################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2024-10-25 20:40:20 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2024-10-25 20:40:20", "1339383", "192.169.69.26:1608", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "2024-10-25 21:00:38", "100", "None", "NanoCore,RAT", "0", "abuse_ch"
"2024-10-25 18:37:06", "1339377", "91.208.184.54:56744", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "https://urlhaus.abuse.ch/host/91.208.184.54/", "Mirai", "0", "NDA0E"
"2024-10-25 16:50:40", "1339375", "185.234.216.181:6666", "ip:port", "botnet_cc", "win.atlantida", "None", "Atlantida", "", "100", "https://bazaar.abuse.ch/sample/31b233d5cdd809be59e838bb2c27c29d8a914daa08a2490e03b5e5f8ed35e312/", "AtlantidaStealer", "0", "NDA0E"
"2024-10-25 16:50:40", "1339376", "185.234.216.181:6655", "ip:port", "botnet_cc", "win.atlantida", "None", "Atlantida", "", "100", "https://bazaar.abuse.ch/sample/31b233d5cdd809be59e838bb2c27c29d8a914daa08a2490e03b5e5f8ed35e312/", "AtlantidaStealer", "0", "NDA0E"
"2024-10-25 16:25:24", "1339374", "185.215.113.67:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "None", "NetSupport", "0", "abuse_ch"
"2024-10-25 14:27:31", "1339354", "172.86.105.139:8443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:31", "1339355", "8.219.179.29:80", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:31", "1339356", "172.86.80.56:443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:30", "1339348", "8.218.137.163:443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:30", "1339349", "38.54.71.132:7443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:30", "1339350", "47.76.87.55:8443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:30", "1339351", "154.90.32.88:8043", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:30", "1339352", "154.90.32.88:7443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:27:30", "1339353", "154.90.32.88:443", "ip:port", "botnet_cc", "win.fdmtp", "None", "FDMTP", "", "50", "", "None", "0", "Rony"
"2024-10-25 14:26:04", "1339347", "192.210.150.35:2560", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/4c11a38a17a285f3c95774f535fa79e2596bf5723b2cc7b870a29f06e85727c3/", "remcos", "0", "abuse_ch"
"2024-10-25 13:20:34", "1339341", "172.236.29.219:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/2be6f81fb12438b0fe15f98565d0ad1e9bc6d91bea6b6765760120ebaa3d51ae/", "asyncrat", "0", "abuse_ch"
"2024-10-25 07:48:01", "1339324", "149.104.28.67:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS139659,LUCIDACLOUD LIMITED,supershell", "0", "antiphishorg"
"2024-10-25 06:33:14", "1339334", "159.223.36.127:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-25 06:32:50", "1339333", "39.164.16.189:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-25 06:32:25", "1339332", "80.66.75.53:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-25 06:28:59", "1339331", "114.113.238.83:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1", "0", "abuse_ch"
"2024-10-25 06:28:53", "1339330", "123.57.75.191:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-25 06:28:44", "1339329", "43.128.70.26:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-10-25 06:28:39", "1339328", "107.175.17.10:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-10-25 06:28:33", "1339327", "111.230.94.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-10-25 06:28:13", "1339326", "47.117.3.107:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-25 06:28:06", "1339325", "38.6.189.85:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-10-25 04:01:02", "1339320", "101.42.4.160:8033", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.42.4.160", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2024-10-25 04:00:54", "1339319", "49.235.108.91:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:44", "100", "https://search.censys.io/hosts/49.235.108.91", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2024-10-25 02:15:01", "1339247", "3.67.161.133:13824", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-10-25 00:04:38", "1339315", "23.227.198.237:3963", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/23.227.198.237", "AS29802,BianLian,C2,censys,HVC-AS", "0", "DonPasci"
"2024-10-25 00:04:29", "1339313", "80.76.51.159:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/80.76.51.159", "AS401116,C2,censys,hacktool,Mimikatz,NYBULA,open-dir", "0", "DonPasci"
"2024-10-25 00:04:29", "1339314", "209.151.153.216:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/209.151.153.216", "AS25697,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUDUSA", "0", "DonPasci"
"2024-10-25 00:04:18", "1339312", "104.168.87.36:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/104.168.87.36", "AS-COLOCROSSING,AS36352,C2,censys,Gafgyt,open-dir", "0", "DonPasci"
