:08", "1391807", "182.60.9.165:3490", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:07", "1391801", "182.60.9.165:9315", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:07", "1391802", "182.60.9.165:11102", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:07", "1391803", "182.60.9.165:16992", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:06", "1391797", "182.60.9.165:5856", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:06", "1391798", "182.60.9.165:6346", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:06", "1391799", "182.60.9.165:8081", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:06", "1391800", "182.60.9.165:6518", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:05", "1391794", "182.60.9.165:1912", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:05", "1391795", "182.60.9.165:1961", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:05", "1391796", "182.60.9.165:2077", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:04", "1391791", "182.60.9.165:14265", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:04", "1391792", "182.60.9.165:12000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:04", "1391793", "182.60.9.165:16609", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:03", "1391787", "182.60.9.165:4840", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:03", "1391788", "182.60.9.165:4841", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:03", "1391789", "182.60.9.165:11103", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:03", "1391790", "182.60.9.165:13609", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:01", "1391785", "182.60.9.165:10944", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:01", "1391786", "182.60.9.165:2628", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:00", "1391781", "182.60.9.165:5982", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:00", "1391782", "182.60.9.165:6667", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:00", "1391783", "182.60.9.165:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:05:00", "1391784", "182.60.9.165:9090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:59", "1391777", "182.60.9.165:554", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:59", "1391778", "182.60.9.165:2454", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:59", "1391779", "182.60.9.165:15582", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:59", "1391780", "182.60.9.165:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:58", "1391775", "182.60.9.165:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:58", "1391776", "182.60.9.165:389", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.60.9.165", "AS9829,BSNL-NIB,C2,censys,Mythic", "0", "DonPasci" "2025-01-23 00:04:49", "1391773", "128.90.122.59:5555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.122.59", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-01-23 00:04:49", "1391774", "185.206.148.210:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/185.206.148.210", "AS212027,AsyncRAT,C2,censys,PEBBLEHOST,RAT", "0", "DonPasci" "2025-01-23 00:04:16", "1391772", "64.176.5.245:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/64.176.5.245", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci" "2025-01-22 22:10:23", "1391750", "20.124.90.24:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/20.124.90.24", "AS8075,c2,censys,cobaltstrike,cs-watermark-987654321,MICROSOFT-CORP-MSN-AS-BLOCK,US", "0", "DonPasci" "2025-01-22 20:47:47", "1391721", "160.179.160.252:10134", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "50", "https://www.shodan.io/host/160.179.160.252#10134", "c2,orcus,shodan", "0", "juroots" "2025-01-22 20:47:07", "1391720", "188.166.149.250:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 20:46:16", "1391719", "95.10.41.28:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 20:46:04", "1391718", "85.31.47.104:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 20:45:44", "1391717", "54.95.38.246:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch" "2025-01-22 20:45:31", "1391716", "46.246.245.32:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 20:44:51", "1391715", "27.64.99.119:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 20:44:35", "1391714", "201.103.172.59:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 20:43:59", "1391713", "176.44.93.183:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 20:06:28", "1391667", "69.46.15.169:80", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/69.46.15.169", "AS29802,BianLian,C2,censys,HVC-AS", "0", "DonPasci" "2025-01-22 20:06:28", "1391668", "69.46.15.169:3389", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/69.46.15.169", "AS29802,BianLian,C2,censys,HVC-AS", "0", "DonPasci" "2025-01-22 20:06:28", "1391669", "162.252.173.100:80", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/162.252.173.100", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci" "2025-01-22 20:05:18", "1391666", "46.246.14.9:5000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.246.14.9", "AS42708,C2,censys,DcRAT,GLESYS,RAT", "0", "DonPasci" "2025-01-22 20:05:17", "1391665", "170.238.45.112:6000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/170.238.45.112", "AS263508,C2,censys,DcRAT,RAT,SIMNET", "0", "DonPasci" "2025-01-22 20:04:54", "1391664", "181.162.155.66:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/181.162.155.66", "AS7418,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci" "2025-01-22 20:04:32", "1391663", "194.26.192.99:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/194.26.192.99", "AS210558,AsyncRAT,C2,censys,RAT,SERVICES-1337-GMBH", "0", "DonPasci" "2025-01-22 20:03:57", "1391662", "194.59.31.139:46530", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/194.59.31.139", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci" "2025-01-22 20:03:56", "1391659", "77.91.70.254:24046", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/77.91.70.254", "AEZA-AS,AS210644,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-01-22 20:03:56", "1391660", "186.169.34.70:8888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/186.169.34.70", "AS3816,C2,censys,COLOMBIA,RAT,Remcos", "0", "DonPasci" "2025-01-22 20:03:56", "1391661", "213.159.66.34:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/213.159.66.34", "AS44477,C2,censys,RAT,Remcos,STARK-INDUSTRIES", "0", "DonPasci" "2025-01-22 20:03:34", "1391658", "8.219.211.139:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.219.211.139", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-01-22 20:03:30", "1391656", "31.57.102.138:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/31.57.102.138", "AS15440,BALTNETA,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-22 20:03:30", "1391657", "156.238.249.185:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/156.238.249.185", "AS8796,C2,censys,CobaltStrike,cs-watermark-987654321,FD-298-8796", "0", "DonPasci" "2025-01-22 19:44:28", "1391653", "31.202.43.10:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/31.202.43.10#1604", "c2,darkcomet,shodan", "0", "juroots" "2025-01-22 19:44:08", "1391652", "13.247.185.57:11", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/13.247.185.57#11", "c2,netsupport,shodan", "0", "juroots" "2025-01-22 19:43:42", "1391651", "4.228.230.190:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/4.228.230.190#4443", "c2,shodan,villain", "0", "juroots" "2025-01-22 19:42:54", "1391650", "92.51.2.17:84", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/92.51.2.17#84", "c2,cobaltstrike,cs-watermark-1580103824,shodan", "0", "juroots" "2025-01-22 18:48:34", "1391649", "154.37.223.57:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 18:41:18", "1391592", "64.176.183.187:38990", "ip:port", "botnet_cc", "elf.pink", "None", "Pink", "", "100", "None", "None", "0", "Bitsight" "2025-01-22 17:48:27", "1391633", "47.97.153.87:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 17:48:20", "1391632", "45.91.81.246:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 17:48:12", "1391631", "39.98.40.53:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 17:48:06", "1391630", "23.27.48.4:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 17:47:00", "1391628", "93.82.24.249:8000", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch" "2025-01-22 17:46:49", "1391623", "85.31.47.149:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:49", "1391624", "85.31.47.208:222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:49", "1391625", "85.31.47.208:2222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:49", "1391626", "85.31.47.208:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:49", "1391627", "85.31.47.208:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:48", "1391622", "85.31.47.121:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "75", "None", "drb-ra,Hook", "0", "abuse_ch" "2025-01-22 17:46:43", "1391621", "81.17.31.98:1124", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-01-22 17:46:35", "1391620", "75.2.86.109:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-22 17:46:34", "1391619", "70.31.125.180:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 17:46:31", "1391618", "66.55.74.235:8000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:20", "1391617", "50.35.140.145:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 17:46:19", "1391614", "5.78.46.203:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-01-22 17:46:19", "1391615", "5.8.63.178:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "", "75", "None", "drb-ra,RansomHub", "0", "abuse_ch" "2025-01-22 17:46:19", "1391616", "50.35.138.102:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 17:46:18", "1391613", "5.35.36.120:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch" "2025-01-22 17:46:06", "1391611", "45.82.85.50:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "", "75", "None", "drb-ra,RansomHub", "0", "abuse_ch" "2025-01-22 17:46:06", "1391612", "45.83.31.62:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 17:46:05", "1391610", "45.82.85.50:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "", "75", "None", "drb-ra,RansomHub", "0", "abuse_ch" "2025-01-22 17:45:38", "1391609", "3.94.26.46:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch" "2025-01-22 17:45:37", "1391608", "3.86.153.4:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-01-22 17:45:08", "1391607", "2.58.56.182:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-01-22 17:25:01", "1391595", "34.168.112.184:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/34.168.112.184#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 17:24:28", "1391594", "38.207.177.166:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/38.207.177.166#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-22 17:23:58", "1391593", "92.51.2.17:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/92.51.2.17#443", "c2,cobaltstrike,cs-watermark-1580103824,shodan", "0", "juroots" "2025-01-22 17:12:04", "1391589", "138.124.101.41:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "50", "https://tracker.viriback.com/index.php?q=138.124.101.41", "Meduza,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:04", "1391590", "66.63.187.173:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "50", "https://tracker.viriback.com/index.php?q=66.63.187.173", "Meduza,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:04", "1391591", "45.130.145.152:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "50", "https://tracker.viriback.com/index.php?q=45.130.145.152", "Meduza,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:03", "1391581", "52.87.248.40:80", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "", "50", "https://tracker.viriback.com/index.php?q=52.87.248.40", "Chaos,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:03", "1391582", "62.60.226.62:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "50", "https://tracker.viriback.com/index.php?q=62.60.226.62", "Meduza,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:03", "1391584", "87.120.112.242:8000", "ip:port", "botnet_cc", "win.spectre", "None", "Spectre