################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2025-04-30 00:03:22 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-04-30 00:03:22", "1513795", "147.124.219.157:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/147.124.219.157", "AS396073,C2,censys,MAJESTIC-HOSTING-01,rhadamanthys,stealer", "0", "DonPasci" "2025-04-30 00:02:54", "1513794", "209.141.55.248:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/209.141.55.248", "AS53667,C2,censys,moobot,PONYNET", "0", "DonPasci" "2025-04-30 00:02:38", "1513792", "146.70.24.193:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/146.70.24.193", "AS9009,C2,censys,Havoc,M247", "0", "DonPasci" "2025-04-30 00:02:38", "1513793", "23.227.199.118:14443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.199.118", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-04-30 00:02:37", "1513790", "104.248.5.186:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.248.5.186", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci" "2025-04-30 00:02:37", "1513791", "54.206.1.218:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/54.206.1.218", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-04-30 00:02:32", "1513789", "173.208.162.225:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/173.208.162.225", "AS32097,C2,censys,Mythic,WII", "0", "DonPasci" "2025-04-30 00:02:17", "1513788", "173.44.139.179:7272", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/173.44.139.179", "AS49532,AsyncRAT,C2,censys,RAT,SERVERHUB-NL", "0", "DonPasci" "2025-04-30 00:02:16", "1513787", "188.218.201.194:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/188.218.201.194", "AS30722,AsyncRAT,C2,censys,RAT,VODAFONE-IT-ASN", "0", "DonPasci" "2025-04-30 00:01:46", "1513785", "185.39.17.25:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/185.39.17.25", "AS213355,C2,censys,HGN-AS,Sliver", "0", "DonPasci" "2025-04-30 00:01:46", "1513786", "137.184.190.241:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/137.184.190.241", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-04-30 00:01:18", "1513783", "148.66.16.227:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/148.66.16.227", "AS45753,C2,censys,CobaltStrike,cs-watermark-666666666,NETSEC-HK", "0", "DonPasci" "2025-04-30 00:01:18", "1513784", "148.66.16.229:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/148.66.16.229", "AS45753,C2,censys,CobaltStrike,cs-watermark-666666666,NETSEC-HK", "0", "DonPasci" "2025-04-30 00:01:17", "1513782", "148.66.16.228:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/148.66.16.228", "AS45753,C2,censys,CobaltStrike,cs-watermark-666666666,NETSEC-HK", "0", "DonPasci" "2025-04-30 00:01:15", "1513780", "43.142.157.142:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.142.157.142", "AS45090,C2,censys,CobaltStrike,cs-watermark-100000,TENCENT-NET-AP", "0", "DonPasci" "2025-04-30 00:01:15", "1513781", "39.101.135.210:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/39.101.135.210", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci" "2025-04-30 00:01:11", "1513778", "47.115.227.6:4432", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/47.115.227.6", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-04-30 00:01:11", "1513779", "23.94.200.251:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/23.94.200.251", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-04-29 22:58:36", "1513774", "54.244.226.5:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:57:30", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-04-29 20:53:50", "1513771", "84.9.20.90:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:53:17", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-04-29 20:49:41", "1513770", "2.88.106.188:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-04-30 02:49:24", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-04-29 20:46:51", "1513769", "169.1.137.167:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-04-30 02:46:40", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-04-29 20:45:59", "1513767", "154.81.182.79:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:45:50", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-04-29 20:45:59", "1513768", "154.81.182.79:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:45:50", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-04-29 20:45:58", "1513766", "154.81.182.79:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:45:49", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-04-29 20:44:10", "1513765", "116.26.10.55:47031", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-04-30 02:44:06", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-04-29 20:43:36", "1513764", "104.37.174.16:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:43:35", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-29 20:43:21", "1513763", "103.233.8.46:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:43:21", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-04-29 20:02:10", "1513760", "23.227.199.118:15443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/23.227.199.118", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-04-29 20:02:09", "1513758", "139.9.131.153:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:44:50", "100", "https://search.censys.io/hosts/139.9.131.153", "AS55990,C2,censys,Havoc,HWCSNET", "0", "DonPasci" "2025-04-29 20:02:09", "1513759", "146.70.24.193:10443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:45:18", "100", "https://search.censys.io/hosts/146.70.24.193", "AS9009,C2,censys,Havoc,M247", "0", "DonPasci" "2025-04-29 20:02:05", "1513757", "154.61.80.193:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/154.61.80.193", "AS135175,C2,censys,FACTS-AS-IN,Hookbot", "0", "DonPasci" "2025-04-29 20:01:58", "1513756", "196.251.116.152:2222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:53", "100", "https://search.censys.io/hosts/196.251.116.152", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-04-29 20:01:57", "1513755", "31.163.204.210:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/31.163.204.210", "AS12389,AsyncRAT,C2,censys,RAT,ROSTELECOM-AS", "0", "DonPasci" "2025-04-29 20:01:12", "1513754", "43.255.159.28:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.255.159.28", "AS42960,C2,censys,CobaltStrike,cs-watermark-666666666,VH-GLOBAL", "0", "DonPasci" "2025-04-29 20:01:09", "1513753", "35.207.206.218:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/35.207.206.218", "AS19527,C2,censys,CobaltStrike,cs-watermark-987654321,GOOGLE-2", "0", "DonPasci" "2025-04-29 20:01:08", "1513751", "8.138.189.93:10000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.138.189.93", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-04-29 20:01:08", "1513752", "154.201.74.112:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.201.74.112", "AS8796,C2,censys,CobaltStrike,cs-watermark-987654321,FD-298-8796", "0", "DonPasci" "2025-04-29 16:02:15", "1513713", "8.217.196.192:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-04-30 02:53:03", "100", "https://search.censys.io/hosts/8.217.196.192", "ALIBABA-CN-NET,AS45102,BRC4,C2,censys", "0", "DonPasci" "2025-04-29 16:02:12", "1513712", "207.211.151.79:4444", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/207.211.151.79", "AS31898,C2,censys,DcRAT,ORACLE-BMC-31898,RAT", "0", "DonPasci" "2025-04-29 