################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2026-06-11 16:00:23 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-06-11 16:00:23", "1830348", "139.59.106.160:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-11 16:00:21", "1830347", "36.255.197.120:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-11 16:00:20", "1830346", "16.170.32.198:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "True", "None", "mythic", "1", "_ik_"
"2026-06-11 16:00:19", "1830344", "8.152.2.86:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 16:00:19", "1830345", "8.152.2.86:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 15:00:15", "1830333", "8.152.2.86:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 15:00:14", "1830331", "62.60.226.185:6003", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "True", "None", "quasarrat", "1", "_ik_"
"2026-06-11 15:00:14", "1830332", "154.23.189.41:14782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "True", "None", "quasarrat", "1", "_ik_"
"2026-06-11 15:00:12", "1830330", "122.51.50.44:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 14:45:54", "1830325", "94.154.32.163:7004", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "False", "https://bazaar.abuse.ch/sample/be4308b1266c148eb7c778aa68d58dffb1350aa556d7bd58d8ff3a0d2ad449fa/", "xworm", "0", "abuse_ch"
"2026-06-11 14:45:53", "1830324", "45.88.91.5:7004", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "False", "https://bazaar.abuse.ch/sample/be4308b1266c148eb7c778aa68d58dffb1350aa556d7bd58d8ff3a0d2ad449fa/", "xworm", "0", "abuse_ch"
"2026-06-11 14:00:22", "1830310", "122.51.50.44:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 14:00:20", "1830309", "122.51.50.44:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 14:00:19", "1830308", "122.51.50.44:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 14:00:17", "1830307", "172.94.18.103:79", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-06-11 12:51:16", "1830302", "64.89.162.149:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "50", "False", "https://www.shodan.io/host/64.89.162.149#80", "c2,moobot,shodan", "0", "juroots"
"2026-06-11 12:50:51", "1830301", "138.124.29.208:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/138.124.29.208#80", "c2,shodan,unam", "0", "juroots"
"2026-06-11 12:50:11", "1830300", "185.167.96.179:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "False", "https://www.shodan.io/host/185.167.96.179#1604", "c2,darkcomet,shodan", "0", "juroots"
"2026-06-11 12:49:29", "1830298", "104.168.62.5:54984", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "False", "https://www.shodan.io/host/104.168.62.5#54984", "c2,nanocore,shodan", "0", "juroots"
"2026-06-11 12:48:55", "1830296", "185.241.208.118:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "50", "False", "https://www.shodan.io/host/185.241.208.118#4321", "adaptixc2,c2,shodan", "0", "juroots"
"2026-06-11 12:48:55", "1830297", "185.241.208.118:4444", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "50", "False", "https://www.shodan.io/host/185.241.208.118#4444", "adaptixc2,c2,shodan", "0", "juroots"
"2026-06-11 12:47:35", "1830294", "151.59.114.129:8080", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "False", "https://www.shodan.io/host/151.59.114.129#8080", "c2,sectoprat,shodan", "0", "juroots"
"2026-06-11 12:47:35", "1830295", "146.103.126.127:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "False", "https://www.shodan.io/host/146.103.126.127#9000", "c2,sectoprat,shodan", "0", "juroots"
"2026-06-11 12:46:50", "1830293", "122.114.252.115:12340", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "", "50", "False", "https://www.shodan.io/host/122.114.252.115#12340", "c2,shadowpad,shodan", "0", "juroots"
"2026-06-11 12:46:30", "1830289", "113.44.64.117:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:51:38", "50", "False", "https://www.shodan.io/host/113.44.64.117#7443", "c2,mythic,shodan", "0", "juroots"
"2026-06-11 12:46:30", "1830290", "175.178.123.42:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/175.178.123.42#8089", "c2,mythic,shodan", "0", "juroots"
"2026-06-11 12:46:30", "1830291", "159.89.48.54:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:51:38", "50", "False", "https://www.shodan.io/host/159.89.48.54#7443", "c2,mythic,shodan", "0", "juroots"
"2026-06-11 12:46:30", "1830292", "107.148.1.64:9443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/107.148.1.64#9443", "c2,mythic,shodan", "0", "juroots"
"2026-06-11 12:46:11", "1830288", "35.239.220.64:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/35.239.220.64#8089", "c2,locust,shodan", "0", "juroots"
"2026-06-11 12:46:10", "1830283", "79.110.49.85:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/79.110.49.85#8089", "c2,locust,shodan", "0", "juroots"
"2026-06-11 12:46:10", "1830284", "65.108.32.130:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/65.108.32.130#8089", "c2,locust,shodan", "0", "juroots"
"2026-06-11 12:46:10", "1830285", "34.89.98.172:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/34.89.98.172#8089", "c2,locust,shodan", "0", "juroots"
"2026-06-11 12:46:10", "1830286", "20.54.88.98:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/20.54.88.98#8089", "c2,locust,shodan", "0", "juroots"
"2026-06-11 12:46:10", "1830287", "34.143.184.190:8089", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/34.143.184.190#8089", "c2,locust,shodan", "0", "juroots"
"2026-06-11 12:45:41", "1830277", "159.65.154.209:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/159.65.154.209#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:45:41", "1830278", "83.142.209.60:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/83.142.209.60#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:45:41", "1830279", "172.238.122.85:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/172.238.122.85#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:45:41", "1830280", "62.210.214.18:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/62.210.214.18#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:45:41", "1830281", "144.172.104.22:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/144.172.104.22#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:45:41", "1830282", "87.106.75.120:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/87.106.75.120#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:45:40", "1830276", "153.75.227.142:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "50", "False", "https://www.shodan.io/host/153.75.227.142#1337", "c2,shodan,starkillerc2", "0", "juroots"
"2026-06-11 12:44:59", "1830274", "3.18.5.177:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/3.18.5.177#443", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:59", "1830275", "209.91.248.6:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/209.91.248.6#8443", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:58", "1830270", "35.168.186.153:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/35.168.186.153#443", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:58", "1830271", "13.58.240.163:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/13.58.240.163#443", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:58", "1830272", "130.160.1.225:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/130.160.1.225#443", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:58", "1830273", "35.130.170.60:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/35.130.170.60#443", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:57", "1830268", "165.29.86.2:8989", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/165.29.86.2#8989", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:57", "1830269", "94.49.35.175:9090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/94.49.35.175#9090", "c2,powersploit,shodan", "0", "juroots"
"2026-06-11 12:44:40", "1830267", "129.226.121.12:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/129.226.121.12#443", "c2,panda,shodan", "0", "juroots"
"2026-06-11 12:44:38", "1830263", "38.76.169.231:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/38.76.169.231#443", "c2,panda,shodan", "0", "juroots"
"2026-06-11 12:44:38", "1830264", "43.112.115.8:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/43.112.115.8#443", "c2,panda,shodan", "0", "juroots"
"2026-06-11 12:44:37", "1830262", "149.28.13.194:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/149.28.13.194#443", "c2,panda,shodan", "0", "juroots"
"2026-06-11 12:44:06", "1830256", "194.146.38.191:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/194.146.38.191#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:06", "1830257", "195.246.230.115:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/195.246.230.115#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:06", "1830258", "207.174.30.91:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/207.174.30.91#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:06", "1830259", "169.40.135.88:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/169.40.135.88#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:06", "1830260", "173.230.0.145:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/173.230.0.145#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:05", "1830251", "185.241.208.118:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/185.241.208.118#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:05", "1830252", "95.182.84.43:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/95.182.84.43#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:05", "1830253", "109.107.140.248:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/109.107.140.248#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:05", "1830254", "101.200.39.128:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/101.200.39.128#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:05", "1830255", "80.241.208.176:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/80.241.208.176#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830244", "80.241.219.92:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/80.241.219.92#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830245", "74.48.108.73:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/74.48.108.73#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830246", "91.236.230.152:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/91.236.230.152#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830247", "172.105.114.236:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/172.105.114.236#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830248", "159.65.22.41:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/159.65.22.41#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830249", "194.87.24.131:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/194.87.24.131#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:04", "1830250", "193.242.184.158:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/193.242.184.158#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:03", "1830238", "95.111.239.243:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/95.111.239.243#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:03", "1830239", "185.163.2.10:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/185.163.2.10#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:03", "1830240", "103.160.59.17:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/103.160.59.17#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:03", "1830241", "213.21.254.240:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/213.21.254.240#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:03", "1830242", "185.225.226.85:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/185.225.226.85#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:03", "1830243", "107.189.11.149:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/107.189.11.149#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:01", "1830235", "62.84.172.151:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/62.84.172.151#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:01", "1830236", "66.116.238.103:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/66.116.238.103#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:44:01", "1830237", "5.230.201.54:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "False", "https://www.shodan.io/host/5.230.201.54#31337", "c2,shodan,sliver", "0", "juroots"
"2026-06-11 12:43:39", "1830233", "54.86.242.233:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:41", "50", "False", "https://www.shodan.io/host/54.86.242.233#443", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:39", "1830234", "202.10.42.113:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:42", "50", "False", "https://www.shodan.io/host/202.10.42.113#8443", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:38", "1830229", "20.197.43.238:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:41", "50", "False", "https://www.shodan.io/host/20.197.43.238#443", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:38", "1830230", "152.89.16.45:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/152.89.16.45#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:38", "1830231", "46.182.217.204:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:41", "50", "False", "https://www.shodan.io/host/46.182.217.204#443", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:38", "1830232", "34.128.109.190:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:41", "50", "False", "https://www.shodan.io/host/34.128.109.190#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:37", "1830223", "101.96.111.198:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/101.96.111.198#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:37", "1830224", "51.159.82.179:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/51.159.82.179#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:37", "1830225", "190.20.96.35:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:41", "50", "False", "https://www.shodan.io/host/190.20.96.35#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:37", "1830226", "195.246.230.115:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/195.246.230.115#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:37", "1830227", "203.189.71.122:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/203.189.71.122#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:37", "1830228", "200.33.163.61:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/200.33.163.61#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:36", "1830220", "103.85.226.42:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:40", "50", "False", "https://www.shodan.io/host/103.85.226.42#8443", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:36", "1830221", "173.249.33.186:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/173.249.33.186#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:36", "1830222", "34.172.171.254:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:40", "50", "False", "https://www.shodan.io/host/34.172.171.254#443", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:35", "1830217", "159.89.167.49:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/159.89.167.49#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:35", "1830218", "20.197.43.238:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "False", "https://www.shodan.io/host/20.197.43.238#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:35", "1830219", "57.162.106.141:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:40", "50", "False", "https://www.shodan.io/host/57.162.106.141#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2026-06-11 12:43:08", "1830216", "134.65.51.39:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/134.65.51.39#443", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:07", "1830211", "218.244.142.4:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:08", "50", "False", "https://www.shodan.io/host/218.244.142.4#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:07", "1830212", "114.132.199.129:1443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/114.132.199.129#1443", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:07", "1830213", "135.125.196.5:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:08", "50", "False", "https://www.shodan.io/host/135.125.196.5#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:07", "1830214", "190.90.147.38:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/190.90.147.38#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:07", "1830215", "120.26.208.96:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/120.26.208.96#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:06", "1830208", "154.201.68.191:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "https://www.shodan.io/host/154.201.68.191#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:06", "1830209", "114.134.187.38:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:08", "50", "False", "https://www.shodan.io/host/114.134.187.38#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:43:06", "1830210", "20.15.58.107:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:08", "50", "False", "https://www.shodan.io/host/20.15.58.107#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2026-06-11 12:42:28", "1830207", "114.132.89.132:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:06", "50", "False", "https://www.shodan.io/host/114.132.89.132#8443", "c2,cobaltstrike,cs-watermark-600000,shodan", "0", "juroots"
"2026-06-11 12:42:24", "1830206", "117.72.159.215:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:06", "50", "False", "https://www.shodan.io/host/117.72.159.215#8080", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2026-06-11 12:42:23", "1830205", "156.234.211.162:8821", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:06", "50", "False", "https://www.shodan.io/host/156.234.211.162#8821", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2026-06-11 12:00:19", "1830196", "211.159.225.77:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 12:00:18", "1830195", "211.159.225.77:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 10:00:20", "1830055", "43.136.180.88:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 09:44:07", "1830053", "206.81.21.156:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:11", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-11 09:43:44", "1830051", "182.23.2.163:4048", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-11 09:43:44", "1830052", "182.23.2.163:4814", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-11 09:43:42", "1830050", "182.23.2.163:1230", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-11 09:00:15", "1830046", "64.89.162.82:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-06-11 09:00:14", "1830045", "160.202.230.103:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 09:00:13", "1830044", "160.202.230.103:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 08:21:46", "1830023", "209.99.184.216:56001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/198830b9014d87a31306ba020ffa37eeb35adf2ed6f90e341f12ebe90fb23f48", "None", "0", "abuse_ch"
"2026-06-11 08:21:46", "1830024", "209.99.184.216:56002", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/198830b9014d87a31306ba020ffa37eeb35adf2ed6f90e341f12ebe90fb23f48", "None", "0", "abuse_ch"
"2026-06-11 08:21:46", "1830025", "209.99.184.216:56003", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/198830b9014d87a31306ba020ffa37eeb35adf2ed6f90e341f12ebe90fb23f48", "None", "0", "abuse_ch"
"2026-06-11 08:00:20", "1830019", "47.121.181.148:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 08:00:20", "1830020", "47.121.181.148:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 08:00:17", "1830018", "2.26.228.27:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-11 07:45:08", "1830015", "45.67.222.21:3389", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "85", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1059_001", "0", "Erebu"
"2026-06-11 07:45:07", "1830014", "175.98.132.116:9443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "91", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1105", "0", "Erebu"
"2026-06-11 07:00:15", "1830011", "103.202.61.220:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-11 07:00:15", "1830012", "186.246.16.124:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-11 07:00:14", "1830010", "8.219.158.30:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 06:53:17", "1830008", "209.99.191.186:8765", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/0dff181b29d64aa245f8da5cebc1788e7f13e2600e03574c236508659b15c16c/", "None", "0", "abuse_ch"
"2026-06-11 06:43:05", "1830007", "45.87.53.6:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:00:18", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-11 06:43:04", "1830006", "120.55.3.157:10000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-11 06:42:55", "1830005", "117.72.220.212:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-11 06:42:48", "1830004", "43.136.180.88:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 10:00:18", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-11 06:42:47", "1830002", "43.136.180.88:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 10:00:20", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-11 06:42:47", "1830003", "47.121.181.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 08:00:19", "100", "False", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2026-06-11 06:42:46", "1830001", "124.220.41.22:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2026-06-11 06:42:45", "1830000", "211.159.225.77:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:00:18", "100", "False", "None", "CobaltStrike", "0", "abuse_ch"
"2026-06-11 06:42:44", "1829999", "160.202.230.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 09:00:13", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-11 06:42:43", "1829998", "49.233.105.49:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2026-06-11 06:42:41", "1829997", "139.5.108.17:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-11 06:00:17", "1829995", "45.38.20.122:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "True", "None", "adaptix", "1", "_ik_"
"2026-06-11 06:00:16", "1829994", "45.38.20.122:80", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "True", "None", "adaptix", "1", "_ik_"
"2026-06-11 06:00:15", "1829992", "104.233.154.139:888", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-11 06:00:15", "1829993", "45.38.20.122:443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "True", "None", "adaptix", "1", "_ik_"
"2026-06-11 06:00:13", "1829991", "1.94.184.17:60002", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-11 05:26:07", "1829951", "193.233.130.136:3389", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "99", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1105", "0", "Erebu"
"2026-06-11 05:26:07", "1829953", "156.234.211.138:8821", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "50", "False", "None", "138195,c2,censys,cobalt strike", "0", "sojubear"
"2026-06-11 05:26:06", "1829954", "156.234.211.165:8821", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "50", "False", "None", "138195,c2,censys,cobalt strike", "0", "sojubear"
"2026-06-11 05:26:05", "1829955", "219.92.2.65:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "None", "4788,c2,censys,cobalt strike", "0", "sojubear"
"2026-06-11 05:26:05", "1829957", "192.144.213.21:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-06-11 05:26:04", "1829956", "18.175.227.88:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "None", "16509,c2,censys,cobalt strike", "0", "sojubear"
"2026-06-11 05:26:01", "1829958", "41.234.41.113:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "False", "None", "8452,asyncrat,c2,censys", "0", "sojubear"
"2026-06-11 05:26:01", "1829961", "193.106.8.24:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1059_001", "0", "Erebu"
"2026-06-11 05:26:00", "1829962", "185.89.214.29:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "99", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1573_002", "0", "Erebu"
"2026-06-11 05:25:51", "1829938", "185.190.212.155:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1059_001", "0", "Erebu"
"2026-06-11 05:25:43", "1829928", "45.67.84.76:3389", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "86", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1071_001", "0", "Erebu"
"2026-06-11 04:05:08", "1829981", "43.160.193.90:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-06-11 03:45:07", "1829979", "18.162.74.188:112", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-06-11 03:00:16", "1829976", "34.92.128.98:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 03:00:14", "1829975", "34.92.128.98:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 02:00:20", "1829964", "47.92.206.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 02:00:20", "1829965", "47.92.206.63:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 02:00:18", "1829963", "47.92.206.63:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-11 01:05:40", "1829959", "64.89.160.198:8080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "False", "https://bazaar.abuse.ch/sample/919d18568ebd2cdcde7aeb972d0ba2f8fc0596d5fc7b00d35071f131a8e5011d/", "remcos", "0", "abuse_ch"
"2026-06-10 23:45:53", "1829946", "85.137.240.208:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 23:00:14", "1829939", "98.91.254.110:443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "True", "None", "adaptix", "1", "_ik_"
"2026-06-10 22:00:22", "1829927", "98.91.254.110:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "True", "None", "adaptix", "1", "_ik_"
"2026-06-10 22:00:20", "1829926", "98.91.254.110:80", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "True", "None", "adaptix", "1", "_ik_"
"2026-06-10 21:00:15", "1829921", "106.13.201.122:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 21:00:15", "1829922", "85.217.248.220:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "True", "None", "quasarrat", "1", "_ik_"
"2026-06-10 21:00:14", "1829920", "110.42.61.44:8888", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 21:00:13", "1829919", "115.190.234.72:8085", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 20:00:22", "1829912", "124.220.32.176:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 20:00:22", "1829913", "117.50.184.253:50050", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 20:00:22", "1829914", "115.191.19.20:65511", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 20:00:20", "1829911", "149.104.28.77:80", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 19:45:19", "1829909", "87.182.39.55:51125", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:41", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:45:15", "1829908", "82.221.139.243:52281", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:37", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-10 19:45:10", "1829907", "64.89.162.178:5902", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:31", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 19:44:49", "1829905", "45.157.116.119:29476", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 19:44:49", "1829906", "45.38.41.27:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 19:44:47", "1829904", "45.140.14.29:1488", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:07", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 19:44:35", "1829903", "23.235.185.43:12159", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:44:50", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:44:33", "1829902", "216.158.235.73:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:44:49", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-10 19:43:55", "1829900", "198.23.185.231:20200", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:05", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:43:55", "1829901", "198.23.185.231:20800", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:05", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:43:51", "1829899", "193.135.137.240:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:59", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 19:43:49", "1829898", "191.107.87.183:5471", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:57", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 19:43:48", "1829897", "188.23.170.168:8000", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:55", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-06-10 19:43:46", "1829896", "185.33.84.183:3000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:54", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-10 19:43:41", "1829895", "182.23.2.163:9800", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:49", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 19:43:38", "1829894", "181.235.14.94:3588", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:45", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:43:34", "1829893", "172.94.18.103:71", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:40", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:43:32", "1829892", "170.39.185.141:2030", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:37", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-10 19:43:29", "1829891", "163.245.217.90:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:34", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-10 19:43:26", "1829889", "159.69.59.93:4550", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:31", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 19:43:20", "1829888", "153.75.249.13:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:24", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 19:43:18", "1829887", "146.70.51.74:7898", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:21", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 19:43:13", "1829886", "130.94.95.135:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 18:40:03", "1829871", "213.109.192.63:44549", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "None", "NjRAT", "0", "abuse_ch"
"2026-06-10 17:40:54", "1829860", "217.216.72.116:4219", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/3d9ee40c6b7b67f193511b665d005945179f0d5a9870e8ecb4e4cef495213de6/", "remus", "0", "abuse_ch"
"2026-06-10 17:27:59", "1829857", "172.81.130.198:8443", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/761745042e6ba4fadd0bf1ef4a28df72d34caefddd294cd022a37cd6e282faea/", "PureLogStealer", "0", "abuse_ch"
"2026-06-10 16:40:11", "1829845", "181.134.208.116:8010", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 16:40:10", "1829844", "172.111.169.78:65070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 16:40:06", "1829843", "178.16.52.141:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 16:40:04", "1829842", "141.94.45.153:34951", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "None", "NjRAT", "0", "abuse_ch"
"2026-06-10 16:24:30", "1829817", "45.138.64.124:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "86", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1059_001", "0", "Erebu"
"2026-06-10 16:24:26", "1829829", "154.29.73.187:63641", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "", "C2,Mirai", "0", "botnetkiller"
"2026-06-10 16:08:17", "1829835", "31.56.209.222:31337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "False", "https://bazaar.abuse.ch/sample/9b4b6476b4145b3d1d31c45bbdd8cbc604dff595062d62ade06ea89cfa455f46/", "Mirai", "0", "abuse_ch"
"2026-06-10 14:00:23", "1829814", "45.152.243.72:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "True", "None", "viper", "1", "_ik_"
"2026-06-10 14:00:22", "1829813", "45.152.243.72:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "True", "None", "viper", "1", "_ik_"
"2026-06-10 14:00:21", "1829812", "45.152.243.72:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "True", "None", "viper", "1", "_ik_"
"2026-06-10 14:00:20", "1829811", "45.152.243.72:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "True", "None", "viper", "1", "_ik_"
"2026-06-10 12:30:10", "1829791", "193.233.202.16:3389", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "94", "False", "None", "c2,erebus-v13,nation-state-hunter,t1059_003,t1573_002", "0", "Erebu"
"2026-06-10 12:30:10", "1829794", "92.53.241.179:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "86", "False", "None", "c2,erebus-v13,nation-state-hunter,t1071_001,t1573_001", "0", "Erebu"
"2026-06-10 12:10:53", "1829790", "154.91.75.78:777", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/dbf418de2f91dd227f9bb4fc7ffb8bb882729037ecb101518f87fd622f227268/", "valleyrat_s2", "0", "abuse_ch"
"2026-06-10 11:46:09", "1829786", "8.148.201.210:10553", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:37", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:58", "1829785", "38.76.164.56:8083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:57", "1829784", "38.14.248.138:8085", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:53", "1829779", "185.92.190.214:5896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:53", "1829780", "185.92.190.215:5896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:53", "1829781", "185.92.190.215:8896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:53", "1829782", "185.92.190.216:5896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:53", "1829783", "185.92.190.217:5896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:52", "1829777", "185.92.190.213:5896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:45:52", "1829778", "185.92.190.213:8896", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 11:17:09", "1829767", "176.65.139.50:443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "False", "", "Mirai", "0", "abuse_ch"
"2026-06-10 10:05:25", "1825876", "5.101.81.159:8443", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/5a31b27b8a41ba3387f060f9ebe9353e1fbab6b23e6b8f9ba8fb364c3c8ed5ba/", "PureLogsStealer", "0", "abuse_ch"
"2026-06-10 10:00:17", "1825873", "38.47.122.34:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 09:45:40", "1825867", "64.89.162.117:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:31", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-10 09:45:22", "1825866", "46.246.82.4:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:15", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:45:19", "1825865", "45.81.17.44:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:12", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:45:16", "1825864", "45.147.28.58:42461", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:08", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 09:45:01", "1825863", "31.76.87.188:4034", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:44:56", "1825862", "23.95.220.192:43999", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:51", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 09:44:15", "1825860", "207.180.250.181:1111", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:12", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:44:15", "1825861", "207.180.250.181:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:12", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:44:10", "1825858", "2.27.5.120:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:44:10", "1825859", "2.27.5.236:1377", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:44:09", "1825857", "2.26.75.249:7312", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:44:08", "1825855", "198.23.177.222:14646", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:04", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:44:08", "1825856", "198.23.185.231:20100", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:05", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:44:01", "1825854", "192.3.96.82:45683", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:59", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:44:00", "1825853", "192.208.12.91:3000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-10 09:43:47", "1825852", "182.23.2.163:12489", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:43:45", "1825851", "178.236.46.43:7912", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:44", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:43:35", "1825850", "163.245.217.48:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:34", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-10 09:43:31", "1825849", "158.94.210.30:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:30", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:43:30", "1825848", "158.94.208.192:1030", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:29", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:43:25", "1825847", "154.83.186.106:30159", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:24", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-10 09:43:10", "1825846", "107.175.87.234:65321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-10 09:43:09", "1825845", "107.172.133.178:56003", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:09", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-10 09:43:08", "1825844", "104.251.181.62:3421", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:08", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-10 09:43:07", "1825843", "104.143.206.116:80", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-06-11 15:43:07", "75", "False", "None", "drb-ra,Mirai", "0", "abuse_ch"
"2026-06-10 09:10:17", "1825826", "217.60.195.113:22", "ip:port", "payload_delivery", "elf.redtail", "None", "RedTail", "", "85", "False", "https://twitter.com/NullBlue67", "cve-2024-4577,redtail,scp-dist", "0", "nullblue67"
"2026-06-10 09:10:16", "1825829", "47.86.190.58:6379", "ip:port", "payload_delivery", "elf.xmrig", "None", "XMRIG", "", "85", "False", "https://twitter.com/NullBlue67", "module-load,muhstik,redis", "0", "nullblue67"
"2026-06-10 09:10:16", "1825830", "209.58.169.220:60137", "ip:port", "payload_delivery", "elf.xmrig", "None", "XMRIG", "", "85", "False", "https://twitter.com/NullBlue67", "muhstik,redis,slaveof-master", "0", "nullblue67"
"2026-06-10 09:10:15", "1825831", "75.119.132.109:80", "ip:port", "payload_delivery", "elf.redtail", "None", "RedTail", "", "85", "False", "https://twitter.com/NullBlue67", "cve-2024-4577,redtail", "0", "nullblue67"
"2026-06-10 09:10:15", "1825832", "138.124.242.51:2375", "ip:port", "payload_delivery", "elf.redtail", "None", "RedTail", "", "85", "False", "https://twitter.com/NullBlue67", "docker-api,Redtail", "0", "nullblue67"
"2026-06-10 09:10:14", "1825833", "161.35.169.21:2375", "ip:port", "payload_delivery", "elf.redtail", "None", "RedTail", "", "85", "False", "https://twitter.com/NullBlue67", "docker-api,Redtail", "0", "nullblue67"
"2026-06-10 09:00:15", "1825823", "38.47.122.34:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 09:00:13", "1825821", "38.47.122.34:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 09:00:13", "1825822", "38.47.122.34:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 08:56:44", "1825820", "5.101.81.224:8443", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "75", "False", "https://bazaar.abuse.ch/sample/6fd8cf9b6c48349c807dd1f76da1a2ccf0216b7a633d5a7f6b067e38f1061e97/", "PureLogsStealer", "0", "abuse_ch"
"2026-06-10 08:36:07", "1825815", "107.175.246.11:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "False", "https://bazaar.abuse.ch/sample/e11a0f09c359c909dc2467c3c4e24d59a2b506188357bfdc3a5dd991a326cb1a/", "remcos", "0", "abuse_ch"
"2026-06-10 08:36:07", "1825816", "31.57.184.55:3001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "False", "https://bazaar.abuse.ch/sample/868051d7394e4df3c60f1176f44e19d4b4b6eef3b096be687b61f08dd6efa18a/", "remcos", "0", "abuse_ch"
"2026-06-10 08:36:06", "1825813", "102.220.160.101:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "False", "https://bazaar.abuse.ch/sample/78a6f4da6010053bfcba304e6a01a0c47bba05bec370b775007a8a03e4150ec7/", "remcos", "0", "abuse_ch"
"2026-06-10 08:36:06", "1825814", "102.220.160.156:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "False", "https://bazaar.abuse.ch/sample/7f0732cf9958e2cc11d689e97d1e81eed84d79acc0c025f3aab74e8d3cb44e4f/", "remcos", "0", "abuse_ch"
"2026-06-10 08:29:51", "1825702", "185.89.116.55:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "86", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1105", "0", "Erebu"
"2026-06-10 08:29:49", "1825789", "93.95.115.186:49384", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "", "C2,Mirai", "0", "botnetkiller"
"2026-06-10 08:25:37", "1825811", "66.63.170.28:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "False", "https://bazaar.abuse.ch/sample/0cda40984c73831b5181a9e9ec9e064bd62631436643d5644b49763b029ef131/", "remcos", "0", "abuse_ch"