Rat", "", "50", "https://tracker.viriback.com/index.php?q=87.120.112.242", "Spectre,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:02", "1391579", "185.196.8.37:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "", "50", "https://tracker.viriback.com/index.php?q=185.196.8.37", "Amadey,ViriBack", "0", "abuse_ch" "2025-01-22 17:12:02", "1391580", "94.156.177.41:80", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "50", "https://tracker.viriback.com/index.php?q=94.156.177.41", "Lokibot,ViriBack", "0", "abuse_ch" "2025-01-22 17:11:02", "1391576", "144.202.34.169:443", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "None", "Emotet", "0", "abuse_ch" "2025-01-22 17:10:22", "1391571", "85.235.74.64:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/3e76598b8086857c38e2016dc729fa4879136e46b6f5962ff0b042ef35666b50/", "asyncrat", "0", "abuse_ch" "2025-01-22 17:10:22", "1391573", "90.113.178.145:9033", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "75", "https://bazaar.abuse.ch/sample/1a9dc2fbfe2257278e6452872cdbd18c50bf5c7142dd04c772f1633a7f20fd0d/", "nanocore", "0", "abuse_ch" "2025-01-22 17:10:21", "1391570", "45.137.22.227:55615", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-01-22 17:10:18", "1391566", "95.211.182.120:1967", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-01-22 17:10:18", "1391567", "147.185.221.25:15719", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-01-22 17:10:16", "1391564", "73.63.222.152:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-01-22 17:10:14", "1391562", "104.155.138.21:6988", "ip:port", "botnet_cc", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "100", "None", "NetWire,RAT", "0", "abuse_ch" "2025-01-22 17:10:13", "1391560", "87.120.125.185:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-01-22 17:10:13", "1391561", "192.144.32.84:16383", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-01-22 16:49:49", "1391559", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:45", "1391558", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:43", "1391557", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:42", "1391556", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:32", "1391555", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:12", "1391553", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:12", "1391554", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:11", "1391552", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:49:04", "1391551", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 16:47:35", "1391549", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 16:47:13", "1391548", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 16:46:58", "1391547", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 16:46:56", "1391546", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 16:46:54", "1391545", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 16:46:50", "1391544", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 16:46:29", "1391543", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 16:23:27", "1391541", "92.255.85.66:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/0f10d6cbaf195a7b0c9f708b7f0a225e2de29beb769bdf8d1652b682b1c4679f/", "booking.com,ClickFix,FakeCaptcha,XWorm", "0", "abuse_ch" "2025-01-22 16:04:49", "1391540", "5.22.211.97:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/5.22.211.97", "AS202053,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUD", "0", "DonPasci" "2025-01-22 16:04:31", "1391539", "156.238.253.27:808", "ip:port", "botnet_cc", "elf.kaiji", "None", "Kaiji", "", "100", "https://search.censys.io/hosts/156.238.253.27", "AS8796,C2,censys,FD-298-8796", "0", "DonPasci" "2025-01-22 16:04:25", "1391538", "15.237.45.6:17778", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/15.237.45.6", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-22 16:04:21", "1391537", "5.101.150.252:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/5.101.150.252", "AS42831,C2,censys,Havoc,UKSERVERS-AS", "0", "DonPasci" "2025-01-22 16:04:20", "1391536", "13.201.30.7:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/13.201.30.7", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-01-22 16:03:29", "1391535", "94.156.167.138:8085", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/94.156.167.138", "AS401120,C2,censys,CHEAPY-HOST,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-22 15:49:42", "1391534", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:38", "1391533", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:36", "1391532", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:35", "1391531", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:28", "1391530", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:05", "1391527", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:05", "1391528", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:49:05", "1391529", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:48:59", "1391526", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 15:47:41", "1391524", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 15:47:15", "1391523", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 15:46:58", "1391522", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 15:46:55", "1391521", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 15:46:54", "1391520", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 15:46:48", "1391519", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 15:46:18", "1391518", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 14:50:07", "1391513", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:59", "1391512", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:57", "1391511", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:56", "1391510", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:47", "1391509", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:26", "1391506", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:26", "1391507", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:26", "1391508", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:49:21", "1391505", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 14:48:05", "1391503", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 14:47:41", "1391502", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 14:47:27", "1391501", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 14:47:23", "1391500", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 14:47:21", "1391499", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 14:47:16", "1391498", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 14:46:52", "1391497", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 14:10:59", "1391495", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-22 14:10:38", "1391494", "2.143.95.145:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/2.143.95.145#6001", "c2,netsupport,shodan", "0", "juroots" "2025-01-22 14:09:19", "1391487", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 14:09:19", "1391488", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 13:50:19", "1391480", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:50:13", "1391479", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:50:11", "1391478", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:50:09", "1391477", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:49:57", "1391476", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:49:26", "1391473", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:49:26", "1391474", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:49:26", "1391475", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:49:20", "1391472", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 13:47:56", "1391470", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 13:47:28", "1391469", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 13:47:14", "1391468", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 13:47:11", "1391467", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 13:47:09", "1391466", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 13:47:07", "1391465", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 13:46:44", "1391464", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 13:10:12", "1391461", "45.137.22.227:55615", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-01-22 12:49:14", "1391460", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:49:10", "1391459", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:49:08", "1391458", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:49:07", "1391457", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:59", "1391456", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:36", "1391454", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:36", "1391455", "38.207.178.43:8813", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:35", "1391452", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:35", "1391453", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:31", "1391451", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:21", "1391450", "163.181.228.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:19", "1391449", "155.102.0.179:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:48:05", "1391448", "121.4.99.161:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 12:47:20", "1391443", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 12:47:00", "1391442", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 12:46:46", "1391441", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 12:46:44", "1391440", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 12:46:42", "1391439", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 12:46:38", "1391438", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 12:46:17", "1391437", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 12:04:24", "1391433", "87.120.112.109:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/87.120.112.109", "AS401115,C2,censys,Covenant,EKABI", "0", "DonPasci" "2025-01-22 12:00:12", "1391430", "147.185.221.25:15719", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-01-22 11:50:11", "1391429", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:50:07", "1391428", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:50:05", "1391427", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:50:03", "1391426", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:49:55", "1391425", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:49:29", "1391424", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:49:28", "1391422", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:49:28", "1391423", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:49:20", "1391421", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 11:47:57", "1391419", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 11:47:31", "1391418", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 11:47:14", "1391417", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 11:47:11", "1391416", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 11:47:09", "1391415", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 11:47:05", "1391414", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 11:46:38", "1391413", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 