16:02:06", "1513711", "47.121.120.18:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/47.121.120.18", "ALIBABA-CN-NET,AS37963,C2,censys,Quasar,RAT", "0", "DonPasci" "2025-04-29 16:02:03", "1513710", "107.172.102.50:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/107.172.102.50", "AS-COLOCROSSING,AS36352,C2,censys,Mythic", "0", "DonPasci" "2025-04-29 16:02:02", "1513709", "107.174.133.204:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:43:42", "100", "https://search.censys.io/hosts/107.174.133.204", "AS-COLOCROSSING,AS36352,C2,censys,Mythic", "0", "DonPasci" "2025-04-29 16:01:55", "1513707", "196.251.116.152:444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:53", "100", "https://search.censys.io/hosts/196.251.116.152", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-04-29 16:01:55", "1513708", "198.23.227.175:8017", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:49:18", "100", "https://search.censys.io/hosts/198.23.227.175", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-04-29 16:01:54", "1513705", "84.200.205.74:2004", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:53:13", "100", "https://search.censys.io/hosts/84.200.205.74", "AS44066,AsyncRAT,C2,censys,DE-FIRSTCOLO,RAT", "0", "DonPasci" "2025-04-29 16:01:54", "1513706", "66.63.187.252:9090", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:52:40", "100", "https://search.censys.io/hosts/66.63.187.252", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci" "2025-04-29 16:01:30", "1513704", "18.200.221.191:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/18.200.221.191", "AMAZON-02,AS16509,C2,censys,open-dir,payload,Sliver", "0", "DonPasci" "2025-04-29 16:01:10", "1513703", "148.66.16.228:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/148.66.16.228", "AS45753,C2,censys,CobaltStrike,cs-watermark-666666666,NETSEC-HK", "0", "DonPasci" "2025-04-29 16:01:07", "1513702", "1.94.249.10:666", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/1.94.249.10", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci" "2025-04-29 15:04:05", "1513674", "185.149.146.118:33334", "ip:port", "botnet_cc", "win.unidentified_121", "None", "Unidentified 121", "", "100", "", "None", "0", "Rony" "2025-04-29 14:49:16", "1513671", "185.7.214.3:56001", "ip:port", "botnet_cc", "win.resolver_rat", "None", "ResolverRAT", "", "100", "", "None", "0", "Rony" "2025-04-29 14:49:16", "1513672", "185.7.214.4:56001", "ip:port", "botnet_cc", "win.resolver_rat", "None", "ResolverRAT", "", "100", "", "None", "0", "Rony" "2025-04-29 14:49:16", "1513673", "185.42.12.141:56001", "ip:port", "botnet_cc", "win.resolver_rat", "None", "ResolverRAT", "", "100", "", "None", "0", "Rony" "2025-04-29 12:59:28", "1513647", "18.212.130.9:4000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:56:12", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-04-29 12:44:05", "1513645", "185.39.17.103:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-04-29 12:02:54", "1513631", "88.214.48.111:483", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-04-30 02:55:21", "100", "None", "c2,Tofsee", "0", "Bitsight" "2025-04-29 12:02:00", "1513642", "23.227.199.118:45677", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:50:04", "100", "https://search.censys.io/hosts/23.227.199.118", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-04-29 12:01:55", "1513640", "102.117.169.90:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:43:10", "100", "https://search.censys.io/hosts/102.117.169.90", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-04-29 12:01:50", "1513638", "94.156.177.241:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:53:43", "100", "https://search.censys.io/hosts/94.156.177.241", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci" "2025-04-29 12:01:50", "1513639", "82.223.48.201:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:53:09", "100", "https://search.censys.io/hosts/82.223.48.201", "AS8560,AsyncRAT,C2,censys,IONOS-AS,RAT", "0", "DonPasci" "2025-04-29 12:01:26", "1513637", "103.233.8.46:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:43:21", "100", "https://search.censys.io/hosts/103.233.8.46", "AS133201,C2,censys,COMING-AS,Sliver", "0", "DonPasci" "2025-04-29 12:01:25", "1513636", "185.26.236.38:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:48:01", "100", "https://search.censys.io/hosts/185.26.236.38", "AS57169,C2,censys,EDIS-AS-EU,Sliver", "0", "DonPasci" "2025-04-29 12:01:08", "1513634", "148.66.16.227:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/148.66.16.227", "AS45753,C2,censys,CobaltStrike,cs-watermark-666666666,NETSEC-HK", "0", "DonPasci" "2025-04-29 12:01:08", "1513635", "148.66.16.229:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/148.66.16.229", "AS45753,C2,censys,CobaltStrike,cs-watermark-666666666,NETSEC-HK", "0", "DonPasci" "2025-04-29 12:01:06", "1513633", "43.242.201.14:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.242.201.14", "AS142032,C2,censys,CobaltStrike,cs-watermark-987654321,HFTCL-AS-AP", "0", "DonPasci" "2025-04-29 12:01:05", "1513632", "82.29.71.56:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/82.29.71.56", "AS142036,C2,censys,CobaltStrike,cs-watermark-987654321,HOSTEONS-AS-AP", "0", "DonPasci" "2025-04-29 08:53:35", "1513591", "62.109.13.63:7777", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-04-30 02:52:25", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-04-29 08:53:29", "1513590", "54.38.94.225:8882", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-04-30 02:52:19", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch" "2025-04-29 08:49:44", "1513589", "196.251.73.133:4752", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:49:08", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-29 08:47:25", "1513588", "173.225.103.138:8080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:47:03", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-29 08:46:06", "1513587", "154.30.4.199:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:45:48", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-29 08:44:03", "1513586", "111.29.40.211:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-04-30 02:43:55", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-04-29 08:43:42", "1513585", "107.143.144.154:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-04-30 02:43:38", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-04-29 08:02:45", "1513580", "176.65.148.196:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/176.65.148.196", "AS51396,C2,censys,moobot,PFCLOUD", "0", "DonPasci" "2025-04-29 08:02:29", "1513579", "3.110.43.70:59567", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-04-30 02:50:18", "100", "https://search.censys.io/hosts/3.110.43.70", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-04-29 08:02:28", "1513577", "3.24.212.87:7001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-04-30 02:50:21", "100", "https://search.censys.io/hosts/3.24.212.87", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-04-29 08:02:28", "1513578", "3.24.212.87:9201", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-04-30 02:50:21", "100", "https://search.censys.io/hosts/3.24.212.87", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-04-29 08:02:17", "1513573", "144.91.124.44:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/144.91.124.44", "AS51167,C2,censys,CONTABO,Hookbot", "0", "DonPasci" "2025-04-29 