"2026-06-10 08:08:29", "1825807", "79.124.8.44:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/0b6ee0ce1266e4d0c4efb665b746af863994920293d1afc136a07a1f44e88b43/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-06-10 08:07:14", "1825806", "45.129.231.1:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/a152a44c91019701f0cc65ddfabf186caa376ba9e4535ac5a94e56903e0caf10/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-06-10 08:04:48", "1825803", "203.159.90.82:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/a759dc81ff0574f4e255da80f0b19b2a3b176fc14442b320f95c5412cc5c1c54/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-06-10 08:02:47", "1825802", "94.141.122.148:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/02eabcc8164ace33666f6de0901cd13510cd8fb1b8deab757ee2d91922770b30/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-06-10 08:00:59", "1825801", "178.16.52.66:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/8149a13d59b22fa60563c2ada80f1139189c9414ca4c2faf0b4c797308a03d63/", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-06-10 08:00:24", "1825799", "39.100.89.103:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 08:00:24", "1825800", "8.135.58.72:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 08:00:23", "1825798", "192.187.118.178:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 08:00:22", "1825797", "124.220.94.87:80", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 08:00:21", "1825796", "107.150.25.65:2086", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 07:18:53", "1825788", "34.92.128.98:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:43", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-10 07:18:52", "1825787", "47.92.206.63:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:45", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-10 07:18:37", "1825786", "103.230.15.38:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-10 06:48:12", "1825780", "76.223.67.189:6584", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/6cbac6bcd1acb90031a31b9595deb4e9681450b9554a9e61e4fd20d81e450a0e/", "remus", "0", "abuse_ch"
"2026-06-10 06:48:12", "1825781", "13.248.213.45:6584", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/6cbac6bcd1acb90031a31b9595deb4e9681450b9554a9e61e4fd20d81e450a0e/", "remus", "0", "abuse_ch"
"2026-06-10 06:48:11", "1825779", "38.47.176.90:8938", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/cd8ec81fd606ec247099b58e845bb5547ee05a46fd46e732b06397587917e842/", "remus", "0", "abuse_ch"
"2026-06-10 06:48:10", "1825778", "148.230.76.66:6390", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/630202e6856062a04b0eb9bd7c5100339d4d007f1a0d25519ae86a7edc4a3e6c/", "remus", "0", "abuse_ch"
"2026-06-10 06:48:09", "1825777", "72.62.195.74:6473", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/9fc05aad8a9346451068b7e5a3bdd36c59f6865b411cf58b262c1b149078459e/", "remus", "0", "abuse_ch"
"2026-06-10 06:48:08", "1825776", "191.44.68.60:6004", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/9626bba0b108243a5e32a0fa648008626e8edd3d1101de8e980f15734e6b4407/", "remus", "0", "abuse_ch"
"2026-06-10 06:48:02", "1825775", "143.244.143.195:9504", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:48:03", "75", "False", "https://bazaar.abuse.ch/sample/a3a93aafe25656195c19a5627bf55356690ea96756aeda2d8e97c9db673bd025/", "remus", "0", "abuse_ch"
"2026-06-10 06:47:18", "1825771", "147.93.102.159:4219", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/4b1d954729c4aa3dcbb9e81ec47c4ae1950af995d39f7855dcbce49b989ad456/", "remus", "0", "abuse_ch"
"2026-06-10 06:47:18", "1825772", "167.71.217.41:7538", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:47:19", "75", "False", "https://bazaar.abuse.ch/sample/2194042f5f4a385486b259dd6f174748a5fbc260dcafe8abac842382010f3b10/", "remus", "0", "abuse_ch"
"2026-06-10 06:46:50", "1825770", "185.239.236.212:9321", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/1d2859c43d4b0d56b9c21e9bad3ffd02b729e86e800d0f2fec725a68c7584481/", "remus", "0", "abuse_ch"
"2026-06-10 06:46:47", "1825769", "72.60.241.82:8954", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/69d92815865bea3b8266f56c096d5e4a01528aabc98dcb00ef34ea9ba77c5fdf/", "remus", "0", "abuse_ch"
"2026-06-10 06:46:36", "1825768", "128.199.189.103:8747", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "", "75", "False", "https://bazaar.abuse.ch/sample/73ca6b57bbc1288754443ad72c4c0ad272f2a718d4f11348c3725a96054709e2/", "remus", "0", "abuse_ch"
"2026-06-10 06:46:26", "1825767", "143.244.141.221:9432", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:46:26", "75", "False", "https://bazaar.abuse.ch/sample/813aeb7a3cac0a916501d370ad1f350a56b4bb36835f52b3cc92d624da728674/", "remus", "0", "abuse_ch"
"2026-06-10 06:45:14", "1825764", "195.211.191.95:9549", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:47:53", "75", "False", "https://bazaar.abuse.ch/sample/6021c912bc8f172028992497798b0a64b577aacb46674f793d21907d9015e5c3/", "remus", "0", "abuse_ch"
"2026-06-10 06:45:13", "1825763", "180.188.198.176:8938", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:47:30", "75", "False", "https://bazaar.abuse.ch/sample/6021c912bc8f172028992497798b0a64b577aacb46674f793d21907d9015e5c3/", "remus", "0", "abuse_ch"
"2026-06-10 06:44:57", "1825761", "165.227.199.109:5789", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:47:20", "75", "False", "https://bazaar.abuse.ch/sample/ac187a01e34ba3ba6bd51326390e19f58e2de2c82646f34017628eaa9198f082/", "remus", "0", "abuse_ch"
"2026-06-10 06:44:39", "1825759", "195.222.53.130:5200", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:47:12", "75", "False", "https://bazaar.abuse.ch/sample/438ddb05451660c60d9843e3a32faca34a448071c716083c96cc97c781878563/", "remus", "0", "abuse_ch"
"2026-06-10 06:44:38", "1825758", "72.62.195.74:6590", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:46:37", "75", "False", "https://bazaar.abuse.ch/sample/d1fcd185dd9b18bd39082dd15414d70eec8324171d4583185634204c992a1ef1/", "remus", "0", "abuse_ch"
"2026-06-10 06:43:03", "1825757", "139.59.137.44:4219", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:46:34", "75", "False", "https://bazaar.abuse.ch/sample/6021c912bc8f172028992497798b0a64b577aacb46674f793d21907d9015e5c3/", "remus", "0", "abuse_ch"
"2026-06-10 06:08:17", "1825707", "151.247.193.18:8443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "https://bazaar.abuse.ch/sample/81448c97aae2455ced9cfc30883f7d67890d1faa03309344f521345dd79064d2/", "StealeriumStealer", "0", "abuse_ch"
"2026-06-10 06:00:28", "1825706", "8.163.59.20:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 06:00:27", "1825705", "8.163.59.20:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 06:00:25", "1825703", "8.163.59.20:8008", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 06:00:25", "1825704", "8.163.59.20:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 05:38:03", "1825619", "154.29.73.187:27615", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "False", "", "C2,Mirai", "0", "botnetkiller"
"2026-06-10 05:38:02", "1825629", "103.190.67.166:84", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "94", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1105", "0", "Erebu"
"2026-06-10 05:38:02", "1825630", "175.229.125.81:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "94", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1071_001", "0", "Erebu"
"2026-06-10 05:37:59", "1825638", "45.198.224.22:80", "ip:port", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "85", "False", "https://twitter.com/NullBlue67", "mirai,payload-host,rotator", "0", "nullblue67"
"2026-06-10 05:37:58", "1825639", "217.154.61.249:80", "ip:port", "payload_delivery", "elf.redtail", "None", "RedTail", "", "85", "False", "https://twitter.com/NullBlue67", "libredtail-http,redtail", "0", "nullblue67"
"2026-06-10 05:37:57", "1825641", "175.245.184.150:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "94", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1071_001", "0", "Erebu"
"2026-06-10 05:37:56", "1825660", "217.60.195.56:61545", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://www.virustotal.com/gui/file/822d5678d27c0da20502968808cfa63ac4e3fdb58620fadfd0c9f4ccfe3a6625", "C2,Quasar,RAT", "0", "Lenny3BO"
"2026-06-10 05:37:55", "1825680", "45.9.73.97:3389", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "96", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1105", "0", "Erebu"
"2026-06-10 05:37:54", "1825687", "185.89.120.225:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "94", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1071_001", "0", "Erebu"
"2026-06-10 05:00:14", "1825694", "114.132.226.247:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 05:00:14", "1825695", "154.9.253.79:9999", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 04:00:23", "1825685", "142.93.96.42:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "True", "None", "mythic", "1", "_ik_"
"2026-06-10 04:00:22", "1825683", "124.222.37.250:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 04:00:22", "1825684", "124.222.37.250:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 04:00:21", "1825681", "124.222.37.250:9001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:43:03", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 04:00:21", "1825682", "124.222.37.250:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 03:45:50", "1825679", "8.219.158.30:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 03:45:38", "1825678", "218.244.142.4:8889", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 03:45:33", "1825676", "156.234.114.122:8821", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 03:45:33", "1825677", "156.234.211.220:8821", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-10 02:00:24", "1825664", "130.94.17.180:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 02:00:24", "1825665", "130.94.17.180:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-10 02:00:22", "1825662", "47.104.27.26:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-10 02:00:22", "1825663", "130.94.17.180:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 23:45:35", "1825647", "130.94.17.180:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-09 22:00:17", "1825635", "103.215.79.163:8646", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-09 22:00:16", "1825633", "154.91.180.245:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-09 22:00:16", "1825634", "118.107.26.241:8084", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "True", "None", "vshell", "1", "_ik_"
"2026-06-09 22:00:15", "1825632", "34.126.153.130:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 21:45:51", "1825631", "198.46.199.110:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-09 21:00:14", "1825623", "181.215.18.135:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 21:00:14", "1825624", "181.215.18.135:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 21:00:13", "1825622", "181.215.18.135:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:44", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 20:00:20", "1825618", "34.126.153.130:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 20:00:19", "1825616", "45.87.53.6:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 20:00:19", "1825617", "34.126.153.130:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:40", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 20:00:18", "1825615", "45.87.53.6:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 20:00:17", "1825614", "45.87.53.6:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:43:04", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 19:44:51", "1825613", "46.151.182.16:1011", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:14", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 19:43:58", "1825612", "202.73.4.137:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:09", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-09 19:43:56", "1825611", "2.27.5.234:4509", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 19:43:55", "1825610", "2.26.75.243:9521", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 19:43:54", "1825609", "198.23.177.222:14644", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:04", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 19:43:40", "1825608", "182.23.2.163:15646", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 19:43:30", "1825607", "167.160.186.140:62738", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:35", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-09 19:43:28", "1825606", "162.35.161.101:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:33", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-06-09 19:43:08", "1825605", "107.172.135.27:14644", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:09", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 19:43:06", "1825604", "104.168.0.29:52203", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:07", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 18:46:14", "1825592", "178.16.55.28:2030", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-10 02:45:28", "75", "False", "https://bazaar.abuse.ch/sample/03af9bc830291a80063b30f4c027136ab55d5b6e86f13ebde6796650a7f3dd78/", "None", "0", "abuse_ch"
"2026-06-09 18:45:11", "1825588", "82.22.77.179:54984", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "False", "https://urlhaus.abuse.ch/url/3861859/", "c2,NanoCore,RAT", "0", "Lenny3BO"
"2026-06-09 18:41:53", "1825590", "38.49.217.157:22443", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "75", "False", "", "PureLogsStealer", "0", "abuse_ch"
"2026-06-09 18:14:51", "1825579", "193.93.193.92:8572", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "75", "False", "", "PureLogsStealer", "0", "abuse_ch"
"2026-06-09 18:12:57", "1825578", "147.45.77.20:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "75", "False", "", "ConnectWise,RMM,ScreenConnect", "0", "abuse_ch"
"2026-06-09 18:11:38", "1825577", "155.94.163.11:56001", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "75", "False", "", "PureLogsStealer", "0", "abuse_ch"
"2026-06-09 18:10:37", "1825576", "149.56.95.179:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "None", "ClickFix", "0", "threatcat_ch"
"2026-06-09 18:10:35", "1825575", "145.239.54.167:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "None", "ClickFix", "0", "threatcat_ch"
"2026-06-09 16:40:04", "1825520", "82.198.227.229:443", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "https://www.virustotal.com/gui/file/0b45d1520d0a48bcdac3ce16a3b5000dffd954abbdb1723d9215b35c554f48bb", "ContagiousInterview,daam-demo,DPRK,FamousChollima,OtterCookie", "0", "Lenny3BO"
"2026-06-09 16:40:01", "1825526", "144.172.94.202:8087", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://www.virustotal.com/gui/file/0b45d1520d0a48bcdac3ce16a3b5000dffd954abbdb1723d9215b35c554f48bb", "ContagiousInterview,daam-demo,DPRK,FamousChollima,OtterCookie", "0", "Lenny3BO"
"2026-06-09 16:39:55", "1825527", "216.126.225.243:8087", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://www.virustotal.com/gui/file/0b45d1520d0a48bcdac3ce16a3b5000dffd954abbdb1723d9215b35c554f48bb", "ContagiousInterview,daam-demo,DPRK,FamousChollima,OtterCookie", "0", "Lenny3BO"
"2026-06-09 16:39:50", "1825541", "185.190.189.232:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "94", "False", "None", "c2,erebus-v13,nation-state-hunter,t1055,t1105", "0", "Erebu"
"2026-06-09 13:38:05", "1825476", "167.172.39.240:25001", "ip:port", "botnet_cc", "apk.kimwolf", "None", "Kimwolf", "2026-06-11 16:08:49", "100", "False", "None", "c2,Kimwolf", "0", "Bitsight"
"2026-06-09 13:38:04", "1825477", "146.190.19.80:25001", "ip:port", "botnet_cc", "apk.kimwolf", "None", "Kimwolf", "2026-06-11 16:09:11", "100", "False", "None", "c2,Kimwolf", "0", "Bitsight"
"2026-06-09 13:38:04", "1825482", "3.146.93.253:55503", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 14:00:01", "100", "False", "None", "redirector,Vo1d", "0", "Bitsight"
"2026-06-09 09:44:07", "1825435", "204.194.54.9:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:10", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 09:44:07", "1825436", "204.194.54.9:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:10", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 09:44:06", "1825434", "204.194.54.9:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:10", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 09:44:03", "1825433", "2.26.75.248:2428", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 09:44:02", "1825432", "2.26.75.241:4509", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 09:43:58", "1825430", "194.11.246.191:4404", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:01", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 09:43:58", "1825431", "194.11.246.191:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:01", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-09 09:43:43", "1825429", "182.23.2.163:10616", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-09 09:43:39", "1825428", "175.178.123.42:28443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:41", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-09 09:43:35", "1825427", "170.62.130.191:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:37", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-09 09:00:16", "1825414", "8.145.44.217:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-10 07:18:40", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 07:00:14", "1825381", "110.42.219.9:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-10 07:18:41", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-09 05:11:01", "1825293", "8.219.158.30:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "50", "False", "None", "45102,c2,censys,cobalt strike", "0", "sojubear"
"2026-06-09 02:45:24", "1825308", "120.55.246.213:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-08 23:45:33", "1825289", "149.88.66.234:20050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-08 19:43:41", "1825227", "182.23.2.163:12297", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-08 19:43:23", "1825226", "155.103.70.100:13407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-08 11:45:41", "1825065", "106.14.116.17:19443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-08 09:45:29", "1824915", "94.183.232.247:80", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-06-11 15:45:46", "75", "False", "None", "drb-ra,Mirai", "0", "abuse_ch"
"2026-06-08 09:45:25", "1824913", "89.125.255.5:43026", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:42", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-08 09:45:25", "1824914", "89.125.255.5:9999", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:42", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-08 09:45:24", "1824912", "87.237.52.176:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:41", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-08 09:43:40", "1824910", "182.23.2.163:3252", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-08 09:43:22", "1824909", "155.103.70.100:13408", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-08 07:48:23", "1824633", "8.152.2.86:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:00:14", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-07 23:45:14", "1824508", "209.200.246.194:17568", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-07 19:45:57", "1824436", "87.107.191.39:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:41", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-07 19:45:13", "1824435", "94.183.232.247:443", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-06-11 15:45:46", "75", "False", "None", "drb-ra,Mirai", "0", "abuse_ch"
"2026-06-07 19:45:12", "1824434", "93.127.141.93:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2026-06-11 15:45:45", "75", "False", "None", "drb-ra,Hook", "0", "abuse_ch"
"2026-06-07 19:45:00", "1824433", "82.156.224.184:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:36", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-07 19:44:52", "1824432", "52.90.29.87:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:27", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-07 19:44:43", "1824431", "46.246.96.214:8082", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:15", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-07 19:44:40", "1824430", "45.38.20.122:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-07 19:44:35", "1824429", "40.83.75.96:4000", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:01", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-07 19:43:55", "1824428", "209.99.185.96:20100", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:13", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-07 19:43:38", "1824427", "182.23.2.163:8211", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-07 19:43:30", "1824426", "172.189.57.198:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:38", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-07 09:45:38", "1824262", "89.125.255.5:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:42", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-07 09:45:31", "1824260", "80.253.249.67:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:35", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-07 09:45:31", "1824261", "80.66.72.174:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:35", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-07 09:45:24", "1824259", "60.191.87.107:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:28", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-06-07 09:44:59", "1824258", "45.13.212.232:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:07", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-07 09:44:57", "1824256", "43.136.92.170:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:04", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-06-07 09:44:57", "1824257", "43.136.92.170:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:04", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-06-07 09:44:50", "1824255", "31.57.184.154:2505", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-07 09:44:10", "1824254", "209.99.188.193:4323", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:13", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-07 09:43:45", "1824253", "182.23.2.163:17001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-07 09:43:38", "1824252", "172.81.61.108:2030", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:39", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-07 09:43:26", "1824251", "154.94.232.165:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:24", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-07 09:43:23", "1824249", "146.70.41.174:3000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:21", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-06-07 09:43:23", "1824250", "147.124.210.158:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:21", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-07 09:43:17", "1824248", "138.9.118.222:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:17", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-07 09:43:16", "1824247", "137.184.163.27:5613", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:16", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-06 23:00:15", "1824155", "35.225.227.214:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:59", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-06 22:45:25", "1824151", "154.198.49.31:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-06 20:00:20", "1824136", "173.249.41.141:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:40", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-06 20:00:19", "1824135", "13.140.132.118:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:14", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-06 19:44:54", "1824134", "95.211.182.120:6794", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:46", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:44:51", "1824133", "91.221.191.167:4323", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:44", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-06 19:44:38", "1824132", "5.230.201.36:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:25", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:44:37", "1824131", "5.230.201.242:1994", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:24", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:44:30", "1824130", "46.151.182.243:55380", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:14", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:43:45", "1824129", "2.26.75.239:1971", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:05", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-06 19:43:40", "1824127", "192.159.99.26:6969", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:58", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:43:40", "1824128", "192.177.111.89:7788", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-06 19:43:35", "1824126", "185.192.124.218:2177", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:50", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:43:22", "1824125", "158.94.211.253:7777", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:30", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:43:21", "1824124", "157.254.223.135:2600", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 19:43:19", "1824123", "156.225.22.201:1337", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:27", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-06 11:45:14", "1824029", "154.12.86.154:55555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-06 11:45:14", "1824030", "154.12.86.154:8889", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-06 11:45:14", "1824031", "154.12.86.154:9004", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-06 10:32:44", "1824014", "156.245.235.51:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:46", "100", "False", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2026-06-06 10:32:30", "1824012", "47.101.51.235:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:44", "100", "False", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2026-06-06 10:32:26", "1824009", "101.201.111.98:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:42", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-06-06 10:32:23", "1824008", "167.71.233.187:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:42", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-06 09:44:56", "1824001", "91.215.85.121:8849", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:44", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-06 09:00:18", "1823978", "113.45.226.61:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:44", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-06 09:00:15", "1823975", "38.14.248.138:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:43:05", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-06 09:00:14", "1823974", "188.126.90.12:2003", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:55", "100", "True", "None", "dcrat", "1", "_ik_"
"2026-06-06 06:01:08", "1823700", "45.81.17.44:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:12", "50", "False", "None", "211056,asyncrat,c2,censys", "0", "sojubear"
"2026-06-06 03:44:58", "1823730", "101.43.103.154:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-05 21:00:16", "1823661", "149.104.29.125:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:43:04", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-05 19:45:55", "1823644", "87.107.191.39:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:41", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-05 19:44:53", "1823640", "62.109.19.44:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:28", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-05 19:43:56", "1823639", "207.174.2.85:7997", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:44:12", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-05 19:43:38", "1823638", "182.23.2.163:12364", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-05 09:46:05", "1822772", "119.45.166.6:9443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-05 09:45:27", "1822771", "64.94.85.14:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:31", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-05 09:45:20", "1822770", "5.249.160.112:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:25", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-05 09:44:00", "1822769", "195.26.86.134:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:04", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-05 09:43:56", "1822768", "193.149.190.156:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:00", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-05 09:43:46", "1822767", "182.23.2.163:58222", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-05 09:43:44", "1822765", "182.23.2.163:10401", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-05 09:43:44", "1822766", "182.23.2.163:11742", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-05 09:43:29", "1822764", "158.247.194.144:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:29", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-05 02:36:02", "1822640", "89.124.78.101:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2026-06-11 16:12:02", "50", "False", "https://tracker.viriback.com/index.php?q=89.124.78.101", "Amadey,ViriBack", "0", "abuse_ch"
"2026-06-05 01:00:17", "1822613", "5.230.201.36:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:25", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-06-05 00:00:22", "1822602", "185.165.36.162:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:49", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-06-04 23:45:28", "1822600", "34.202.161.96:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-04 19:43:37", "1822528", "182.23.2.163:2046", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-04 19:43:27", "1822526", "163.172.174.237:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:43:33", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-06-04 19:43:27", "1822527", "163.172.174.237:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:43:33", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-06-04 19:00:14", "1822515", "185.165.36.162:8000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:49", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-06-04 17:45:22", "1822499", "107.150.105.91:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:01", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-04 15:45:34", "1822451", "124.222.155.113:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-04 14:50:35", "1822415", "120.26.208.96:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "50", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-06-04 11:46:46", "1822346", "154.12.86.154:44444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-04 09:45:43", "1822302", "91.92.241.80:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:44", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-04 09:45:35", "1822301", "82.23.246.160:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:37", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-04 09:43:56", "1822299", "185.72.9.227:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:55", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-04 09:43:50", "1822298", "182.23.2.163:49002", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-04 09:43:40", "1822297", "172.238.15.96:9443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:38", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-06-04 09:43:29", "1822296", "156.247.40.190:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:27", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-04 09:43:28", "1822295", "155.103.70.198:13408", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-04 09:43:22", "1822294", "140.235.16.223:7203", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:18", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-04 07:02:43", "1822234", "95.164.53.134:4521", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "2026-06-10 10:09:32", "75", "False", "https://bazaar.abuse.ch/sample/135a58e767fa96d49e1f74068b3cb54486321595ab88a0819f5e4aa5a6e317a2/", "LxBaseRAT,RAT", "0", "abuse_ch"
"2026-06-04 06:42:46", "1822223", "107.150.105.91:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:01", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-04 06:42:44", "1822222", "204.194.49.142:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:43", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-03 19:44:00", "1822015", "20.220.29.224:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:09", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-03 19:43:56", "1822014", "194.26.192.57:1024", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:44:03", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-03 19:43:43", "1822013", "182.23.2.163:47984", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-03 19:43:36", "1822012", "172.81.61.20:7997", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:39", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-03 19:43:33", "1822011", "168.144.36.228:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:36", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-03 19:43:21", "1822010", "147.124.210.158:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:22", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-03 14:34:08", "1821870", "62.192.173.249:9000", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:29", "50", "False", "https://www.shodan.io/host/62.192.173.249#9000", "adaptixc2,c2,shodan", "0", "juroots"
"2026-06-03 14:31:44", "1821850", "114.134.187.38:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "50", "False", "https://www.shodan.io/host/114.134.187.38#8443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2026-06-03 11:46:25", "1821807", "209.200.246.194:11544", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-03 09:45:37", "1821716", "82.23.246.160:12159", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:37", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-03 09:44:13", "1821715", "204.194.50.173:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:10", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-03 09:43:49", "1821714", "182.23.2.163:10399", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-03 09:43:30", "1821713", "156.247.40.190:12159", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:27", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-06-03 08:01:52", "1821684", "77.93.155.111:10039", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:34", "100", "True", "None", "mythic", "1", "_ik_"
"2026-06-03 08:01:51", "1821685", "124.222.155.113:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-03 07:57:06", "1821697", "118.89.203.103:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-10 07:18:54", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-03 07:56:52", "1821695", "118.89.203.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-03 05:55:36", "1821525", "8.163.104.36:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "75", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-06-02 19:45:08", "1821517", "45.198.224.19:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-06-02 19:44:03", "1821516", "195.246.230.99:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:04", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-02 19:43:27", "1821514", "155.103.70.198:13407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-02 19:43:27", "1821515", "155.103.71.115:13408", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-02 14:04:11", "1821220", "45.76.203.112:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:11", "50", "False", "https://www.shodan.io/host/45.76.203.112#7443", "c2,mythic,shodan", "0", "juroots"
"2026-06-02 09:46:15", "1820869", "113.44.136.127:8087", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-06-02 09:43:59", "1820868", "192.159.99.21:5080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:57", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-06-02 09:43:50", "1820867", "182.23.2.163:9060", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:49", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-02 09:43:26", "1820866", "15.204.255.172:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:22", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-06-01 20:49:15", "1820729", "23.235.185.43:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:44:50", "100", "True", "None", "dcrat", "1", "_ik_"
"2026-06-01 19:45:00", "1820725", "45.150.34.117:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:08", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-06-01 19:43:44", "1820724", "182.23.2.163:11166", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-01 19:43:43", "1820723", "178.16.54.48:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:43", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-06-01 19:43:42", "1820722", "178.16.52.47:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:42", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-06-01 15:11:43", "1820615", "82.156.224.184:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:36", "100", "True", "None", "havoc", "1", "_ik_"
"2026-06-01 09:45:05", "1820574", "35.75.218.153:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:44:57", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-06-01 09:44:09", "1820573", "2.58.56.50:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-01 09:43:48", "1820572", "182.23.2.163:11327", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-06-01 09:43:44", "1820571", "176.65.139.144:80", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-06-11 15:43:42", "75", "False", "None", "drb-ra,Mirai", "0", "abuse_ch"
"2026-06-01 06:44:52", "1820506", "165.22.225.218:5443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:44", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-06-01 06:44:48", "1820504", "38.181.42.160:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-06-01 05:44:49", "1820414", "82.157.52.180:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-01 05:44:38", "1820430", "49.233.215.164:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-01 05:44:37", "1820432", "47.116.211.215:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-06-01 05:44:35", "1820444", "47.103.95.85:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-31 23:46:09", "1820420", "176.97.124.68:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-31 21:46:22", "1820399", "176.97.124.68:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-31 21:46:19", "1820398", "154.38.114.115:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-31 19:44:04", "1820368", "182.23.2.163:1477", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-31 19:44:03", "1820367", "182.23.2.163:1135", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-31 15:04:22", "1820327", "64.89.160.44:7777", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:31", "100", "True", "None", "dcrat", "1", "_ik_"
"2026-05-31 11:46:12", "1820311", "107.151.246.172:7890", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:01", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-31 09:45:39", "1820291", "64.176.73.125:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:45:30", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-31 09:44:59", "1820290", "31.57.184.154:2503", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-31 09:43:50", "1820289", "182.23.2.163:6088", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-31 09:43:43", "1820288", "172.81.61.226:5202", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:39", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-31 09:43:29", "1820287", "155.103.71.115:13407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-31 06:48:29", "1820212", "82.157.52.180:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-31 06:48:28", "1820214", "64.89.160.44:1000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:31", "50", "False", "None", "205759,asyncrat,c2,censys", "0", "sojubear"
"2026-05-30 19:45:52", "1820144", "84.32.41.227:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:39", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-30 19:45:28", "1820143", "47.236.24.112:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:16", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-30 19:43:32", "1820141", "157.20.182.17:1997", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-30 11:47:27", "1820072", "223.26.59.226:32354", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-30 09:45:35", "1820044", "46.225.66.210:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:14", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-30 09:45:23", "1820043", "38.54.63.135:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:00", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-30 09:43:57", "1820042", "182.23.2.163:6407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-30 09:43:35", "1820041", "157.20.182.18:1973", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-30 09:43:34", "1820040", "155.103.71.146:776", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-30 09:43:14", "1820039", "114.132.190.121:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:12", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-30 07:04:38", "1819982", "40.85.252.198:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:01", "100", "True", "None", "havoc", "1", "_ik_"