10:57:44", "1391408", "173.211.106.101:1245", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://any.run/cybersecurity-blog/invisibleferret-malware-analysis/", "anyrun,invisbleferret", "0", "juroots" "2025-01-22 10:51:00", "1391395", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-22 10:50:40", "1391394", "13.208.125.136:44158", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/13.208.125.136#44158", "c2,netsupport,shodan", "0", "juroots" "2025-01-22 10:50:24", "1391393", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:50:20", "1391392", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:50:18", "1391391", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:50:16", "1391390", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:50:11", "1391389", "95.211.182.120:1967", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-01-22 10:50:04", "1391388", "88.218.170.171:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/88.218.170.171#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-22 10:50:01", "1391387", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:49:37", "1391386", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:49:36", "1391384", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:49:36", "1391385", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:49:30", "1391383", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 10:49:07", "1391381", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 10:49:07", "1391382", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 10:48:06", "1391379", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 10:47:38", "1391378", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 10:47:22", "1391377", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 10:47:19", "1391376", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 10:47:17", "1391375", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 10:47:11", "1391374", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 10:46:43", "1391373", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 09:50:08", "1391371", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:50:00", "1391370", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:58", "1391368", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:58", "1391369", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:48", "1391367", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:25", "1391364", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:25", "1391365", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:25", "1391366", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:49:19", "1391363", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 09:47:52", "1391361", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 09:47:30", "1391360", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 09:47:17", "1391359", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 09:47:14", "1391358", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 09:47:12", "1391357", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 09:47:08", "1391356", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 09:46:43", "1391355", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 08:47:38", "1391317", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:36", "1391316", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:34", "1391315", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:33", "1391314", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:28", "1391313", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:13", "1391310", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:13", "1391311", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:13", "1391312", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:47:08", "1391309", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 08:46:56", "1391308", "15.207.222.135:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-01-22 08:46:14", "1391306", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 08:45:57", "1391305", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 08:45:47", "1391304", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 08:45:45", "1391303", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 08:45:44", "1391302", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 08:45:41", "1391301", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 08:45:25", "1391300", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 08:45:08", "1391299", "38.253.28.229:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-22 08:44:37", "1391298", "2.88.143.105:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-22 08:43:46", "1391297", "155.138.253.99:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch" "2025-01-22 08:38:59", "1391294", "1.92.139.71:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch" "2025-01-22 08:38:59", "1391295", "113.44.152.64:10001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-01-22 08:38:59", "1391296", "47.238.68.246:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-22 08:38:46", "1391293", "47.99.151.120:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-22 08:17:06", "1391292", "31.13.224.69:49731", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/213c34ab1eda72f790c39e5bfca8e3a633bceef35d0990a422f36842d54810cc/", "AsyncRAT,RAT", "0", "abuse_ch" "2025-01-22 08:04:30", "1391287", "195.177.95.27:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/195.177.95.27", "AS214943,C2,censys,Ermac,panel,RAILNET", "0", "DonPasci" "2025-01-22 08:04:30", "1391288", "91.208.206.85:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/91.208.206.85", "ALEXHOST,AS200019,C2,censys,Ermac,panel", "0", "DonPasci" "2025-01-22 08:04:20", "1391286", "46.183.220.18:42228", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/46.183.220.18", "AS52048,C2,censys,Quasar,RAT,RIXHOST", "0", "DonPasci" "2025-01-22 08:04:19", "1391285", "91.208.206.85:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/91.208.206.85", "ALEXHOST,AS200019,C2,censys,Hookbot", "0", "DonPasci" "2025-01-22 08:04:14", "1391282", "45.126.208.175:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/45.126.208.175", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-01-22 08:04:14", "1391283", "85.239.237.148:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/85.239.237.148", "AS40021,AsyncRAT,C2,censys,NL-811-40021,RAT", "0", "DonPasci" "2025-01-22 08:04:14", "1391284", "103.195.101.225:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/103.195.101.225", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-01-22 08:04:13", "1391281", "109.248.151.159:1005", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/109.248.151.159", "AS52048,AsyncRAT,C2,censys,RAT,RIXHOST", "0", "DonPasci" "2025-01-22 08:04:11", "1391280", "47.112.118.101:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.112.118.101", "ALIBABA-CN-NET,AS37963,C2,censys,Supershell", "0", "DonPasci" "2025-01-22 08:04:08", "1391279", "192.227.249.119:6666", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/192.227.249.119", "AS-COLOCROSSING,AS36352,C2,censys,payload,Sliver", "0", "DonPasci" "2025-01-22 08:03:50", "1391278", "8.134.220.192:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/8.134.220.192", "ALIBABA-CN-NET,AS37963,C2,censys,open-dir,payload,Sliver", "0", "DonPasci" "2025-01-22 08:03:45", "1391276", "178.73.218.5:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/178.73.218.5", "AS42708,C2,censys,GLESYS,RAT,Remcos", "0", "DonPasci" "2025-01-22 08:03:27", "1391275", "121.37.170.202:60020", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/121.37.170.202", "AS55990,C2,censys,CobaltStrike,cs-watermark-391144938,HWCSNET", "0", "DonPasci" "2025-01-22 07:47:24", "1391274", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:47:21", "1391273", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:47:20", "1391271", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:47:20", "1391272", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:47:14", "1391270", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:46:59", "1391267", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:46:59", "1391268", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:46:59", "1391269", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:46:55", "1391266", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 07:46:03", "1391264", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 07:45:47", "1391263", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 07:45:38", "1391262", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 07:45:36", "1391261", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 07:45:35", "1391260", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 07:45:32", "1391259", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 07:45:15", "1391258", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 07:07:26", "1391171", "202.95.15.194:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/202.95.15.194", "AS152194,censys,Viper", "0", "dyingbreeds_" "2025-01-22 07:07:26", "1391172", "104.194.9.75:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.194.9.75", "AS23470,censys,RELIABLESITE,Viper", "0", "dyingbreeds_" "2025-01-22 07:07:25", "1391173", "202.95.15.197:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/202.95.15.197", "AS152194,censys,Viper", "0", "dyingbreeds_" "2025-01-22 07:07:25", "1391174", "202.95.15.193:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/202.95.15.193", "AS152194,censys,Viper", "0", "dyingbreeds_" "2025-01-22 07:07:25", "1391175", "13.239.83.148:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.239.83.148", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:24", "1391176", "18.117.181.112:8082", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.117.181.112", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:23", "1391178", "3.255.138.152:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.255.138.152", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:23", "1391180", "64.227.134.241:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/64.227.134.241", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:22", "1391177", "141.100.235.131:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/141.100.235.131", "AS8365,censys,GoPhish,MANDA,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:20", "1391179", "46.105.51.89:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.105.51.89", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:20", "1391181", "18.254.2.172:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.254.2.172", "AS8987,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:19", "1391182", "138.197.50.3:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/138.197.50.3", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:19", "1391183", "129.148.35.169:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/129.148.35.169", "AS31898,censys,GoPhish,ORACLE-BMC-31898,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:19", "1391184", "43.202.201.202:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.202.201.202", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:18", "1391185", "161.35.72.122:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.72.122", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-22 07:07:15", "1391249", "104.248.130.195:88", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-22 07:07:14", "1391253", "172.86.108.55:7771", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "", "None", "0", "lontze7" "2025-01-22 07:07:13", "1391255", "134.209.99.214:1337", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "", "None", "0", "lontze7" "2025-01-22 06:48:18", "1391243", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-22 