08:02:17", "1513574", "144.91.124.44:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-04-30 02:45:09", "100", "https://search.censys.io/hosts/144.91.124.44", "AS51167,C2,censys,CONTABO,Hookbot", "0", "DonPasci" "2025-04-29 08:02:07", "1513571", "196.251.116.68:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:57", "100", "https://search.censys.io/hosts/196.251.116.68", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-04-29 08:02:07", "1513572", "196.251.116.129:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:52", "100", "https://search.censys.io/hosts/196.251.116.129", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-04-29 08:01:37", "1513568", "185.146.232.169:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/185.146.232.169", "AS200651,C2,censys,FLOKINET,open-dir,payload,Sliver", "0", "DonPasci" "2025-04-29 08:01:35", "1513566", "84.201.20.31:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:53:13", "100", "https://search.censys.io/hosts/84.201.20.31", "AS44066,C2,censys,DE-FIRSTCOLO,Sliver", "0", "DonPasci" "2025-04-29 08:01:35", "1513567", "119.8.103.108:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:44:13", "100", "https://search.censys.io/hosts/119.8.103.108", "AS136907,C2,censys,HWCLOUDS-AS-AP,Sliver", "0", "DonPasci" "2025-04-29 08:01:06", "1513565", "129.226.212.179:11112", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/129.226.212.179", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-04-29 07:08:53", "1513543", "216.9.225.163:27070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-04-29 07:08:53", "1513544", "216.9.225.168:13604", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-04-29 07:08:53", "1513545", "216.9.225.168:13605", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-04-29 07:06:38", "1513536", "193.26.115.124:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "", "c2,dcrat", "0", "juroots" "2025-04-29 07:05:03", "1513532", "160.250.134.185:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-04-29 07:01:51", "1513523", "64.176.225.161:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/64.176.225.161#80", "c2,kimsuky,shodan", "0", "juroots" "2025-04-29 07:01:22", "1513522", "82.116.45.20:7777", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/82.116.45.20#7777", "7777,botnet,quad7,shodan", "0", "juroots" "2025-04-29 07:00:43", "1513519", "94.98.218.137:3460", "ip:port", "botnet_cc", "win.poison_ivy", "SPIVY,pivy,poisonivy", "Poison Ivy", "", "50", "https://www.shodan.io/host/94.98.218.137#3460", "c2,poison_ivy,shodan", "0", "juroots" "2025-04-29 06:59:52", "1513518", "149.210.24.9:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "https://www.shodan.io/host/149.210.24.9#443", "c2,gh0st,shodan", "0", "juroots" "2025-04-29 06:59:29", "1513517", "66.179.93.49:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/66.179.93.49#1604", "c2,darkcomet,shodan", "0", "juroots" "2025-04-29 06:59:06", "1513516", "185.84.161.194:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "https://www.shodan.io/host/185.84.161.194#1177", "c2,njrat,shodan", "0", "juroots" "2025-04-29 06:58:47", "1513514", "162.252.173.119:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/162.252.173.119#9000", "c2,sectop,shodan", "0", "juroots" "2025-04-29 06:58:47", "1513515", "194.26.29.44:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/194.26.29.44#9000", "c2,sectop,shodan", "0", "juroots" "2025-04-29 06:58:23", "1513513", "211.192.69.59:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/211.192.69.59#6001", "c2,netsupport,shodan", "0", "juroots" "2025-04-29 06:58:22", "1513512", "74.177.197.62:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/74.177.197.62#6001", "c2,netsupport,shodan", "0", "juroots" "2025-04-29 06:57:57", "1513510", "64.23.209.98:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/64.23.209.98#7443", "c2,mythic,shodan", "0", "juroots" "2025-04-29 06:57:57", "1513511", "5.181.159.88:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-29 16:02:02", "50", "https://www.shodan.io/host/5.181.159.88#7443", "c2,mythic,shodan", "0", "juroots" "2025-04-29 06:57:19", "1513507", "3.36.21.173:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/3.36.21.173#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-04-29 06:57:19", "1513508", "4.207.15.13:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/4.207.15.13#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-04-29 06:57:19", "1513509", "172.236.137.60:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/172.236.137.60#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-04-29 06:56:34", "1513505", "34.102.87.198:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/34.102.87.198#31337", "c2,shodan,sliver", "0", "juroots" "2025-04-29 06:56:34", "1513506", "94.156.35.94:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/94.156.35.94#31337", "c2,shodan,sliver", "0", "juroots" "2025-04-29 06:56:33", "1513504", "45.12.151.19:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/45.12.151.19#31337", "c2,shodan,sliver", "0", "juroots" "2025-04-29 06:56:04", "1513503", "106.15.127.125:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/106.15.127.125#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-04-29 06:56:03", "1513501", "179.43.186.234:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/179.43.186.234#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-04-29 06:56:03", "1513502", "116.198.229.197:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/116.198.229.197#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-04-29 06:56:02", "1513500", "20.199.40.114:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/20.199.40.114#443", "c2,cobaltstrike,shodan", "0", "juroots" "2025-04-29 06:55:33", "1513499", "47.92.156.2:8843", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 06:56:01", "50", "https://www.shodan.io/host/47.92.156.2#8843", "c2,cobaltstrike,cs-watermark-391144938,shodan", "0", "juroots" "2025-04-29 06:55:06", "1513497", "38.54.14.89:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 06:56:01", "50", "https://www.shodan.io/host/38.54.14.89#8443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-04-29 05:56:07", "1513472", "82.21.158.147:9373", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/b247c4442eebc83bb6dd83a6f7a0327f79159507b4cc93d455d97f5215193c95/", "remcos", "0", "abuse_ch" "2025-04-29 05:56:06", "1513471", "198.54.129.52:6623", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/b247c4442eebc83bb6dd83a6f7a0327f79159507b4cc93d455d97f5215193c95/", "remcos", "0", "abuse_ch" "2025-04-29 05:30:46", "1513457", "176.65.144.19:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/51f0400e2dac0b9542dce9098e261e151e6cf3ea693eb943df3adbaa33889634/", "asyncrat", "0", "abuse_ch" "2025-04-29 05:27:34", "1513446", "209.141.34.106:60195", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-04-29 06:40:05", "75", "None", "Mirai", "0", "elfdigest" "2025-04-29 05:21:47", "1513448", "189.1.219.57:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-04-29 05:21:47", "1513449", "176.65.138.151:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-04-29 