"2026-05-29 23:46:36", "1819942", "209.200.246.82:5663", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 19:45:46", "1819907", "49.233.81.84:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:17", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-29 19:45:33", "1819906", "43.140.219.30:7112", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:04", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-29 19:45:22", "1819905", "31.56.209.79:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:53", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-29 19:45:20", "1819904", "27.102.137.139:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:52", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-29 19:45:19", "1819903", "23.235.185.44:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:44:50", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 19:44:29", "1819902", "209.99.184.51:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:13", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-29 19:44:12", "1819901", "192.162.199.25:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:58", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-29 19:44:04", "1819900", "185.212.129.4:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-29 19:43:57", "1819899", "182.23.2.163:4452", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-29 19:43:49", "1819898", "172.86.109.7:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:39", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-29 19:43:42", "1819895", "162.248.224.236:7492", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-29 19:43:42", "1819896", "162.248.225.165:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-29 19:43:42", "1819897", "162.248.225.165:8603", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-29 19:43:41", "1819894", "162.248.224.236:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-29 19:43:36", "1819893", "157.20.182.17:1444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 19:43:30", "1819892", "146.59.182.123:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:21", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-29 19:43:21", "1819891", "134.199.170.120:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:16", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-29 19:43:18", "1819890", "13.213.58.233:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:14", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-29 19:43:14", "1819889", "111.229.154.250:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:11", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-29 19:43:06", "1819888", "103.213.251.10:8443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:43:05", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-29 19:43:02", "1819887", "1.14.172.47:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:02", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-29 15:46:36", "1819866", "124.220.235.4:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 14:20:50", "1819824", "23.93.50.136:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-06-10 14:00:24", "75", "False", "https://bazaar.abuse.ch/sample/62f608d61b28702ca4adadd574f3761c79860bd08da402e3129ab19176f7da9a/", "quasar", "0", "abuse_ch"
"2026-05-29 11:46:49", "1819788", "209.200.246.82:7533", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 11:46:38", "1819787", "124.71.141.30:5003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 11:46:33", "1819786", "118.89.79.131:6528", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 11:46:24", "1819785", "103.242.12.143:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 09:46:58", "1819763", "119.29.117.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-29 09:44:20", "1819761", "194.236.215.200:443", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:44:02", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-29 09:44:16", "1819759", "192.30.243.28:36812", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:59", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-29 09:44:16", "1819760", "192.30.243.28:8638", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:59", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-29 09:44:12", "1819758", "190.255.90.152:6010", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:56", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 09:44:06", "1819757", "185.212.129.6:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-29 09:44:05", "1819756", "185.212.129.146:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-29 09:43:59", "1819755", "182.23.2.163:2345", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-29 09:43:50", "1819754", "172.82.64.235:444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:39", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 09:43:47", "1819753", "168.144.36.228:9000", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:36", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-29 09:43:39", "1819752", "158.94.208.29:207", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:29", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 09:43:38", "1819751", "157.254.223.135:2700", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:29", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 09:43:37", "1819750", "157.20.182.17:1339", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-29 09:43:08", "1819749", "103.77.246.174:80", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-06-11 15:43:06", "75", "False", "None", "drb-ra,Mirai", "0", "abuse_ch"
"2026-05-29 09:43:07", "1819748", "103.213.251.10:8444", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:43:05", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-29 06:45:14", "1819713", "198.44.177.179:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-29 06:44:51", "1819710", "45.116.78.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:28", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-29 06:26:29", "1819695", "15.235.9.17:8000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:23", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-05-28 19:45:25", "1819595", "82.197.69.156:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:37", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-28 19:44:47", "1819594", "35.158.219.35:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:57", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 19:44:44", "1819593", "31.57.184.154:7005", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-28 19:43:54", "1819592", "192.237.187.145:5757", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-28 19:43:44", "1819589", "182.23.2.163:5013", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-28 19:43:44", "1819590", "182.23.2.163:58008", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-28 19:43:44", "1819591", "182.23.2.163:7615", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-28 19:43:43", "1819588", "182.23.2.163:13846", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:46", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-28 19:43:28", "1819587", "157.20.182.18:1444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-28 19:43:13", "1819586", "13.209.95.4:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:14", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 09:46:10", "1819407", "91.230.94.235:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:44", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:46:09", "1819406", "91.215.85.212:45423", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:44", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:46:05", "1819405", "85.209.90.132:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:40", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:46:00", "1819404", "83.171.227.230:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:38", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:45:58", "1819403", "81.71.20.107:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:36", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:45:23", "1819402", "43.133.165.151:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:03", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 09:45:10", "1819401", "27.102.138.15:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:52", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 09:44:20", "1819398", "206.119.171.212:4333", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:44:19", "1819396", "202.95.8.97:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:44:19", "1819397", "202.95.8.98:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:44:10", "1819394", "193.5.65.169:4348", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:01", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-28 09:44:10", "1819395", "193.5.65.169:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:01", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-28 09:43:45", "1819393", "172.86.76.218:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:39", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-28 09:43:44", "1819392", "172.236.142.17:6933", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:38", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 09:43:40", "1819391", "165.154.205.4:53341", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:35", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:43:33", "1819390", "155.103.71.135:56789", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-28 09:43:27", "1819389", "146.103.106.59:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:20", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-28 09:43:23", "1819388", "139.59.84.11:2053", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:17", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-28 09:43:13", "1819387", "113.31.106.85:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:11", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 09:43:05", "1819386", "103.183.75.134:20443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:05", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-28 06:56:15", "1819351", "120.48.66.205:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-05-28 05:33:17", "1819239", "138.124.61.65:8088", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:16", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-05-28 05:33:16", "1819240", "46.246.14.2:9999", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:14", "100", "True", "None", "dcrat", "1", "_ik_"
"2026-05-27 19:45:55", "1819225", "91.200.84.198:8515", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:43", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-27 19:45:18", "1819224", "45.32.236.190:2096", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-27 19:45:12", "1819222", "43.106.14.139:8085", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:02", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-27 19:45:12", "1819223", "43.133.149.36:18443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:03", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-27 19:43:47", "1819220", "18.162.155.202:3350", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:44", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-27 19:43:30", "1819219", "157.20.182.17:1973", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-27 19:43:09", "1819218", "104.243.248.63:1807", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-27 19:43:08", "1819217", "104.225.149.151:54321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:07", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-27 15:46:43", "1819146", "8.134.70.73:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-27 15:46:36", "1819145", "47.122.47.221:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-27 13:46:11", "1819106", "106.52.99.247:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-27 11:48:59", "1819067", "47.118.25.45:8451", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-27 09:45:57", "1819047", "94.23.185.83:9606", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:46", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-27 09:45:51", "1819046", "89.40.31.128:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:42", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-27 09:45:45", "1819045", "82.156.224.203:12618", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:36", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-27 09:45:01", "1819044", "35.75.179.211:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:44:57", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-27 09:44:09", "1819043", "2.26.75.242:7312", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-27 09:43:38", "1819042", "164.90.206.5:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:34", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-27 09:43:32", "1819041", "157.254.223.135:2500", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-27 07:09:22", "1818955", "117.72.159.215:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:42:24", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2026-05-27 07:09:22", "1818956", "8.163.49.50:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2026-05-27 06:54:26", "1819006", "124.70.184.106:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-26 22:46:30", "1818936", "60.205.109.25:51234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 22:46:05", "1818935", "139.196.223.82:2443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 22:46:04", "1818934", "134.122.134.243:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 19:45:26", "1818881", "50.114.179.165:8043", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:26", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 19:45:20", "1818880", "5.101.82.8:48214", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 19:44:11", "1818879", "207.180.250.181:20600", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:12", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 19:43:55", "1818878", "190.2.150.52:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 19:43:47", "1818873", "182.23.2.163:207", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 19:43:47", "1818874", "182.23.2.163:2487", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 19:43:47", "1818875", "182.23.2.163:2822", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:47", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 19:43:47", "1818876", "182.23.2.163:5600", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:48", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 19:43:28", "1818872", "155.102.136.60:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:25", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-26 19:43:15", "1818871", "124.198.132.98:5080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:14", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 19:43:14", "1818870", "124.198.132.98:2434", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:14", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 14:46:42", "1818804", "47.122.47.221:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 14:08:57", "1818786", "5.252.153.0:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-26 10:46:53", "1818731", "68.64.178.130:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 10:46:44", "1818730", "45.227.253.121:35120", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 10:46:38", "1818729", "36.138.84.183:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-26 10:01:24", "1818710", "43.204.108.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-26 10:01:23", "1818711", "43.204.108.246:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-26 09:45:51", "1818704", "91.92.243.189:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:44", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-26 09:45:36", "1818703", "64.89.161.156:9999", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:31", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 09:45:31", "1818702", "50.114.179.143:1209", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:25", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 09:45:21", "1818701", "46.8.226.70:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:15", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-26 09:44:59", "1818700", "34.106.231.199:6932", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:56", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 09:44:54", "1818699", "23.27.168.162:2850", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:44:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-26 09:44:15", "1818698", "209.99.187.22:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:13", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-26 09:44:12", "1818697", "202.189.6.77:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:09", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 09:44:02", "1818696", "193.24.123.160:45631", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:00", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-26 09:43:57", "1818695", "191.93.116.106:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:57", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-26 09:43:28", "1818694", "153.75.232.207:4000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:24", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-26 09:43:14", "1818692", "124.198.132.98:2414", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:13", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-26 09:43:14", "1818693", "124.198.132.98:2424", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:14", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 22:46:18", "1818480", "47.108.25.113:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-25 22:46:15", "1818479", "43.156.42.49:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-25 19:45:39", "1818441", "91.92.242.64:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:44", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 19:45:21", "1818440", "54.196.247.235:8082", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:45:27", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-25 19:45:14", "1818439", "5.101.83.143:7312", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 19:45:13", "1818438", "5.101.82.98:42859", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 19:45:00", "1818436", "45.56.162.61:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:45:11", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-25 19:45:00", "1818437", "45.56.162.61:6031", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:45:11", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-25 19:44:58", "1818435", "45.154.98.254:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:08", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 19:44:52", "1818434", "37.77.150.174:4333", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:44:58", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-25 19:44:51", "1818433", "37.77.150.174:4332", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:44:58", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-25 19:44:46", "1818432", "27.102.137.139:1243", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:52", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 19:44:05", "1818431", "202.95.8.92:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-25 19:43:50", "1818430", "188.137.239.44:54298", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 19:43:44", "1818429", "185.122.166.184:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:49", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 19:43:42", "1818428", "178.16.54.208:61099", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:43", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 19:43:28", "1818427", "157.20.182.18:1992", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 19:43:27", "1818425", "155.103.71.232:15406", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 19:43:27", "1818426", "157.20.182.17:1998", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 19:43:18", "1818424", "138.9.41.208:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:17", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-25 14:01:56", "1818347", "47.238.154.144:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-25 14:00:07", "1818346", "45.153.127.224:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 16:12:02", "50", "False", "https://tracker.viriback.com/index.php?q=45.153.127.224", "Chaos,ViriBack", "0", "abuse_ch"
"2026-05-25 09:46:05", "1818298", "83.142.209.64:35630", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:38", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 09:44:13", "1818297", "195.114.193.56:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:03", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-25 09:43:37", "1818294", "157.20.182.17:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 09:43:37", "1818295", "157.20.182.18:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-25 09:43:15", "1818293", "109.110.188.156:443", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:11", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-25 08:45:17", "1818256", "47.239.20.75:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-25 08:45:13", "1818266", "8.210.103.84:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-25 07:36:01", "1818155", "1.92.95.105:8889", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "50", "False", "None", "55990,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-25 06:57:09", "1818253", "134.175.78.181:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-24 19:46:20", "1818110", "82.156.224.203:11641", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:36", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-24 19:45:36", "1818108", "44.241.110.100:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:45:06", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-24 19:45:36", "1818109", "44.241.110.100:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:45:06", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-24 19:45:21", "1818107", "31.171.131.118:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:53", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-24 19:43:57", "1818106", "178.16.55.119:99", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:43", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-24 19:43:56", "1818105", "178.16.55.108:207", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:43", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-24 19:43:36", "1818104", "157.20.182.18:9992", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-24 19:43:35", "1818103", "157.20.182.17:9992", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:27", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-24 14:46:49", "1818053", "45.154.12.150:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:28", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-24 14:46:17", "1818052", "103.210.236.87:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-24 14:43:03", "1818049", "102.220.160.47:80", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-06-11 15:43:03", "75", "False", "None", "drb-ra,Mirai", "0", "abuse_ch"
"2026-05-24 14:10:22", "1818033", "156.239.238.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-24 14:00:04", "1818031", "172.245.126.141:8443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 16:12:02", "50", "False", "https://tracker.viriback.com/index.php?q=172.245.126.141", "Deimos,ViriBack", "0", "abuse_ch"
"2026-05-24 13:48:02", "1818027", "45.145.42.80:5000", "ip:port", "botnet_cc", "elf.darknexus", "None", "Dark Nexus", "2026-06-11 16:12:02", "50", "False", "https://tracker.viriback.com/index.php?q=45.145.42.80", "Nexus,ViriBack", "0", "abuse_ch"
"2026-05-24 11:08:34", "1817883", "43.138.192.16:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-24 11:05:07", "1817856", "106.13.188.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-24 11:04:32", "1817785", "39.100.88.189:9001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "50", "False", "None", "37963,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-24 11:03:40", "1817715", "101.43.30.6:888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-23 19:45:50", "1817710", "44.255.242.255:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:45:06", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-23 19:44:12", "1817709", "191.101.131.244:40056", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:57", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-23 19:44:11", "1817708", "191.101.131.244:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:56", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-23 19:43:58", "1817707", "18.118.196.244:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:44", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-23 19:43:47", "1817706", "168.222.97.106:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:37", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-23 19:43:39", "1817705", "157.254.223.135:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:29", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-23 19:43:35", "1817704", "151.236.20.3:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:23", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-23 14:56:56", "1817663", "101.126.10.34:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-23 14:56:38", "1817660", "68.64.178.130:7443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-23 14:54:15", "1817591", "68.64.180.15:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-23 14:54:05", "1817626", "213.136.74.96:8090", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 16:12:02", "100", "False", "None", "AS51167,chaos,Contabo GmbH", "0", "antiphishorg"
"2026-05-23 14:54:01", "1817632", "203.83.10.114:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:43:05", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-23 14:47:31", "1817655", "119.29.117.194:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-23 09:46:49", "1817625", "91.232.103.163:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:44", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-23 09:46:22", "1817624", "50.114.179.143:6066", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:25", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-23 09:45:41", "1817623", "23.81.118.124:8080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:51", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-23 09:44:28", "1817622", "2.26.75.240:1377", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-23 09:44:15", "1817621", "190.255.82.151:5500", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-23 09:43:04", "1817620", "103.13.210.49:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-23 08:58:34", "1817537", "1.117.77.166:3310", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-23 08:58:28", "1817573", "47.103.78.72:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-22 19:45:35", "1817427", "88.119.167.142:8000", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:41", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-22 19:45:34", "1817426", "87.251.76.213:8443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:41", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-22 19:45:12", "1817425", "5.101.82.98:41843", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:45:07", "1817424", "46.29.234.94:1298", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:45:06", "1817423", "46.29.234.94:12639", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:44:58", "1817421", "45.154.98.84:100", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 19:44:58", "1817422", "45.154.98.84:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:09", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 19:44:03", "1817420", "2.59.162.106:6698", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:08", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:44:02", "1817419", "2.59.162.106:36125", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:44:01", "1817417", "2.59.162.106:12639", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:44:01", "1817418", "2.59.162.106:1298", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 19:43:53", "1817416", "192.109.200.183:5566", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:57", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 14:45:15", "1817341", "184.82.96.72:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:49", "100", "True", "None", "havoc", "1", "_ik_"
"2026-05-22 11:36:04", "1817205", "35.220.177.232:4343", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-05-22 11:36:04", "1817206", "46.20.109.225:8999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "75", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-05-22 10:46:24", "1817248", "180.131.145.97:9995", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-22 09:45:23", "1817239", "88.119.167.143:8000", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:41", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-22 09:45:08", "1817238", "54.187.35.128:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:27", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-22 09:44:54", "1817237", "46.224.144.82:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:14", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-22 09:44:53", "1817236", "45.90.120.36:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:13", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-22 09:44:40", "1817235", "31.57.184.154:7006", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 09:44:39", "1817233", "31.171.131.118:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:53", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 09:44:39", "1817234", "31.171.131.118:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:53", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 09:43:52", "1817232", "193.93.194.31:50194", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:01", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 09:43:49", "1817231", "192.169.7.17:27443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-22 09:43:37", "1817230", "176.119.25.78:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:41", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 09:43:35", "1817229", "172.86.123.119:8679", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:39", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-22 09:43:17", "1817228", "138.9.254.121:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:17", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-22 09:43:08", "1817226", "104.37.174.36:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 09:43:08", "1817227", "104.37.174.36:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:09", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-22 08:46:27", "1817216", "23.106.135.33:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-22 08:46:27", "1817217", "23.106.135.33:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-22 08:46:18", "1817215", "154.201.68.191:14125", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-22 08:46:10", "1817214", "118.31.114.149:4430", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-22 08:46:02", "1817213", "106.14.30.169:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-22 08:11:42", "1817131", "59.110.81.93:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "50", "False", "None", "37963,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-22 08:11:41", "1817132", "129.204.14.131:44444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-22 08:11:24", "1817192", "45.154.98.84:1000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:09", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-05-22 08:11:11", "1817057", "62.171.190.148:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:29", "100", "True", "None", "havoc", "1", "_ik_"
"2026-05-22 07:55:22", "1817187", "47.236.110.1:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "100", "False", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2026-05-21 22:46:51", "1817116", "49.232.4.144:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-21 22:46:36", "1817115", "206.188.197.241:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-21 22:46:34", "1817114", "193.142.146.30:6555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-21 19:45:24", "1817056", "46.224.70.245:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:14", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-21 19:45:14", "1817055", "42.121.150.29:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:01", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-21 19:45:07", "1817054", "34.61.52.162:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:56", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-21 19:44:01", "1817053", "193.29.13.23:5758", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:01", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-21 19:43:33", "1817052", "158.94.209.7:5022", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:30", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-21 19:43:30", "1817051", "157.230.125.65:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:28", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-21 09:44:20", "1816915", "207.154.243.85:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:12", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-21 09:44:09", "1816914", "195.63.137.242:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:04", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-21 07:19:52", "1816875", "156.225.22.84:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-21 07:19:39", "1816874", "121.199.27.49:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-21 07:19:35", "1816872", "107.173.38.158:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:02", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-21 05:01:18", "1816747", "154.201.68.191:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:42:44", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-21 05:01:07", "1816801", "45.154.98.84:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:09", "50", "False", "None", "210558,asyncrat,c2,censys", "0", "sojubear"
"2026-05-20 19:45:15", "1816739", "91.92.243.63:35000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:45", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-20 19:44:41", "1816738", "41.216.189.163:43210", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:01", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 19:44:32", "1816737", "221.207.101.175:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:44:50", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-20 19:43:56", "1816736", "209.126.80.129:8844", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:13", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 19:43:30", "1816735", "167.17.47.118:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:35", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 19:43:20", "1816734", "144.172.93.140:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:19", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 19:43:18", "1816733", "140.235.17.40:9958", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-20 19:43:09", "1816732", "107.189.25.70:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:10", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-20 09:45:20", "1816587", "85.17.244.120:2093", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:40", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-20 09:45:05", "1816585", "51.15.8.6:9998", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:26", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-20 09:44:03", "1816584", "213.209.159.91:2602", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-20 09:43:56", "1816583", "202.1.31.83:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 09:43:40", "1816582", "18.178.185.250:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:43:44", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-20 09:43:39", "1816581", "178.212.13.29:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:43", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 09:43:32", "1816580", "171.22.79.135:3821", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:37", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-20 07:37:44", "1816553", "103.149.93.107:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-20 07:37:43", "1816552", "121.43.243.13:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-05-20 07:37:42", "1816551", "45.152.65.240:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:28", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-19 20:46:09", "1816445", "43.142.137.169:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-19 19:45:18", "1816431", "91.202.233.214:44123", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:43", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-19 19:45:12", "1816430", "83.136.211.194:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:37", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-19 19:44:52", "1816428", "49.232.128.239:6099", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:17", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-19 19:44:52", "1816429", "5.101.81.163:47524", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-19 19:44:36", "1816427", "31.57.184.154:2502", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-19 19:43:48", "1816426", "192.159.99.50:7443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-19 19:43:33", "1816425", "172.111.233.80:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:38", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-19 19:43:20", "1816422", "144.172.94.91:1122", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-19 19:43:20", "1816423", "144.172.94.91:2255", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-19 19:43:20", "1816424", "144.172.94.91:3333", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-19 14:45:37", "1816365", "100.110.56.1:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-19 09:43:39", "1816297", "178.16.54.248:55380", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:43", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-19 09:43:37", "1816296", "176.120.22.127:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "2026-06-11 15:43:41", "75", "False", "None", "drb-ra,PoshC2", "0", "abuse_ch"
"2026-05-19 09:43:31", "1816295", "167.86.114.91:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:35", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-19 09:43:19", "1816294", "142.93.165.129:3334", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:18", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-19 09:43:08", "1816293", "104.243.248.63:1805", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-19 06:46:32", "1816252", "45.152.65.240:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:28", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-19 06:46:14", "1816248", "111.230.36.144:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-19 05:37:37", "1816235", "195.211.191.24:7673", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:46:35", "75", "False", "", "RemusStelaer", "0", "abuse_ch"