06:47:28", "1391242", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:25", "1391241", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:24", "1391240", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:23", "1391239", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:18", "1391238", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:03", "1391235", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:03", "1391236", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:47:03", "1391237", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:46:59", "1391234", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 06:46:30", "1391231", "94.110.195.220:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/94.110.195.220#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 06:46:30", "1391232", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 06:46:30", "1391233", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-22 06:46:07", "1391229", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 06:45:50", "1391228", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 06:45:40", "1391227", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 06:45:38", "1391226", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 06:45:37", "1391225", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 06:45:35", "1391224", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 06:45:18", "1391223", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 06:45:07", "1391222", "73.63.222.152:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-01-22 06:18:09", "1391208", "74.178.90.36:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/MAILBOMB-TEAMS-RANSOMWARE.csv", "c2,STAC5777", "0", "juroots" "2025-01-22 06:18:09", "1391209", "195.123.241.24:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/MAILBOMB-TEAMS-RANSOMWARE.csv", "c2,STAC5777", "0", "juroots" "2025-01-22 06:18:09", "1391210", "207.90.238.46:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/MAILBOMB-TEAMS-RANSOMWARE.csv", "c2,STAC5777", "0", "juroots" "2025-01-22 06:00:09", "1391207", "90.113.178.145:9033", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "75", "https://bazaar.abuse.ch/sample/1a9dc2fbfe2257278e6452872cdbd18c50bf5c7142dd04c772f1633a7f20fd0d/", "nanocore", "0", "abuse_ch" "2025-01-22 05:47:21", "1391205", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:47:19", "1391204", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:47:18", "1391203", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:47:17", "1391202", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:47:12", "1391201", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:46:57", "1391198", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:46:57", "1391199", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:46:57", "1391200", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:46:53", "1391197", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 05:46:02", "1391195", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 05:45:46", "1391194", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 05:45:36", "1391193", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 05:45:34", "1391192", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 05:45:33", "1391191", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 05:45:31", "1391190", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 05:45:13", "1391189", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 05:40:08", "1391186", "85.235.74.64:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/3e76598b8086857c38e2016dc729fa4879136e46b6f5962ff0b042ef35666b50/", "asyncrat", "0", "abuse_ch" "2025-01-22 04:47:34", "1391169", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:32", "1391168", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:31", "1391167", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:30", "1391166", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:25", "1391165", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:10", "1391162", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:10", "1391163", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:10", "1391164", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:47:05", "1391161", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 04:46:14", "1391159", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 04:45:56", "1391158", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 04:45:46", "1391157", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 04:45:44", "1391156", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 04:45:43", "1391155", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 04:45:40", "1391154", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 04:45:25", "1391153", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 04:04:46", "1391151", "94.198.40.6:20022", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/94.198.40.6", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci" "2025-01-22 04:04:46", "1391152", "128.254.230.110:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/128.254.230.110", "AS-COLOCROSSING,AS36352,BianLian,C2,censys", "0", "DonPasci" "2025-01-22 04:04:27", "1391150", "94.250.203.131:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/94.250.203.131", "AS51167,C2,censys,CONTABO,moobot", "0", "DonPasci" "2025-01-22 04:04:17", "1391149", "41.216.183.202:808", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "100", "https://search.censys.io/hosts/41.216.183.202", "AS211138,C2,censys,Orcus,PRIVATEHOSTING-NET,RAT", "0", "DonPasci" "2025-01-22 04:04:11", "1391148", "102.117.161.221:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/102.117.161.221", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-01-22 04:04:08", "1391147", "141.95.114.244:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/141.95.114.244", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci" "2025-01-22 04:04:07", "1391145", "198.167.193.90:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/198.167.193.90", "ABSTRACT,AS39287,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-01-22 04:04:07", "1391146", "45.125.66.30:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/45.125.66.30", "AS133398,AsyncRAT,C2,censys,RAT,TELE-AS", "0", "DonPasci" "2025-01-22 04:03:47", "1391144", "157.173.120.37:8093", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/157.173.120.37", "AS51167,C2,censys,CONTABO,open-dir,payload,Sliver", "0", "DonPasci" "2025-01-22 04:03:44", "1391143", "87.120.112.98:8090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/87.120.112.98", "AS401115,C2,censys,EKABI,RAT,Remcos", "0", "DonPasci" "2025-01-22 04:03:28", "1391142", "154.204.177.197:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.204.177.197", "AROSS-AS,AS400619,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci" "2025-01-22 04:03:27", "1391140", "66.206.27.24:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/66.206.27.24", "AS29802,C2,censys,CobaltStrike,cs-watermark-987654321,HVC-AS", "0", "DonPasci" "2025-01-22 04:03:27", "1391141", "45.192.96.63:6001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/45.192.96.63", "AS137899,C2,censys,CobaltStrike,cs-watermark-987654321,ILAYERLIMITED-AS-AP", "0", "DonPasci" "2025-01-22 04:03:26", "1391138", "202.162.99.38:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/202.162.99.38", "AS152194,C2,censys,CobaltStrike,cs-watermark-987654321,CTGSERVERLIMITED-AS-AP", "0", "DonPasci" "2025-01-22 04:03:26", "1391139", "104.168.133.238:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/104.168.133.238", "AS54290,C2,censys,CobaltStrike,cs-watermark-987654321,HOSTWINDS", "0", "DonPasci" "2025-01-22 03:47:41", "1391137", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:38", "1391136", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:37", "1391135", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:36", "1391134", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:30", "1391133", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:15", "1391130", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:15", "1391131", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:15", "1391132", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:47:11", "1391129", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 03:46:19", "1391127", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 03:46:03", "1391126", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 03:45:52", "1391125", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 03:45:50", "1391124", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 03:45:49", "1391123", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 03:45:46", "1391122", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 03:45:31", "1391121", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 03:30:05", "1391120", "104.155.138.21:6988", "ip:port", "botnet_cc", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "100", "None", "NetWire,RAT", "0", "abuse_ch" "2025-01-22 03:10:03", "1391119", "192.144.32.84:16383", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-01-22 02:47:21", "1391118", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:47:18", "1391117", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:47:17", "1391116", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:47:16", "1391115", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:47:15", "1391114", "8.149.128.131:14521", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:47:11", "1391113", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:46:56", "1391110", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:46:56", "1391111", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:46:56", "1391112", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:46:52", "1391109", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:46:26", "1391108", "111.229.110.232:12345", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 02:46:01", "1391106", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 02:45:46", "1391105", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 02:45:37", "1391104", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 02:45:35", "1391103", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 02:45:34", "1391102", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 02:45:31", "1391101", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 02:45:14", "1391100", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 01:47:21", "1391099", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:47:19", "1391098", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:47:18", "1391097", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:47:17", "1391096", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:47:12", "1391095", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:46:57", "1391092", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:46:57", "1391093", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:46:57", "1391094", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:46:53", "1391091", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 01:46:01", "1391089", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 01:45:46", "1391088", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 01:45:37", "1391087", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 01:45:35", "1391086", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 01:45:34", "1391085", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 01:45:32", "1391084", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 01:45:12", "1391083", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 