04:58:45", "1513439", "35.84.54.233:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.84.54.233", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:43", "1513438", "3.111.245.7:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.111.245.7", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:42", "1513437", "13.237.25.45:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.237.25.45", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:40", "1513436", "144.126.213.111:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/144.126.213.111", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:39", "1513435", "104.197.96.132:10443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.197.96.132", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:37", "1513434", "37.46.132.141:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/37.46.132.141", "AS29182,censys,GoPhish,Phishing,RU-JSCIOT", "0", "dyingbreeds_" "2025-04-29 04:58:36", "1513433", "141.148.224.186:55555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/141.148.224.186", "AS31898,censys,GoPhish,ORACLE-BMC-31898,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:34", "1513432", "44.237.17.191:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/44.237.17.191", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:33", "1513431", "103.197.226.6:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.197.226.6", "AS55352,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:32", "1513430", "143.198.212.64:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/143.198.212.64", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:31", "1513429", "3.38.68.100:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.38.68.100", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:29", "1513428", "209.38.57.27:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/209.38.57.27", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:28", "1513427", "34.9.145.167:2053", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.9.145.167", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:27", "1513426", "158.160.166.124:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/158.160.166.124", "AS200350,censys,GoPhish,Phishing,YANDEXCLOUD", "0", "dyingbreeds_" "2025-04-29 04:58:26", "1513425", "172.105.191.247:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.105.191.247", "AS63949,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:25", "1513424", "108.61.171.130:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/108.61.171.130", "AS-VULTR,AS20473,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:15", "1513423", "34.228.11.30:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.228.11.30", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:14", "1513422", "16.171.23.7:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/16.171.23.7", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-29 04:58:13", "1513421", "103.127.135.159:7000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-29 04:58:12", "1513420", "85.158.108.85:42368", "ip:port", "botnet_cc", "win.ares", "None", "Ares", "", "90", "https://search.censys.io/hosts/85.158.108.85", "AS59711,C2,censys,HZ-EU-AS,RAT", "0", "dyingbreeds_" "2025-04-29 04:58:11", "1513419", "156.208.58.131:4445", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-04-29 04:02:03", "100", "https://search.censys.io/hosts/156.208.58.131", "AS8452,C2,censys,RAT", "0", "dyingbreeds_" "2025-04-29 04:58:10", "1513418", "196.251.73.47:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:49:09", "100", "https://search.censys.io/hosts/196.251.73.47", "AS401120,C2,censys,CHEAPY-HOST", "0", "dyingbreeds_" "2025-04-29 04:58:09", "1513417", "188.130.154.246:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:48:08", "100", "https://search.censys.io/hosts/188.130.154.246", "AS56971,C2,censys,Mythic", "0", "dyingbreeds_" "2025-04-29 04:58:02", "1513414", "198.44.168.41:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:01:04", "100", "https://search.censys.io/hosts/198.44.168.41", "AS142032,C2,censys", "0", "dyingbreeds_" "2025-04-29 04:58:00", "1513415", "198.44.168.41:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:01:04", "100", "https://search.censys.io/hosts/198.44.168.41", "AS142032,C2,censys", "0", "dyingbreeds_" "2025-04-29 04:57:58", "1513413", "77.83.175.103:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:01:04", "100", "https://search.censys.io/hosts/77.83.175.103", "AS211381,C2,censys,PODAON", "0", "dyingbreeds_" "2025-04-29 04:57:57", "1513412", "47.237.20.48:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:57:16", "100", "https://search.censys.io/hosts/47.237.20.48", "AS45102,C2,censys", "0", "dyingbreeds_" "2025-04-29 04:57:56", "1513411", "27.106.121.98:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 05:21:47", "100", "https://search.censys.io/hosts/27.106.121.98", "AS136907,C2,censys", "0", "dyingbreeds_" "2025-04-29 04:57:47", "1513350", "94.228.126.219:443", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "", "100", "https://app.any.run/tasks/2158cd68-31fe-4fd7-afcb-3bc0ebf527c2", "None", "0", "pitachu" "2025-04-29 04:57:44", "1513348", "185.156.72.196:80", "ip:port", "botnet_cc", "win.gcleaner", "None", "GCleaner", "", "100", "https://app.any.run/tasks/2158cd68-31fe-4fd7-afcb-3bc0ebf527c2", "None", "0", "pitachu" "2025-04-29 04:57:42", "1513351", "185.12.204.106:22", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-04-29 04:57:33", "1513443", "23.227.196.18:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-04-29 04:02:17", "1513441", "89.42.88.41:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-04-30 02:53:30", "100", "https://search.censys.io/hosts/89.42.88.41", "AS211409,censys,Chaos,FOXIBYTES,panel", "0", "DonPasci" "2025-04-29 04:02:04", "1513440", "102.96.214.106:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-04-30 02:43:12", "100", "https://search.censys.io/hosts/102.96.214.106", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-04-29 02:35:31", "1513408", "37.120.210.211:42830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/33ebc1a99345339f295f40833f9a603c278d2d7fab7d14d4577a1273689440ed/", "remcos", "0", "abuse_ch" "2025-04-29 00:02:01", "1513404", "52.68.26.242:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-04-30 02:52:13", "100", "https://search.censys.io/hosts/52.68.26.242", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2025-04-29 00:02:00", "1513403", "54.232.158.79:18246", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-04-30 02:52:18", "100", "https://search.censys.io/hosts/54.232.158.79", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-04-29 00:01:56", "1513401", "23.227.199.118:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:50:04", "100", "https://search.censys.io/hosts/23.227.199.118", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-04-29 00:01:51", "1513400", "194.180.158.38:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-29 04:00:34", "100", "https://search.censys.io/hosts/194.180.158.38", "AS39798,C2,censys,MIVOCLOUD,Mythic", "0", "DonPasci" "2025-04-29 00:01:45", "1513399", "37.27.249.115:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:50:45", "100", "https://search.censys.io/hosts/37.27.249.115", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci" "2025-04-29 00:01:20", "1513396", "158.247.239.228:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:46:03", "100", "https://search.censys.io/hosts/158.247.239.228", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci" "2025-04-29 