"2024-10-25 00:03:47", "1339311", "46.246.14.12:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.246.14.12", "AS42708,C2,censys,DcRAT,PORTLANE,RAT", "0", "DonPasci"
"2024-10-25 00:03:45", "1339310", "46.246.14.19:8000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.246.14.19", "AS42708,C2,censys,DcRAT,PORTLANE,RAT", "0", "DonPasci"
"2024-10-25 00:03:41", "1339309", "207.148.117.38:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/207.148.117.38", "AS-VULTR,AS20473,C2,censys,Havoc", "0", "DonPasci"
"2024-10-25 00:03:37", "1339308", "193.233.254.126:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/193.233.254.126", "AS215826,C2,censys,Hookbot,PARTNER-HOSTING-LTD", "0", "DonPasci"
"2024-10-25 00:03:20", "1339307", "93.127.223.191:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/93.127.223.191", "AS46475,C2,censys,LIMESTONENETWORKS,Supershell", "0", "DonPasci"
"2024-10-25 00:02:59", "1339306", "212.162.149.220:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/212.162.149.220", "AS64236,C2,censys,RAT,Remcos,UNREAL-SERVERS", "0", "DonPasci"
"2024-10-25 00:02:49", "1339305", "37.120.141.162:8787", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "https://search.censys.io/hosts/37.120.141.162", "AS9009,C2,censys,DarkComet,M247,RAT", "0", "DonPasci"
"2024-10-25 00:02:27", "1339304", "189.158.156.8:8181", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/189.158.156.8", "AS8151,C2,censys,PenTera,UNINET", "0", "DonPasci"
"2024-10-25 00:02:24", "1339303", "47.120.45.37:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.120.45.37", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike", "0", "DonPasci"
"2024-10-25 00:02:21", "1339302", "103.37.41.114:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.37.41.114", "AS132839,C2,censys,CobaltStrike,POWERLINE-AS-AP", "0", "DonPasci"
"2024-10-25 00:02:10", "1339301", "8.217.146.20:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.217.146.20", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2024-10-25 00:01:59", "1339300", "118.25.182.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/118.25.182.25", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2024-10-25 00:01:47", "1339299", "47.115.166.43:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.115.166.43", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-25 00:01:35", "1339298", "172.86.66.151:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:52", "100", "https://search.censys.io/hosts/172.86.66.151", "AS14956,C2,censys,CobaltStrike,cs-watermark-987654321,ROUTERHOSTING", "0", "DonPasci"
"2024-10-24 20:04:24", "1339260", "159.100.18.123:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/159.100.18.123", "AS44066,C2,censys,DE-FIRSTCOLO,moobot", "0", "DonPasci"
"2024-10-24 20:04:15", "1339259", "95.181.173.98:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "100", "https://search.censys.io/hosts/95.181.173.98", "AEZA-AS,AS210644,C2,censys,Meduza,Stealer", "0", "DonPasci"
"2024-10-24 20:03:54", "1339258", "204.13.234.44:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/204.13.234.44", "AS19318,C2,censys,Covenant,IS-AS-1", "0", "DonPasci"
"2024-10-24 20:03:13", "1339257", "212.46.38.224:3389", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/212.46.38.224", "AS62005,BV-EU-AS,C2,censys,Havoc", "0", "DonPasci"
"2024-10-24 20:03:11", "1339256", "23.21.86.233:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.21.86.233", "AMAZON-AES,AS14618,C2,censys,Havoc", "0", "DonPasci"
"2024-10-24 20:03:09", "1339255", "45.157.233.117:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/45.157.233.117", "AS58212,C2,censys,DATAFOREST,Quasar,RAT", "0", "DonPasci"
"2024-10-24 20:02:22", "1339254", "45.93.9.248:4500", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/45.93.9.248", "ALEXHOST,AS200019,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2024-10-24 20:02:02", "1339253", "94.232.249.121:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "75", "None", "latrodectus", "0", "Rony"
"2024-10-24 20:01:34", "1339252", "103.37.41.117:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.37.41.117", "AS132839,C2,censys,CobaltStrike,POWERLINE-AS-AP", "0", "DonPasci"
"2024-10-24 20:01:26", "1339251", "103.37.41.115:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.37.41.115", "AS132839,C2,censys,CobaltStrike,POWERLINE-AS-AP", "0", "DonPasci"
"2024-10-24 20:01:08", "1339250", "206.237.4.78:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/206.237.4.78", "AS932,C2,censys,CobaltStrike,cs-watermark-666666666,XNNET", "0", "DonPasci"
"2024-10-24 20:00:58", "1339249", "144.217.220.121:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:55", "100", "https://search.censys.io/hosts/144.217.220.121", "AS16276,C2,censys,CobaltStrike,cs-watermark-100000,OVH", "0", "DonPasci"