00:47:40", "1391082", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:38", "1391081", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:37", "1391080", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:36", "1391079", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:30", "1391078", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:16", "1391075", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:16", "1391076", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:16", "1391077", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:47:12", "1391074", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-22 00:46:19", "1391072", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-22 00:46:02", "1391071", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 00:45:51", "1391070", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-22 00:45:49", "1391069", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-22 00:45:48", "1391068", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 00:45:45", "1391067", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-22 00:45:30", "1391066", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-22 00:04:45", "1391065", "94.237.76.69:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/94.237.76.69", "AS202053,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUD", "0", "DonPasci" "2025-01-22 00:04:37", "1391064", "213.153.47.41:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/213.153.47.41", "AS8445,C2,censys,Gafgyt,open-dir,SALZBURG-AG-AS", "0", "DonPasci" "2025-01-22 00:04:33", "1391063", "172.233.163.104:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.233.163.104", "AKAMAI-LINODE-AP,AS63949,censys,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-01-22 00:04:22", "1391062", "3.113.130.207:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "https://search.censys.io/hosts/3.113.130.207", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2025-01-22 00:04:20", "1391060", "46.246.80.14:9000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.246.80.14", "AS42708,C2,censys,DcRAT,GLESYS,RAT", "0", "DonPasci" "2025-01-22 00:04:20", "1391061", "46.246.6.5:8000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.246.6.5", "AS42708,C2,censys,DcRAT,GLESYS,RAT", "0", "DonPasci" "2025-01-22 00:04:19", "1391059", "171.41.199.170:25565", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/171.41.199.170", "AS4134,C2,censys,CHINANET-BACKBONE,DcRAT,RAT", "0", "DonPasci" "2025-01-22 00:04:16", "1391058", "159.65.230.103:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/159.65.230.103", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci" "2025-01-22 00:04:13", "1391057", "194.59.31.59:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/194.59.31.59", "AS399486,C2,censys,Hookbot,VIRTUO", "0", "DonPasci" "2025-01-22 00:04:12", "1391056", "138.124.54.133:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/138.124.54.133", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci" "2025-01-22 00:04:07", "1391055", "185.208.159.166:8807", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/185.208.159.166", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci" "2025-01-22 00:03:25", "1391054", "116.62.8.222:3389", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/116.62.8.222", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-21 23:47:22", "1391053", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:47:20", "1391052", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:47:18", "1391050", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:47:18", "1391051", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:47:12", "1391049", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:46:58", "1391047", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:46:58", "1391048", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:46:57", "1391046", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:46:53", "1391045", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 23:46:01", "1391043", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 23:45:46", "1391042", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 23:45:37", "1391041", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 23:45:35", "1391040", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 23:45:34", "1391039", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 23:45:31", "1391038", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 23:45:15", "1391037", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 22:47:23", "1391031", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:47:21", "1391030", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:47:20", "1391029", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:47:19", "1391028", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:47:14", "1391027", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:46:59", "1391024", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:46:59", "1391025", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:46:59", "1391026", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:46:55", "1391023", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 22:46:05", "1391021", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 22:45:49", "1391020", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 22:45:39", "1391019", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 22:45:37", "1391018", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 22:45:36", "1391017", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 22:45:34", "1391016", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 22:45:18", "1391015", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 21:47:27", "1391014", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:24", "1391013", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:23", "1391012", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:22", "1391011", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:17", "1391010", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:03", "1391007", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:03", "1391008", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:47:03", "1391009", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:46:58", "1391006", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 21:46:07", "1391004", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 21:45:51", "1391003", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 21:45:42", "1391002", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 21:45:40", "1391001", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 21:45:39", "1391000", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 21:45:36", "1390999", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 21:45:21", "1390998", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 21:00:03", "1390995", "87.120.125.185:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-01-21 20:47:43", "1390992", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:41", "1390991", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:39", "1390990", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:38", "1390989", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:33", "1390988", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:17", "1390985", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:17", "1390986", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:17", "1390987", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:47:12", "1390984", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 20:46:18", "1390982", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 20:46:00", "1390981", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 20:45:49", "1390980", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 20:45:47", "1390979", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 20:45:46", "1390978", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 20:45:44", "1390972", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 20:45:27", "1390963", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 20:44:38", "1390962", "2.88.153.41:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-21 20:32:06", "1390931", "154.213.192.22:80", "ip:port", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "50", "https://app.any.run/tasks/70656c2f-d3bd-4640-a31b-5bf7547caf68", "mirai", "0", "juroots" "2025-01-21 20:04:48", "1390928", "62.210.28.199:80", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/62.210.28.199", "AS12876,BianLian,C2,censys,Online", "0", "DonPasci" "2025-01-21 20:04:47", "1390927", "208.73.200.28:9999", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/208.73.200.28", "AS26666,BianLian,C2,censys,INTERSERVER-LAX", "0", "DonPasci" "2025-01-21 20:04:23", "1390925", "154.37.219.249:60000", "ip:port", "botnet_cc", "elf.kaiji", "None", "Kaiji", "", "100", "https://search.censys.io/hosts/154.37.219.249", "AS979,C2,censys,NETLAB-SDN", "0", "DonPasci" "2025-01-21 20:04:18", "1390924", "34.170.235.99:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "", "100", "https://search.censys.io/hosts/34.170.235.99", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Posh", "0", "DonPasci" "2025-01-21 20:04:16", "1390923", "93.232.107.71:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/93.232.107.71", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci" "2025-01-21 20:04:10", "1390922", "102.117.168.1:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/102.117.168.1", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-01-21 20:04:06", "1390921", "88.243.168.51:1010", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/88.243.168.51", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-01-21 20:04:05", "1390920", "141.95.114.244:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/141.95.114.244", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci" "2025-01-21 20:03:41", "1390919", "172.111.216.72:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/172.111.216.72", "AS3223,C2,censys,RAT,Remcos,VOXILITY", "0", "DonPasci" "2025-01-21 20:03:24", "1390918", "120.26.164.174:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/120.26.164.174", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-21 19:50:03", "1390916", "147.124.216.223:7788", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-01-21 19:47:52", "1390915", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:50", "1390914", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:48", "1390912", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:48", "1390913", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:42", "1390911", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:27", "1390908", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:27", "1390909", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:27", "1390910", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:47:22", "1390907", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 19:46:25", "1390890", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 19:46:08", "1390881", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 19:45:56", "1390880", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 19:45:54", "1390879", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 19:45:53", "1390878", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 19:45:50", "1390877", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 19:45:34", "1390876", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 19:45:09", "1390875", "213.152.187.241:12776", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/7c79a0a702c401e92aa955ac6645577d5543df9f5556c202adb53951c3acbe6a/", "remcos", "0", "abuse_ch" "2025-01-21 19:37:51", "1390871", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-21 19:36:24", "1390870", "1.92.139.71:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/1.92.139.71#4444", "c2,cobaltstrike,cs-watermark-305419896,shodan", "0", "juroots" "2025-01-21 