00:01:20", "1513397", "142.44.188.183:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:44:57", "100", "https://search.censys.io/hosts/142.44.188.183", "AS16276,C2,censys,OVH,Sliver", "0", "DonPasci" "2025-04-29 00:01:19", "1513394", "142.44.188.181:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:44:56", "100", "https://search.censys.io/hosts/142.44.188.181", "AS16276,C2,censys,OVH,Sliver", "0", "DonPasci" "2025-04-29 00:01:19", "1513395", "142.44.188.182:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:44:56", "100", "https://search.censys.io/hosts/142.44.188.182", "AS16276,C2,censys,OVH,Sliver", "0", "DonPasci" "2025-04-29 00:01:15", "1513393", "172.94.111.139:16161", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-04-29 04:00:17", "100", "https://search.censys.io/hosts/172.94.111.139", "AS9009,C2,censys,DarkComet,M247,RAT", "0", "DonPasci" "2025-04-29 00:01:05", "1513392", "175.178.120.225:7443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:13", "100", "https://search.censys.io/hosts/175.178.120.225", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci" "2025-04-28 20:53:09", "1513379", "70.31.125.193:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-04-30 02:52:45", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-04-28 20:50:04", "1513378", "213.209.143.57:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:49:49", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 20:49:27", "1513377", "198.135.49.79:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:49:15", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 20:49:23", "1513376", "196.251.84.214:8000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:49:11", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 20:48:57", "1513375", "195.211.191.54:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:48:46", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 20:48:22", "1513374", "191.112.9.128:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-04-30 02:48:15", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-04-28 20:47:18", "1513373", "176.65.140.153:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:47:13", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 20:46:46", "1513372", "172.111.137.167:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:46:44", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 20:02:32", "1513363", "95.125.143.155:80", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/95.125.143.155", "AS3352,C2,censys,hacktool,Mimikatz,open-dir,TELEFONICA_DE_ESPANA", "0", "DonPasci" "2025-04-28 20:02:02", "1513362", "62.182.82.146:4444", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-04-29 04:00:54", "100", "https://search.censys.io/hosts/62.182.82.146", "AS30860,C2,censys,DcRAT,RAT,YURTEH-AS", "0", "DonPasci" "2025-04-28 20:01:59", "1513361", "23.227.199.59:14443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:50:04", "100", "https://search.censys.io/hosts/23.227.199.59", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci" "2025-04-28 20:01:55", "1513360", "91.92.46.3:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/91.92.46.3", "AS214196,C2,censys,Hookbot,VLADYLSAV-NAUMETS", "0", "DonPasci" "2025-04-28 20:01:54", "1513359", "107.189.21.227:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:43:44", "100", "https://search.censys.io/hosts/107.189.21.227", "AS14956,C2,censys,Mythic,ROUTERHOSTING", "0", "DonPasci" "2025-04-28 20:01:48", "1513358", "15.168.20.99:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:45:35", "100", "https://search.censys.io/hosts/15.168.20.99", "AMAZON-02,AS16509,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-04-28 20:01:46", "1513357", "114.55.28.140:18088", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-29 04:00:25", "100", "https://search.censys.io/hosts/114.55.28.140", "ALIBABA-CN-NET,AS37963,C2,censys,Supershell", "0", "DonPasci" "2025-04-28 20:01:23", "1513356", "185.195.65.195:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:47:53", "100", "https://search.censys.io/hosts/185.195.65.195", "AS57169,C2,censys,EDIS-AS-EU,Sliver", "0", "DonPasci" "2025-04-28 20:01:05", "1513355", "107.151.246.44:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:54:45", "100", "https://search.censys.io/hosts/107.151.246.44", "ANSHENG-AS-AP,AS134365,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-04-28 20:01:03", "1513353", "103.233.253.26:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:13", "100", "https://search.censys.io/hosts/103.233.253.26", "AS142032,C2,censys,CobaltStrike,cs-watermark-987654321,HFTCL-AS-AP", "0", "DonPasci" "2025-04-28 20:01:03", "1513354", "43.242.201.14:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:15", "100", "https://search.censys.io/hosts/43.242.201.14", "AS142032,C2,censys,CobaltStrike,cs-watermark-987654321,HFTCL-AS-AP", "0", "DonPasci" "2025-04-28 20:01:02", "1513352", "85.93.9.165:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:08", "100", "https://search.censys.io/hosts/85.93.9.165", "AS214902,C2,censys,CobaltStrike,cs-watermark-987654321,PFWEBSOLUTIONS", "0", "DonPasci" "2025-04-28 19:40:35", "1513345", "67.205.137.180:38975", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "", "Mirai", "0", "NDA0E" "2025-04-28 19:40:35", "1513346", "67.205.137.180:41829", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "", "Mirai", "0", "NDA0E" "2025-04-28 19:40:35", "1513347", "128.199.208.158:8456", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "", "Mirai", "0", "NDA0E" "2025-04-28 17:05:26", "1513320", "109.120.137.79:401", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/459c9a993969d4798a46b33255a4d266225682e180fd97a12fc8bff42875dcce/", "asyncrat", "0", "abuse_ch" "2025-04-28 16:44:22", "1513317", "49.12.113.201:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-04-28 16:44:22", "1513318", "65.109.240.225:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "2025-04-28 19:33:45", "100", "", "Vidar", "0", "crep1x" "2025-04-28 16:44:22", "1513319", "5.75.209.111:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "2025-04-28 19:33:45", "100", "", "Vidar", "0", "crep1x" "2025-04-28 16:02:29", "1513307", "85.9.198.162:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/85.9.198.162", "AS25697,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUDUSA", "0", "DonPasci" "2025-04-28 16:01:56", "1513306", "34.134.221.76:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:50:31", "100", "https://search.censys.io/hosts/34.134.221.76", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Havoc", "0", "DonPasci" "2025-04-28 16:01:52", "1513305", "45.141.233.172:50555", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-04-30 02:51:15", "100", "https://search.censys.io/hosts/45.141.233.172", "AS214943,C2,censys,Hookbot,RAILNET", "0", "DonPasci" "2025-04-28 16:01:50", "1513303", "84.32.188.17:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:53:15", "100", "https://search.censys.io/hosts/84.32.188.17", "AS59642,C2,censys,CHERRYSERVERS2-AS,Mythic", "0", "DonPasci" "2025-04-28 16:01:50", "1513304", "209.38.253.70:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:49:42", "100", "https://search.censys.io/hosts/209.38.253.70", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-04-28 