"2024-10-24 20:00:49", "1339248", "103.127.125.157:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:33:16", "100", "https://search.censys.io/hosts/103.127.125.157", "AS138195,C2,censys,CobaltStrike,cs-watermark-987654321,MOACKCOLTD-AS-AP", "0", "DonPasci"
"2024-10-24 16:03:08", "1339239", "45.149.241.240:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/45.149.241.240", "AS401116,C2,censys,Ermac,NYBULA,panel", "0", "DonPasci"
"2024-10-24 16:03:01", "1339238", "87.120.112.158:2025", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/87.120.112.158", "AS401115,C2,censys,EKABI,RAT,Venom", "0", "DonPasci"
"2024-10-24 16:02:58", "1339237", "38.242.135.61:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/38.242.135.61", "AS51167,C2,censys,CONTABO,Havoc", "0", "DonPasci"
"2024-10-24 16:02:56", "1339236", "38.242.135.61:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/38.242.135.61", "AS51167,C2,censys,CONTABO,Havoc", "0", "DonPasci"
"2024-10-24 16:02:54", "1339235", "77.73.131.97:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/77.73.131.97", "AEZA-AS,AS210644,C2,censys,Quasar,RAT", "0", "DonPasci"
"2024-10-24 16:02:51", "1339234", "193.233.113.179:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/193.233.113.179", "AS215826,C2,censys,Hookbot,PARTNER-HOSTING-LTD", "0", "DonPasci"
"2024-10-24 16:02:43", "1339233", "50.241.208.67:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/50.241.208.67", "AS7922,C2,censys,COMCAST-7922,Mythic", "0", "DonPasci"
"2024-10-24 16:02:33", "1339232", "5.196.186.185:5001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/5.196.186.185", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci"
"2024-10-24 16:02:31", "1339231", "5.196.186.185:8008", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/5.196.186.185", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci"
"2024-10-24 16:02:29", "1339230", "51.222.21.29:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/51.222.21.29", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci"
"2024-10-24 16:02:27", "1339229", "51.222.21.29:5555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/51.222.21.29", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci"
"2024-10-24 16:02:26", "1339228", "51.222.21.29:555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/51.222.21.29", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci"
"2024-10-24 16:02:24", "1339227", "128.90.113.118:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.113.118", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci"
"2024-10-24 16:02:23", "1339226", "66.179.243.34:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/66.179.243.34", "AS8560,AsyncRAT,C2,censys,IONOS-AS,RAT", "0", "DonPasci"
"2024-10-24 16:02:18", "1339225", "154.212.148.14:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.212.148.14", "AS132325,C2,censys,LEMON-AS-AP,Supershell", "0", "DonPasci"
"2024-10-24 16:02:17", "1339224", "154.212.148.13:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.212.148.13", "AS132325,C2,censys,LEMON-AS-AP,Supershell", "0", "DonPasci"
"2024-10-24 16:01:43", "1339223", "23.88.3.155:4444", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/23.88.3.155", "AS24940,C2,censys,HETZNER-AS,RAT,Remcos", "0", "DonPasci"
"2024-10-24 16:01:42", "1339222", "185.196.10.242:9544", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.196.10.242", "AS42624,C2,censys,RAT,Remcos,SWISSNETWORK02", "0", "DonPasci"
"2024-10-24 16:01:40", "1339221", "147.45.44.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/147.45.44.105", "AS215789,C2,censys,KARINAR,RAT,Remcos", "0", "DonPasci"
"2024-10-24 16:00:48", "1339220", "47.92.196.60:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.92.196.60", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 16:00:47", "1339219", "67.220.72.50:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:45", "100", "https://search.censys.io/hosts/67.220.72.50", "AS-GLOBALTELEHOST,AS63023,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 16:00:45", "1339218", "49.235.108.91:2053", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/49.235.108.91", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2024-10-24 15:45:06", "1339209", "152.89.198.124:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2024-10-25 22:00:06", "100", "https://x.com/crep1x/status/1849476769486635496", "Amadey", "0", "crep1x"
"2024-10-24 12:02:52", "1339203", "103.238.235.168:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/103.238.235.168", "AS140810,C2,censys,Gafgyt,MEGACORE-AS-VN", "0", "DonPasci"
"2024-10-24 12:02:45", "1339202", "93.123.85.50:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/93.123.85.50", "AS216240,C2,censys,moobot,MORTALSOFT", "0", "DonPasci"
"2024-10-24 12:02:25", "1339201", "64.7.198.196:3389", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/64.7.198.196", "AS399629,BLNWX,C2,censys,Havoc", "0", "DonPasci"