19:35:10", "1390867", "191.232.190.243:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/191.232.190.243#4444", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-21 19:35:10", "1390868", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-21 19:35:10", "1390869", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-21 18:48:27", "1390865", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:48:24", "1390864", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:48:22", "1390863", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:48:21", "1390862", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:48:14", "1390861", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:47:54", "1390858", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:47:54", "1390859", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:47:54", "1390860", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:47:52", "1390857", "24.199.94.92:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:47:49", "1390856", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 18:46:41", "1390853", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 18:46:22", "1390852", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 18:46:11", "1390851", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 18:46:09", "1390850", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 18:46:08", "1390849", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 18:46:05", "1390848", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 18:45:46", "1390847", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 18:35:13", "1390846", "77.91.102.202:4566", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250121-vdt43stnhr", "AS44477,c2,censys,STARK-INDUSTRIES,xworm", "0", "DonPasci" "2025-01-21 17:49:29", "1390813", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:49:24", "1390812", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:49:22", "1390811", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:49:21", "1390810", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:49:12", "1390809", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:48:51", "1390808", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:48:50", "1390806", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:48:50", "1390807", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:48:43", "1390805", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 17:47:20", "1390803", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 17:46:56", "1390802", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 17:46:42", "1390801", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 17:46:40", "1390800", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 17:46:39", "1390799", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 17:46:36", "1390798", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 17:46:13", "1390797", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 17:26:07", "1390782", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-21 17:25:43", "1390781", "15.237.109.92:3306", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/15.237.109.92#3306", "blackshades,c2,shodan", "0", "juroots" "2025-01-21 17:25:23", "1390780", "149.210.0.241:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "https://www.shodan.io/host/149.210.0.241#443", "c2,gh0st,shodan", "0", "juroots" "2025-01-21 17:24:57", "1390779", "3.107.14.27:17", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/3.107.14.27#17", "c2,netsupport,shodan", "0", "juroots" "2025-01-21 17:23:05", "1390778", "54.68.48.57:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-21 17:22:34", "1390777", "45.62.123.85:2083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/45.62.123.85#2083", "c2,cobaltstrike,cs-watermark-100000,shodan", "0", "juroots" "2025-01-21 17:21:56", "1390776", "154.223.21.105:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.223.21.105#443", "c2,cobaltstrike,cs-watermark-1234567890,shodan", "0", "juroots" "2025-01-21 16:47:37", "1390774", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:35", "1390773", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:34", "1390772", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:33", "1390771", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:27", "1390770", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:12", "1390767", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:12", "1390768", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:12", "1390769", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:47:08", "1390766", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 16:46:14", "1390764", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 16:45:58", "1390763", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 16:45:48", "1390762", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 16:45:46", "1390761", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 16:45:45", "1390760", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 16:45:42", "1390759", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 16:45:27", "1390758", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 16:04:21", "1390754", "44.207.92.202:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "", "100", "https://search.censys.io/hosts/44.207.92.202", "AMAZON-AES,AS14618,C2,censys,Posh", "0", "DonPasci" "2025-01-21 16:04:17", "1390751", "2.59.163.69:2000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/2.59.163.69", "AS215540,C2,censys,GCS-AS,RAT,Venom", "0", "DonPasci" "2025-01-21 16:04:06", "1390749", "102.32.117.96:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/102.32.117.96", "AS327782,AsyncRAT,C2,censys,METROFIBRE-NETWORX,RAT", "0", "DonPasci" "2025-01-21 16:04:06", "1390750", "118.70.175.199:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/118.70.175.199", "AS18403,AsyncRAT,C2,censys,FPT-AS-AP,RAT", "0", "DonPasci" "2025-01-21 16:04:05", "1390748", "89.23.103.43:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/89.23.103.43", "AS215540,AsyncRAT,C2,censys,GCS-AS,RAT", "0", "DonPasci" "2025-01-21 16:03:44", "1390747", "45.77.151.146:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/45.77.151.146", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci" "2025-01-21 15:47:46", "1390719", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:43", "1390718", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:42", "1390717", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:41", "1390716", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:35", "1390715", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:20", "1390712", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:20", "1390713", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:20", "1390714", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:47:15", "1390711", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 15:46:21", "1390709", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 15:46:05", "1390708", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 15:45:54", "1390707", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 15:45:51", "1390706", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 15:45:50", "1390705", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 15:45:48", "1390704", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 15:45:32", "1390703", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 15:43:45", "1390701", "96.62.214.33:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-01-21 15:38:34", "1390700", "91.202.233.12:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "75", "", "DanaBot", "0", "abuse_ch" "2025-01-21 14:48:29", "1390697", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:26", "1390696", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:25", "1390695", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:24", "1390694", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:17", "1390693", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:01", "1390690", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:01", "1390691", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:48:01", "1390692", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:47:56", "1390689", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 14:46:59", "1390687", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 14:46:43", "1390686", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 14:46:33", "1390685", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 14:46:31", "1390684", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 14:46:29", "1390683", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 14:46:27", "1390682", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 14:46:10", "1390681", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 14:32:02", "1390632", "174.138.92.250:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/174.138.92.250", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 14:32:01", "1390599", "193.200.78.24:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-01-21 14:32:01", "1390629", "82.64.249.250:8096", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/82.64.249.250", "AS12322,censys,PROXAD,Viper", "0", "dyingbreeds_" "2025-01-21 14:32:01", "1390630", "206.119.166.108:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/206.119.166.108", "AS133199,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 14:32:00", "1390631", "78.46.139.160:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/78.46.139.160", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-01-21 14:31:59", "1390633", "176.124.214.131:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/176.124.214.131", "AS9123,censys,GoPhish,Phishing,TIMEWEB-AS", "0", "dyingbreeds_" "2025-01-21 13:48:05", "1390671", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:48:02", "1390670", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:48:00", "1390669", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:47:59", "1390668", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:47:54", "1390667", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:47:38", "1390664", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:47:38", "1390665", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:47:38", "1390666", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:47:34", "1390663", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 13:46:38", "1390661", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 13:46:21", "1390660", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 13:46:10", "1390659", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 13:46:08", "1390658", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 13:46:07", "1390657", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 13:46:04", "1390656", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 13:45:47", "1390655", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 12:48:20", "1390654", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:48:17", "1390653", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:48:16", "1390652", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:48:15", "1390651", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:48:09", "1390650", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:47:51", "1390647", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:47:51", "1390648", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:47:51", "1390649", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:47:46", "1390646", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:47:35", "1390645", "154.221.21.196:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 