16:01:03", "1513302", "113.44.152.64:6667", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:11", "100", "https://search.censys.io/hosts/113.44.152.64", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci" "2025-04-28 16:01:00", "1513301", "198.44.168.41:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:14", "100", "https://search.censys.io/hosts/198.44.168.41", "AS142032,C2,censys,CobaltStrike,cs-watermark-987654321,HFTCL-AS-AP", "0", "DonPasci" "2025-04-28 15:57:46", "1513300", "185.228.234.238:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-04-28 13:25:21", "1513285", "185.225.17.74:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114415771202728047", "SmartApeSG", "0", "monitorsg" "2025-04-28 12:59:01", "1513277", "47.253.165.251:7890", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:57:19", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-04-28 12:05:52", "1513273", "185.244.30.100:4802", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/a1fd547ad0224d0be610644c1e65feca18df843f079d9839537dc9f6b3e2a87e/", "remcos", "0", "abuse_ch" "2025-04-28 12:05:51", "1513271", "185.244.30.100:4800", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/a1fd547ad0224d0be610644c1e65feca18df843f079d9839537dc9f6b3e2a87e/", "remcos", "0", "abuse_ch" "2025-04-28 12:05:51", "1513272", "185.244.30.100:4801", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/a1fd547ad0224d0be610644c1e65feca18df843f079d9839537dc9f6b3e2a87e/", "remcos", "0", "abuse_ch" "2025-04-28 12:02:44", "1513270", "147.124.221.148:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/147.124.221.148", "AS396073,C2,censys,MAJESTIC-HOSTING-01,rhadamanthys,stealer", "0", "DonPasci" "2025-04-28 12:02:38", "1513269", "47.90.155.109:3000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/47.90.155.109", "ALIBABA-CN-NET,AS45102,C2,censys,hacktool,Mimikatz,open-dir", "0", "DonPasci" "2025-04-28 12:02:22", "1513268", "91.151.95.206:50001", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/91.151.95.206", "AS212219,C2,censys,Gafgyt,HOSTINGDUNYAM", "0", "DonPasci" "2025-04-28 12:02:20", "1513267", "23.88.62.122:8090", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-04-30 02:50:08", "100", "https://search.censys.io/hosts/23.88.62.122", "AS24940,censys,Chaos,HETZNER-AS,panel", "0", "DonPasci" "2025-04-28 12:02:17", "1513266", "91.229.239.12:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-04-29 04:01:07", "100", "https://search.censys.io/hosts/91.229.239.12", "ALEXHOST,AS200019,C2,censys,moobot", "0", "DonPasci" "2025-04-28 12:02:07", "1513265", "13.244.95.122:44819", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-04-30 02:44:36", "100", "https://search.censys.io/hosts/13.244.95.122", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-04-28 12:02:02", "1513264", "172.187.178.33:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:46:47", "100", "https://search.censys.io/hosts/172.187.178.33", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci" "2025-04-28 12:02:01", "1513263", "193.233.203.26:8993", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:48:33", "100", "https://search.censys.io/hosts/193.233.203.26", "ALEXHOST,AS200019,C2,censys,Havoc", "0", "DonPasci" "2025-04-28 12:01:55", "1513261", "155.138.132.158:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:45:50", "100", "https://search.censys.io/hosts/155.138.132.158", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci" "2025-04-28 12:01:55", "1513262", "102.117.172.150:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:43:11", "100", "https://search.censys.io/hosts/102.117.172.150", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-04-28 12:01:50", "1513260", "80.64.30.203:15647", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/80.64.30.203", "AS57523,C2,censys,CHANGWAY-AS,RAT,Sectop", "0", "DonPasci" "2025-04-28 12:01:49", "1513259", "196.251.116.129:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:51", "100", "https://search.censys.io/hosts/196.251.116.129", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-04-28 12:01:48", "1513256", "154.211.90.252:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:45:47", "100", "https://search.censys.io/hosts/154.211.90.252", "AS399077,AsyncRAT,C2,censys,RAT,TERAEXCH", "0", "DonPasci" "2025-04-28 12:01:48", "1513257", "82.223.48.201:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:53:10", "100", "https://search.censys.io/hosts/82.223.48.201", "AS8560,AsyncRAT,C2,censys,IONOS-AS,RAT", "0", "DonPasci" "2025-04-28 12:01:48", "1513258", "158.220.83.114:1005", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:46:01", "100", "https://search.censys.io/hosts/158.220.83.114", "AS51167,AsyncRAT,C2,censys,CONTABO,RAT", "0", "DonPasci" "2025-04-28 12:01:47", "1513255", "154.211.90.65:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:45:47", "100", "https://search.censys.io/hosts/154.211.90.65", "AS399077,AsyncRAT,C2,censys,RAT,TERAEXCH", "0", "DonPasci" "2025-04-28 12:01:45", "1513254", "8.219.49.148:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-29 04:00:25", "100", "https://search.censys.io/hosts/8.219.49.148", "ALIBABA-CN-NET,AS45102,C2,censys,Supershell", "0", "DonPasci" "2025-04-28 12:01:42", "1513253", "3.252.248.209:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/3.252.248.209", "AMAZON-02,AS16509,C2,censys,payload,Sliver", "0", "DonPasci" "2025-04-28 12:01:01", "1513252", "39.100.70.144:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:56:41", "100", "https://search.censys.io/hosts/39.100.70.144", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-04-28 08:57:33", "1513243", "195.128.100.227:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-04-30 02:56:22", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-04-28 08:53:52", "1513242", "84.38.189.55:6443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-04-30 02:53:17", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-04-28 08:53:18", "1513241", "70.176.149.88:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-04-30 02:52:44", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-04-28 08:50:48", "1513240", "31.131.251.47:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-04-30 02:50:28", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-04-28 08:49:16", "1513239", "196.251.69.149:8000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-04-30 02:49:00", "75", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch" "2025-04-28 08:45:08", "1513233", "142.171.44.245:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-04-30 02:44:55", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-04-28 08:40:42", "1513232", "196.251.86.182:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/5d552296723b7538452a78433ec14ead0f53931dacc2a0c9d2c30c1d75550eff/", "asyncrat", "0", "abuse_ch" "2025-04-28 08:02:03", "1513225", "195.2.92.39:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:48:44", "100", "https://search.censys.io/hosts/195.2.92.39", "AS216071,C2,censys,Covenant,VDSINA", "0", "DonPasci" "2025-04-28 08:01:58", "1513224", "154.21.201.