"2026-05-19 05:16:16", "1816173", "43.143.145.187:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-19 05:16:15", "1816172", "47.82.234.12:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2026-05-19 05:16:06", "1816164", "119.91.26.245:6666", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-19 05:15:34", "1816110", "43.144.19.220:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 22:47:56", "1816142", "23.236.64.238:8778", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-18 22:47:21", "1816141", "1.117.61.9:12306", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:56", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-18 19:45:01", "1816106", "89.125.255.29:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:42", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-18 19:44:59", "1816104", "84.21.189.225:50194", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:38", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-18 19:44:59", "1816105", "84.21.189.225:58268", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:39", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-18 19:44:52", "1816103", "65.87.7.130:61361", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:32", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-18 19:44:41", "1816102", "5.101.81.2:51842", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-18 19:44:34", "1816101", "44.211.251.197:8082", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:45:06", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-18 19:44:31", "1816100", "38.147.189.199:9001", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:44:59", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-18 19:43:47", "1816099", "2.26.75.250:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-18 19:43:39", "1816098", "188.137.181.111:53863", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:55", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-18 19:43:21", "1816097", "154.29.72.21:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:24", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-18 19:43:13", "1816096", "138.124.90.26:51337", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:17", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-18 19:43:11", "1816095", "130.49.214.92:53522", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-18 19:43:02", "1816094", "101.99.95.16:2850", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:03", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-18 18:05:44", "1816036", "207.180.250.181:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:12", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-05-18 14:45:47", "1816032", "118.31.114.149:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-18 11:28:17", "1815941", "120.53.15.64:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 11:28:05", "1815876", "175.178.36.137:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 10:46:24", "1815946", "62.234.22.228:51234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-18 09:45:32", "1815934", "93.82.27.251:8000", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:46", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-18 09:45:24", "1815932", "83.136.211.4:56001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:37", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-18 09:45:24", "1815933", "83.136.211.4:56002", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:38", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-18 09:44:56", "1815930", "46.8.226.70:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:15", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-18 09:44:56", "1815931", "46.8.226.70:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:15", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-18 09:44:44", "1815928", "34.230.7.122:8082", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:44:56", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-18 09:44:44", "1815929", "35.161.127.198:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:44:57", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-18 09:43:30", "1815927", "163.181.46.56:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:33", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-18 07:33:49", "1815818", "47.236.91.172:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 07:33:49", "1815819", "35.202.235.112:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:57", "100", "True", "None", "asyncrat", "1", "_ik_"
"2026-05-18 07:33:37", "1815773", "194.163.154.86:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:02", "100", "True", "None", "havoc", "1", "_ik_"
"2026-05-18 07:33:34", "1815757", "124.220.36.247:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 07:33:28", "1815737", "81.68.216.220:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 07:33:27", "1815736", "81.68.216.220:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-18 07:26:30", "1815832", "172.86.76.154:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-17 22:45:31", "1815762", "119.29.112.239:8005", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-17 19:43:19", "1815731", "144.172.65.245:5656", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:19", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-17 15:53:07", "1815551", "207.56.229.234:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "80", "False", "None", "cobalt-strike,erebus-wraith,unattributed", "0", "Erebu"
"2026-05-17 09:43:36", "1815580", "178.16.53.46:7331", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:42", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-17 09:43:23", "1815579", "154.29.72.21:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:24", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-17 09:43:19", "1815578", "144.172.100.157:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:19", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-17 06:52:36", "1815461", "81.71.20.155:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-17 05:46:40", "1815501", "206.119.173.149:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-17 05:46:19", "1815500", "101.126.150.253:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-17 03:45:47", "1815481", "47.236.91.172:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-16 19:46:20", "1815398", "91.92.243.63:39850", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:45", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 19:45:35", "1815397", "45.155.69.153:43345", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-16 19:44:19", "1815396", "206.81.21.156:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:11", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-16 19:43:23", "1815395", "139.99.131.177:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:18", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 19:43:08", "1815394", "104.236.230.184:443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:08", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-16 19:43:06", "1815392", "103.219.153.200:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:05", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 19:43:06", "1815393", "103.219.153.200:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:06", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 19:43:05", "1815391", "103.219.153.200:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:05", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 19:43:03", "1815390", "1.15.221.207:4379", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:02", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-16 18:46:11", "1815369", "38.14.248.199:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-16 09:46:35", "1815260", "38.14.248.199:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-16 09:44:54", "1815259", "31.57.184.82:7829", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 09:43:55", "1815258", "193.169.194.51:6325", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:00", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-16 09:43:50", "1815257", "188.126.90.5:9999", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:55", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-16 09:43:20", "1815256", "139.99.131.177:44444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:18", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 19:44:50", "1815137", "95.231.168.143:4483", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:47", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-15 19:44:38", "1815135", "65.21.21.227:6666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:31", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 19:44:38", "1815136", "65.21.21.227:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:32", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 19:44:21", "1815134", "4.235.114.15:1024", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:00", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 19:44:19", "1815133", "34.69.130.10:80", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:44:56", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-15 19:44:18", "1815132", "31.57.187.91:1337", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:56", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 19:44:14", "1815131", "217.30.169.67:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:49", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-15 19:43:41", "1815130", "2.26.160.75:4984", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:05", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-15 19:43:29", "1815129", "178.236.252.244:3333", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:43", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 19:43:22", "1815128", "163.245.216.78:8080", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:33", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-15 19:43:12", "1815127", "137.184.102.191:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:16", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-15 19:43:07", "1815126", "107.175.148.68:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:10", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-15 19:43:04", "1815125", "103.147.228.13:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-15 14:05:12", "1814920", "146.190.163.32:8768", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:48:49", "75", "False", "https://bazaar.abuse.ch/sample/a2a7f1a122c33439cb2c739aa90e32db3a181f7fe06e50c55da39a2f46a71884/", "RemusStealer", "0", "abuse_ch"
"2026-05-15 13:48:12", "1814914", "207.56.229.234:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-15 13:47:47", "1814909", "39.108.114.1:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-05-15 13:47:47", "1814910", "123.57.208.37:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-15 13:47:09", "1812324", "47.99.93.43:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-15 13:35:39", "1812358", "31.207.39.174:80", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 16:12:03", "100", "False", "None", "AS210403,chaos,Groupe LWS SARL", "0", "antiphishorg"
"2026-05-15 13:35:37", "1812345", "158.220.127.55:8888", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 16:12:03", "100", "False", "None", "AS51167,chaos,Contabo GmbH", "0", "antiphishorg"
"2026-05-15 09:45:23", "1814531", "91.124.19.173:6913", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:43", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-15 09:45:20", "1814529", "85.11.167.110:7777", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:39", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 09:45:20", "1814530", "85.11.167.110:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:39", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 09:44:54", "1814528", "5.101.81.2:63676", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:18", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 09:44:35", "1814527", "216.250.249.225:2195", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:49", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-15 09:43:22", "1814525", "15.236.43.82:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:23", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-15 09:43:07", "1814523", "104.243.248.63:1808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-15 09:43:04", "1814522", "103.168.67.140:3031", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-14 22:45:41", "1812322", "1.117.61.9:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-14 19:47:27", "1812283", "95.141.133.7:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:46", "75", "False", "None", "Covenant,drb-ra", "0", "abuse_ch"
"2026-05-14 19:47:23", "1812282", "91.215.85.121:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:43", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-14 19:43:34", "1812281", "138.9.219.221:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:17", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-14 19:43:12", "1812280", "104.243.248.63:1806", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-14 12:36:52", "1811874", "8.218.224.15:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-14 12:35:59", "1811932", "80.78.30.62:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:35", "100", "True", "None", "havoc", "1", "_ik_"
"2026-05-14 12:33:41", "1812137", "207.56.226.75:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "100", "True", "None", "cobaltstrike", "1", "_ik_"
"2026-05-14 12:33:30", "1811674", "47.102.184.26:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "50", "False", "None", "37963,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-14 12:30:56", "1811507", "158.94.209.243:3333", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:30", "100", "True", "None", "dcrat", "1", "_ik_"
"2026-05-14 12:14:39", "1812148", "147.78.2.110:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-14 11:46:11", "1812141", "113.31.115.231:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-14 09:51:34", "1812126", "84.46.251.62:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:39", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-14 09:45:53", "1812125", "192.159.99.34:6606", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:45:36", "1811952", "93.127.160.86:6552", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:45", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:45:31", "1811950", "85.120.252.124:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:39", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-13 19:45:31", "1811951", "85.17.192.68:2121", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:40", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:45:29", "1811949", "83.217.215.55:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:38", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-13 19:45:08", "1811948", "5.101.83.144:9521", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:45:06", "1811947", "5.101.82.216:50044", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:45:05", "1811946", "5.101.81.81:6913", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:44:54", "1811945", "43.230.162.44:14321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:05", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-13 19:44:46", "1811944", "31.13.190.2:6552", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:53", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 19:43:55", "1811943", "2.26.96.209:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:06", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-13 19:43:53", "1811942", "194.33.48.221:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:03", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-13 19:43:17", "1811941", "139.99.131.177:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:18", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-13 19:43:03", "1811939", "103.197.191.159:443", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:05", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-13 19:43:03", "1811940", "103.197.191.159:80", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:05", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-13 10:45:56", "1811775", "43.139.170.200:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-13 09:45:26", "1811766", "91.134.139.176:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:43", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-13 09:45:12", "1811764", "62.169.31.177:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2026-06-11 15:45:29", "75", "False", "None", "drb-ra,Hook", "0", "abuse_ch"
"2026-05-13 09:44:52", "1811763", "45.92.1.175:5220", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:13", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 09:43:56", "1811762", "203.202.232.22:3131", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:10", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-13 09:43:50", "1811761", "194.33.48.221:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:03", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-13 09:43:20", "1811760", "147.124.216.58:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:22", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-13 09:43:02", "1811759", "101.109.237.93:7443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:03", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-12 22:45:18", "1811650", "168.222.97.93:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 22:45:18", "1811651", "168.222.97.93:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 22:45:17", "1811649", "161.248.87.10:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 19:45:05", "1811573", "94.198.51.234:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:46", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-12 19:44:29", "1811572", "37.72.172.58:7077", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:58", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-12 19:43:45", "1811571", "2.27.17.179:6644", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-12 14:50:32", "1811234", "190.255.90.152:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:56", "50", "False", "None", "3816,asyncrat,c2,censys", "0", "sojubear"
"2026-05-12 11:45:40", "1811413", "118.31.62.238:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 11:45:38", "1811412", "117.72.168.103:50011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 11:45:31", "1811410", "101.132.156.12:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 11:45:31", "1811411", "101.35.102.87:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-12 09:45:18", "1811401", "91.92.243.38:35630", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:45", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-12 09:45:17", "1811400", "91.215.85.121:6466", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:43", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-12 09:45:14", "1811399", "85.158.57.247:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:40", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-12 09:45:04", "1811398", "67.180.188.88:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:32", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-12 09:45:00", "1811397", "62.84.114.70:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:30", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-12 09:44:59", "1811396", "62.171.190.148:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:29", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-12 09:44:43", "1811394", "45.142.107.41:1030", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:07", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-12 09:44:43", "1811395", "45.142.107.41:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:07", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-12 09:44:37", "1811392", "31.57.184.48:7456", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-12 09:44:37", "1811393", "31.57.201.105:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:56", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-12 09:43:50", "1811389", "207.148.2.115:60060", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:44:11", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-12 09:43:50", "1811390", "207.148.2.115:60061", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:44:12", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-12 09:43:47", "1811388", "2.26.96.209:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:07", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-12 09:43:21", "1811387", "155.103.71.115:14549", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-12 09:43:17", "1811386", "146.185.233.71:41254", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-12 09:43:06", "1811385", "104.243.248.63:1803", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-12 09:43:03", "1811384", "103.143.207.71:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 08:43:03", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 22:45:16", "1811186", "117.50.184.221:10080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-11 22:45:14", "1811185", "112.124.71.123:55555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-11 19:45:07", "1811129", "64.199.252.59:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:45:30", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-11 19:45:01", "1811128", "51.77.54.76:6769", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:26", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:44:51", "1811127", "46.253.143.52:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:15", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:44:49", "1811126", "45.77.89.29:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:12", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:43:58", "1811125", "213.139.77.243:55555", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:44:14", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-11 19:43:39", "1811124", "185.212.128.72:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-11 19:43:38", "1811123", "185.190.142.66:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:50", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:43:23", "1811122", "155.103.71.115:14548", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-11 19:43:16", "1811120", "139.180.153.57:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 08:43:16", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:43:16", "1811121", "139.99.131.177:8000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:18", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 19:43:10", "1811119", "13.60.193.80:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:14", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:43:08", "1811118", "109.73.193.242:10140", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:11", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 19:43:04", "1811117", "103.247.11.53:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 08:43:05", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-11 11:45:53", "1811018", "38.55.124.41:16571", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-10 14:46:49", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-11 11:45:45", "1811017", "172.245.28.187:4440", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-11 11:45:33", "1811016", "117.72.198.62:9987", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-11 09:45:20", "1810966", "91.92.243.63:35631", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:45", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:45:20", "1810967", "91.92.243.63:35635", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:45", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:45:15", "1810965", "89.42.134.220:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:42", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:44:59", "1810964", "78.47.143.18:8053", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-10 08:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-11 09:44:44", "1810963", "5.101.81.81:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-10 18:44:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-11 09:44:38", "1810962", "45.153.34.51:58001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 08:44:57", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-11 09:44:36", "1810961", "44.215.161.149:4005", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:06", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-11 09:44:35", "1810960", "43.133.149.36:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:03", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-11 09:44:29", "1810959", "31.57.184.154:7007", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:43:46", "1810958", "20.114.142.61:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:08", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-11 09:43:42", "1810957", "194.163.175.135:8679", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-10 08:43:56", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 09:43:41", "1810956", "193.169.194.19:8264", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:00", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-11 09:43:35", "1810955", "185.242.245.27:44875", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:53", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 09:43:34", "1810954", "185.212.128.76:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-11 09:43:26", "1810952", "172.239.57.52:1234", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:38", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-11 09:43:26", "1810953", "172.245.97.237:2030", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:38", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-11 09:43:24", "1810951", "168.222.97.106:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-10 08:43:34", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:43:20", "1810950", "158.94.210.70:22532", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:30", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:43:15", "1810949", "144.91.78.57:9008", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-11 09:43:11", "1810948", "137.184.38.192:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:16", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-11 09:43:09", "1810947", "130.12.182.209:1525", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:15", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-10 23:45:17", "1810462", "150.158.109.61:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-10 23:45:07", "1810461", "112.213.106.53:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-10 19:44:55", "1810418", "64.23.231.32:9001", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:30", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-10 19:44:52", "1810417", "5.78.110.145:7989", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-09 18:45:01", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-10 19:44:43", "1810416", "46.109.239.103:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-10 08:44:59", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-10 19:44:38", "1810415", "44.206.172.239:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:05", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-10 19:44:31", "1810414", "31.57.184.154:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-10 19:44:30", "1810413", "24.134.4.221:4714", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:52", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-10 19:43:51", "1810412", "209.99.188.44:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-09 18:44:01", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-10 19:43:45", "1810410", "195.123.240.236:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:03", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-10 19:43:45", "1810411", "195.123.240.236:8274", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:03", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-10 19:43:39", "1810408", "189.34.188.6:5406", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:56", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-10 19:43:39", "1810409", "189.34.188.6:5407", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:56", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-10 19:43:32", "1810407", "178.16.55.171:444", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:43", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-10 19:43:31", "1810406", "178.105.40.204:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-10 08:43:39", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-10 19:43:15", "1810405", "138.9.237.106:8015", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-09 18:43:15", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-10 19:43:11", "1810404", "130.49.214.74:50194", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 08:43:14", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-10 18:42:12", "1809980", "129.211.2.123:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "50", "False", "None", "45090,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-10 18:42:09", "1809984", "1.92.101.103:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "50", "False", "None", "55990,c2,censys,cobalt strike", "0", "sojubear"
"2026-05-10 10:45:37", "1810194", "142.171.172.100:17443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-10 09:44:56", "1810170", "57.158.27.132:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:28", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-10 09:44:39", "1810169", "43.133.149.36:18080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:02", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-10 09:43:47", "1810167", "198.23.185.234:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:05", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-10 09:43:45", "1810166", "194.26.192.229:50", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-09 18:43:52", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-10 09:43:41", "1810165", "192.159.99.183:8080", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:57", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-10 09:43:33", "1810164", "179.43.134.189:9968", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:44", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-10 09:43:31", "1810163", "175.27.164.136:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:41", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-10 09:43:27", "1810162", "172.245.152.57:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-09 18:43:33", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-09 19:44:46", "1809758", "82.25.35.113:2177", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:45:37", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-09 19:44:38", "1809756", "5.180.46.180:2030", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:45:24", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-09 19:43:46", "1809754", "213.130.25.141:44333", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:14", "75", "False", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2026-05-09 19:43:24", "1809750", "168.144.89.48:8443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:37", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-09 19:43:23", "1809749", "167.99.151.149:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:36", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 23:44:52", "1809219", "139.196.50.117:9930", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-08 23:44:44", "1809218", "106.53.82.117:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-08 19:45:15", "1809059", "202.95.18.30:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-08 19:44:39", "1809053", "89.208.113.158:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-10 08:45:31", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 19:44:36", "1809052", "83.142.209.60:8795", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:38", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 19:44:34", "1809050", "80.211.196.157:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:35", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 19:44:32", "1809046", "64.90.19.46:5432", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:31", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 19:44:32", "1809047", "66.163.112.213:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:32", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 19:44:27", "1809044", "5.101.86.70:9843", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:44:25", "1809043", "5.101.86.105:4509", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:44:13", "1809042", "31.57.216.56:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:44:11", "1809041", "23.227.203.172:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:44:50", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-08 19:43:41", "1809039", "209.38.100.109:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:13", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 19:43:36", "1809038", "193.42.24.165:4848", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:01", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 19:43:35", "1809037", "193.169.194.24:2509", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:00", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:43:31", "1809036", "185.220.205.80:3535", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:53", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:43:29", "1809034", "185.212.128.15:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:50", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-08 19:43:29", "1809035", "185.212.128.24:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-08 19:43:28", "1809033", "180.97.214.70:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:45", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-08 19:43:26", "1809032", "177.67.105.14:8091", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-10 18:43:35", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-08 19:43:19", "1809029", "160.25.82.142:80", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:31", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:43:17", "1809028", "154.7.228.167:2443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:24", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-08 19:43:15", "1809026", "146.185.233.76:7227", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 19:43:15", "1809027", "146.185.239.61:9702", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 10:44:30", "1808743", "47.94.168.149:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-08 10:44:29", "1808742", "47.83.254.175:1102", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:55", "1808665", "62.169.25.116:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-09 18:45:07", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 08:43:54", "1808664", "5.252.179.132:1616", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:53", "1808661", "5.101.86.95:4034", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:24", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:53", "1808662", "5.101.86.99:7192", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:24", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:53", "1808663", "5.252.153.0:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:25", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:52", "1808660", "5.101.86.70:2428", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:51", "1808659", "5.101.86.41:3305", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:50", "1808658", "5.101.86.103:8834", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:49", "1808655", "5.101.83.117:8374", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:49", "1808656", "5.101.86.103:2428", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:49", "1808657", "5.101.86.103:6913", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:48", "1808654", "5.101.82.226:3581", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:47", "1808653", "5.101.81.23:4315", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:46", "1808652", "45.79.163.107:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:12", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 08:43:45", "1808650", "45.56.91.55:2005", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:11", "75", "False", "None", "Covenant,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:42", "1808648", "31.57.216.62:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:41", "1808647", "23.249.29.138:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:44:51", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-08 08:43:21", "1808643", "209.38.110.161:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:13", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 08:43:19", "1808641", "195.250.25.214:4000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-09 18:43:53", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-08 08:43:18", "1808640", "194.37.80.126:7543", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:03", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-08 08:43:15", "1808639", "185.212.129.114:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-08 08:43:13", "1808637", "178.104.186.90:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:42", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:12", "1808635", "170.168.103.124:5342", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:37", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:08", "1808633", "146.185.239.55:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:05", "1808628", "113.31.118.180:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:12", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-08 08:43:04", "1808623", "104.243.248.63:1802", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-08 08:43:04", "1808624", "106.55.186.190:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:04", "1808625", "107.161.50.202:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:04", "1808626", "107.172.235.68:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-08 08:43:03", "1808621", "103.83.87.7:2492", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:06", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 08:43:03", "1808622", "103.83.87.81:4141", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-08 07:49:28", "1808600", "45.202.249.88:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:28", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-08 07:49:24", "1808598", "45.202.249.88:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-07 20:45:06", "1808288", "49.7.54.204:8901", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-07 20:44:34", "1808287", "106.14.116.17:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-07 20:44:32", "1808286", "101.33.225.32:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-07 18:44:06", "1808259", "5.101.86.106:9521", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-07 18:44:05", "1808258", "5.101.83.114:7312", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-07 18:43:25", "1808256", "186.169.76.228:5010", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-07 18:43:18", "1808255", "168.144.36.228:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:36", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-07 18:43:11", "1808253", "146.185.233.41:5382", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-07 18:43:09", "1808252", "138.197.21.32:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:17", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-07 10:44:18", "1808142", "83.147.38.94:2030", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:45:38", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-07 10:44:07", "1808140", "5.101.81.81:9323", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-06 20:53:22", "1807868", "27.102.137.139:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:52", "75", "False", "", "Remcos,RemcosRAT,Remvio,Socmer", "0", "whoamix302"
"2026-05-06 20:45:39", "1807906", "45.207.192.190:30078", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 20:45:29", "1807905", "207.56.226.75:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 20:45:09", "1807904", "117.72.168.103:16337", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 18:44:01", "1807846", "5.101.86.102:2501", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-06 18:44:01", "1807847", "5.101.86.107:4934", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-06 18:43:14", "1807842", "154.18.238.18:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:24", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-06 16:44:54", "1807793", "68.64.178.130:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 16:44:44", "1807792", "39.101.78.48:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 16:44:32", "1807791", "124.223.90.150:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 16:44:22", "1807788", "1.15.100.187:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-06 08:44:09", "1807540", "5.101.86.41:2428", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-06 08:44:09", "1807541", "5.101.86.41:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-06 08:44:08", "1807539", "5.101.86.104:1334", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-06 08:43:54", "1807538", "31.57.184.154:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-06 06:01:23", "1807364", "77.93.152.138:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:33", "50", "False", "None", "401479,asyncrat,c2,censys", "0", "sojubear"
"2026-05-05 18:49:30", "1807206", "5.101.86.98:4126", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:24", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-05 18:49:12", "1807204", "5.101.82.228:9362", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-05 18:49:12", "1807205", "5.101.82.229:3039", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-05 10:47:42", "1806953", "5.101.82.99:6031", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-05 10:47:27", "1806951", "46.151.182.33:9545", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:14", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-05 08:44:56", "1806901", "172.245.156.179:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-05 00:05:43", "1806444", "104.168.5.25:5000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:07", "75", "False", "https://bazaar.abuse.ch/sample/ee0e4e3198fd8942c1241f276857745823901fbbdd73b6827517998e17f91e09/", "remcos", "0", "abuse_ch"