12:46:48", "1390640", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 12:46:31", "1390639", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 12:46:20", "1390638", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 12:46:18", "1390637", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 12:46:17", "1390636", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 12:46:14", "1390635", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 12:45:53", "1390634", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 12:04:26", "1390627", "87.120.127.206:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/87.120.127.206", "AS401115,C2,censys,EKABI,panel,Unam", "0", "DonPasci" "2025-01-21 12:04:17", "1390626", "34.58.151.162:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "", "100", "https://search.censys.io/hosts/34.58.151.162", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Posh", "0", "DonPasci" "2025-01-21 12:04:10", "1390625", "3.249.255.190:4567", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/3.249.255.190", "AMAZON-02,AS16509,C2,censys,Quasar,RAT", "0", "DonPasci" "2025-01-21 12:04:09", "1390624", "194.59.31.59:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/194.59.31.59", "AS399486,C2,censys,Hookbot,VIRTUO", "0", "DonPasci" "2025-01-21 12:04:08", "1390623", "82.148.31.69:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/82.148.31.69", "AS50340,C2,censys,Mythic,SELECTEL-MSK", "0", "DonPasci" "2025-01-21 12:04:04", "1390622", "104.243.35.175:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/104.243.35.175", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-01-21 12:03:40", "1390621", "161.35.219.59:1377", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/161.35.219.59", "AS14061,C2,censys,DIGITALOCEAN-ASN,RAT,Remcos", "0", "DonPasci" "2025-01-21 12:03:29", "1390620", "85.208.110.57:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/85.208.110.57", "AS44477,C2,censys,CobaltStrike,STARK-INDUSTRIES", "0", "DonPasci" "2025-01-21 12:03:25", "1390619", "101.93.221.5:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.93.221.5", "AS4812,C2,censys,CHINANET-SH-AP,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-01-21 12:03:24", "1390618", "154.204.177.197:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.204.177.197", "AROSS-AS,AS400619,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci" "2025-01-21 12:03:22", "1390617", "101.200.38.121:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.200.38.121", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-21 11:47:54", "1390616", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:51", "1390615", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:49", "1390614", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:48", "1390613", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:42", "1390612", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:26", "1390609", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:26", "1390610", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:26", "1390611", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:47:22", "1390608", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 11:46:25", "1390606", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 11:46:08", "1390605", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 11:45:57", "1390604", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 11:45:55", "1390603", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 11:45:54", "1390602", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 11:45:51", "1390601", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 11:45:35", "1390600", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 11:03:54", "1390580", "192.30.241.106:56002", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://x.com/JAMESWT_MHT/status/1881642391373005030", "None", "0", "JAMESWT_MHT" "2025-01-21 11:03:53", "1390579", "66.181.33.65:5664", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://x.com/JAMESWT_MHT/status/1881642391373005030", "None", "0", "JAMESWT_MHT" "2025-01-21 11:03:52", "1390581", "192.30.241.106:49754", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://x.com/JAMESWT_MHT/status/1881642391373005030", "None", "0", "JAMESWT_MHT" "2025-01-21 10:47:58", "1390598", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:55", "1390597", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:54", "1390596", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:53", "1390595", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:47", "1390594", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:31", "1390591", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:31", "1390592", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:31", "1390593", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:47:27", "1390590", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 10:46:30", "1390588", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 10:46:13", "1390587", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 10:46:01", "1390586", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 10:45:59", "1390585", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 10:45:58", "1390584", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 10:45:55", "1390583", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 10:45:38", "1390582", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 09:48:03", "1390578", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:48:00", "1390577", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:58", "1390576", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:57", "1390575", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:52", "1390574", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:36", "1390571", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:36", "1390572", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:36", "1390573", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:47:31", "1390570", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 09:46:33", "1390568", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 09:46:16", "1390567", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 09:46:05", "1390566", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 09:46:03", "1390565", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 09:46:01", "1390564", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 09:45:59", "1390563", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 09:45:42", "1390562", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 09:35:00", "1390557", "154.213.192.22:6606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "21January2025,iocbottest", "0", "Gi7w0rm" "2025-01-21 09:34:59", "1390558", "37.114.46.58:1111", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "21January2025,iocbottest", "0", "Gi7w0rm" "2025-01-21 08:47:54", "1390556", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:52", "1390555", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:50", "1390554", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:49", "1390553", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:43", "1390552", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:28", "1390551", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:27", "1390549", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:27", "1390550", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:47:23", "1390548", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 08:46:26", "1390546", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 08:46:09", "1390545", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 08:45:58", "1390544", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 08:45:56", "1390543", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 08:45:55", "1390542", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 08:45:52", "1390541", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 08:45:36", "1390540", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 08:43:21", "1390539", "111.32.210.52:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-21 08:27:35", "1390492", "217.119.129.21:443", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "75", "https://x.com/lontze7/status/1881618330504851772", "Rhadamanthys", "0", "abuse_ch" "2025-01-21 08:27:35", "1390493", "92.255.57.30:443", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "75", "https://x.com/lontze7/status/1881618330504851772", "Rhadamanthys", "0", "abuse_ch" "2025-01-21 08:24:30", "1390491", "18.159.133.90:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-21 08:04:17", "1390482", "165.140.85.87:4098", "ip:port", "botnet_cc", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "100", "https://search.censys.io/hosts/165.140.85.87", "AS397423,C2,censys,Crimson,RAT,TIER-NET", "0", "DonPasci" "2025-01-21 08:04:16", "1390481", "54.203.151.9:7134", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/54.203.151.9", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-21 08:04:13", "1390480", "192.142.18.78:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/192.142.18.78", "AS214036,C2,censys,Havoc,ULTAHOST-AS", "0", "DonPasci" "2025-01-21 08:04:06", "1390478", "128.90.122.163:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.122.163", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-01-21 08:04:04", "1390477", "47.90.208.22:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.90.208.22", "ALIBABA-CN-NET,AS45102,C2,censys,Supershell", "0", "DonPasci" "2025-01-21 08:03:45", "1390475", "23.226.54.80:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/23.226.54.80", "AS18013,ASLINE-AS-AP,C2,censys,Sliver", "0", "DonPasci" "2025-01-21 08:03:45", "1390476", "23.226.54.84:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/23.226.54.84", "AS18013,ASLINE-AS-AP,C2,censys,Sliver", "0", "DonPasci" "2025-01-21 08:03:42", "1390474", "154.216.18.232:5050", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/154.216.18.232", "AS215240,C2,censys,NETRESEARCH,RAT,Remcos", "0", "DonPasci" "2025-01-21 08:03:22", "1390471", "82.156.191.68:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/82.156.191.68", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci" "2025-01-21 07:58:07", "1390444", "212.22.82.118:6963", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "None", "Gafgyt", "0", "elfdigest" "2025-01-21 07:47:48", "1390470", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:45", "1390469", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:44", "1390468", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:43", "1390467", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:37", "1390466", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:26", "1390464", "95.217.240.67:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-01-21 07:47:26", "1390465", "88.99.120.106:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-01-21 07:47:22", "1390456", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:21", "1390454", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:21", "1390455", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:47:17", "1390453", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 07:46:21", "1390451", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 07:46:04", "1390450", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 07:45:53", "1390449", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 07:45:50", "1390448", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 07:45:49", "1390447", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 07:45:46", "1390446", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 07:45:30", "1390445", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 