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:45:46", "100", "https://search.censys.io/hosts/154.21.201.16", "AS979,C2,censys,Havoc,NETLAB-SDN", "0", "DonPasci" "2025-04-28 08:01:57", "1513222", "84.32.22.36:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-04-30 02:53:15", "100", "https://search.censys.io/hosts/84.32.22.36", "AS216444,C2,censys,CHERRYSERVERS4-AS,Havoc", "0", "DonPasci" "2025-04-28 08:01:53", "1513221", "42.118.180.174:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:42", "100", "https://search.censys.io/hosts/42.118.180.174", "AS18403,C2,censys,FPT-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-04-28 08:01:52", "1513217", "116.104.55.173:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:43", "100", "https://search.censys.io/hosts/116.104.55.173", "AS7552,C2,censys,Quasar,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-04-28 08:01:52", "1513218", "116.104.55.159:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:41", "100", "https://search.censys.io/hosts/116.104.55.159", "AS7552,C2,censys,Quasar,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-04-28 08:01:52", "1513219", "58.186.113.141:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:44", "100", "https://search.censys.io/hosts/58.186.113.141", "AS18403,C2,censys,FPT-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-04-28 08:01:52", "1513220", "58.186.168.187:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:43", "100", "https://search.censys.io/hosts/58.186.168.187", "AS18403,C2,censys,FPT-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-04-28 08:01:51", "1513213", "116.104.55.175:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:42", "100", "https://search.censys.io/hosts/116.104.55.175", "AS7552,C2,censys,Quasar,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-04-28 08:01:51", "1513214", "116.104.55.150:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:40", "100", "https://search.censys.io/hosts/116.104.55.150", "AS7552,C2,censys,Quasar,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-04-28 08:01:51", "1513215", "42.118.180.168:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:44", "100", "https://search.censys.io/hosts/42.118.180.168", "AS18403,C2,censys,FPT-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-04-28 08:01:51", "1513216", "171.224.210.244:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:41", "100", "https://search.censys.io/hosts/171.224.210.244", "AS7552,C2,censys,Quasar,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-04-28 08:01:50", "1513210", "116.104.55.198:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:41", "100", "https://search.censys.io/hosts/116.104.55.198", "AS7552,C2,censys,Quasar,RAT,VIETEL-AS-AP", "0", "DonPasci" "2025-04-28 08:01:50", "1513211", "42.118.180.182:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:43", "100", "https://search.censys.io/hosts/42.118.180.182", "AS18403,C2,censys,FPT-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-04-28 08:01:50", "1513212", "58.186.113.138:8888", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-29 04:00:41", "100", "https://search.censys.io/hosts/58.186.113.138", "AS18403,C2,censys,FPT-AS-AP,Quasar,RAT", "0", "DonPasci" "2025-04-28 08:01:47", "1513207", "128.199.68.233:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:44:27", "100", "https://search.censys.io/hosts/128.199.68.233", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-04-28 08:01:47", "1513208", "107.189.21.227:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:43:45", "100", "https://search.censys.io/hosts/107.189.21.227", "AS14956,C2,censys,Mythic,ROUTERHOSTING", "0", "DonPasci" "2025-04-28 08:01:41", "1513206", "95.129.234.24:3333", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:53:45", "100", "https://search.censys.io/hosts/95.129.234.24", "AS57724,AsyncRAT,C2,censys,DDOS-GUARD,RAT", "0", "DonPasci" "2025-04-28 08:01:02", "1513205", "151.236.16.211:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-29 04:00:11", "100", "https://search.censys.io/hosts/151.236.16.211", "AS9009,C2,censys,CobaltStrike,cs-watermark-305419896,M247", "0", "DonPasci" "2025-04-28 08:00:58", "1513204", "47.93.25.72:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-30 02:57:22", "100", "https://search.censys.io/hosts/47.93.25.72", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-04-28 06:26:59", "1513151", "159.138.34.64:56789", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-04-28 04:00:59", "100", "https://search.censys.io/hosts/159.138.34.64", "AS136907,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:59", "1513152", "196.251.116.115:5555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:51", "100", "https://search.censys.io/hosts/196.251.116.115", "AS401116,C2,censys,NYBULA,RAT", "0", "dyingbreeds_" "2025-04-28 06:26:58", "1513154", "195.211.191.54:2983", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:46", "100", "https://search.censys.io/hosts/195.211.191.54", "AS214940,C2,censys,KPRONET,RAT", "0", "dyingbreeds_" "2025-04-28 06:26:58", "1513155", "196.251.116.68:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-04-30 02:48:57", "100", "https://search.censys.io/hosts/196.251.116.68", "AS401116,C2,censys,NYBULA,RAT", "0", "dyingbreeds_" "2025-04-28 06:26:58", "1513156", "167.71.236.37:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-04-30 02:46:37", "100", "https://search.censys.io/hosts/167.71.236.37", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "dyingbreeds_" "2025-04-28 06:26:57", "1513157", "187.101.165.234:5000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-04-28 04:01:51", "100", "https://search.censys.io/hosts/187.101.165.234", "AS27699,C2,censys,RAT", "0", "dyingbreeds_" "2025-04-28 06:26:57", "1513158", "154.91.226.168:443", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-04-28 04:01:58", "100", "https://search.censys.io/hosts/154.91.226.168", "AS54801,C2,censys,RAT,ZILLION-NETWORK", "0", "dyingbreeds_" "2025-04-28 06:26:56", "1513159", "103.127.135.159:81", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:56", "1513160", "103.127.135.159:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:55", "1513161", "103.127.135.159:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:55", "1513162", "103.127.135.159:8000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:54", "1513163", "103.127.135.159:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:54", "1513164", "103.127.135.159:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.127.135.159", "AS133800,Botnet,byob,C2,censys", "0", "dyingbreeds_" "2025-04-28 06:26:53", "1513165", "121.37.237.250:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/121.37.237.250", "AS55990,censys,Viper", "0", "dyingbreeds_" "2025-04-28 