################################################################
# ThreatFox IOCs: recent additions - CSV format                #
# Last updated: 2025-08-20 01:20:14 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-08-20 01:20:14", "1571517", "147.185.221.30:49118", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-20 00:03:20", "1571515", "223.109.90.12:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/223.109.90.12", "AS56046,C2,censys,CMNET-JIANGSU-AP,RAT", "0", "DonPasci"
"2025-08-20 00:03:20", "1571516", "114.67.215.57:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/114.67.215.57", "AS136958,C2,censys,RAT,UNICOM-GUANGZHOU-IDC", "0", "DonPasci"
"2025-08-20 00:03:05", "1571514", "164.92.178.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.92.178.59", "AS14061,censys,DIGITALOCEAN-ASN,EvilGoPhish,panel,Phishing", "0", "DonPasci"
"2025-08-20 00:03:02", "1571512", "rootyar.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.161.209.117+rootyar.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-08-20 00:03:02", "1571513", "auth.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.161.209.117+auth.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-08-20 00:02:52", "1571511", "13.115.109.98:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "https://search.censys.io/hosts/13.115.109.98", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci"
"2025-08-20 00:02:48", "1571510", "34.203.198.198:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/34.203.198.198", "AMAZON-AES,AS14618,C2,censys,Havoc", "0", "DonPasci"
"2025-08-20 00:02:47", "1571508", "ec2-75-101-210-201.compute-1.amazonaws.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/75.101.210.201+ec2-75-101-210-201.compute-1.amazonaws.com", "AMAZON-AES,AS14618,C2,censys,Havoc", "0", "DonPasci"
"2025-08-20 00:02:47", "1571509", "www.shwepaukkan.org", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/157.245.54.105+www.shwepaukkan.org", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-08-20 00:02:45", "1571506", "187.201.97.119:1098", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-20 00:02:45", "1571507", "187.201.97.119:2053", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-20 00:02:44", "1571505", "187.201.97.119:1961", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-20 00:02:43", "1571503", "20.42.107.78:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.42.107.78", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "DonPasci"
"2025-08-20 00:02:43", "1571504", "109.122.197.147:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/109.122.197.147", "AS213887,C2,censys,Hookbot,WAICORE-LTD", "0", "DonPasci"
"2025-08-20 00:02:42", "1571502", "95.112.103.2:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/95.112.103.2", "AS6805,C2,censys,Mythic,TDDE-ASN1", "0", "DonPasci"
"2025-08-20 00:02:37", "1571501", "185.196.10.204:5002", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/185.196.10.204", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-08-20 00:02:36", "1571500", "124.220.19.20:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/124.220.19.20", "AS45090,C2,censys,Supershell,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-20 00:02:24", "1571498", "193.26.115.209:1024", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.26.115.209", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci"
"2025-08-20 00:02:24", "1571499", "213.190.4.203:51269", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/213.190.4.203", "AS-HOSTINGER,AS47583,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-08-20 00:02:06", "1571497", "3.27.235.189:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/3.27.235.189", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 22:35:55", "1571486", "https://sodipuc.top/xowq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ec87e04e3d33b8d32a4c2b7cfdcf320970b3b3aed19984cc5cb436070b8dea20/", "lumma", "0", "abuse_ch"
"2025-08-19 22:15:14", "1571485", "http://a1161282.xsph.ru/8929ff41.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-08-19 21:55:13", "1571484", "103.105.23.130:80", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-19 21:35:09", "1571483", "http://cg97957.tw1.ru/525a795c.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-08-19 21:15:04", "1571482", "198.23.197.164:7071", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-08-19 21:10:24", "1571481", "wew.shipensburginvestmentgroup.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-20 01:10:23", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 21:10:23", "1571480", "https://wew.shipensburginvestmentgroup.com", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-20 01:10:23", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 20:48:23", "1571358", "78.40.197.146:443", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-08-20 00:48:08", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-08-19 20:47:54", "1571357", "52.8.145.106:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:47:43", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 20:46:25", "1571356", "213.133.102.42:8384", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:18", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 20:43:02", "1571355", "1.161.103.144:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:43:02", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 20:35:16", "1571354", "147.185.221.23:52320", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 20:03:03", "1571315", "120.27.209.132:47486", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-08-20 00:43:37", "100", "https://search.censys.io/hosts/120.27.209.132", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci"