"2024-10-24 12:02:24", "1339199", "178.62.102.19:8000", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/178.62.102.19", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2024-10-24 12:02:24", "1339200", "66.179.243.12:8880", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/66.179.243.12", "AS8560,C2,censys,Havoc,IONOS-AS", "0", "DonPasci"
"2024-10-24 12:02:23", "1339197", "66.85.92.8:2096", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/66.85.92.8", "AS64236,C2,censys,Havoc,UNREAL-SERVERS", "0", "DonPasci"
"2024-10-24 12:02:23", "1339198", "66.85.92.8:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/66.85.92.8", "AS64236,C2,censys,Havoc,UNREAL-SERVERS", "0", "DonPasci"
"2024-10-24 12:02:22", "1339196", "209.38.26.113:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.38.26.113", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2024-10-24 12:02:10", "1339194", "43.155.75.50:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.155.75.50", "AS132203,C2,censys,Mythic,TENCENT-NET-AP-CN", "0", "DonPasci"
"2024-10-24 12:02:10", "1339195", "193.181.35.217:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/193.181.35.217", "AS42201,C2,censys,Mythic,PVDATANET", "0", "DonPasci"
"2024-10-24 12:02:09", "1339193", "65.20.84.77:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/65.20.84.77", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci"
"2024-10-24 12:02:01", "1339191", "51.222.21.29:777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/51.222.21.29", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci"
"2024-10-24 12:01:58", "1339189", "154.212.148.6:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.212.148.6", "AS132325,C2,censys,LEMON-AS-AP,Supershell", "0", "DonPasci"
"2024-10-24 12:01:58", "1339190", "43.139.106.208:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.139.106.208", "AS45090,C2,censys,Supershell,TENCENT-NET-AP", "0", "DonPasci"
"2024-10-24 12:01:57", "1339188", "121.40.94.52:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/121.40.94.52", "ALIBABA-CN-NET,AS37963,C2,censys,Supershell", "0", "DonPasci"
"2024-10-24 12:01:53", "1339187", "27.124.53.33:443", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "90", "https://search.censys.io/hosts/27.124.53.33", "AS64050,BGNL-HK,C2,censys,RAT,ShadowPad", "0", "DonPasci"
"2024-10-24 12:01:44", "1339186", "206.189.218.238:3363", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/206.189.218.238", "AS14061,C2,censys,DIGITALOCEAN-ASN,RAT,Remcos", "0", "DonPasci"
"2024-10-24 12:01:43", "1339185", "185.196.9.145:3399", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.196.9.145", "AS42624,C2,censys,RAT,Remcos,SWISSNETWORK02", "0", "DonPasci"
"2024-10-24 12:01:42", "1339184", "212.171.19.191:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/212.171.19.191", "AS3269,ASN-IBSNAZ,C2,censys,RAT,Remcos", "0", "DonPasci"
"2024-10-24 12:00:55", "1339183", "47.122.47.248:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:33:17", "100", "https://search.censys.io/hosts/47.122.47.248", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-0", "0", "DonPasci"
"2024-10-24 12:00:53", "1339182", "8.222.171.125:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.222.171.125", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2024-10-24 12:00:50", "1339181", "106.14.104.191:9000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/106.14.104.191", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci"
"2024-10-24 12:00:48", "1339180", "46.17.43.154:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/46.17.43.154", "AS51659,ASBAXET,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 12:00:47", "1339179", "46.17.43.154:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/46.17.43.154", "AS51659,ASBAXET,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 12:00:46", "1339178", "47.119.184.205:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.119.184.205", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 12:00:44", "1339177", "47.97.22.116:9636", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.97.22.116", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 12:00:43", "1339176", "39.100.71.249:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/39.100.71.249", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-10-24 11:00:27", "1339173", "192.210.150.14:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/3a15b2df43b3665b869280969adaec6fc18de92f2da83e1d0228d7379fd55e09/", "remcos", "0", "abuse_ch"
"2024-10-24 08:25:18", "1339165", "154.216.18.51:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/af2848711b8c1b41a6315cd18c52158f1c080f462c3d100df9670f5df265daf0/", "remcos", "0", "abuse_ch"
"2024-10-24 08:20:21", "1339164", "212.162.149.195:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/034d0ad83a1a41c3fb2be5110d68a545b2426a337006a7f34a2050a0c7a18b9a/", "remcos", "0", "abuse_ch"