06:47:33", "1390442", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:31", "1390441", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:29", "1390439", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:29", "1390440", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:23", "1390438", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:08", "1390435", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:08", "1390436", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:08", "1390437", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:47:03", "1390434", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 06:46:10", "1390432", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 06:45:54", "1390431", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 06:45:44", "1390430", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 06:45:42", "1390429", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 06:45:41", "1390428", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 06:45:39", "1390427", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 06:45:23", "1390426", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 06:39:03", "1390387", "18.254.46.215:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.254.46.215", "AS8987,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:39:02", "1390384", "174.138.92.250:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/174.138.92.250", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:39:02", "1390385", "174.138.92.250:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/174.138.92.250", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:39:02", "1390386", "35.167.94.35:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.167.94.35", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:39:01", "1390383", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.43.67.6", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:39:00", "1390381", "138.197.50.3:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/138.197.50.3", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:59", "1390382", "13.235.172.221:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.235.172.221", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:58", "1390377", "34.101.237.204:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.101.237.204", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:58", "1390379", "154.53.160.55:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.53.160.55", "AS62425,censys,GoPhish,KUZEYDC,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:58", "1390380", "181.32.61.238:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/181.32.61.238", "AS3816,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:57", "1390375", "3.124.25.236:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.124.25.236", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:57", "1390376", "139.59.84.190:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/139.59.84.190", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:57", "1390378", "89.251.134.46:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/89.251.134.46", "AS-TKRZ,AS42184,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:56", "1390372", "82.166.159.58:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/82.166.159.58", "AS1680,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:56", "1390373", "194.60.201.16:3388", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/194.60.201.16", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:56", "1390374", "185.135.195.4:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.135.195.4", "AS59460,ASN-M3NET,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-21 06:38:55", "1390273", "104.248.130.195:82", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-21 06:38:54", "1390253", "181.73.20.67:8080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://app.any.run/tasks/ec25f6e5-bcb9-4a63-a187-d2e5eb9ebf08", "RAT", "0", "manpap11" "2025-01-21 06:38:54", "1390272", "104.248.130.195:81", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-21 06:38:52", "1390096", "195.177.92.71:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "None", "Gafgyt", "0", "elfdigest" "2025-01-21 06:38:52", "1390144", "88.119.165.46:80", "ip:port", "botnet_cc", "win.systembc", "Coroxy,DroxiDat", "SystemBC", "", "75", "https://www.virustotal.com/gui/ip-address/88.119.165.46/relations", "None", "0", "dyingbreeds_" "2025-01-21 05:47:21", "1390422", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:47:18", "1390421", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:47:17", "1390420", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:47:16", "1390419", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:47:11", "1390418", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:46:56", "1390415", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:46:56", "1390416", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:46:56", "1390417", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:46:52", "1390414", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 05:46:13", "1390410", "31.57.243.64:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-01-21 05:46:13", "1390411", "31.57.243.64:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-01-21 05:46:13", "1390412", "31.57.243.64:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-01-21 05:46:00", "1390408", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 05:45:46", "1390407", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 05:45:36", "1390405", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 05:45:34", "1390404", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 05:45:33", "1390403", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 05:45:31", "1390402", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 05:45:12", "1390401", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 05:39:49", "1390393", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-21 05:39:49", "1390394", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-21 05:39:21", "1390391", "206.189.190.139:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/206.189.190.139#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-21 05:39:21", "1390392", "161.35.164.134:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/161.35.164.134#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-21 05:38:57", "1390390", "155.248.216.246:8083", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "50", "https://www.shodan.io/host/155.248.216.246#8083", "c2,shadowpad,shodan", "0", "juroots" "2025-01-21 05:38:26", "1390389", "89.247.50.29:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "https://www.shodan.io/host/89.247.50.29#80", "c2,gh0st,shodan", "0", "juroots" "2025-01-21 05:38:00", "1390388", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-21 04:47:24", "1390369", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:21", "1390368", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:20", "1390366", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:20", "1390367", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:15", "1390365", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:00", "1390362", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:00", "1390363", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:47:00", "1390364", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:46:56", "1390361", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 04:46:05", "1390359", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 04:45:49", "1390358", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 04:45:40", "1390357", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 04:45:38", "1390356", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 04:45:37", "1390355", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 04:45:34", "1390354", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 04:45:18", "1390353", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 04:04:42", "1390352", "85.239.54.99:23443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/85.239.54.99", "AS62005,BianLian,BV-EU-AS,C2,censys", "0", "DonPasci" "2025-01-21 04:04:41", "1390351", "89.46.235.60:8443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/89.46.235.60", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci" "2025-01-21 04:04:38", "1390350", "217.144.185.198:51106", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/217.144.185.198", "AEZA-AS,AS210644,C2,censys,Nosviak,Panel", "0", "DonPasci" "2025-01-21 04:04:14", "1390349", "102.96.215.117:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/102.96.215.117", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-21 04:04:11", "1390348", "94.237.91.20:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/94.237.91.20", "AS202053,C2,censys,Havoc,UPCLOUD", "0", "DonPasci" "2025-01-21 04:04:07", "1390345", "95.163.176.80:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/95.163.176.80", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci" "2025-01-21 04:04:07", "1390346", "194.59.31.235:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/194.59.31.235", "AS399486,C2,censys,Hookbot,VIRTUO", "0", "DonPasci" "2025-01-21 04:04:07", "1390347", "213.176.94.228:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/213.176.94.228", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci" "2025-01-21 04:04:00", "1390344", "45.141.86.26:4443", "ip:port", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "", "100", "https://search.censys.io/hosts/45.141.86.26", "AS206728,C2,censys,Matanbuchus,MEDIALAND-AS", "0", "DonPasci" "2025-01-21 04:03:42", "1390343", "176.100.36.135:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/176.100.36.135", "AS58087,C2,censys,FLORIANKOLB,Sliver", "0", "DonPasci" "2025-01-21 04:03:39", "1390342", "192.3.146.145:14645", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/192.3.146.145", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-01-21 04:03:21", "1390337", "68.183.234.239:28080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/68.183.234.239", "AS14061,C2,censys,CobaltStrike,cs-watermark-987654321,DIGITALOCEAN-ASN", "0", "DonPasci" "2025-01-21 04:03:20", "1390335", "47.113.217.92:18888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.113.217.92", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-21 04:03:20", "1390336", "20.2.220.82:55502", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/20.2.220.82", "AS8075,C2,censys,CobaltStrike,cs-watermark-987654321,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci" "2025-01-21 03:47:20", "1390334", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:47:18", "1390333", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:47:17", "1390332", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:47:16", "1390331", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:47:11", "1390330", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:46:56", "1390327", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:46:56", "1390328", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:46:56", "1390329", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:46:52", "1390326", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-21 03:46:00", "1390324", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-21 03:45:45", "1390323", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 03:45:36", "1390322", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-21 03:45:34", "1390321", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-21 03:45:33", "1390320", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-21 03:45:31", "1390319", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-21 03:45:14", "1390318", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" # Number of entries: 957