"2025-08-19 20:03:03", "1571316", "8.134.181.167:54681", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-08-20 00:48:09", "100", "https://search.censys.io/hosts/8.134.181.167", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci"
"2025-08-19 20:03:01", "1571314", "ccm.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.161.209.117+ccm.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-08-19 20:02:50", "1571313", "13.208.252.175:40961", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:46", "100", "https://search.censys.io/hosts/13.208.252.175", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 20:02:49", "1571312", "3.101.82.15:6008", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:32", "100", "https://search.censys.io/hosts/3.101.82.15", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 20:02:45", "1571310", "187.201.97.119:636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 20:02:45", "1571311", "187.201.97.119:501", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 20:02:43", "1571308", "34.55.232.213:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.55.232.213", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Mythic", "0", "DonPasci"
"2025-08-19 20:02:43", "1571309", "81.95.8.176:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/81.95.8.176", "AS201011,C2,censys,CORE-BACKBONE,Mythic", "0", "DonPasci"
"2025-08-19 20:02:38", "1571307", "95.217.57.151:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-08-19 20:02:28", "1571306", "165.232.163.129:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:44:35", "100", "https://search.censys.io/hosts/165.232.163.129", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2025-08-19 20:02:27", "1571305", "139.84.214.159:9999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/139.84.214.159", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci"
"2025-08-19 20:02:23", "1571304", "216.250.252.245:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:21", "100", "https://search.censys.io/hosts/216.250.252.245", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2025-08-19 20:02:07", "1571303", "59.110.83.99:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/59.110.83.99", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci"
"2025-08-19 20:02:06", "1571301", "94.154.35.174:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 20:13:29", "90", "None", "latrodectus", "0", "Rony"
"2025-08-19 20:02:06", "1571302", "8.134.222.115:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.134.222.115", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-08-19 20:02:05", "1571300", "117.72.105.10:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/117.72.105.10", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 19:03:56", "1571294", "docs.atlantascales.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/115056774232553911", "SocGholish", "0", "monitorsg"
"2025-08-19 18:37:30", "1571296", "HeroicsStipend.top", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam"
"2025-08-19 18:20:12", "1571295", "http://cz48006.tw1.ru/e8ce020e.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-08-19 18:10:22", "1571293", "144.126.149.221:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 18:04:57", "1571292", "witasametry.live", "domain", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "https://bazaar.abuse.ch/sample/1626d048d160be512ed5e4e9755c924980a09d1759216ff3ea2966a0347d0ce7/", "Amadey", "0", "abuse_ch"
"2025-08-19 18:03:13", "1571291", "154.94.233.79:0443", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250819-wa19nawshz", "AS137899,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-08-19 18:03:02", "1571290", "70zv5n4wj.localto.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250819-pps39stwaw", "C2,domain,njrat,triage", "0", "DonPasci"
"2025-08-19 18:02:16", "1571289", "160.25.72.96:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250819-rltxhadl7z", "AS150895,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-19 18:02:11", "1571288", "45.11.229.51:8080", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-s1njpsvycw", "AS58087,C2,triage,xworm", "0", "DonPasci"
"2025-08-19 18:02:10", "1571285", "compare-qualify.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-vmfcaawsa1", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-19 18:02:10", "1571286", "gmt-prevention.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-vmfcaawsa1", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-19 18:02:10", "1571287", "restaurants-colonial.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-vmfcaawsa1", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-19 17:56:55", "1571283", "telemety-sys.lol", "domain", "botnet_cc", "win.amadey", "None", "Amadey", "2025-08-19 18:04:57", "100", "https://bazaar.abuse.ch/sample/1626d048d160be512ed5e4e9755c924980a09d1759216ff3ea2966a0347d0ce7/", "Amadey", "0", "abuse_ch"