"2026-05-04 20:45:07", "1806229", "8.130.80.145:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-04 20:44:43", "1806228", "154.219.115.123:61443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-04 20:44:36", "1806227", "119.29.198.193:8555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-04 18:44:06", "1806112", "5.101.86.101:1398", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-04 08:44:52", "1805768", "31.7.62.178:14443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-04 08:44:13", "1805766", "82.165.79.60:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:37", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-04 08:44:12", "1805765", "82.165.79.60:1337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:37", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-04 08:44:06", "1805762", "5.101.86.73:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-04 08:44:06", "1805763", "5.101.86.73:8371", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-04 08:44:05", "1805761", "5.101.86.4:3841", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-04 08:43:16", "1805757", "163.181.45.55:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:33", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-03 12:44:50", "1805272", "80.78.22.41:783", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-03 12:44:46", "1805271", "49.232.90.5:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-03 12:44:37", "1805269", "38.165.21.163:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-03 12:44:29", "1805268", "151.245.90.45:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-03 08:43:54", "1805202", "46.151.182.148:25608", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:13", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-03 08:43:14", "1805198", "159.69.90.48:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-09 18:43:27", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-02 20:44:32", "1804969", "34.124.142.136:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-02 20:44:32", "1804970", "34.124.142.136:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-02 20:44:30", "1804967", "195.123.220.237:2053", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-02 18:43:44", "1804928", "38.147.173.24:8562", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:59", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-02 18:43:07", "1804919", "134.122.99.247:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:15", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-02 08:43:53", "1804732", "8.160.216.91:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:34", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-02 08:43:40", "1804728", "31.57.184.161:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-02 08:43:40", "1804729", "31.57.184.161:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-02 08:43:39", "1804727", "31.57.184.161:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-02 08:43:06", "1804719", "124.95.172.200:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:14", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-02 06:55:51", "1804644", "194.164.72.136:48261", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:46:25", "75", "False", "https://bazaar.abuse.ch/sample/5eb440933efc934628399697e2bca83ac41cefbb7c653dae1b91113596c4755e/", "RemusStealer", "0", "abuse_ch"
"2026-05-02 05:24:07", "1804005", "47.239.222.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "100", "False", "", "AS45102,Cobalt Strike,cobeacon", "1", "xcyber901"
"2026-05-01 18:44:00", "1803899", "93.71.143.3:9002", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:45:45", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-01 18:43:58", "1803896", "89.114.115.200:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:41", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 18:43:53", "1803894", "59.152.212.164:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:45:28", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 18:43:52", "1803892", "5.101.86.65:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:52", "1803893", "5.101.86.65:8643", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:51", "1803889", "5.101.86.15:6798", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:51", "1803890", "5.101.86.15:9267", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:51", "1803891", "5.101.86.34:5749", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:50", "1803887", "5.101.82.190:5691", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:50", "1803888", "5.101.86.15:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:21", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:48", "1803884", "45.9.168.220:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:13", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:45", "1803881", "45.10.164.177:45123", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:06", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-01 18:43:44", "1803880", "39.101.82.73:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:00", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-01 18:43:41", "1803874", "31.57.184.154:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 18:43:41", "1803875", "31.57.184.187:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:55", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:24", "1803866", "195.88.191.41:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:04", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-01 18:43:24", "1803867", "195.88.191.41:7666", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:04", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-05-01 18:43:22", "1803863", "192.227.232.124:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:58", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-01 18:43:19", "1803858", "185.212.128.80:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 18:43:19", "1803859", "185.212.128.85:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 18:43:16", "1803856", "173.211.106.231:21320", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:40", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 18:43:14", "1803853", "169.40.135.17:9521", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:37", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:09", "1803849", "146.185.233.71:35412", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:20", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:05", "1803845", "109.227.59.160:4433", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:43:11", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 18:43:05", "1803846", "114.132.29.20:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:12", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 18:43:04", "1803842", "104.168.5.25:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:07", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 18:43:04", "1803843", "107.175.113.106:55", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:10", "75", "False", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch"
"2026-05-01 18:43:02", "1803840", "103.110.65.166:52223", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:03", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-01 14:44:50", "1803693", "8.222.192.153:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-01 14:44:44", "1803689", "47.236.91.172:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-01 14:44:20", "1803687", "118.25.178.35:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-05-01 08:43:49", "1803514", "72.56.246.58:80", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:33", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 08:43:48", "1803512", "62.60.226.63:6856", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:29", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:48", "1803513", "64.89.163.114:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:31", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 08:43:46", "1803506", "5.101.86.57:1984", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:46", "1803507", "5.101.86.60:6798", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:46", "1803508", "5.101.86.76:1338", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:46", "1803509", "5.101.86.76:9323", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:46", "1803510", "5.101.86.76:9521", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:24", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:46", "1803511", "5.101.86.78:9323", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:24", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:45", "1803502", "5.101.81.81:4315", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:18", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:45", "1803503", "5.101.86.34:6913", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:45", "1803504", "5.101.86.4:2428", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:45", "1803505", "5.101.86.4:6448", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:44", "1803499", "46.151.182.71:22", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:14", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:44", "1803500", "47.103.106.26:2333", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:16", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 08:43:44", "1803501", "47.83.254.175:6321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:17", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 08:43:43", "1803498", "46.151.182.33:4747", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:14", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:40", "1803493", "4.236.165.30:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:00", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 08:43:38", "1803491", "31.58.58.168:51272", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-10 18:44:40", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:37", "1803490", "3.19.238.211:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:44:53", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-01 08:43:23", "1803486", "20.2.83.254:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:44:08", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 08:43:21", "1803483", "194.116.236.110:6161", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:01", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:20", "1803478", "190.2.150.52:853", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:56", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:16", "1803473", "178.128.252.142:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:42", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-01 08:43:16", "1803475", "178.16.53.183:111", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:42", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:14", "1803470", "169.40.135.35:6158", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:37", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:13", "1803466", "163.5.102.110:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:34", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:13", "1803467", "163.5.102.110:2407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:34", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:13", "1803468", "163.5.102.99:6325", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:34", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:12", "1803464", "158.94.209.210:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:29", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-01 08:43:12", "1803465", "158.94.209.227:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:29", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-05-01 08:43:11", "1803460", "155.103.70.100:50030", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:11", "1803461", "155.103.70.100:50033", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:25", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:11", "1803462", "155.103.70.68:2323", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:10", "1803457", "151.243.109.10:9323", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:10", "1803458", "151.243.109.213:6325", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:23", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-05-01 08:43:09", "1803456", "146.190.133.216:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:21", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2026-05-01 08:43:08", "1803455", "143.202.105.137:9001", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-10 08:43:18", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 08:43:07", "1803452", "136.0.41.76:8443", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:16", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 08:43:05", "1803448", "111.229.144.163:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:11", "75", "False", "None", "drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 08:43:03", "1803442", "103.140.238.45:8887", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-01 08:43:03", "1803443", "103.140.238.45:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-05-01 07:08:50", "1803389", "165.154.24.229:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-05-01 07:08:46", "1803385", "106.75.31.247:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:01", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-05-01 02:43:32", "1803286", "94.176.3.228:48765", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:46", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:32", "1803290", "98.81.111.167:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:47", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:32", "1803291", "98.97.125.70:8883", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:45:47", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:31", "1803279", "91.202.233.153:43555", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:43", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:31", "1803280", "91.215.85.151:47653", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:44", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:30", "1803275", "85.121.5.202:5689", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:39", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:30", "1803276", "85.155.186.2:3821", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:40", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:29", "1803269", "83.97.20.133:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:45:38", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:28", "1803262", "79.135.160.20:9999", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:34", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:28", "1803264", "80.96.113.212:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:36", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:27", "1803257", "66.163.115.78:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:32", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:27", "1803259", "68.64.178.130:9900", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:32", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:27", "1803260", "72.56.246.58:443", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:33", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:27", "1803261", "72.56.246.58:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:33", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:26", "1803251", "52.198.162.251:16000", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:26", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-01 02:43:26", "1803254", "62.81.188.1:443", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:45:30", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:26", "1803255", "66.163.115.78:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:32", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:26", "1803256", "66.163.115.78:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:32", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:25", "1803245", "45.95.232.195:54655", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:13", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:25", "1803246", "46.101.77.223:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:45:13", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:25", "1803249", "5.42.221.153:443", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:45:25", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:24", "1803239", "45.155.69.175:42455", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:10", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:24", "1803240", "45.56.91.55:2003", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:11", "75", "False", "None", "Covenant,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:24", "1803244", "45.81.243.52:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:12", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:23", "1803235", "45.125.67.171:8443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:07", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:23", "1803236", "45.144.137.216:38271", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:08", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:23", "1803238", "45.155.69.106:42211", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:22", "1803230", "38.76.217.23:9443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-10 08:44:50", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:22", "1803231", "43.134.133.177:8445", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:45:03", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:22", "1803232", "43.142.77.170:443", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:04", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:22", "1803233", "43.142.77.170:80", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:45:04", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:22", "1803234", "43.160.225.40:39001", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:04", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:21", "1803224", "31.57.184.48:6523", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:21", "1803225", "37.72.140.15:5555", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:58", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:21", "1803228", "38.54.119.24:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:00", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:21", "1803229", "38.60.134.130:62858", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-10 08:44:50", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:20", "1803218", "222.255.100.119:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:44:50", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:20", "1803219", "23.227.203.6:42235", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:50", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:20", "1803222", "31.57.184.154:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:55", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:19", "1803211", "216.107.208.250:10444", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:44:15", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:19", "1803214", "217.60.38.14:14421", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:49", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:19", "1803215", "219.142.15.101:4353", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:44:49", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:19", "1803216", "220.231.47.163:4353", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:44:49", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:19", "1803217", "221.130.42.19:4353", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:44:49", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:18", "1803204", "207.107.147.42:4438", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:44:11", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:18", "1803205", "208.249.244.20:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:44:12", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:18", "1803206", "209.151.145.164:8443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:44:13", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:18", "1803208", "212.227.93.107:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:44:14", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:18", "1803210", "213.199.35.149:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:44:15", "75", "False", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:17", "1803199", "2.27.29.65:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:07", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:17", "1803200", "202.171.43.176:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 08:44:05", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-01 02:43:17", "1803201", "202.181.24.236:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:09", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-01 02:43:17", "1803202", "202.95.17.188:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:17", "1803203", "206.189.40.107:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:11", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-01 02:43:15", "1803190", "193.112.115.127:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:59", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:15", "1803192", "193.23.137.40:3334", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:44:00", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:14", "1803180", "185.242.3.83:9909", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:54", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:14", "1803181", "185.247.224.40:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:54", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803173", "185.212.128.81:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803174", "185.212.129.23:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803175", "185.212.129.24:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803176", "185.212.129.29:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803177", "185.212.129.30:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:52", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803178", "185.213.20.250:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:52", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:13", "1803179", "185.242.245.120:42534", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:53", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:12", "1803166", "180.184.29.135:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:44", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:12", "1803167", "182.255.45.114:4848", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:49", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:12", "1803168", "185.122.171.4:44355", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:49", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:12", "1803171", "185.212.128.25:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:12", "1803172", "185.212.128.48:9000", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:51", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:11", "1803162", "178.16.52.22:8396", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:42", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:10", "1803158", "173.211.106.231:21321", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:40", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:10", "1803159", "173.242.59.199:8888", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:40", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:09", "1803149", "162.243.64.101:3333", "ip:port", "botnet_cc", "elf.evilginx", "None", "Evilginx", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,Evilginx,EvilGoPhish", "0", "abuse_ch"
"2026-05-01 02:43:09", "1803152", "172.111.162.252:3030", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:37", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:09", "1803153", "172.9.165.216:8096", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:39", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:09", "1803154", "172.93.144.164:8580", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:39", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:08", "1803140", "153.75.224.159:5400", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:43:24", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:08", "1803141", "154.219.115.123:60001", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 08:43:23", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:08", "1803145", "161.248.179.92:1111", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:31", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:08", "1803146", "161.248.179.92:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:31", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:08", "1803147", "162.14.124.25:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:32", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:07", "1803134", "149.104.28.204:3656", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:22", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:07", "1803139", "151.236.4.135:443", "ip:port", "botnet_cc", "win.danabot", "DanaTools", "DanaBot", "2026-06-11 15:43:23", "75", "False", "None", "DanBot,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:06", "1803127", "142.93.88.220:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:19", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-05-01 02:43:05", "1803121", "134.175.253.242:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:15", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:05", "1803124", "138.124.113.131:4211", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:16", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:05", "1803125", "138.197.119.51:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-10 18:43:14", "75", "False", "None", "Covenant,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:05", "1803126", "139.64.164.72:63337", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:17", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:04", "1803114", "115.42.60.122:5440", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:12", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:04", "1803115", "117.72.101.55:9520", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:13", "75", "False", "None", "CHAOS,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:04", "1803119", "130.94.23.39:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:15", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:03", "1803108", "103.57.250.99:41895", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:06", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:03", "1803109", "103.75.190.47:54630", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:06", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2026-05-01 02:43:03", "1803110", "104.234.174.93:57712", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:07", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:03", "1803111", "106.55.71.62:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:09", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:03", "1803112", "114.132.133.191:8989", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:12", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-05-01 02:43:03", "1803113", "115.190.247.97:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:12", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2026-04-30 18:43:45", "1802897", "82.156.219.31:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-30 18:43:30", "1802894", "193.53.127.220:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-30 12:55:24", "1802724", "101.43.29.69:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-04-30 06:26:35", "1802552", "31.97.61.212:8521", "ip:port", "botnet_cc", "win.remus", "None", "Remus", "2026-06-10 06:47:15", "75", "False", "https://bazaar.abuse.ch/sample/f86352ecaf34773e85d979220b9825f6c1ec45b5c93d5ecca9998dc2b49cf3a8/", "RemusStealer", "0", "abuse_ch"
"2026-04-29 15:18:41", "1802153", "103.140.238.45:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:04", "75", "False", "", "Sliver", "0", "whoamix302"
"2026-04-29 14:43:42", "1802141", "82.156.62.131:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-29 14:43:28", "1802139", "217.154.212.25:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-29 14:43:24", "1802138", "156.245.147.98:9010", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-29 14:43:11", "1802137", "100.113.210.8:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-29 07:49:06", "1801960", "156.245.147.101:9010", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "100", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-27 11:02:18", "1800975", "45.43.59.179:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-27 08:25:23", "1800903", "107.172.252.244:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:01", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-04-27 08:23:19", "1800899", "147.78.2.110:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-04-27 08:22:39", "1800898", "45.130.148.102:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:28", "100", "False", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2026-04-27 04:47:42", "1800672", "82.165.179.9:1604", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:36", "75", "False", "https://bazaar.abuse.ch/sample/dc7926a343bf4a612ebd57924bd5e3a6df997164b090c662855f2f3e6e91c930/", "asyncrat", "0", "abuse_ch"
"2026-04-26 08:48:33", "1800301", "156.245.147.98:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-25 14:21:21", "1800020", "8.136.97.98:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-04-25 14:17:33", "1800017", "124.222.75.188:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:11", "100", "False", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2026-04-24 08:14:10", "1797062", "31.56.209.78:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:53", "75", "False", "", "Remcos,RemcosRAT,Remvio,Socmer", "0", "whoamix302"
"2026-04-22 20:53:22", "1796313", "192.210.174.149:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 04:45:44", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-22 20:50:52", "1796311", "141.227.135.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-22 14:30:19", "1796097", "47.94.162.43:2222", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "100", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-22 10:36:10", "1796009", "82.156.62.131:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "100", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-21 14:54:03", "1795599", "43.225.158.58:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-21 11:31:32", "1795513", "103.97.176.69:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-04-19 15:48:58", "1794558", "82.156.90.136:9180", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "100", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-18 02:46:54", "1793918", "121.4.92.72:1111", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-17 20:50:11", "1793739", "43.230.200.254:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-17 15:17:52", "1793584", "155.103.71.232:15407", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:26", "75", "False", "https://x.com/K_N1kolenko/status/2045099146856599584", "RAT,RemcosRAT", "0", "abuse_ch"
"2026-04-16 10:56:58", "1792707", "43.167.177.224:7778", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-15 11:39:45", "1791738", "139.224.23.63:8866", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "100", "False", "", "Agentemis,BEACON,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-14 11:49:08", "1788636", "2.27.62.123:4449", "ip:port", "botnet_cc", "win.pure_rat", "PureHVNC,ResolverRAT", "PureRAT", "2026-06-09 16:43:28", "75", "False", "https://bazaar.abuse.ch/sample/e85bf177349f91d23697920f51bc38fa2088d135d206cac70c1111dc79183cc4/", "PureHVNC,PureRAT,RAT", "0", "abuse_ch"
"2026-04-14 05:10:44", "1785317", "140.143.207.166:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:18", "100", "False", "", "C2,Mythic", "0", "whoamix302"
"2026-04-12 07:02:44", "1784575", "156.239.47.94:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-04-12 06:34:43", "1784558", "47.104.248.7:8884", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "100", "False", "", "Agentemis,BEACON,C2,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-11 12:10:14", "1784256", "45.74.244.142:18433", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:11", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2026-04-11 07:06:58", "1783725", "120.48.18.226:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "100", "False", "", "Agentemis,BEACON,C2,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-11 06:36:58", "1784155", "101.35.214.58:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "100", "False", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2026-04-09 14:48:47", "1783375", "39.102.125.11:4435", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-07 23:06:40", "1782524", "82.165.179.9:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:36", "75", "False", "https://bazaar.abuse.ch/sample/4c3b97c157d08ee298edb5d30fa86a3b90b04fedfbe517e7e0307b6013eacbf0/", "asyncrat", "0", "abuse_ch"
"2026-04-06 18:49:49", "1781907", "43.139.108.161:8192", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "100", "False", "", "Agentemis,BEACON,C2,Cobalt Strike,CobaltStrike,cobeacon", "0", "whoamix302"
"2026-04-06 02:47:20", "1781593", "47.76.96.68:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-04 20:44:05", "1781225", "111.230.217.36:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-04 20:44:01", "1781224", "109.244.130.113:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:02", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-04-01 10:45:34", "1780037", "164.92.67.70:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:34", "50", "False", "https://www.shodan.io/host/164.92.67.70#443", "c2,havoc,shodan", "0", "juroots"
"2026-03-28 14:56:18", "1777986", "47.122.47.221:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-03-27 12:01:30", "1777296", "185.242.3.83:2202", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:53", "100", "False", "https://search.censys.io/hosts/185.242.3.83", "AS60223,AsyncRAT,C2,censys,NETIFACE-AS,RAT", "0", "DonPasci"
"2026-03-27 00:01:49", "1777022", "161.248.179.38:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 08:43:29", "100", "False", "https://search.censys.io/hosts/161.248.179.38", "AS150895,AsyncRAT,C2,censys,EZTECH-VN,RAT", "0", "DonPasci"
"2026-03-27 00:00:31", "1777014", "49.234.199.152:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "100", "False", "https://search.censys.io/hosts/49.234.199.152", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-26 14:59:36", "1776672", "158.94.209.95:80", "ip:port", "botnet_cc", "win.gcleaner", "None", "GCleaner", "2026-06-11 16:14:02", "100", "False", "None", "GCleaner,loader", "0", "Bitsight"
"2026-03-25 20:00:39", "1776411", "83.229.127.46:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "100", "False", "https://search.censys.io/hosts/83.229.127.46", "AS139659,C2,censys,CobaltStrike,cs-watermark-666666666,LUCID-AS-AP", "0", "DonPasci"
"2026-03-25 16:13:35", "1775582", "80.66.84.167:4242", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-06-10 09:10:06", "75", "False", "https://bazaar.abuse.ch/sample/3187d3e3b16a56070801701cb040843b67ee52f3a601be142267fd0ea0d91e3b/", "RAT,VenomRAT", "0", "abuse_ch"
"2026-03-25 07:08:19", "1775338", "47.120.20.86:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-24 12:01:13", "1774903", "37.72.172.58:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:58", "100", "False", "https://search.censys.io/hosts/37.72.172.58", "AS29802,AsyncRAT,C2,censys,HVC-AS,RAT", "0", "DonPasci"
"2026-03-24 12:00:35", "1774898", "47.92.208.27:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "100", "False", "https://search.censys.io/hosts/47.92.208.27", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-03-23 21:06:09", "1774595", "154.83.12.132:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-03-23 08:01:13", "1774191", "45.77.22.230:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "2026-06-11 15:45:12", "100", "False", "https://search.censys.io/hosts/45.77.22.230", "AS-VULTR,AS20473,C2,censys,Posh", "0", "DonPasci"
"2026-03-23 06:56:52", "1774142", "115.191.25.159:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-22 20:01:13", "1773942", "100.52.66.182:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-10 08:43:03", "100", "False", "https://search.censys.io/hosts/100.52.66.182", "AMAZON-AES,AS14618,C2,censys,Havoc", "0", "DonPasci"
"2026-03-22 18:02:20", "1773536", "156.239.252.191:448", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "100", "False", "", "BEACON,C2,CobaltStrike,Shodan", "0", "whoamix302"
"2026-03-22 12:01:29", "1773754", "138.226.236.52:13212", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:17", "100", "False", "https://search.censys.io/hosts/138.226.236.52", "AdaptixC2,AS205775,C2,censys,NEONCORENETWORKS", "0", "DonPasci"
"2026-03-21 20:00:25", "1773380", "47.76.96.68:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:33", "100", "False", "https://search.censys.io/hosts/47.76.96.68", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-03-20 16:00:44", "1772653", "5.101.86.72:3305", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:23", "100", "False", "https://search.censys.io/hosts/5.101.86.72", "AS-GLOBALTELEHOST,AS62563,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-20 16:00:21", "1772652", "101.35.95.103:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:59", "100", "False", "https://search.censys.io/hosts/101.35.95.103", "AS45090,C2,censys,CobaltStrike,cs-watermark-0,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-20 06:42:00", "1771875", "182.255.44.96:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-20 00:02:12", "1771791", "8.136.13.87:7001", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:34", "100", "False", "https://search.censys.io/hosts/8.136.13.87", "AdaptixC2,ALIBABA-CN-NET,AS37963,C2,censys", "0", "DonPasci"
"2026-03-19 20:02:51", "1771714", "45.136.13.247:43211", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:07", "100", "False", "https://search.censys.io/hosts/45.136.13.247", "AdaptixC2,AS139659,C2,censys,LUCID-AS-AP", "0", "DonPasci"
"2026-03-19 20:02:47", "1771713", "167.17.47.121:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:35", "100", "False", "https://search.censys.io/hosts/167.17.47.121", "AdaptixC2,AS43180,C2,censys,TRUNKNETWORKS-AS", "0", "DonPasci"
"2026-03-19 04:00:37", "1771235", "85.206.168.238:888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:40", "100", "False", "https://search.censys.io/hosts/85.206.168.238", "AS61272,C2,censys,IST-AS,RAT,Remcos", "0", "DonPasci"
"2026-03-19 00:00:22", "1771152", "165.154.244.77:2562", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "100", "False", "https://search.censys.io/hosts/165.154.244.77", "AS142002,C2,censys,CobaltStrike,cs-watermark-987654321,SCLOUDPTELTD-AS", "0", "DonPasci"
"2026-03-18 04:00:18", "1769955", "43.138.39.212:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "100", "False", "https://search.censys.io/hosts/43.138.39.212", "AS45090,C2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci"
"2026-03-17 20:03:22", "1769709", "172.86.107.196:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-09 18:43:34", "100", "False", "https://search.censys.io/hosts/172.86.107.196", "AS14956,C2,censys,Pupy,RAT,ROUTERHOSTING", "0", "DonPasci"
"2026-03-17 04:01:23", "1769012", "88.218.60.191:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:41", "100", "False", "https://search.censys.io/hosts/88.218.60.191", "AdaptixC2,AS48282,C2,censys,VDSINA-AS", "0", "DonPasci"
"2026-03-17 02:48:23", "1768984", "156.245.144.203:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-03-17 00:01:17", "1768940", "20.29.10.79:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:09", "100", "False", "https://search.censys.io/hosts/20.29.10.79", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "DonPasci"
"2026-03-16 20:01:10", "1768644", "35.179.229.71:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:57", "100", "False", "https://search.censys.io/hosts/35.179.229.71", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci"
"2026-03-15 16:00:41", "1767077", "185.242.3.83:5505", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:53", "100", "False", "https://search.censys.io/hosts/185.242.3.83", "AS60223,AsyncRAT,C2,censys,NETIFACE-AS,RAT", "0", "DonPasci"
"2026-03-15 14:49:59", "1767015", "156.245.144.203:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-03-15 14:49:59", "1767016", "156.245.144.203:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:16", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-03-15 06:51:25", "1766813", "119.29.117.194:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:08", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-03-15 04:01:14", "1766764", "202.191.67.71:50003", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:09", "100", "False", "https://search.censys.io/hosts/202.191.67.71", "AdaptixC2,AS131262,C2,censys,KELNET-AS-AP", "0", "DonPasci"