06:26:52", "1513166", "54.75.31.65:3636", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.75.31.65", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:47", "1513167", "34.34.87.254:4141", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.34.87.254", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:47", "1513168", "222.184.253.70:56562", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/222.184.253.70", "AS4134,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:46", "1513169", "80.211.194.153:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/80.211.194.153", "AS24806,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:45", "1513170", "34.244.45.33:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.244.45.33", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:45", "1513171", "186.67.120.154:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/186.67.120.154", "AS27651,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:44", "1513172", "18.201.179.180:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.201.179.180", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:44", "1513173", "52.215.233.215:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.215.233.215", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:44", "1513174", "3.254.210.225:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.254.210.225", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:42", "1513175", "34.9.145.167:2083", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.9.145.167", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:42", "1513176", "193.134.211.236:3334", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/193.134.211.236", "AS139659,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:41", "1513177", "164.90.216.69:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.90.216.69", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:41", "1513178", "149.90.103.193:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/149.90.103.193", "AS12353,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:40", "1513179", "47.238.30.194:8088", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.238.30.194", "AS45102,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:39", "1513180", "44.233.122.24:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/44.233.122.24", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:39", "1513181", "44.233.122.24:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/44.233.122.24", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:38", "1513182", "168.138.2.167:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/168.138.2.167", "AS31898,censys,GoPhish,ORACLE-BMC-31898,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:38", "1513183", "143.110.147.139:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/143.110.147.139", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:37", "1513184", "51.75.22.182:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.75.22.182", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:37", "1513185", "142.171.29.139:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/142.171.29.139", "AS35916,censys,GoPhish,MULTA-ASN1,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:36", "1513186", "3.125.68.215:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.125.68.215", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:36", "1513187", "3.125.68.215:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.125.68.215", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-04-28 06:26:25", "1513094", "206.238.68.237:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:24", "1513143", "172.111.163.163:3911", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250428-aaj5gst1hx/behavioral1", "rat,trojan", "0", "UNP4CK" "2025-04-28 06:26:23", "1513122", "147.93.111.114:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://tria.ge/250427-22zg2atsh1/behavioral1", "backdoor,trojan", "0", "UNP4CK" "2025-04-28 06:26:05", "1513089", "23.95.140.60:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:05", "1513090", "23.94.70.113:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:04", "1513091", "34.96.225.28:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:03", "1513092", "139.59.247.82:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:03", "1513095", "103.215.78.185:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:00", "1513093", "64.185.233.163:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:26:00", "1513096", "23.94.70.114:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:59", "1513097", "27.124.34.26:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:59", "1513098", "27.124.34.31:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:58", "1513099", "107.173.111.26:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:58", "1513100", "103.215.78.213:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:57", "1513101", "38.54.16.203:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:56", "1513102", "38.147.170.252:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:55", "1513104", "35.78.114.163:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:55", "1513105", "165.154.199.35:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:54", "1513103", "198.58.100.186:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:54", "1513106", "27.124.34.25:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:53", "1513107", "192.253.235.50:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:53", "1513108", "47.108.175.134:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:52", "1513109", "114.116.254.52:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:52", "1513110", "206.238.70.142:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:51", "1513111", "103.79.118.72:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:51", "1513112", "16.163.161.51:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:50", "1513113", "64.185.233.162:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:50", "1513114", "66.135.26.190:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:49", "1513115", "103.12.148.112:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:49", "1513116", "23.95.44.47:3232", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "None", "0", "orlof_v" "2025-04-28 06:25:46", "1513035", "185.228.72.71:1533", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-x6vbna1kz4/behavioral1", "botnet:default,discovery,persistence,rat", "0", "UNP4CK" "2025-04-28 06:25:46", "1513073", "62.60.226.101:40104", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-ywrcpayzfw/behavioral1", "discovery", "0", "UNP4CK" "2025-04-28 06:25:45", "1513075", "62.60.226.21:40103", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-ywrcpayzfw/behavioral1", "discovery", "0", "UNP4CK" "2025-04-28 06:25:44", "1513087", "193.151.108.40:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://tria.ge/250427-zlzrrazwft/behavioral1", "botnet:scaner_new,spyware,trojan", "0", "UNP4CK" "2025-04-28 06:25:43", "1513074", "62.60.226.21:40104", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-ywrcpayzfw/behavioral1", "discovery", "0", "UNP4CK" "2025-04-28 06:25:43", "1513076", "185.29.11.31:3765", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-yyd55ssjw4/behavioral1", "botnet:chinemerem,discovery,rat", "0", "UNP4CK" "2025-04-28 06:25:42", "1513033", "46.246.14.5:2404", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-xrm9sszqz2/behavioral1", "botnet:navidad22,discovery,persistence,rat", "0", "UNP4CK" "2025-04-28 06:25:42", "1513034", "52.57.120.10:12802", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-xvsnpazrw2/behavioral1", "botnet:default,discovery,rat", "0", "UNP4CK" "2025-04-28 06:25:42", "1513072", "62.60.226.21:40105", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-ywrcpayzfw/behavioral1", "discovery", "0", "UNP4CK" "2025-04-28 06:25:41", "1513031", "78.159.131.80:81", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://tria.ge/250427-wx9vbazmv6/behavioral1", "botnet:remote,discovery,persistence,stealer,trojan,upx", "0", "UNP4CK" "2025-04-28 05:58:53", "1513193", "182.92.131.115:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-04-28 05:58:31", "1513192", "43.140.243.146:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch" # Number of entries: 331