"2025-08-19 17:56:55", "1571284", "telemety-xbox.lol", "domain", "botnet_cc", "win.amadey", "None", "Amadey", "2025-08-19 18:04:57", "100", "https://bazaar.abuse.ch/sample/1626d048d160be512ed5e4e9755c924980a09d1759216ff3ea2966a0347d0ce7/", "Amadey", "0", "abuse_ch"
"2025-08-19 17:47:25", "1571255", "shagkeg.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:24", "1571249", "capitalior.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:24", "1571250", "copulardi.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:23", "1571251", "cursilibim.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:22", "1571252", "retrofik.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:21", "1571253", "runmgov.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:21", "1571254", "semipervaz.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:20", "1571256", "tiltyufaz.ru", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250819-sp6adadr6w", "None", "0", "burger"
"2025-08-19 17:47:17", "1571282", "http://212.22.86.82:2020/home", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/115056530594664027", "KongTuke", "0", "monitorsg"
"2025-08-19 17:47:16", "1571262", "microsoft-telemetry.cc", "domain", "botnet_cc", "win.amadey", "None", "Amadey", "2025-08-20 01:24:02", "50", "https://tria.ge/250819-s5fpnavqs6", "None", "0", "burger"
"2025-08-19 17:47:15", "1571277", "http://microsoft-telemetry.cc/cvdfnaFJBmC0/Login.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "None", "amadey,AS215826,NICENIC INTERNATIONAL GROUP CO.  LIMITED,Partner Hosting LTD", "0", "antiphishorg"
"2025-08-19 17:47:14", "1571278", "http://47.98.216.119:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS37963,Hangzhou Alibaba Advertising Co. Ltd.,supershell", "0", "antiphishorg"
"2025-08-19 17:47:13", "1571280", "https://ichmidt.com/3dg5.js", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/115056530594664027", "KongTuke", "0", "monitorsg"
"2025-08-19 17:47:13", "1571281", "https://ichmidt.com/js.php", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/115056530594664027", "KongTuke", "0", "monitorsg"
"2025-08-19 17:00:24", "1571279", "147.185.221.28:38949", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 16:25:16", "1571276", "91.199.42.157:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 16:10:51", "1571275", "13.107.ihireinternationalagency.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 20:10:42", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 16:10:50", "1571274", "https://13.107.ihireinternationalagency.com", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 20:10:41", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 16:10:46", "1571273", "https://116.202.183.85", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-20 01:10:22", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 16:02:58", "1571272", "82.27.2.251:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/82.27.2.251", "AS215703,C2,censys,FREAKHOSTING,moobot", "0", "DonPasci"
"2025-08-19 16:02:42", "1571271", "85.239.149.90:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/85.239.149.90", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci"
"2025-08-19 16:02:41", "1571270", "18.253.62.84:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:45:02", "100", "https://search.censys.io/hosts/18.253.62.84", "AS8987,AWS-GOVCLOUD,C2,censys,Mythic", "0", "DonPasci"
"2025-08-19 16:02:36", "1571269", "95.217.57.151:82", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:42", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-08-19 16:02:35", "1571268", "216.250.250.224:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:46:21", "100", "https://search.censys.io/hosts/216.250.250.224", "AS396073,AsyncRAT,C2,censys,MAJESTIC-HOSTING-01,RAT", "0", "DonPasci"
"2025-08-19 16:02:34", "1571267", "45.135.194.43:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.135.194.43", "AS51396,C2,censys,PFCLOUD,Supershell", "0", "DonPasci"
"2025-08-19 16:02:21", "1571266", "104.243.254.101:48791", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:43:15", "100", "https://search.censys.io/hosts/104.243.254.101", "AS7040,C2,censys,NETMINDERS,RAT,Remcos", "0", "DonPasci"
"2025-08-19 16:02:11", "1571265", "84.246.226.107:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/84.246.226.107", "AS34177,C2,CELESTE-AS,censys,CobaltStrike", "0", "DonPasci"
"2025-08-19 16:02:07", "1571264", "43.138.22.149:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.138.22.149", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-19 15:50:20", "1571263", "http://microsoft-telemetry.cc/cvdfnaFJBmC0/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "None", "Amadey", "0", "abuse_ch"
"2025-08-19 15:30:38", "1571257", "141.164.49.250:80", "ip:port", "botnet_cc", "win.xenorat", "None", "XenoRAT", "", "100", "https://www.virustotal.com/gui/file/b07dd7e831fe0a30ac139bb29d9ac836f0fb1e1034f4e00ad62f427423bc5a7f", "AS-VULTR,AS20473,c2,rat,virustotal,XenoRAT", "0", "DonPasci"