"2026-03-14 08:00:55", "1765787", "5.101.82.60:2509", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "100", "False", "https://search.censys.io/hosts/5.101.82.60", "AS-GLOBALTELEHOST,AS63023,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-03-13 04:01:11", "1764276", "46.151.182.205:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:14", "100", "False", "https://search.censys.io/hosts/46.151.182.205", "AS205759,AsyncRAT,C2,censys,GHOSTYNETWORKS,RAT", "0", "DonPasci"
"2026-03-12 00:02:50", "1763830", "20.104.107.19:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:08", "100", "False", "https://search.censys.io/hosts/20.104.107.19", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2026-03-11 23:00:21", "1763737", "130.12.182.209:9456", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-06-11 15:43:15", "100", "False", "https://tria.ge/260311-zw3w6adw5k", "quasar", "0", "dyingbreeds_"
"2026-03-11 16:01:48", "1763543", "159.138.31.252:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:30", "100", "False", "https://search.censys.io/hosts/159.138.31.252", "AS136907,C2,censys,HWCLOUDS-AS-AP,Mythic", "0", "DonPasci"
"2026-03-11 12:01:42", "1763331", "77.237.245.173:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:33", "100", "False", "https://search.censys.io/hosts/77.237.245.173", "AS51167,C2,censys,CONTABO,Covenant", "0", "DonPasci"
"2026-03-11 07:03:38", "1763170", "60.247.206.23:7443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2026-03-10 16:00:58", "1762854", "85.206.168.238:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:40", "100", "False", "https://search.censys.io/hosts/85.206.168.238", "AS61272,C2,censys,IST-AS,RAT,Remcos", "0", "DonPasci"
"2026-03-10 00:01:13", "1762492", "107.172.3.15:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:09", "100", "False", "https://search.censys.io/hosts/107.172.3.15", "AS-COLOCROSSING,AS36352,C2,censys,Mythic", "0", "DonPasci"
"2026-03-07 08:01:02", "1760833", "20.100.168.21:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:08", "100", "False", "https://search.censys.io/hosts/20.100.168.21", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "DonPasci"
"2026-03-06 00:01:40", "1759331", "194.36.178.53:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:03", "100", "False", "https://search.censys.io/hosts/194.36.178.53", "AdaptixC2,AS200740,C2,censys,FIRST-SERVER-EU-AS", "0", "DonPasci"
"2026-03-04 04:01:12", "1758006", "70.153.18.45:10002", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:33", "100", "False", "https://search.censys.io/hosts/70.153.18.45", "AS8075,censys,EvilGoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,panel,Phishing", "0", "DonPasci"
"2026-03-03 00:00:51", "1757096", "77.90.185.21:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:33", "100", "False", "https://search.censys.io/hosts/77.90.185.21", "AS213790,C2,censys,LIMITEDNETWORK-AS,RAT,Remcos", "0", "DonPasci"
"2026-03-02 15:30:09", "1756955", "104.243.248.63:1801", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:08", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2026-02-28 11:00:05", "1755728", "188.227.14.105:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "100", "False", "https://search.censys.io/hosts/188.227.14.105", "AS35000,C2,censys", "0", "dyingbreeds_"
"2026-02-26 07:04:33", "1754986", "47.84.183.211:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:17", "100", "False", "https://search.censys.io/hosts/47.84.183.211", "AS45102,C2,censys", "0", "dyingbreeds_"
"2026-02-25 20:02:24", "1754813", "47.120.20.86:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "100", "False", "https://search.censys.io/hosts/47.120.20.86", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2026-02-25 19:01:08", "1754671", "115.190.250.28:5521", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "100", "False", "https://search.censys.io/hosts/115.190.250.28", "AS137718,C2,censys", "0", "dyingbreeds_"
"2026-02-25 09:05:20", "1754439", "185.72.8.121:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:54", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-02-25 09:05:18", "1754438", "185.72.8.121:1032", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:54", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-02-23 23:00:07", "1753846", "64.89.161.183:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "100", "False", "https://search.censys.io/hosts/64.89.161.183", "AS205759,C2,censys,GHOSTYNETWORKS", "0", "dyingbreeds_"
"2026-02-21 08:01:40", "1751483", "45.116.104.104:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:06", "100", "False", "https://search.censys.io/hosts/45.116.104.104", "AS215481,C2,censys,FLEXYNODE-AS,Mythic", "0", "DonPasci"
"2026-02-21 03:00:07", "1751453", "47.104.159.246:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:29", "100", "False", "https://search.censys.io/hosts/47.104.159.246", "AS37963,C2,censys", "0", "dyingbreeds_"
"2026-02-20 11:00:06", "1751104", "107.172.217.220:12096", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:01", "100", "False", "https://search.censys.io/hosts/107.172.217.220", "AS36352,C2,censys", "0", "dyingbreeds_"
"2026-02-20 08:47:26", "1751083", "185.180.198.3:2025", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:50", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-02-20 08:47:26", "1751084", "185.180.198.3:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:50", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-02-20 08:46:17", "1751080", "163.181.208.79:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:33", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-20 07:09:34", "1751056", "81.68.89.216:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-02-16 09:05:30", "1749217", "111.228.4.54:4455", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:02", "50", "False", "https://www.shodan.io/host/111.228.4.54#4455", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2026-02-14 18:46:07", "1748314", "27.221.15.199:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:44:52", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-13 08:01:04", "1747433", "83.229.127.46:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-10 04:46:18", "100", "False", "https://search.censys.io/hosts/83.229.127.46", "AS139659,C2,censys,CobaltStrike,cs-watermark-666666666,LUCID-AS-AP", "0", "DonPasci"
"2026-02-13 07:00:24", "1747139", "45.66.164.17:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 08:44:59", "100", "False", "https://search.censys.io/hosts/45.66.164.17", "AS63023,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-13 06:59:13", "1747121", "117.72.191.140:8028", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "50", "False", "https://www.shodan.io/host/117.72.191.140#8028", "c2,cobaltstrike,cs-watermark-391144938,shodan", "0", "juroots"
"2026-02-12 20:00:41", "1747002", "118.107.0.254:2002", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "https://search.censys.io/hosts/118.107.0.254", "AS152194,C2,censys,CobaltStrike,cs-watermark-987654321,CTGSERVERLIMITED-AS-AP", "0", "DonPasci"
"2026-02-12 16:01:27", "1746911", "175.192.75.105:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:41", "100", "False", "https://search.censys.io/hosts/175.192.75.105", "AS4766,C2,censys,KIXS-AS-KR,Netsupport,RAT", "0", "DonPasci"
"2026-02-10 03:00:13", "1744175", "118.107.0.254:2003", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "https://search.censys.io/hosts/118.107.0.254", "AS152194,C2,censys", "0", "dyingbreeds_"
"2026-02-09 11:00:33", "1743594", "15.204.14.143:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:22", "100", "False", "https://search.censys.io/hosts/15.204.14.143", "AS16276,C2,censys,OVH", "0", "dyingbreeds_"
"2026-02-08 16:00:16", "1743398", "192.3.233.166:59850", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "100", "False", "https://search.censys.io/hosts/192.3.233.166", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-02-08 15:42:41", "1743395", "1.15.25.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:45", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:40", "1743391", "106.52.208.143:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:44", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:40", "1743392", "106.13.137.229:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:44", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:40", "1743393", "101.43.2.116:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:45", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:40", "1743394", "101.133.148.66:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:45", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:39", "1743388", "115.190.178.249:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:39", "1743389", "114.132.150.96:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:39", "1743390", "110.40.176.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:44", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:37", "1743386", "120.48.50.33:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:37", "1743387", "117.72.214.50:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:36", "1743381", "124.223.199.39:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:36", "1743382", "124.221.32.87:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:36", "1743383", "124.220.48.168:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:36", "1743384", "124.220.164.98:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:36", "1743385", "121.41.167.80:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:35", "1743378", "152.136.139.105:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:35", "1743379", "129.204.103.151:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:35", "1743380", "124.223.47.219:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:34", "1743374", "172.245.215.43:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:34", "1743375", "165.154.125.212:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:34", "1743376", "156.233.233.134:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:34", "1743377", "154.201.91.224:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:33", "1743370", "38.190.224.63:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:33", "1743371", "222.255.214.236:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:33", "1743372", "192.252.187.60:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:33", "1743373", "178.16.52.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:32", "1743365", "43.139.146.100:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:32", "1743366", "43.133.41.106:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:32", "1743367", "42.192.49.72:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:32", "1743368", "39.107.85.83:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:32", "1743369", "39.106.144.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:31", "1743363", "47.100.168.4:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:31", "1743364", "43.139.169.60:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:30", "1743362", "47.111.146.110:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:36", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:29", "1743358", "47.243.175.24:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:29", "1743359", "47.239.188.48:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:29", "1743360", "47.122.30.177:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:29", "1743361", "47.122.1.243:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:28", "1743356", "61.166.154.109:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:28", "1743357", "49.235.177.231:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:27", "1743353", "81.70.255.195:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:33", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:27", "1743354", "81.69.98.230:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:27", "1743355", "8.210.78.137:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:26", "1743351", "83.229.126.65:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:33", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:26", "1743352", "81.71.159.99:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:33", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:15", "1743349", "83.229.123.61:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:22", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:15", "1743350", "83.229.126.183:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:22", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:14", "1743348", "8.153.205.30:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:13", "1743347", "8.137.149.67:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:20", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:12", "1743344", "47.93.28.103:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:12", "1743345", "60.205.139.210:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:19", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:11", "1743340", "47.109.198.8:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:18", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:11", "1743341", "47.120.70.161:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:36", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:11", "1743342", "47.121.137.8:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:36", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:11", "1743343", "47.121.29.60:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:19", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:10", "1743336", "45.115.236.152:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:10", "1743338", "47.107.136.106:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:10", "1743339", "47.109.145.121:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:09", "1743333", "192.140.176.79:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:16", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:09", "1743334", "36.140.162.173:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:16", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:09", "1743335", "39.105.165.37:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:38", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:08", "1743330", "152.32.251.78:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:08", "1743331", "154.201.74.112:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:08", "1743332", "179.43.186.214:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:15", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:07", "1743326", "139.196.41.201:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:14", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:07", "1743327", "139.224.16.185:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:14", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:07", "1743328", "14.103.175.50:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:14", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:07", "1743329", "150.187.25.242:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:14", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:06", "1743322", "120.48.168.57:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:12", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:06", "1743323", "121.40.18.128:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:06", "1743324", "122.51.93.94:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:13", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:06", "1743325", "134.122.140.185:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:05", "1743320", "117.72.102.110:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:05", "1743321", "117.72.242.9:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:11", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:04", "1743318", "113.44.67.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:10", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:04", "1743319", "115.190.161.178:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:10", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:03", "1743314", "106.38.201.95:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:07", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:03", "1743315", "106.75.162.108:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:08", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:03", "1743316", "106.75.215.96:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:44", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:03", "1743317", "106.75.224.31:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:44", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:02", "1743312", "106.12.219.245:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:06", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 15:42:02", "1743313", "106.13.29.104:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:06", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2026-02-08 11:00:25", "1743267", "15.204.14.143:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:22", "100", "False", "https://search.censys.io/hosts/15.204.14.143", "AS16276,C2,censys,OVH", "0", "dyingbreeds_"
"2026-02-08 04:00:55", "1743209", "15.204.95.228:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:23", "100", "False", "https://search.censys.io/hosts/15.204.95.228", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci"
"2026-02-07 03:00:18", "1742595", "174.138.86.141:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:41", "100", "False", "https://search.censys.io/hosts/174.138.86.141", "AS14061,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-05 13:04:12", "1741652", "192.159.99.249:5555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:57", "50", "False", "https://www.shodan.io/host/192.159.99.249#5555", "c2,evilginx,shodan", "0", "juroots"
"2026-02-05 13:01:59", "1741587", "57.158.27.132:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:28", "50", "False", "https://www.shodan.io/host/57.158.27.132#31337", "c2,shodan,sliver", "0", "juroots"
"2026-02-05 11:00:23", "1741476", "94.74.0.253:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:46", "100", "False", "https://search.censys.io/hosts/94.74.0.253", "AS39636,ASN-AEMNET,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-05 06:34:37", "1741375", "37.72.172.58:6066", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:58", "75", "False", "", "AS29802,asyncrat,c2,fofa,RAT", "0", "oxygen28"
"2026-02-04 11:00:54", "1741132", "172.174.234.34:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:38", "100", "False", "https://search.censys.io/hosts/172.174.234.34", "AS8075,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-04 00:02:27", "1740953", "188.166.244.201:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:55", "100", "False", "https://search.censys.io/hosts/188.166.244.201", "AdaptixC2,AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "DonPasci"
"2026-02-03 00:02:43", "1740216", "47.115.175.62:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:16", "100", "False", "https://search.censys.io/hosts/47.115.175.62", "AdaptixC2,ALIBABA-CN-NET,AS37963,C2,censys", "0", "DonPasci"
"2026-01-31 00:05:33", "1739255", "98.85.71.175:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:47", "100", "False", "https://search.censys.io/hosts/98.85.71.175", "AMAZON-AES,AS14618,C2,censys,Mythic", "0", "DonPasci"
"2026-01-30 18:54:11", "1739209", "47.115.193.52:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:16", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-01-30 16:05:29", "1739169", "167.99.208.145:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:36", "100", "False", "https://search.censys.io/hosts/167.99.208.145", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2026-01-30 16:04:48", "1739163", "107.150.105.91:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:08", "100", "False", "https://search.censys.io/hosts/107.150.105.91", "AS135377,C2,censys,CobaltStrike,cs-watermark-666666666,UCLOUD-HK-AS-AP", "0", "DonPasci"
"2026-01-30 08:04:49", "1739009", "111.92.243.40:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:09", "100", "False", "https://search.censys.io/hosts/111.92.243.40", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-666666666", "0", "DonPasci"
"2026-01-30 02:55:25", "1738921", "45.82.85.50:13063", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:45:12", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2026-01-30 00:06:02", "1738909", "68.64.178.201:54321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:33", "100", "False", "https://search.censys.io/hosts/68.64.178.201", "AdaptixC2,AS139659,C2,censys,LUCID-AS-AP", "0", "DonPasci"
"2026-01-28 11:00:07", "1738481", "39.101.78.48:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "100", "False", "https://search.censys.io/hosts/39.101.78.48", "AS37963,C2,censys", "0", "dyingbreeds_"
"2026-01-26 23:00:09", "1737790", "47.120.46.230:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:18", "100", "False", "https://search.censys.io/hosts/47.120.46.230", "AS37963,C2,censys", "0", "dyingbreeds_"
"2026-01-26 08:05:39", "1737569", "27.223.85.234:58001", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:52", "100", "False", "https://search.censys.io/hosts/27.223.85.234", "AdaptixC2,AS4837,C2,censys,CHINA169-BACKBONE", "0", "DonPasci"
"2026-01-25 22:49:35", "1737455", "167.179.76.179:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-01-24 18:47:55", "1736696", "80.87.206.64:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "2026-06-11 15:45:35", "75", "False", "None", "drb-ra,Rhysida", "0", "abuse_ch"
"2026-01-24 18:47:55", "1736697", "80.87.206.64:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "2026-06-11 15:45:36", "75", "False", "None", "drb-ra,Rhysida", "0", "abuse_ch"
"2026-01-23 08:45:57", "1736034", "158.158.8.193:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-06-11 15:43:29", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-01-23 08:04:06", "1736014", "47.120.32.72:8075", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "100", "False", "https://search.censys.io/hosts/47.120.32.72", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-01-22 12:04:28", "1735522", "176.31.71.168:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:42", "100", "False", "https://search.censys.io/hosts/176.31.71.168", "AS16276,C2,censys,OVH,Pupy,RAT", "0", "DonPasci"
"2026-01-21 20:04:36", "1735342", "54.145.56.188:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:27", "100", "False", "https://search.censys.io/hosts/54.145.56.188", "AMAZON-AES,AS14618,C2,censys,Mythic", "0", "DonPasci"
"2026-01-21 20:03:53", "1735337", "121.4.92.72:5000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:09", "100", "False", "https://search.censys.io/hosts/121.4.92.72", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2026-01-20 16:04:24", "1734893", "136.24.173.249:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:16", "100", "False", "https://search.censys.io/hosts/136.24.173.249", "AS19165,C2,censys,Mythic,WEBPASS", "0", "DonPasci"
"2026-01-18 00:03:59", "1734081", "103.79.79.105:8444", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:06", "100", "False", "https://search.censys.io/hosts/103.79.79.105", "AS199959,C2,censys,CROWNCLOUD,Pupy,RAT", "0", "DonPasci"
"2026-01-17 11:00:10", "1733763", "113.250.188.15:8078", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "100", "False", "https://search.censys.io/hosts/113.250.188.15", "AS134420,C2,censys", "0", "dyingbreeds_"
"2026-01-16 11:05:53", "1732736", "64.23.231.32:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:30", "50", "False", "https://www.shodan.io/host/64.23.231.32#31337", "c2,shodan,sliver", "0", "juroots"
"2026-01-16 11:03:46", "1732709", "117.72.178.246:4848", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "50", "False", "https://www.shodan.io/host/117.72.178.246#4848", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2026-01-13 20:03:58", "1732012", "212.103.26.10:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:14", "100", "False", "https://search.censys.io/hosts/212.103.26.10", "AS15557,C2,censys,Havoc,LDCOMNET", "0", "DonPasci"
"2026-01-13 20:03:34", "1732009", "47.84.83.56:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:17", "100", "False", "https://search.censys.io/hosts/47.84.83.56", "ALIBABA-CN-NET,AS45102,C2,censys,Sliver", "0", "DonPasci"
"2026-01-13 08:52:00", "1731532", "54.38.94.225:8881", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:27", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2026-01-12 23:00:32", "1701407", "64.23.248.252:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:31", "100", "False", "https://search.censys.io/hosts/64.23.248.252", "AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "dyingbreeds_"
"2026-01-12 16:03:19", "1701312", "130.12.181.93:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:14", "100", "False", "https://search.censys.io/hosts/130.12.181.93", "AS36680,C2,censys,NETIFACELLC,RAT,Remcos", "0", "DonPasci"
"2026-01-10 06:45:16", "1700297", "139.224.16.185:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2026-01-09 20:02:46", "1700191", "115.190.237.175:35555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "100", "False", "https://search.censys.io/hosts/115.190.237.175", "AS137718,C2,censys,CobaltStrike,cs-watermark-666666666,VOLCANO-ENGINE", "0", "DonPasci"
"2026-01-09 11:01:05", "1693493", "137.184.93.131:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:16", "100", "False", "https://search.censys.io/hosts/137.184.93.131", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "dyingbreeds_"
"2026-01-09 04:02:43", "1693407", "8.148.184.136:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:37", "100", "False", "https://search.censys.io/hosts/8.148.184.136", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-01-08 23:00:12", "1693365", "117.72.178.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:11", "100", "False", "https://search.censys.io/hosts/117.72.178.246", "AS141679,C2,censys", "0", "dyingbreeds_"
"2026-01-08 22:50:04", "1693357", "172.94.18.103:191", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:40", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2026-01-07 20:02:36", "1692743", "38.49.57.15:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:16", "100", "False", "https://search.censys.io/hosts/38.49.57.15", "AS8796,C2,censys,CobaltStrike,cs-watermark-666666666,FD-298-8796", "0", "DonPasci"
"2026-01-06 08:02:23", "1691952", "115.190.233.79:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:10", "100", "False", "https://search.censys.io/hosts/115.190.233.79", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci"
"2025-12-30 16:21:16", "1688739", "101.34.205.214:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:15", "1688738", "103.171.35.66:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:14", "1688737", "107.149.192.54:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:31", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:13", "1688734", "124.222.218.20:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:30", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:13", "1688735", "124.221.255.78:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:30", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:13", "1688736", "123.56.78.220:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:30", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:12", "1688732", "152.32.202.240:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:12", "1688733", "150.158.119.242:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:11", "1688730", "165.154.244.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:11", "1688731", "156.225.20.77:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:10", "1688729", "182.92.239.94:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:28", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:08", "1688726", "39.105.160.175:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:26", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:08", "1688727", "38.38.250.99:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:08", "1688728", "211.184.175.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:07", "1688725", "45.58.56.34:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:05", "1688723", "8.130.80.145:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:05", "1688724", "8.130.26.216:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:03", "1688721", "94.74.164.177:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:22", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:21:03", "1688722", "87.251.67.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2025-12-30 16:04:05", "1688694", "16.171.13.191:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:31", "100", "False", "https://search.censys.io/hosts/16.171.13.191", "AMAZON-02,AS16509,C2,censys,Covenant", "0", "DonPasci"
"2025-12-28 20:01:34", "1687817", "118.89.88.183:56781", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "100", "False", "https://search.censys.io/hosts/118.89.88.183", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-12-28 07:41:32", "1687327", "37.72.172.58:8088", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:58", "100", "False", "https://search.censys.io/hosts/37.72.172.58", "AS29802,C2,censys,HVC-AS,RAT", "0", "dyingbreeds_"
"2025-12-27 16:02:33", "1687170", "37.72.172.58:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:58", "100", "False", "https://search.censys.io/hosts/37.72.172.58", "AS29802,AsyncRAT,C2,censys,HVC-AS,RAT", "0", "DonPasci"
"2025-12-25 18:44:15", "1686405", "155.102.62.60:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:25", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-12-25 07:52:31", "1686010", "139.196.223.82:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:14", "100", "False", "https://search.censys.io/hosts/139.196.223.82", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-12-23 22:45:05", "1685596", "172.94.18.103:190", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:40", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-12-23 20:01:06", "1685256", "115.190.160.206:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:10", "100", "False", "https://search.censys.io/hosts/115.190.160.206", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci"
"2025-12-23 18:07:43", "1685210", "196.251.107.104:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:04", "100", "False", "https://tria.ge/251223-qezczazpcx", "AS9304,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-12-23 18:07:42", "1685209", "196.251.107.104:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:44:04", "100", "False", "https://tria.ge/251223-qezczazpcx", "AS9304,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-12-23 03:00:34", "1684938", "8.159.146.72:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:21", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-12-22 20:01:00", "1684826", "179.43.186.214:7889", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:18", "100", "False", "https://search.censys.io/hosts/179.43.186.214", "AS51852,C2,censys,CobaltStrike,cs-watermark-987654321,PLI-AS", "0", "DonPasci"
"2025-12-22 18:02:02", "1684794", "45.133.180.162:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:45:07", "100", "False", "https://tria.ge/251222-d45vtstqc1", "AS9009,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-12-22 13:24:27", "1684679", "193.142.146.30:9433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:20", "100", "False", "https://search.censys.io/hosts/193.142.146.30", "AS213438,C2,censys", "0", "dyingbreeds_"
"2025-12-22 00:01:20", "1684543", "64.190.113.161:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:45:30", "100", "False", "https://search.censys.io/hosts/64.190.113.161", "AS399629,BLNWX,C2,censys,Pupy,RAT", "0", "DonPasci"
"2025-12-18 18:44:36", "1682522", "155.102.133.61:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:25", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-12-16 02:49:55", "1680306", "43.161.245.186:79", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-12-12 02:50:28", "1676363", "67.219.102.244:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:35", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-12-11 16:01:57", "1675829", "124.221.126.168:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:43", "100", "False", "https://search.censys.io/hosts/124.221.126.168", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-12-09 18:49:53", "1673804", "47.246.29.99:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:17", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-12-08 14:58:40", "1670887", "20.157.116.151:8000", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:08", "100", "False", "https://search.censys.io/hosts/20.157.116.151", "AdaptixC2,AS8069,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-12-07 16:01:37", "1668967", "180.76.141.175:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:16", "100", "False", "https://search.censys.io/hosts/180.76.141.175", "AS38365,BAIDU,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-12-06 23:01:12", "1668824", "200.9.4.41:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:40", "100", "False", "https://search.censys.io/hosts/200.9.4.41", "AS23201,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-12-06 10:26:36", "1668596", "130.131.224.159:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:44:57", "50", "False", "https://www.shodan.io/host/130.131.224.159#8443", "c2,powersploit,shodan", "0", "juroots"
"2025-12-06 10:26:36", "1668597", "204.211.84.201:9002", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:44:58", "50", "False", "https://www.shodan.io/host/204.211.84.201#9002", "c2,powersploit,shodan", "0", "juroots"
"2025-12-06 10:26:35", "1668595", "1.7.147.211:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:44:59", "50", "False", "https://www.shodan.io/host/1.7.147.211#8443", "c2,powersploit,shodan", "0", "juroots"
"2025-12-04 00:03:19", "1667182", "216.238.89.173:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:49", "100", "False", "https://search.censys.io/hosts/216.238.89.173", "AdaptixC2,AS-VULTR,AS20473,C2,censys", "0", "DonPasci"
"2025-12-03 20:01:15", "1667105", "115.190.161.178:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "100", "False", "https://search.censys.io/hosts/115.190.161.178", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci"
"2025-12-03 12:31:15", "1666902", "122.114.10.199:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:13", "90", "False", "https://search.censys.io/hosts/122.114.10.199", "AS4837,C2,censys", "0", "dyingbreeds_"
"2025-12-02 12:51:03", "1666137", "8.137.149.67:8091", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:37", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-12-01 12:36:20", "1665454", "122.114.10.199:8001", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:13", "90", "False", "https://search.censys.io/hosts/122.114.10.199", "AS4837,C2,censys", "0", "dyingbreeds_"
"2025-12-01 06:57:39", "1665331", "47.84.83.56:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:17", "50", "False", "https://www.shodan.io/host/47.84.83.56#31337", "c2,shodan,sliver", "0", "juroots"
"2025-11-30 20:01:55", "1663611", "103.110.65.166:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:03", "100", "False", "https://search.censys.io/hosts/103.110.65.166", "AS26383,ASNET,C2,censys,Sliver", "0", "DonPasci"
"2025-11-29 20:00:50", "1663223", "106.13.29.104:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "100", "False", "https://search.censys.io/hosts/106.13.29.104", "AS38365,BAIDU,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-11-29 12:00:52", "1663012", "47.236.56.15:4445", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "100", "False", "https://search.censys.io/hosts/47.236.56.15", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-0", "0", "DonPasci"
"2025-11-29 04:01:42", "1660878", "43.162.121.116:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:05", "100", "False", "https://search.censys.io/hosts/43.162.121.116", "AS132203,censys,EvilGinx,panel,Phishing,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-11-28 12:03:50", "1660370", "85.130.116.122:8085", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 16:12:02", "100", "False", "https://search.censys.io/hosts/85.130.116.122", "A1BG_RSD,AS13124,censys,Chaos,panel", "0", "DonPasci"
"2025-11-28 10:51:31", "1660317", "148.135.120.162:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-11-28 04:01:01", "1651951", "5.101.82.51:9999", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "100", "False", "https://search.censys.io/hosts/5.101.82.51", "AS-GLOBALTELEHOST,AS63023,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-11-27 18:47:59", "1651813", "47.103.143.60:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:16", "75", "False", "None", "drb-ra,RAT", "0", "abuse_ch"
"2025-11-25 10:49:55", "1650040", "156.245.248.173:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-11-23 08:00:29", "1649164", "5.101.86.44:61288", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:22", "100", "False", "https://search.censys.io/hosts/5.101.86.44", "AS-GLOBALTELEHOST,AS62563,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-11-21 10:49:27", "1647756", "1.13.247.208:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:57", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-11-21 00:02:05", "1647575", "123.58.64.57:34567", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "100", "False", "https://search.censys.io/hosts/123.58.64.57", "AS17623,C2,censys,CNCGROUP-SZ,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-11-19 23:00:16", "1646839", "43.156.63.124:64494", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:57", "100", "False", "https://search.censys.io/hosts/43.156.63.124", "AS132203,C2,censys", "0", "dyingbreeds_"
"2025-11-17 23:00:18", "1645785", "47.236.149.142:46832", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "100", "False", "https://search.censys.io/hosts/47.236.149.142", "AS45102,C2,censys", "0", "dyingbreeds_"
"2025-11-17 12:04:03", "1645505", "194.233.73.173:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:44:02", "100", "False", "https://search.censys.io/hosts/194.233.73.173", "AdaptixC2,AS141995,C2,CAPL-AS-AP,censys", "0", "DonPasci"
"2025-11-15 08:48:18", "1641582", "62.4.0.66:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:29", "75", "False", "None", "drb-ra,Mythic", "0", "abuse_ch"
"2025-11-13 04:54:17", "1639703", "62.60.226.183:483", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2026-06-11 15:01:41", "100", "False", "None", "c2,Tofsee", "0", "Bitsight"
"2025-11-12 16:02:00", "1639434", "62.4.0.66:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:46:30", "100", "False", "https://search.censys.io/hosts/62.4.0.66", "AS12876,C2,censys,Mythic,Online", "0", "DonPasci"
"2025-11-12 04:02:31", "1638854", "54.165.230.182:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:27", "100", "False", "https://search.censys.io/hosts/54.165.230.182", "AMAZON-AES,AS14618,C2,censys,Covenant", "0", "DonPasci"
"2025-11-10 18:47:41", "1638274", "38.242.212.5:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:00", "75", "False", "None", "AdaptixC2,drb-ra", "0", "abuse_ch"
"2025-11-10 16:02:55", "1638236", "154.205.145.109:2096", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:24", "100", "False", "https://search.censys.io/hosts/154.205.145.109", "AS138915,C2,censys,Havoc,KAOPU-HK", "0", "DonPasci"
"2025-11-09 08:02:17", "1637255", "62.60.226.65:43155", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:30", "100", "False", "https://search.censys.io/hosts/62.60.226.65", "AS214351,C2,censys,FEMOIT,RAT,Remcos", "0", "DonPasci"
"2025-11-07 23:00:12", "1636099", "111.228.55.96:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:09", "100", "False", "https://search.censys.io/hosts/111.228.55.96", "AS141679,C2,censys", "0", "dyingbreeds_"
"2025-11-07 18:48:21", "1636044", "193.143.1.216:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:59", "75", "False", "None", "DCRat,drb-ra,RAT", "0", "abuse_ch"
"2025-11-07 02:49:37", "1634744", "165.154.225.239:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-11-06 07:26:25", "1634389", "139.196.111.118:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-11-05 08:00:35", "1633709", "156.225.20.77:5006", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "100", "False", "https://search.censys.io/hosts/156.225.20.77", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-987654321", "0", "DonPasci"
"2025-11-05 07:54:55", "1633705", "8.155.161.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:37", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-11-04 20:01:04", "1633501", "59.110.28.230:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:19", "100", "False", "https://search.censys.io/hosts/59.110.28.230", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-11-04 08:00:54", "1633194", "51.15.8.6:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:26", "100", "False", "https://search.censys.io/hosts/51.15.8.6", "AS12876,C2,censys,Online,Sliver", "0", "DonPasci"