"2024-10-24 08:02:13", "1339163", "46.246.6.19:8000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/46.246.6.19", "AS42708,C2,censys,DcRAT,PORTLANE,RAT", "0", "DonPasci"
"2024-10-24 08:02:10", "1339162", "189.126.111.158:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/189.126.111.158", "AS27715,C2,censys,Havoc,Locaweb", "0", "DonPasci"
"2024-10-24 08:02:00", "1339161", "23.143.168.16:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/23.143.168.16", "AS398980,C2,censys,Mythic,OSINET", "0", "DonPasci"
"2024-10-24 08:01:53", "1339160", "93.123.109.157:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/93.123.109.157", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci"
"2024-10-24 08:01:38", "1339158", "185.234.65.186:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.234.65.186", "AS44477,C2,censys,RAT,Remcos,STARK-INDUSTRIES", "0", "DonPasci"
"2024-10-24 08:01:37", "1339156", "85.209.133.15:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/85.209.133.15", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci"
"2024-10-24 08:01:37", "1339157", "93.123.39.134:8080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/93.123.39.134", "AS401120,C2,censys,CHEAPY-HOST,RAT,Remcos", "0", "DonPasci"
"2024-10-24 08:00:44", "1339155", "144.24.80.51:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/144.24.80.51", "AS31898,C2,censys,CobaltStrike,cs-watermark-987654321,ORACLE-BMC-31898", "0", "DonPasci"
"2024-10-24 07:16:47", "1339153", "111.229.7.205:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:16:46", "1339152", "8.138.104.216:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:16:44", "1339151", "43.128.70.26:800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:43", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-10-24 07:16:43", "1339150", "103.229.126.96:85", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:19", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:16:35", "1339149", "49.235.130.176:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-10-24 07:16:30", "1339148", "182.92.222.153:9091", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:14:57", "1339147", "114.132.214.4:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:29:28", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-10-24 07:14:40", "1339146", "121.196.109.163:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-10-24 07:14:38", "1339145", "39.103.56.192:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:14:31", "1339144", "39.100.104.125:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-24 12:00:53", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-10-24 07:14:13", "1339143", "47.102.105.157:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:13:54", "1339142", "47.92.29.195:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:13:50", "1339141", "47.92.29.195:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:13:48", "1339140", "45.77.253.83:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-10-24 07:05:20", "1339139", "163.172.24.191:37837", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-10-24 06:52:52", "1339138", "154.213.187.58:48920", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes"
"2024-10-24 05:24:43", "1339126", "85.239.34.134:51515", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "mirai", "0", "elfdigest"
"2024-10-24 05:24:42", "1339134", "185.38.142.167:6302", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-10-24 02:30:30", "1339135", "176.10.111.126:80", "ip:port", "botnet_cc", "win.socks5_systemz", "None", "Socks5 Systemz", "", "100", "None", "Socks5Systemz", "0", "abuse_ch"
"2024-10-24 00:35:25", "1339132", "196.119.120.229:1604", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "NanoCore,RAT", "0", "abuse_ch"
"2024-10-24 00:01:46", "1339131", "66.63.187.79:443", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/66.63.187.79", "AS214943,C2,censys,RAILNET,RAT,Venom", "0", "DonPasci"
"2024-10-24 00:01:39", "1339130", "94.141.122.98:50555", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2024-10-24 01:00:10", "100", "https://search.censys.io/hosts/94.141.122.98", "AS215826,C2,censys,Hookbot,PARTNER-HOSTING-LTD", "0", "DonPasci"
"2024-10-24 00:01:19", "1339129", "46.246.12.3:9090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/46.246.12.3", "AS42708,C2,censys,PORTLANE,RAT,Remcos", "0", "DonPasci"
"2024-10-24 00:01:18", "1339128", "46.246.86.10:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/46.246.86.10", "AS42708,C2,censys,PORTLANE,RAT,Remcos", "0", "DonPasci"
"2024-10-24 00:00:46", "1339127", "154.9.227.158:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-10-25 06:28:38", "100", "https://search.censys.io/hosts/154.9.227.158", "AS979,C2,censys,CobaltStrike,cs-watermark-0,NETLAB-SDN", "0", "DonPasci"
"2024-10-23 22:45:47", "1339125", "147.185.221.23:22815", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
# Number of entries: 148