"2025-08-19 15:04:15", "1571245", "154.91.183.174:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AROSS-AS,AS400619,c2,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 15:04:15", "1571246", "118.107.46.174:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AS152194,c2,CTGSERVERLIMITED-AS-AP,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 15:04:15", "1571247", "118.99.3.33:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AS38186,c2,FTG-AS-AP,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 15:04:15", "1571248", "103.237.92.191:443", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "https://securelist.com/godrat/117119/", "AS55933,c2,CLOUDIE-AS-AP,Gh0st,GodRAT,RAT,securelist", "0", "DonPasci"
"2025-08-19 14:46:20", "1571244", "https://tiltyufaz.ru/tlxa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:46:16", "1571243", "https://shagkeg.ru/xkzd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:46:14", "1571242", "https://semipervaz.ru/xued", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:46:12", "1571241", "https://runmgov.ru/tixd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:46:09", "1571240", "https://retrofik.ru/jgur", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:46:03", "1571239", "https://cursilibim.ru/zajd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:46:00", "1571238", "https://copulardi.ru/xhza", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:45:58", "1571237", "https://capitalior.ru/akts", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a6f6df6942d41b1e9ae60a661ea7fb828563638dedf57af3c26720d99c49ed1/", "lumma", "0", "abuse_ch"
"2025-08-19 14:28:40", "1571236", "https://beliefdress.xyz/mxi.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-08-19 14:25:05", "1571234", "http://41.216.188.199/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS211138,Private-Hosting di Cipriano oscar,unam", "0", "antiphishorg"
"2025-08-19 14:21:04", "1571235", "58.9.110.23:18067", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/47afc0bfbced6e6201e2fc2767b69c8686dcd8ad42e0740543d3c955b85e42cb/", "xworm", "0", "abuse_ch"
"2025-08-19 13:39:16", "1571232", "develop.nxtintel.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/115055598631820984", "SocGholish", "0", "monitorsg"
"2025-08-19 13:39:16", "1571233", "45.86.230.103:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch"
"2025-08-19 12:52:24", "1571231", "43.138.22.149:8023", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:32", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 12:20:57", "1571203", "gitsecguards.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "ClickFix,CoreSecThree", "0", "HuntYethHounds"
"2025-08-19 12:03:21", "1571230", "68.168.222.6:8443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-08-20 00:47:58", "100", "https://search.censys.io/hosts/68.168.222.6", "AS19318,BianLian,C2,censys,IS-AS-1", "0", "DonPasci"
"2025-08-19 12:03:19", "1571229", "31.97.216.105:8081", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "https://search.censys.io/hosts/31.97.216.105", "AS-HOSTINGER,AS47583,C2,censys,PowershellEmpire", "0", "DonPasci"
"2025-08-19 12:02:50", "1571227", "13.58.108.28:8545", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:50", "100", "https://search.censys.io/hosts/13.58.108.28", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:50", "1571228", "3.89.225.68:788", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:38", "100", "https://search.censys.io/hosts/3.89.225.68", "AMAZON-AES,AS14618,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:49", "1571224", "54.224.94.224:179", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:45", "100", "https://search.censys.io/hosts/54.224.94.224", "AMAZON-AES,AS14618,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:49", "1571225", "13.58.108.28:995", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:50", "100", "https://search.censys.io/hosts/13.58.108.28", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:49", "1571226", "13.58.108.28:2095", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:50", "100", "https://search.censys.io/hosts/13.58.108.28", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 12:02:48", "1571223", "100.42.176.116:4333", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:43:03", "100", "https://search.censys.io/hosts/100.42.176.116", "AS51167,C2,censys,CONTABO,DcRAT,RAT", "0", "DonPasci"
"2025-08-19 12:02:46", "1571222", "157.245.54.105:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-20 00:44:19", "100", "https://search.censys.io/hosts/157.245.54.105", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-08-19 12:02:44", "1571221", "45.138.16.79:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/45.138.16.79", "AS210558,C2,censys,Quasar,RAT,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-08-19 12:02:43", "1571220", "109.122.197.147:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-08-20 00:43:24", "100", "https://search.censys.io/hosts/109.122.197.147", "AS213887,C2,censys,Hookbot,WAICORE-LTD", "0", "DonPasci"
"2025-08-19 12:02:42", "1571219", "31.97.71.171:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:46:40", "100", "https://search.censys.io/hosts/31.97.71.171", "AS-HOSTINGER,AS47583,C2,censys,Mythic", "0", "DonPasci"