"2025-11-04 02:49:22", "1633063", "192.253.227.88:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:28", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-11-04 02:49:14", "1633061", "167.88.168.76:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:28", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-11-03 20:00:26", "1632776", "83.229.126.183:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:40", "100", "False", "https://search.censys.io/hosts/83.229.126.183", "AS139659,C2,censys,CobaltStrike,cs-watermark-987654321,LUCID-AS-AP", "0", "DonPasci"
"2025-11-03 12:08:57", "1631753", "117.72.175.125:443", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "2026-06-11 16:00:43", "100", "False", "https://www.nviso.eu/blog", "C2,NVISO,VShell", "0", "0xThiebaut"
"2025-11-03 09:03:04", "1631367", "117.72.242.9:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "https://search.censys.io/hosts/117.72.242.9", "AS141679,C2,censys", "0", "dyingbreeds_"
"2025-11-03 07:01:12", "1631471", "119.42.148.186:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:30", "50", "False", "https://www.shodan.io/host/119.42.148.186#443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-11-01 12:33:11", "1630767", "159.223.0.103:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:30", "50", "False", "https://www.shodan.io/host/159.223.0.103#31337", "c2,shodan,sliver", "0", "juroots"
"2025-11-01 12:31:38", "1630704", "117.72.175.125:8087", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "50", "False", "https://www.shodan.io/host/117.72.175.125#8087", "c2,cobaltstrike,cs-watermark-391144938,shodan", "0", "juroots"
"2025-10-31 16:01:24", "1630391", "85.215.57.133:8080", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:40", "100", "False", "https://search.censys.io/hosts/85.215.57.133", "AdaptixC2,AS8560,C2,censys,IONOS-AS", "0", "DonPasci"
"2025-10-30 11:44:27", "1629533", "35.227.245.87:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:40", "100", "False", "https://search.censys.io/hosts/35.227.245.87", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-30 04:00:42", "1629384", "103.149.93.146:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "100", "False", "https://search.censys.io/hosts/103.149.93.146", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-666666666", "0", "DonPasci"
"2025-10-29 09:23:45", "1628814", "179.43.186.214:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-10-29 02:49:59", "1628691", "8.17.56.128:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:38", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-28 12:28:01", "1628076", "8.137.149.67:8060", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:37", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-10-28 04:00:27", "1627925", "182.254.155.23:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:28", "100", "False", "https://search.censys.io/hosts/182.254.155.23", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-10-28 02:49:21", "1627719", "182.16.98.83:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-27 20:50:01", "1627659", "182.16.98.84:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-26 07:39:14", "1626705", "196.251.83.89:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "100", "False", "https://search.censys.io/hosts/196.251.83.89", "AS401120,C2,censys,CHEAPY-HOST", "0", "dyingbreeds_"
"2025-10-25 04:02:07", "1626312", "173.212.216.226:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:40", "100", "False", "https://search.censys.io/hosts/173.212.216.226", "AS51167,censys,Chaos,CONTABO,panel", "0", "DonPasci"
"2025-10-25 04:00:11", "1626300", "47.121.135.201:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "100", "False", "https://search.censys.io/hosts/47.121.135.201", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-10-24 16:00:08", "1626112", "140.143.194.253:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:40", "100", "False", "https://search.censys.io/hosts/140.143.194.253", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-10-23 08:02:52", "1625393", "40.66.42.246:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:00", "100", "False", "https://search.censys.io/hosts/40.66.42.246", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-10-22 22:00:43", "1625174", "40.66.42.246:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:01", "100", "False", "https://search.censys.io/hosts/40.66.42.246", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "dyingbreeds_"
"2025-10-22 18:45:52", "1625107", "185.72.8.137:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:54", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-10-22 18:45:52", "1625108", "185.72.8.137:7882", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:55", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-10-22 15:43:44", "1624905", "116.62.226.163:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2025-10-22 08:02:02", "1624664", "115.190.140.220:1443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "100", "False", "https://search.censys.io/hosts/115.190.140.220", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci"
"2025-10-21 20:01:59", "1624300", "47.110.67.64:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:36", "100", "False", "https://search.censys.io/hosts/47.110.67.64", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-10-19 06:39:17", "1617732", "157.20.182.18:4443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:28", "100", "False", "https://search.censys.io/hosts/157.20.182.18", "AS152485,C2,censys,RAT", "0", "dyingbreeds_"
"2025-10-18 12:49:25", "1617577", "143.92.43.246:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-17 12:02:17", "1617285", "5.152.16.189:8443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:24", "100", "False", "https://search.censys.io/hosts/5.152.16.189", "AS35805,C2,censys,Netsupport,RAT,SILKNET-AS", "0", "DonPasci"
"2025-10-17 08:02:43", "1617002", "3.143.55.137:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:52", "100", "False", "https://search.censys.io/hosts/3.143.55.137", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2025-10-16 22:50:54", "1616729", "47.129.2.130:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-15 18:47:32", "1616141", "23.94.44.214:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:51", "75", "False", "None", "drb-ra,RAT", "0", "abuse_ch"
"2025-10-14 20:02:48", "1615761", "89.58.30.49:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:42", "100", "False", "https://search.censys.io/hosts/89.58.30.49", "AS197540,C2,censys,Covenant,NETCUP-AS", "0", "DonPasci"
"2025-10-14 08:01:33", "1614712", "5.101.82.60:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:19", "100", "False", "https://search.censys.io/hosts/5.101.82.60", "AS-GLOBALTELEHOST,AS63023,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-10-12 06:50:35", "1612578", "34.56.42.78:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:09", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2025-10-07 20:02:30", "1608986", "45.138.16.162:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:07", "100", "False", "https://search.censys.io/hosts/45.138.16.162", "AdaptixC2,AS210558,C2,censys,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-10-07 02:49:11", "1608605", "143.92.43.153:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-07 02:49:11", "1608606", "143.92.43.231:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:13", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-09-30 00:02:15", "1604499", "149.50.135.215:49152", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:22", "100", "False", "https://search.censys.io/hosts/149.50.135.215", "AdaptixC2,AS27823,C2,censys,Dattatec.com", "0", "DonPasci"
"2025-09-28 15:48:32", "1603281", "154.92.15.229:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2025-09-28 15:48:26", "1603269", "3.230.127.245:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 12:43:08", "50", "False", "None", "c2,censys,cobalt strike", "0", "sojubear"
"2025-09-27 16:02:13", "1602818", "84.27.86.226:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:39", "100", "False", "https://search.censys.io/hosts/84.27.86.226", "AS33915,C2,censys,Netsupport,RAT,TNF-AS", "0", "DonPasci"
"2025-09-25 20:00:39", "1601556", "115.120.245.134:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:10", "100", "False", "https://search.censys.io/hosts/115.120.245.134", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci"
"2025-09-25 12:51:01", "1601359", "196.251.69.253:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-09-24 20:00:10", "1599651", "47.113.186.138:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:36", "100", "False", "https://search.censys.io/hosts/47.113.186.138", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-09-24 08:02:13", "1599442", "43.162.114.240:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:05", "100", "False", "https://search.censys.io/hosts/43.162.114.240", "AS132203,censys,EvilGinx,panel,Phishing,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-09-23 06:06:58", "1598336", "43.139.170.200:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:26", "100", "False", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2025-09-23 04:00:59", "1598300", "43.162.114.107:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:05", "100", "False", "https://search.censys.io/hosts/43.162.114.107", "AS132203,censys,EvilGinx,Phishing", "0", "dyingbreeds_"
"2025-09-22 14:51:05", "1598102", "159.75.211.248:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:17", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-09-21 16:01:22", "1596535", "43.162.108.133:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:05", "100", "False", "https://search.censys.io/hosts/43.162.108.133", "AS132203,censys,EvilGinx,panel,Phishing,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-09-13 20:02:04", "1589687", "213.252.247.119:1234", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:15", "100", "False", "https://search.censys.io/hosts/213.252.247.119", "AS61272,C2,censys,IST-AS,RAT,Remcos", "0", "DonPasci"
"2025-09-13 04:01:58", "1589068", "18.167.174.198:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:44", "100", "False", "https://search.censys.io/hosts/18.167.174.198", "AMAZON-02,AS16509,C2,censys,Pupy,RAT", "0", "DonPasci"
"2025-09-11 20:01:36", "1588133", "195.178.110.135:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "100", "False", "https://search.censys.io/hosts/195.178.110.135", "AS48090,C2,censys,CobaltStrike,cs-watermark-426352781,DMZHOST", "0", "DonPasci"
"2025-09-11 20:01:30", "1588128", "150.158.170.241:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "100", "False", "https://search.censys.io/hosts/150.158.170.241", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-09-11 06:43:14", "1587773", "106.12.111.209:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "100", "False", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2025-09-10 20:01:24", "1587441", "101.32.109.112:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:33", "100", "False", "https://search.censys.io/hosts/101.32.109.112", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-09-10 16:02:07", "1587229", "142.93.86.246:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:18", "100", "False", "https://search.censys.io/hosts/142.93.86.246", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-09-08 12:07:53", "1584914", "178.134.90.224:7788", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 12:49:57", "50", "False", "https://www.shodan.io/host/178.134.90.224#7788", "c2,netsupport,shodan", "0", "juroots"
"2025-09-06 20:01:18", "1582910", "8.138.222.215:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "100", "False", "https://search.censys.io/hosts/8.138.222.215", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-09-06 12:01:48", "1582784", "103.236.70.158:8000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-06-11 15:43:06", "100", "False", "https://search.censys.io/hosts/103.236.70.158", "AS134768,C2,censys,CHINANET-SHAANXI-CLOUD-BASE,DcRAT,RAT", "0", "DonPasci"
"2025-09-04 07:40:17", "1581557", "8.148.194.157:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "50", "False", "https://www.shodan.io/host/8.148.194.157#443", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-09-02 18:52:55", "1580723", "47.236.159.248:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-09-02 05:43:42", "1580257", "47.121.137.8:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "50", "False", "https://www.shodan.io/host/47.121.137.8#80", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-09-02 04:01:38", "1580237", "47.99.196.178:7001", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:45:17", "100", "False", "https://search.censys.io/hosts/47.99.196.178", "AdaptixC2,ALIBABA-CN-NET,AS37963,C2,censys", "0", "DonPasci"
"2025-08-31 20:50:07", "1578899", "103.73.66.43:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:44", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-29 22:50:45", "1577783", "43.199.78.142:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-25 16:50:36", "1574437", "183.63.173.29:8008", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:19", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-25 08:14:17", "1574099", "89.216.98.17:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:42", "50", "False", "https://www.shodan.io/host/89.216.98.17#3085", "c2,netsupport,shodan", "0", "juroots"
"2025-08-25 00:00:27", "1573705", "43.163.112.217:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:26", "100", "False", "https://search.censys.io/hosts/43.163.112.217", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-08-23 18:00:42", "1573120", "62.60.226.133:61287", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:29", "100", "False", "https://tria.ge/250823-wglgsaxsdv", "AS214351,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-20 08:02:12", "1571607", "178.16.55.53:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:39", "100", "False", "https://search.censys.io/hosts/178.16.55.53", "C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-08-18 20:01:59", "1570775", "116.203.31.207:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "100", "False", "https://search.censys.io/hosts/116.203.31.207", "AS24940,C2,censys,CobaltStrike,cs-watermark-987654321,HETZNER-AS", "0", "DonPasci"
"2025-08-17 20:01:54", "1570558", "150.187.25.242:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "100", "False", "https://search.censys.io/hosts/150.187.25.242", "AS20312,C2,censys,CobaltStrike,cs-watermark-987654321,Fundacion", "0", "DonPasci"
"2025-08-16 15:22:26", "1569825", "8.138.167.123:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "50", "False", "https://www.shodan.io/host/8.138.167.123#443", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-08-16 08:01:47", "1569780", "119.29.231.118:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:31", "100", "False", "https://search.censys.io/hosts/119.29.231.118", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-15 21:57:45", "1569167", "116.198.233.179:6666", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:05", "50", "False", "https://www.shodan.io/host/116.198.233.179#6666", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-08-15 06:21:34", "1568713", "117.72.184.172:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "100", "False", "https://search.censys.io/hosts/117.72.184.172", "AS141679,C2,censys", "0", "dyingbreeds_"
"2025-08-13 16:01:30", "1568192", "115.190.138.41:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:47", "100", "False", "https://search.censys.io/hosts/115.190.138.41", "AS137718,C2,censys,CobaltStrike,cs-watermark-391144938,VOLCANO-ENGINE", "0", "DonPasci"
"2025-08-12 20:01:25", "1567756", "116.198.233.179:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "100", "False", "https://search.censys.io/hosts/116.198.233.179", "AS137699,C2,censys,CHINATELECOM-JIANGSU-SUQIAN-IDC,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-12 12:01:59", "1567668", "62.117.98.115:8001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:28", "100", "False", "https://search.censys.io/hosts/62.117.98.115", "AS8732,C2,censys,COMCOR-AS,Mythic", "0", "DonPasci"
"2025-08-12 10:50:19", "1567648", "107.174.115.43:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:02", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-11 08:01:15", "1567234", "45.204.216.24:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:26", "100", "False", "https://search.censys.io/hosts/45.204.216.24", "AS62468,C2,censys,CobaltStrike,cs-watermark-987654321,HKCLOUDX", "0", "DonPasci"
"2025-08-06 12:54:26", "1565164", "8.219.76.168:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:22", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-05 08:53:36", "1564496", "47.105.36.109:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:25", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-04 20:45:44", "1564345", "185.233.166.124:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:53", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-08-04 20:45:44", "1564346", "185.233.166.124:9702", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:53", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-08-01 20:01:06", "1563211", "89.197.168.150:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:42", "100", "False", "https://search.censys.io/hosts/89.197.168.150", "AS47474,C2,censys,Mythic,VIRTUAL1", "0", "DonPasci"
"2025-07-28 05:29:47", "1561533", "217.154.212.25:3000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:44:49", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-07-27 16:00:55", "1561181", "117.72.181.104:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:31", "100", "False", "https://search.censys.io/hosts/117.72.181.104", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-666666", "0", "DonPasci"
"2025-07-25 10:51:18", "1560617", "47.236.130.154:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:32", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-21 02:40:30", "1558862", "198.135.50.152:7705", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "2026-06-10 19:44:47", "100", "False", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-07-19 12:49:30", "1558329", "103.125.248.109:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-19 00:01:30", "1558180", "104.167.16.88:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-06-11 15:43:07", "100", "False", "https://search.censys.io/hosts/104.167.16.88", "AdaptixC2,AS16276,C2,censys,OVH", "0", "DonPasci"
"2025-07-18 12:51:20", "1558066", "193.112.84.248:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:28", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-18 08:01:12", "1558027", "206.189.227.148:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:11", "100", "False", "https://search.censys.io/hosts/206.189.227.148", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-12 00:01:36", "1556099", "51.81.171.234:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:26", "100", "False", "https://search.censys.io/hosts/51.81.171.234", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci"
"2025-07-11 12:05:09", "1555914", "38.207.178.172:8002", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:44:59", "100", "False", "None", "AS139659,chaos,LUCIDACLOUD LIMITED", "0", "antiphishorg"
"2025-07-08 20:56:28", "1554642", "88.129.151.109:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:41", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-07 20:54:20", "1554340", "88.129.147.201:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:41", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-06 20:00:32", "1554064", "8.152.99.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "100", "False", "https://search.censys.io/hosts/8.152.99.85", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-03 20:00:15", "1553070", "112.125.19.107:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "100", "False", "https://search.censys.io/hosts/112.125.19.107", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-1234567890", "0", "DonPasci"
"2025-06-28 08:51:18", "1550284", "54.38.94.225:8886", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-09 18:45:05", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-06-27 06:58:55", "1549901", "217.154.212.25:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:22", "50", "False", "https://www.shodan.io/host/217.154.212.25#80", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-06-25 04:00:19", "1549030", "156.227.233.153:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:29", "100", "False", "https://search.censys.io/hosts/156.227.233.153", "AS138152,C2,censys", "0", "dyingbreeds_"
"2025-06-21 18:56:08", "1548335", "107.173.122.193:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:02", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-06-20 06:01:32", "1547925", "82.156.156.160:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-06-18 08:02:37", "1546246", "191.93.118.254:9000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:57", "75", "False", "https://bazaar.abuse.ch/sample/9265a6e0b26a240f1f8bffddf3b36d0e533919d0c894bd66839a90e351961464/", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-06-18 07:58:54", "1546232", "191.93.118.254:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:57", "75", "False", "https://bazaar.abuse.ch/sample/6ecbf71d231e9b9e7459b97c97d94aed467481b5b4f22af288bbaea5945c1af4/", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-06-17 03:12:25", "1545615", "8.147.128.54:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-06-16 23:10:50", "1545597", "47.107.136.106:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-06-16 12:01:46", "1545348", "8.137.149.67:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:37", "100", "False", "https://search.censys.io/hosts/8.137.149.67", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-06-13 20:01:30", "1544612", "47.109.48.57:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:25", "100", "False", "https://search.censys.io/hosts/47.109.48.57", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-06-12 08:56:19", "1544039", "39.104.78.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "100", "False", "https://search.censys.io/hosts/39.104.78.25", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-06-10 16:01:13", "1543390", "8.155.0.238:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:23", "100", "False", "https://search.censys.io/hosts/8.155.0.238", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-06-08 20:45:49", "1542784", "162.248.224.223:7882", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-06-08 20:45:48", "1542783", "162.248.224.223:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-06-08 20:01:01", "1542759", "119.45.29.172:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "100", "False", "https://search.censys.io/hosts/119.45.29.172", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-06-06 20:01:59", "1542057", "172.81.131.230:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:38", "100", "False", "https://search.censys.io/hosts/172.81.131.230", "AS27176,C2,censys,DATAWAGON,Mythic", "0", "DonPasci"
"2025-06-06 16:01:21", "1541666", "3.19.238.211:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:44:53", "100", "False", "https://search.censys.io/hosts/3.19.238.211", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci"
"2025-06-06 16:00:50", "1541652", "68.64.176.42:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "100", "False", "https://search.censys.io/hosts/68.64.176.42", "AS139659,C2,censys,CobaltStrike,cs-watermark-391144938,LUCID-AS-AP", "0", "DonPasci"
"2025-06-02 12:01:04", "1538881", "193.239.85.15:2083", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:00", "100", "False", "https://search.censys.io/hosts/193.239.85.15", "AS9009,C2,censys,Havoc,M247", "0", "DonPasci"
"2025-06-02 05:47:28", "1538799", "47.109.198.8:6000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:30", "50", "False", "https://www.shodan.io/host/47.109.198.8#6000", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-06-01 08:52:56", "1538358", "54.38.94.225:8885", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:27", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-05-31 07:45:39", "1537676", "101.43.91.156:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:45", "75", "False", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-31 07:45:38", "1537678", "59.110.7.32:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-30 08:53:21", "1536850", "99.112.198.249:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:47", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-30 08:00:11", "1536831", "129.28.85.210:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:30", "100", "False", "https://search.censys.io/hosts/129.28.85.210", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-05-30 02:55:17", "1536730", "111.229.4.108:2096", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:03", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-29 22:26:34", "1536683", "161.35.176.231:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:31", "100", "False", "https://search.censys.io/hosts/161.35.176.231", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-05-28 08:01:49", "1535962", "217.154.212.25:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:49", "100", "False", "https://search.censys.io/hosts/217.154.212.25", "AS8560,C2,censys,IONOS-AS,Mythic", "0", "DonPasci"
"2025-05-28 08:01:49", "1535963", "159.89.36.127:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:31", "100", "False", "https://search.censys.io/hosts/159.89.36.127", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-05-26 20:01:30", "1534920", "8.216.80.229:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:34", "100", "False", "https://search.censys.io/hosts/8.216.80.229", "ALIBABA-CN-NET,AS45102,C2,censys,Sliver", "0", "DonPasci"
"2025-05-24 20:01:31", "1533613", "221.132.29.137:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:50", "100", "False", "https://search.censys.io/hosts/221.132.29.137", "AS45899,C2,censys,Mythic,VNPT-AS-VN", "0", "DonPasci"
"2025-05-24 11:13:44", "1533071", "1.15.174.189:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:33", "75", "False", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-23 05:34:51", "1532332", "8.140.239.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-22 20:01:48", "1532306", "178.217.98.23:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2026-06-11 15:43:43", "100", "False", "https://search.censys.io/hosts/178.217.98.23", "AS48282,censys,Chaos,panel,VDSINA-AS", "0", "DonPasci"
"2025-05-21 08:00:35", "1527752", "117.72.206.39:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:43", "100", "False", "https://search.censys.io/hosts/117.72.206.39", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-05-20 06:37:42", "1526357", "106.54.61.188:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:31", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-19 12:00:22", "1525628", "118.26.39.237:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "100", "False", "https://search.censys.io/hosts/118.26.39.237", "AS135377,C2,censys,CobaltStrike,cs-watermark-666666666,UCLOUD-HK-AS-AP", "0", "DonPasci"
"2025-05-18 15:34:22", "1525250", "124.223.114.203:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:30", "100", "False", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-18 08:05:45", "1525138", "47.108.139.103:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:16", "100", "False", "https://search.censys.io/hosts/47.108.139.103", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-05-17 14:42:08", "1524773", "167.99.51.2:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:36", "50", "False", "https://www.shodan.io/host/167.99.51.2#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 08:00:32", "1524641", "167.99.51.2:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:36", "100", "False", "https://search.censys.io/hosts/167.99.51.2", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2025-05-17 06:27:29", "1524331", "8.216.80.229:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:34", "50", "False", "https://www.shodan.io/host/8.216.80.229#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 06:26:23", "1524319", "101.35.109.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "50", "False", "https://www.shodan.io/host/101.35.109.246#443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-15 21:14:57", "1523466", "103.171.35.26:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:32", "75", "False", "https://x.com/abodovic1", "c2,censys,cobalt_strike", "0", "Abodovic"
"2025-05-15 21:14:47", "1523462", "60.204.169.16:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:34", "75", "False", "https://x.com/abodovic1", "c2,censys,cobalt_strike", "0", "Abodovic"
"2025-05-15 21:13:56", "1523434", "179.43.186.223:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:28", "75", "False", "https://x.com/abodovic1", "c2,censys,cobalt_strike", "0", "Abodovic"
"2025-05-15 05:25:01", "1523246", "8.134.70.73:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:42:45", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-13 14:08:42", "1521639", "8.134.70.73:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "100", "False", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-12 20:58:42", "1520343", "38.54.112.234:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-11 06:11:06", "1519438", "47.109.190.151:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:16", "100", "False", "https://search.censys.io/hosts/47.109.190.151", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-05-09 05:36:03", "1518529", "47.108.140.10:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:16", "100", "False", "https://search.censys.io/hosts/47.108.140.10", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-05-07 13:00:19", "1518023", "106.52.207.50:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:00", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-05 12:00:58", "1516147", "41.216.189.77:2096", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:01", "100", "False", "https://search.censys.io/hosts/41.216.189.77", "AS211138,C2,censys,Havoc,PRIVATEHOSTING-NET", "0", "DonPasci"
"2025-04-29 08:43:42", "1513585", "107.143.144.154:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:09", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-04-25 08:10:27", "1511186", "23.254.215.118:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:51", "50", "False", "https://www.shodan.io/host/23.254.215.118#443", "c2,havoc,shodan", "0", "juroots"
"2025-04-22 12:21:47", "1509966", "167.71.13.103:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:35", "50", "False", "https://www.shodan.io/host/167.71.13.103#31337", "c2,shodan,sliver", "0", "juroots"
"2025-04-17 00:01:32", "1492577", "118.31.114.149:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:07", "100", "False", "https://search.censys.io/hosts/118.31.114.149", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-04-16 16:01:35", "1492480", "113.45.253.80:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:04", "100", "False", "https://search.censys.io/hosts/113.45.253.80", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci"
"2025-04-15 16:02:30", "1492012", "47.83.134.97:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:17", "100", "False", "https://search.censys.io/hosts/47.83.134.97", "ALIBABA-CN-NET,AS45102,C2,censys,Havoc", "0", "DonPasci"
"2025-04-15 04:01:37", "1491748", "193.142.146.70:56004", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:59", "100", "False", "https://search.censys.io/hosts/193.142.146.70", "AS213438,C2,censys,COLOCATEL-INC,RAT,Remcos", "0", "DonPasci"
"2025-04-10 05:55:49", "1486437", "167.71.13.103:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:35", "90", "False", "https://search.censys.io/hosts/167.71.13.103", "AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "dyingbreeds_"
"2025-04-07 13:47:33", "1485438", "3.146.93.253:55502", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 16:00:07", "100", "False", "None", "redirector,Vo1d", "0", "Bitsight"
"2025-04-07 12:47:32", "1485428", "3.146.93.253:55501", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 09:58:48", "100", "False", "None", "redirector,Vo1d", "0", "Bitsight"
"2025-04-07 12:47:30", "1485432", "3.146.93.253:55500", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 12:59:59", "100", "False", "None", "redirector,Vo1d", "0", "Bitsight"
"2025-04-02 10:08:14", "1463173", "38.46.218.36:9999", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 15:42:13", "100", "False", "None", "Vo1d", "0", "Bitsight"
"2025-04-02 10:08:13", "1463174", "38.46.218.38:9999", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 16:12:14", "100", "False", "None", "Vo1d", "0", "Bitsight"
"2025-04-02 10:08:12", "1463176", "38.46.218.39:9999", "ip:port", "botnet_cc", "apk.vo1d", "None", "vo1d", "2026-06-11 14:41:12", "100", "False", "None", "Vo1d", "0", "Bitsight"
"2025-04-02 08:01:26", "1463152", "200.107.126.227:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:09", "100", "False", "https://search.censys.io/hosts/200.107.126.227", "AS14754,C2,censys,Netsupport,RAT,TELECOMUNICACIONES", "0", "DonPasci"
"2025-04-01 10:24:30", "1462468", "43.143.229.126:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:26", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-03-28 04:00:35", "1459722", "193.142.146.70:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:43:59", "100", "False", "https://search.censys.io/hosts/193.142.146.70", "AS213438,C2,censys,COLOCATEL-INC,RAT,Remcos", "0", "DonPasci"
"2025-03-24 06:29:33", "1457513", "103.142.147.17:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:04", "100", "False", "https://search.censys.io/hosts/103.142.147.17", "AS135581,censys,Viper", "0", "dyingbreeds_"
"2025-03-22 20:43:16", "1454148", "103.142.147.18:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,RAT", "0", "abuse_ch"
"2025-03-22 20:43:16", "1454149", "103.142.147.19:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:04", "75", "False", "None", "drb-ra,RAT", "0", "abuse_ch"
"2025-03-20 12:01:27", "1452404", "47.116.208.81:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:36", "100", "False", "https://search.censys.io/hosts/47.116.208.81", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-03-19 05:26:28", "1451661", "20.51.229.168:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:39", "100", "False", "https://search.censys.io/hosts/20.51.229.168", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-03-11 12:01:13", "1446149", "210.2.169.213:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:13", "100", "False", "https://search.censys.io/hosts/210.2.169.213", "AS23966,C2,censys,Havoc,LDN-AS-PK", "0", "DonPasci"
"2025-03-06 04:01:35", "1441769", "51.81.171.234:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:45:26", "100", "False", "https://search.censys.io/hosts/51.81.171.234", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci"
"2025-03-04 00:00:37", "1440611", "43.153.2.113:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:27", "100", "False", "https://search.censys.io/hosts/43.153.2.113", "AS132203,C2,censys,CobaltStrike,cs-watermark-100000,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-03-03 12:01:16", "1440087", "15.204.95.228:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:23", "100", "False", "https://search.censys.io/hosts/15.204.95.228", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci"
"2025-03-02 20:01:03", "1439776", "150.5.174.231:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:23", "100", "False", "https://search.censys.io/hosts/150.5.174.231", "AS150436,BYTEPLUS-AS-AP,C2,censys,Mythic", "0", "DonPasci"
"2025-03-02 08:46:23", "1439368", "54.38.94.225:8887", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:28", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-03-01 20:47:46", "1439168", "47.129.171.26:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:31", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-02-20 12:49:39", "1428313", "8.134.51.218:24444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-02-14 00:01:07", "1411885", "192.52.167.140:80", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:59", "100", "False", "https://search.censys.io/hosts/192.52.167.140", "AS199959,C2,censys,CROWNCLOUD,Netsupport,RAT", "0", "DonPasci"
"2025-02-10 20:43:10", "1409420", "103.215.81.156:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:05", "75", "False", "None", "drb-ra,RAT", "0", "abuse_ch"
"2025-02-05 22:51:06", "1404178", "20.74.209.192:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:27", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-02-02 16:00:48", "1402495", "62.60.226.42:43155", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:29", "100", "False", "https://search.censys.io/hosts/62.60.226.42", "AS214351,C2,censys,FEMOIT,RAT,Remcos", "0", "DonPasci"
"2025-02-01 08:44:50", "1399002", "173.44.141.226:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:41", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-02-01 04:00:38", "1398921", "62.60.226.6:43155", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:45:29", "100", "False", "https://search.censys.io/hosts/62.60.226.6", "AS214351,C2,censys,FEMOIT,RAT,Remcos", "0", "DonPasci"
"2025-01-31 13:44:30", "1398820", "162.252.173.12:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:32", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-31 12:01:38", "1398810", "162.252.173.12:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:33", "100", "False", "https://search.censys.io/hosts/162.252.173.12", "AS9009,backdoor,C2,censys,M247,Ransomhub", "0", "DonPasci"
"2025-01-31 12:00:35", "1398803", "213.252.247.119:1111", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:15", "100", "False", "https://search.censys.io/hosts/213.252.247.119", "AS61272,C2,censys,IST-AS,RAT,Remcos", "0", "DonPasci"
"2025-01-31 07:01:30", "1398657", "8.134.108.73:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:34", "100", "False", "https://search.censys.io/hosts/8.134.108.73", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-01-30 08:47:19", "1396136", "38.146.28.93:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:59", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-30 08:45:48", "1396135", "185.33.86.15:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:54", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-30 08:01:38", "1396130", "38.146.28.93:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:59", "100", "False", "https://search.censys.io/hosts/38.146.28.93", "AS174,backdoor,C2,censys,COGENT-174,Ransomhub", "0", "DonPasci"
"2025-01-30 04:01:31", "1396102", "185.33.86.15:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:54", "100", "False", "https://search.censys.io/hosts/185.33.86.15", "AS202015,backdoor,C2,censys,HZ-US-AS,Ransomhub", "0", "DonPasci"
"2025-01-26 08:46:00", "1394408", "54.38.94.225:8883", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:27", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-01-25 20:47:04", "1394158", "54.38.94.225:8880", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:45:27", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-01-23 07:00:09", "1391935", "173.44.141.226:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:41", "100", "False", "https://search.censys.io/hosts/173.44.141.226", "AS62904,backdoor,C2,censys,Ransomhub", "0", "DonPasci"
"2025-01-22 17:46:05", "1391610", "45.82.85.50:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:45:13", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:16:20", "1384954", "92.118.112.208:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-10 18:45:23", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:16:19", "1384953", "92.118.112.208:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-10 18:45:23", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:15:21", "1384933", "38.180.81.153:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:59", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:15:21", "1384934", "38.180.81.153:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:44:59", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:14:13", "1384921", "167.99.139.231:8004", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2026-06-11 15:43:36", "75", "False", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-01-17 09:13:19", "1384912", "185.174.101.240:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:49", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:13:19", "1384913", "185.174.101.240:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:50", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:13:19", "1384914", "185.174.101.69:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:50", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:13:19", "1384915", "185.174.101.69:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:50", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:12:27", "1384908", "108.181.115.171:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:10", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:12:27", "1384909", "108.181.115.171:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:10", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:12:27", "1384910", "108.181.182.143:443", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:10", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-17 09:12:27", "1384911", "108.181.182.143:8000", "ip:port", "botnet_cc", "win.ransomhub", "None", "RansomHub", "2026-06-11 15:43:11", "75", "False", "None", "drb-ra,RansomHub", "0", "abuse_ch"
"2025-01-10 13:55:47", "1381420", "77.238.236.123:18300", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:45:33", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-01-10 13:43:51", "1381067", "112.5.58.181:7001", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-06-11 15:43:11", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-01-10 08:18:57", "1380635", "8.219.78.159:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:39", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:18:43", "1380629", "70.34.196.238:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:36", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:18:28", "1380607", "47.98.134.252:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:17:37", "1380569", "38.54.115.233:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:17:20", "1380533", "207.148.68.118:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:21", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:16:21", "1380446", "139.180.189.95:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:12", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:15:44", "1380421", "118.25.91.151:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 08:15:43", "1380420", "117.72.39.83:43872", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-01-10 04:04:28", "1380232", "38.207.179.146:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:59", "100", "False", "https://search.censys.io/hosts/38.207.179.146", "AS139659,C2,censys,LUCID-AS-AP,Mythic", "0", "DonPasci"
"2025-01-09 06:17:26", "1379888", "192.155.90.71:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:40", "100", "False", "https://search.censys.io/hosts/192.155.90.71", "AS63949,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-01-02 07:44:34", "1377164", "47.99.93.43:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:34", "100", "False", "https://www.shodan.io/host/47.99.93.43", "as37963,c2,CobaltStrike,cs-watermark-100000,shodan", "0", "skocherhan"
"2025-01-01 04:03:19", "1376919", "86.124.168.255:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "2026-06-11 15:45:40", "100", "False", "https://search.censys.io/hosts/86.124.168.255", "AS8708,c2,censys,RCS-RDS,SocGholish", "0", "DonPasci"
"2024-12-24 08:00:43", "1359401", "8.153.97.202:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:21", "100", "False", "https://search.censys.io/hosts/8.153.97.202", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2024-12-24 04:01:34", "1359309", "91.199.154.103:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:43", "100", "False", "https://search.censys.io/hosts/91.199.154.103", "AS62212,C2,censys,Sliver", "0", "DonPasci"
"2024-12-16 16:01:41", "1357389", "45.56.69.210:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:11", "100", "False", "https://search.censys.io/hosts/45.56.69.210", "AKAMAI-LINODE-AP,AS63949,censys,EvilGoPhish,panel,Phishing", "0", "DonPasci"
"2024-12-12 06:21:40", "1356002", "113.44.90.0:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:12", "100", "False", "https://search.censys.io/hosts/113.44.90.0", "AS55990,censys,Viper", "0", "dyingbreeds_"
"2024-12-06 07:36:52", "1352876", "139.196.126.161:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:41", "100", "False", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-12-02 21:43:43", "1351517", "57.153.88.186:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:39", "100", "False", "https://search.censys.io/hosts/57.153.88.186", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2024-12-02 21:01:15", "1350210", "117.72.39.83:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "https://search.censys.io/hosts/117.72.39.83", "AS141679,C2,censys", "0", "dyingbreeds_"
"2024-12-01 07:43:42", "1349957", "117.72.39.83:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-11-30 20:06:19", "1349567", "216.118.101.24:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:36", "100", "False", "", "censys,panel,Viper", "0", "NDA0E"
"2024-11-30 20:06:11", "1349531", "216.118.101.132:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:20", "100", "False", "", "censys,panel,Viper", "0", "NDA0E"
"2024-11-30 20:06:08", "1349510", "216.118.101.199:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:30", "100", "False", "", "censys,panel,Viper", "0", "NDA0E"
"2024-11-30 20:06:04", "1349492", "216.118.101.216:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:32", "100", "False", "", "censys,panel,Viper", "0", "NDA0E"
"2024-11-30 20:05:51", "1349438", "216.118.101.54:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:42", "100", "False", "", "censys,panel,Viper", "0", "NDA0E"
"2024-11-29 13:56:30", "1348902", "216.118.101.108:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:17", "100", "False", "", "Viper", "0", "dyingbreeds_"
"2024-11-27 19:47:54", "1348295", "47.90.142.15:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:35", "100", "False", "", "censys,CobaltStrike", "0", "NDA0E"
"2024-11-27 19:47:07", "1348026", "8.137.114.210:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:24", "100", "False", "", "censys,CobaltStrike", "0", "NDA0E"
"2024-10-30 17:53:55", "1340201", "146.70.158.198:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:21", "75", "False", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/Sliver%20C2", "c2,sliver,sliverc2", "0", "TheRavenFile"
"2024-10-02 06:31:45", "1332624", "154.221.17.44:2888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-10-01 16:02:09", "1332328", "195.100.198.220:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:44:03", "100", "False", "https://search.censys.io/hosts/195.100.198.220", "AS5400,BT,C2,censys,Mythic", "0", "DonPasci"
"2024-09-25 08:00:47", "1329042", "118.25.148.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:31", "100", "False", "https://search.censys.io/hosts/118.25.148.25", "AS45090,C2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci"
"2024-09-20 08:01:06", "1326604", "206.210.123.104:8889", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:11", "100", "False", "https://search.censys.io/hosts/206.210.123.104", "AS33130,C2,censys,IASL,RAT", "0", "DonPasci"
"2024-09-19 16:01:20", "1326366", "189.115.194.189:9990", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:56", "100", "False", "https://search.censys.io/hosts/189.115.194.189", "AS18881,C2,censys,RAT,TELEFONICA", "0", "DonPasci"
"2024-09-07 16:01:45", "1321901", "64.23.213.61:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:30", "100", "False", "https://search.censys.io/hosts/64.23.213.61", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2024-09-01 12:00:42", "1319266", "154.221.17.44:2666", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:15", "100", "False", "https://search.censys.io/hosts/154.221.17.44", "AS142403,C2,censys,CobaltStrike,cs-watermark-666666666,YISUCLOUDLTD-HK", "0", "DonPasci"
"2024-08-29 00:01:11", "1317070", "86.53.241.21:447", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:40", "100", "False", "https://search.censys.io/hosts/86.53.241.21", "AS3257,C2,censys,GTT-BACKBONE,RAT", "0", "DonPasci"
"2024-08-28 04:01:10", "1316706", "213.252.247.119:4444", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-06-11 15:44:15", "100", "False", "https://search.censys.io/hosts/213.252.247.119", "AS61272,C2,censys,IST-AS,RAT", "0", "DonPasci"
"2024-08-27 04:00:34", "1316522", "107.22.165.49:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:10", "100", "False", "https://search.censys.io/hosts/107.22.165.49", "AMAZON-AES,AS14618,C2,censys,RAT", "0", "DonPasci"
"2024-08-22 10:04:33", "1314694", "83.229.120.73:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:45:38", "100", "False", "https://search.censys.io/hosts/83.229.120.73", "AS139659,C2,censys,Mythic", "0", "DonPasci"
"2024-08-19 19:55:59", "1313657", "193.19.242.55:1443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:00", "100", "False", "https://search.censys.io/hosts/193.19.242.55", "AS35319,AS48964,C2,censys,RAT", "0", "DonPasci"
"2024-08-18 14:04:40", "1313194", "110.13.35.37:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:11", "100", "False", "https://search.censys.io/hosts/110.13.35.37", "AS9318,C2,censys,RAT,SKB-AS", "0", "DonPasci"
"2024-08-17 14:04:20", "1312402", "20.188.119.195:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:08", "100", "False", "https://search.censys.io/hosts/20.188.119.195", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2024-08-17 02:04:24", "1312338", "210.249.114.154:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:14", "100", "False", "https://search.censys.io/hosts/210.249.114.154", "AS2516,C2,censys,RAT", "0", "DonPasci"
"2024-08-16 14:02:33", "1312117", "20.188.119.195:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:44:08", "100", "False", "https://search.censys.io/hosts/20.188.119.195", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2024-08-15 22:40:43", "1311619", "23.24.178.35:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:51", "100", "False", "https://search.censys.io/hosts/23.24.178.35", "AS20214,C2,censys,COMCAST-20214,RAT", "0", "DonPasci"
"2024-08-15 22:40:39", "1311614", "120.25.239.36:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:13", "100", "False", "https://search.censys.io/hosts/120.25.239.36", "ALIBABA-CN-NET,AS37963,C2,censys,RAT", "0", "DonPasci"
"2024-08-11 21:50:57", "1309755", "146.70.158.198:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:21", "100", "False", "https://search.censys.io/hosts/146.70.158.198", "AS9009,C2,censys,M247", "0", "DonPasci"
"2024-07-09 19:05:36", "1296480", "43.138.0.179:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:26", "100", "False", "None", "CobaltStrike,cs-watermark-0,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-09 06:51:58", "1296006", "213.149.181.121:469", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:14", "50", "False", "https://search.censys.io/hosts/213.149.181.121", "CYTA-NETWORK Internet Services,NetSupportRAT", "0", "drb_ra"
"2024-07-09 06:51:48", "1296003", "20.105.139.205:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:08", "50", "False", "https://search.censys.io/hosts/20.105.139.205", "MICROSOFT-CORP-MSN-AS-BLOCK,NetSupportRAT", "0", "drb_ra"
"2024-07-08 06:51:14", "1295752", "210.249.114.153:80", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:14", "50", "False", "https://search.censys.io/hosts/210.249.114.153", "KDDI KDDI CORPORATION,NetSupportRAT", "0", "drb_ra"
"2024-07-07 03:48:38", "1295405", "23.24.178.33:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:51", "50", "False", "https://search.censys.io/hosts/23.24.178.33", "COMCAST-7922,NetSupportRAT", "0", "drb_ra"
"2024-07-03 06:52:14", "1292877", "210.249.114.154:80", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:14", "50", "False", "https://search.censys.io/hosts/210.249.114.154", "KDDI KDDI CORPORATION,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:40", "1291417", "198.244.197.118:9443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:05", "50", "False", "https://search.censys.io/hosts/198.244.197.118", "NetSupportRAT,OVH", "0", "drb_ra"
"2024-07-01 10:05:30", "1291414", "206.210.123.104:8888", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:11", "50", "False", "https://search.censys.io/hosts/206.210.123.104", "IASL,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:19", "1291411", "61.96.204.117:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:45:28", "50", "False", "https://search.censys.io/hosts/61.96.204.117", "DREAMX-AS DREAMLINE CO.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:15", "1291410", "185.23.192.33:444", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:43:53", "50", "False", "https://search.censys.io/hosts/185.23.192.33", "NetSupportRAT,WINET", "0", "drb_ra"
"2024-07-01 10:05:10", "1291409", "2.136.235.200:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:05", "50", "False", "https://search.censys.io/hosts/2.136.235.200", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:04:31", "1291397", "210.249.114.153:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-06-11 15:44:14", "50", "False", "https://search.censys.io/hosts/210.249.114.153", "KDDI KDDI CORPORATION,NetSupportRAT", "0", "drb_ra"
"2024-06-26 17:08:27", "1289464", "50.116.12.237:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 06:43:02", "100", "False", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch"
"2024-06-26 17:07:43", "1289423", "152.32.202.240:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:14", "100", "False", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-22 06:45:48", "1287670", "91.199.154.103:34211", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:45:43", "50", "False", "https://search.censys.io/hosts/91.199.154.103", "Sliver", "0", "drb_ra"
"2024-06-02 08:38:33", "1278172", "119.91.208.190:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-01 13:08:25", "1277937", "47.109.69.135:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-05-31 12:57:33", "1277588", "101.43.32.212:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "None", "CobaltStrike,cs-watermark-100000,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-05-29 12:52:55", "1276802", "124.223.41.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "None", "CobaltStrike,cs-watermark-666666666,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-05-29 10:17:04", "1276786", "8.210.9.201:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "None", "ALIBABA-CN-NET Alibaba US Technology Co. Ltd.,CobaltStrike,cs-watermark-0", "0", "drb_ra"
"2024-05-24 13:15:35", "1274726", "47.92.127.53:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "None", "CobaltStrike,cs-watermark-391144938,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-05-22 11:06:58", "1273973", "119.28.83.149:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,Tencent Building Kejizhongyi Avenue", "0", "drb_ra"
"2024-05-21 18:51:48", "1273882", "51.15.16.116:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "2026-06-11 15:45:26", "50", "False", "https://search.censys.io/hosts/51.15.16.116", "Online SAS,SocGholish", "0", "drb_ra"
"2024-05-21 12:53:29", "1273456", "139.159.203.44:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,HWCSNET Huawei Cloud Service data center", "0", "drb_ra"
"2024-05-19 07:56:13", "1272788", "123.58.198.236:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "None", "CobaltStrike,cs-watermark-391144938,UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED", "0", "drb_ra"
"2024-05-15 22:13:26", "1271606", "91.238.181.235:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:52", "100", "False", "None", "CobaltStrike,cs-watermark-674054486,FBWNETWORKS", "0", "drb_ra"
"2024-05-15 15:33:07", "1271347", "118.25.85.198:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:42", "100", "False", "https://search.censys.io/hosts/118.25.85.198", "AS45090,c2,censys,CobaltStrike,cs-watermark-305419896,TENCENT-NET-AP", "0", "DonPasci"
"2024-05-14 10:14:21", "1270684", "64.7.198.58:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "None", "BLNWX,CobaltStrike,cs-watermark-426352781", "0", "drb_ra"
"2024-05-11 22:47:31", "1269727", "113.31.105.33:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "None", "China Telecom (Group),CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-05-11 22:47:10", "1269724", "185.196.8.18:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,Simple Carrier LLC", "0", "drb_ra"
"2024-05-07 10:14:57", "1267565", "113.31.106.106:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "None", "CHINANET-SHANGHAI-MAN China Telecom Group,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-05-07 07:48:08", "1267486", "111.230.12.238:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "https://search.censys.io/hosts/111.230.12.238", "AS45090,c2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci"
"2024-05-06 12:49:25", "1266959", "134.122.130.186:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "None", "BGPNET Global ASN,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-04-29 12:51:26", "1263972", "134.122.130.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "None", "BGPNET Global ASN,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-04-28 17:59:06", "1263319", "124.71.106.234:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "None", "CobaltStrike,cs-watermark-666666666,Huawei Cloud Service data center", "0", "drb_ra"
"2024-04-26 12:59:31", "1262666", "118.31.116.9:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-04-25 22:12:56", "1262568", "8.134.11.7:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-04-24 13:08:20", "1261845", "165.227.108.186:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "None", "CobaltStrike,cs-watermark-970865301,DigitalOcean LLC", "0", "drb_ra"
"2024-04-23 18:05:49", "1260893", "80.66.75.9:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:52", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,GRIZ-INET-SERVICE", "0", "drb_ra"
"2024-04-23 18:05:43", "1260890", "101.201.54.74:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-04-21 15:09:17", "1259796", "62.204.41.11:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "https://search.censys.io/hosts/62.204.41.11", "AS59425,c2,censys,CobaltStrike,cs-watermark-1580103824,HORIZONMSK-AS", "0", "DonPasci"
"2024-04-11 10:15:16", "1255726", "124.220.6.158:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "100", "False", "https://search.censys.io/search?resource=hosts&virtual_hosts=EXCLUDE&q=%28services.software.uniform_resource_identifier%3A+%60cpe%3A2.3%3Aa%3Afortra%3Acobalt_strike%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%60%29+and+autonomous_system.name%3D%60TENCENT-NET-AP+Shenzhen+Tencent+Computer+Systems+Company+Limited%60", "AS45090,c2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci"
"2024-04-11 10:15:15", "1255727", "124.220.6.158:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "100", "False", "https://search.censys.io/search?resource=hosts&virtual_hosts=EXCLUDE&q=%28services.software.uniform_resource_identifier%3A+%60cpe%3A2.3%3Aa%3Afortra%3Acobalt_strike%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%60%29+and+autonomous_system.name%3D%60TENCENT-NET-AP+Shenzhen+Tencent+Computer+Systems+Company+Limited%60", "AS45090,c2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci"
"2024-04-09 06:47:29", "1255012", "159.223.0.103:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:30", "50", "False", "https://search.censys.io/hosts/159.223.0.103", "DIGITALOCEAN-ASN,Havoc", "0", "drb_ra"
"2024-04-02 10:17:26", "1252542", "185.196.10.121:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,SIMPLECARRIER", "0", "drb_ra"
"2024-03-27 07:57:29", "1249815", "47.105.69.34:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-03-09 20:54:40", "1245476", "47.100.87.177:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-03-06 20:55:37", "1244781", "194.165.16.55:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "100", "False", "None", "CobaltStrike,cs-watermark-674054486,FLYSERVERS-ENDCLIENTS", "0", "drb_ra"
"2024-02-21 22:13:19", "1241656", "121.43.55.149:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike,cs-watermark-391144938", "0", "drb_ra"
"2024-02-02 06:00:13", "1236276", "20.56.70.245:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "80", "False", "None", "None", "0", "malpulse"
"2024-01-27 14:31:40", "1234928", "114.55.133.151:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "https://search.censys.io/hosts/114.55.133.151", "AS37963,C2,censys", "0", "thehappydinoa"
"2024-01-27 14:31:20", "1234909", "117.72.39.83:30005", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "https://search.censys.io/hosts/117.72.39.83", "AS141679,C2,censys", "0", "thehappydinoa"
"2024-01-24 18:49:24", "1234304", "38.147.189.199:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:44:59", "50", "False", "https://search.censys.io/hosts/38.147.189.199", "Pupy RAT,XNNET", "0", "drb_ra"
"2024-01-13 06:47:25", "1230478", "164.92.79.49:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:35", "50", "False", "https://search.censys.io/hosts/164.92.79.49", "DIGITALOCEAN-ASN,Havoc", "0", "drb_ra"
"2024-01-10 06:48:20", "1229817", "161.35.239.147:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-06-11 15:43:31", "50", "False", "https://search.censys.io/hosts/161.35.239.147", "DIGITALOCEAN-ASN,Havoc", "0", "drb_ra"
"2024-01-09 08:45:29", "1229661", "111.92.243.236:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "None", "CobaltStrike,cs-watermark-666666666,HFTCL-AS-AP High Family Technology Co. Limited", "0", "drb_ra"
"2024-01-05 21:31:13", "1228458", "139.9.62.19:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "https://search.censys.io/hosts/139.9.62.19", "C2,censys", "0", "thehappydinoa"
"2024-01-05 14:48:41", "1228181", "101.133.225.51:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:45:58", "100", "False", "https://search.censys.io/hosts/101.133.225.51", "C2,censys", "0", "thehappydinoa"
"2024-01-05 06:45:36", "1228033", "143.110.151.209:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:19", "50", "False", "https://search.censys.io/hosts/143.110.151.209", "DIGITALOCEAN-ASN,Sliver", "0", "drb_ra"
"2024-01-02 14:31:12", "1227297", "106.54.209.36:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "100", "False", "https://search.censys.io/hosts/106.54.209.36", "C2,censys", "0", "thehappydinoa"
"2023-12-28 00:10:38", "1225054", "45.112.178.163:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 12:43:35", "100", "False", "https://search.censys.io/hosts/45.112.178.163", "censys,GoPhish,Phishing", "0", "thehappydinoa"
"2023-12-26 06:46:27", "1223678", "8.140.203.92:7817", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:45:34", "50", "False", "https://search.censys.io/hosts/8.140.203.92", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,Deimos", "0", "drb_ra"
"2023-12-18 05:00:11", "1221451", "62.234.27.204:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "80", "False", "None", "None", "0", "malpulse"
"2023-12-15 18:59:31", "1213211", "117.72.39.83:33333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:06", "100", "False", "https://search.censys.io/hosts/117.72.39.83", "C2,censys", "0", "thehappydinoa"
"2023-11-23 03:52:00", "1204960", "139.199.166.208:8443", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "2026-06-11 12:46:50", "90", "False", "https://search.censys.io/hosts/139.199.166.208", "C2,censys,RAT", "0", "thehappydinoa"
"2023-11-22 19:58:07", "1204530", "119.29.143.243:8443", "ip:port", "botnet_cc", "win.shadowpad", "POISONPLUG.SHADOW,XShellGhost", "ShadowPad", "2026-06-11 12:46:50", "90", "False", "https://search.censys.io/hosts/119.29.143.243", "C2,censys,RAT", "0", "thehappydinoa"
"2023-11-09 17:50:07", "1201144", "101.34.222.38:60000", "ip:port", "botnet_cc", "apk.viper_rat", "None", "Viper RAT", "2026-06-11 15:43:03", "100", "False", "https://search.censys.io/hosts/101.34.222.38", "C2,censys,RAT", "0", "thehappydinoa"
"2023-11-06 21:04:29", "1199545", "38.54.115.233:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:24", "80", "False", "None", "None", "0", "malpulse"
"2023-10-24 10:39:59", "1192255", "139.155.148.131:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:49", "100", "False", "https://search.censys.io/hosts/139.155.148.131", "C2,censys", "0", "thehappydinoa"
"2023-10-12 01:35:38", "1187879", "143.110.151.209:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-06-11 15:43:19", "90", "False", "https://search.censys.io/hosts/143.110.151.209", "C2,censys,DIGITALOCEAN-ASN", "0", "thehappydinoa"
"2023-10-11 12:59:56", "1187462", "117.72.8.192:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:48", "100", "False", "https://search.censys.io/hosts/117.72.8.192", "C2,censys", "0", "thehappydinoa"
"2023-09-30 16:12:13", "1180378", "111.229.187.212:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:47", "80", "False", "None", "None", "0", "malpulse"
"2023-09-20 18:47:20", "1165172", "8.217.217.243:8082", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:45:34", "50", "False", "https://search.censys.io/hosts/8.217.217.243", "ALIBABA-CN-NET Alibaba US Technology Co. Ltd.,Deimos", "0", "drb_ra"
"2023-09-05 21:52:59", "1155319", "43.136.38.59:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "100", "False", "None", "CobaltStrike,cs-watermark-1580103824,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2023-08-23 11:56:21", "1151693", "43.153.222.28:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:37", "100", "False", "None", "CobaltStrike,cs-watermark-100000,Tencent Building Kejizhongyi Avenue", "0", "drb_ra"
"2023-08-14 18:46:43", "1149951", "164.92.145.128:7810", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2026-06-11 15:43:34", "50", "False", "https://search.censys.io/hosts/164.92.145.128", "Brute Ratel C4,DIGITALOCEAN-ASN", "0", "drb_ra"
"2023-06-28 22:51:22", "1134787", "1.15.248.225:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:46", "100", "False", "None", "CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2023-06-20 18:49:40", "1132563", "103.27.186.185:9001", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:06", "50", "False", "https://search.censys.io/hosts/103.27.186.185", "Pupy RAT,SNL-HK Starry Network Limited", "0", "drb_ra"
"2023-05-10 18:49:37", "1114522", "103.27.186.185:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:43:06", "50", "False", "https://search.censys.io/hosts/103.27.186.185", "Pupy RAT,SNL-HK Starry Network Limited", "0", "drb_ra"
"2023-05-05 12:41:05", "1111457", "35.201.196.246:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2026-06-11 15:44:57", "50", "False", "https://search.censys.io/hosts/35.201.196.246", "GOOGLE-CLOUD-PLATFORM,Pupy RAT", "0", "drb_ra"
"2023-05-04 06:46:43", "1110863", "39.106.36.96:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:45:00", "50", "False", "https://search.censys.io/hosts/39.106.36.96", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,Deimos", "0", "drb_ra"
"2023-05-04 06:46:41", "1110862", "36.95.131.171:9091", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:44:57", "50", "False", "https://search.censys.io/hosts/36.95.131.171", "Deimos,TELKOMNET-AS-AP PT Telekomunikasi Indonesia", "0", "drb_ra"
"2023-05-04 06:46:35", "1110860", "18.162.155.202:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:43:44", "50", "False", "https://search.censys.io/hosts/18.162.155.202", "AMAZON-02,Deimos", "0", "drb_ra"
"2023-05-04 06:46:33", "1110859", "8.218.26.114:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:45:35", "50", "False", "https://search.censys.io/hosts/8.218.26.114", "ALIBABA-CN-NET Alibaba US Technology Co. Ltd.,Deimos", "0", "drb_ra"
"2023-05-04 06:46:30", "1110858", "3.209.12.178:3060", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "2026-06-11 15:44:53", "50", "False", "https://search.censys.io/hosts/3.209.12.178", "AMAZON-AES,Deimos", "0", "drb_ra"
"2023-04-15 12:28:52", "1103771", "77.242.250.36:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:51", "100", "False", "None", "CobaltStrike,cs-watermark-1416875320", "0", "drb_ra"
"2023-02-03 00:16:03", "1077913", "39.107.242.125:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:25", "75", "False", "https://www.redpacketsecurity.com/cobalt-stike-beacon-detected-39-107-242-125-port-80/", "CobaltStrike,RedPacketSecurity", "0", "abuse_ch"
"2023-01-28 09:40:24", "1074894", "164.90.158.199:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:34", "50", "False", "https://search.censys.io/hosts/164.90.158.199", "DIGITALOCEAN-ASN,Mythic", "0", "drb_ra"
"2023-01-28 09:40:10", "1074890", "145.131.8.169:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:20", "50", "False", "https://search.censys.io/hosts/145.131.8.169", "Mythic,SENTIA", "0", "drb_ra"
"2023-01-28 09:26:29", "1074833", "130.61.124.23:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-06-11 15:43:15", "50", "False", "https://search.censys.io/hosts/130.61.124.23", "Covenant,ORACLE-BMC-31898", "0", "drb_ra"
"2022-12-30 19:48:51", "1064069", "144.217.207.19:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:12", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2022-12-30 19:48:36", "1063989", "43.129.7.189:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:51", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2022-12-30 19:48:36", "1063990", "82.156.241.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:56", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2022-12-30 19:46:51", "1063804", "164.92.70.225:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:48", "75", "False", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2022-12-13 11:43:38", "1036758", "8.212.49.116:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:52", "100", "False", "None", "Alibaba (US) Technology Co. Ltd.,CobaltStrike", "0", "drb_ra"
"2022-09-22 11:26:18", "851096", "34.92.131.12:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:24", "100", "False", "None", "CobaltStrike,Google LLC", "0", "drb_ra"
"2022-09-20 16:58:14", "850706", "87.246.7.38:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:25", "75", "False", "https://twitter.com/1ZRR4H/status/1572261285139714051", "CobaltStrike", "0", "abuse_ch"
"2022-09-17 21:24:41", "850260", "154.22.117.31:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:24", "100", "False", "None", "CobaltStrike,Cogent Communications", "0", "drb_ra"
"2022-09-14 22:07:14", "849761", "198.98.53.34:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:24", "100", "False", "None", "CobaltStrike,PONYNET", "0", "drb_ra"
"2022-09-01 06:45:17", "847124", "115.75.66.68:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:13", "75", "False", "https://bazaar.abuse.ch/sample/8f7649bc068b21404fe08229026859aaa468634963eca11cc64b661fa64a6880/", "asyncrat", "0", "abuse_ch"
"2022-09-01 06:45:16", "847123", "115.75.66.68:6821", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:12", "75", "False", "https://bazaar.abuse.ch/sample/8f7649bc068b21404fe08229026859aaa468634963eca11cc64b661fa64a6880/", "asyncrat", "0", "abuse_ch"
"2022-09-01 06:45:14", "847122", "115.75.66.68:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:12", "75", "False", "https://bazaar.abuse.ch/sample/8f7649bc068b21404fe08229026859aaa468634963eca11cc64b661fa64a6880/", "asyncrat", "0", "abuse_ch"
"2022-09-01 06:40:24", "847121", "115.75.66.68:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-06-11 15:43:13", "100", "False", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2022-08-16 11:38:21", "843546", "47.108.180.121:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:50", "100", "False", "None", "CobaltStrike,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2022-07-02 13:06:49", "750750", "42.192.21.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:24", "100", "False", "None", "CobaltStrike", "0", "drb_ra"
"2022-06-28 08:57:21", "730561", "18.117.254.165:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:50", "100", "False", "None", "Amazon.com Inc.,CobaltStrike", "0", "drb_ra"
"2022-06-23 10:47:03", "720058", "121.41.101.90:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:10", "75", "False", "None", "Cobalt Strike", "0", "abuse_ch"
"2022-06-15 20:53:40", "710534", "85.175.101.203:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 15:46:41", "100", "False", "None", "CobaltStrike,STC-AS", "0", "drb_ra"
"2022-04-30 19:45:18", "544836", "116.62.185.223:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:49", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike", "0", "drb_ra"
"2022-04-29 19:30:18", "540702", "165.227.180.6:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:53", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-04-25 12:31:07", "532916", "120.26.240.21:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:56", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike", "0", "drb_ra"
"2022-04-23 16:42:50", "530098", "193.29.13.216:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:57", "100", "False", "None", "***************************************,CobaltStrike", "0", "drb_ra"
"2022-04-21 16:54:57", "523516", "45.8.158.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:49", "100", "False", "None", "ASBAXETN,CobaltStrike", "0", "drb_ra"
"2022-04-19 13:44:33", "521565", "115.29.171.175:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:56", "100", "False", "None", "CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike", "0", "drb_ra"
"2022-04-18 18:01:52", "521083", "84.32.188.190:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:48", "100", "False", "None", "CobaltStrike,UAB Cherry Servers", "0", "drb_ra"
"2022-04-15 22:57:51", "520317", "137.184.42.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:54", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-04-14 16:59:25", "519914", "84.32.188.104:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:50", "100", "False", "None", "CobaltStrike,UAB Cherry Servers", "0", "drb_ra"
"2022-04-13 16:57:52", "519116", "175.41.21.29:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:52", "100", "False", "None", "CobaltStrike,XLC-AS-AP XLC GLOBAL", "0", "drb_ra"
"2022-04-12 16:50:58", "518853", "175.41.16.98:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:57", "100", "False", "None", "CobaltStrike,XLC-AS-AP XLC GLOBAL", "0", "drb_ra"
"2022-04-10 17:05:31", "518404", "138.68.110.227:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:53", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-04-06 22:59:35", "516676", "13.55.118.253:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:49", "100", "False", "None", "AMAZON-02,CobaltStrike", "0", "drb_ra"
"2022-04-05 22:55:20", "493695", "185.186.143.111:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:49", "100", "False", "None", "ASKONTEL,CobaltStrike", "0", "drb_ra"
"2022-04-05 16:53:16", "492845", "194.37.97.153:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:11", "100", "False", "None", "CobaltStrike,M247 Ltd", "0", "drb_ra"
"2022-03-24 22:55:12", "448027", "37.72.172.110:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:50", "100", "False", "None", "CobaltStrike,HVC-AS", "0", "drb_ra"
"2022-03-24 10:56:07", "446029", "1.14.76.111:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:54", "100", "False", "None", "CobaltStrike", "0", "drb_ra"
"2022-03-23 20:44:05", "443786", "139.60.160.8:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:51", "100", "False", "None", "CobaltStrike,HOSTKEY-USA", "0", "drb_ra"
"2022-03-17 22:47:07", "398650", "152.136.178.142:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:57", "100", "False", "None", "CobaltStrike", "0", "drb_ra"
"2022-03-06 16:43:33", "392705", "45.12.1.24:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:55", "100", "False", "None", "CobaltStrike,YURTEH-AS", "0", "drb_ra"
"2022-03-05 16:45:53", "392630", "45.12.1.25:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:49", "100", "False", "None", "CobaltStrike,YURTEH-AS", "0", "drb_ra"
"2022-03-05 16:43:28", "392595", "45.12.1.26:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:49", "100", "False", "None", "CLOUDNETWORKS-AS,CobaltStrike", "0", "drb_ra"
"2022-02-22 16:44:41", "390123", "192.241.133.130:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:02", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-22 16:42:29", "390104", "159.65.246.188:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:02", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:58:18", "389873", "68.183.200.63:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:01", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:57:13", "389866", "138.68.227.71:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:01", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:56:32", "389865", "165.227.219.211:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:01", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:55:44", "389864", "165.232.154.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:02", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:54:53", "389861", "143.198.110.248:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:01", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:54:15", "389860", "178.128.171.206:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:03", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:53:10", "389853", "165.227.23.218:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:01", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:52:19", "389850", "161.35.137.163:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:02", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-21 16:51:26", "389847", "64.227.0.177:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:03", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-20 16:42:59", "389656", "45.55.36.143:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:01", "100", "False", "None", "CobaltStrike,DIGITALOCEAN-ASN", "0", "drb_ra"
"2022-02-09 22:36:37", "384626", "168.61.180.98:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:12", "100", "False", "None", "CobaltStrike,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "drb_ra"
"2022-01-29 22:33:30", "362296", "101.34.182.130:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:57", "100", "False", "None", "CobaltStrike", "0", "drb_ra"
"2022-01-25 22:30:16", "332687", "192.227.155.185:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:51", "100", "False", "None", "AS-COLOCROSSING,CobaltStrike", "0", "drb_ra"
"2022-01-25 22:29:00", "332653", "146.70.29.233:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:52", "100", "False", "None", "CobaltStrike,M247", "0", "drb_ra"
"2022-01-22 22:25:42", "313943", "107.172.219.129:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:52", "100", "False", "None", "AS-COLOCROSSING,CobaltStrike", "0", "drb_ra"
"2022-01-18 22:32:52", "299262", "193.201.9.229:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:12", "100", "False", "None", "CobaltStrike,SELECTEL", "0", "drb_ra"
"2022-01-15 22:26:20", "295525", "23.227.198.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:11", "100", "False", "None", "CobaltStrike,HVC-AS", "0", "drb_ra"
"2022-01-15 10:32:22", "295436", "217.79.243.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:11", "100", "False", "None", "CobaltStrike,HVC-AS", "0", "drb_ra"
"2022-01-14 22:28:25", "295353", "149.255.35.131:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:12", "100", "False", "None", "CobaltStrike,HVC-AS", "0", "drb_ra"
"2022-01-13 22:28:33", "294999", "81.68.225.136:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:51", "100", "False", "None", "CobaltStrike", "0", "drb_ra"
"2022-01-10 16:24:49", "292303", "39.98.48.153:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:00:16", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike", "0", "drb_ra"
"2022-01-07 10:30:52", "291740", "39.104.25.164:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:54", "100", "False", "None", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike", "0", "drb_ra"
"2021-12-16 10:42:30", "276593", "77.83.36.54:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:56", "100", "False", "None", "CobaltStrike,ISI-ASN", "0", "drb_ra"
"2021-12-13 10:06:28", "275144", "101.32.204.81:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:56", "100", "False", "None", "CobaltStrike,TENCENT-NET-AP-CN Tencent Building Kejizhongyi Avenue", "0", "drb_ra"
"2021-11-22 16:01:01", "252110", "62.113.255.12:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:53", "100", "False", "None", "CobaltStrike,TTM", "0", "drb_ra"
"2021-11-04 17:48:48", "242948", "107.173.89.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:54", "100", "False", "None", "AS-COLOCROSSING,CobaltStrike", "0", "drb_ra"
"2021-10-31 17:43:37", "240983", "104.128.92.144:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:02:12", "100", "False", "None", "CobaltStrike,IT7NET", "0", "drb_ra"
"2021-10-22 12:07:15", "236436", "111.230.196.200:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:54", "100", "False", "None", "CobaltStrike", "0", "drb_ra"
"2021-10-13 17:43:22", "233476", "23.224.152.139:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:51", "100", "False", "None", "CNSERVERS,CobaltStrike", "0", "drb_ra"
"2021-10-11 23:27:10", "232821", "139.198.183.44:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:53", "100", "False", "None", "CobaltStrike,YUNIFY-NET Yunify Technologies Inc.", "0", "drb_ra"
"2021-10-09 23:36:53", "232263", "121.37.255.60:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:57", "100", "False", "None", "CobaltStrike,HWCSNET Huawei Cloud Service data center", "0", "drb_ra"
"2021-09-18 17:39:24", "223357", "47.95.207.79:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-06-11 16:01:55", "100", "False", "None", "CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.Ltd.,CobaltStrike", "0", "drb_ra"
# Number of entries: 2142