"2025-08-19 12:02:13", "1571218", "107.172.232.71:4477", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250819-jkl69shq3y", "AS36352,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-19 12:02:12", "1571217", "194.180.48.253:16789", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250819-lg49sastgt", "AS201814,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-19 12:02:06", "1571216", "156.238.237.119:8020", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/156.238.237.119", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-19 12:02:04", "1571215", "121.5.174.243:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/121.5.174.243", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-19 12:02:03", "1571214", "110.42.47.55:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/110.42.47.55", "AS136188,C2,censys,CHINATELECOM-ZHEJIANG-NINGBO-IDC,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 11:56:45", "1571213", "dfbgvswrtegf.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "asyncrat,c2,domain,rat", "0", "DonPasci"
"2025-08-19 11:56:03", "1571212", "47.238.124.68:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "ALIBABA-CN-NET,AS45102,asyncrat,c2,rat", "0", "DonPasci"
"2025-08-19 11:56:02", "1571210", "156.241.134.49:6443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "AROSS-AS,AS400619,asyncrat,c2,rat", "0", "DonPasci"
"2025-08-19 11:56:02", "1571211", "156.241.134.49:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "AROSS-AS,AS400619,asyncrat,c2,rat", "0", "DonPasci"
"2025-08-19 11:53:51", "1571209", "wuwu6.cfd", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://securelist.com/godrat/117119/", "asyncrat,c2,domain,rat", "0", "DonPasci"
"2025-08-19 11:45:22", "1571204", "147.185.221.31:11257", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 11:14:06", "1571201", "075229cm.nyash.es", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://app.any.run/tasks/174084bc-fc19-462b-97c5-0caa78513ed1?malconf=true", "None", "0", "burger"
"2025-08-19 11:14:05", "1571202", "95.216.181.91:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "None", "0", "pitachu"
"2025-08-19 10:51:47", "1571200", "193.169.245.90:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-08-20 00:50:14", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-08-19 10:51:45", "1571192", "35.157.111.131:17449", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "None", "None", "0", "netresec"
"2025-08-19 10:51:43", "1571158", "http://134.122.207.55:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS152194,CTG Server Limited,supershell", "0", "antiphishorg"
"2025-08-19 10:51:43", "1571160", "is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 10:51:43", "1571161", "www.is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 10:51:42", "1571162", "in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 10:51:42", "1571163", "www.in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 10:51:41", "1571190", "64.23.157.9:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "https://threatquery.com/engines/ip.html?value=64.23.157.9&type=ip", "AS14061,c2,Havoc,threatquery", "0", "threatquery"
"2025-08-19 10:51:41", "1571191", "67.205.154.243:64553", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "66", "https://app.any.run/tasks/38326558-d660-4c38-9c7f-43816c6fa98f", "None", "0", "netresec"
"2025-08-19 09:47:31", "1571199", "156.234.228.149:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-08-19 09:47:28", "1571198", "89.31.126.165:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-08-19 09:47:27", "1571197", "115.120.225.134:89", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-19 09:46:53", "1571196", "8.141.90.104:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2025-08-19 09:46:52", "1571195", "156.238.243.109:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-19 09:46:49", "1571194", "156.238.243.109:6080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2025-08-19 09:46:48", "1571193", "47.83.155.72:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-19 08:49:57", "1571189", "95.216.183.76:1433", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:48:41", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-08-19 08:49:48", "1571188", "92.98.244.48:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:48:35", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 08:49:37", "1571187", "86.110.218.246:1720", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:48:26", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 08:49:27", "1571186", "83.110.197.213:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:48:19", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 08:48:53", "1571185", "54.38.94.225:8879", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-08-20 00:47:47", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-08-19 08:47:58", "1571184", "44.196.152.102:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-08-20 00:47:05", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2025-08-19 08:47:33", "1571183", "34.99.4.103:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:45", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-19 08:46:03", "1571182", "189.140.29.244:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:45:28", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-19 08:45:29", "1571181", "74.249.9.7:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 08:40:05", "1571180", "194.156.79.90:55615", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-08-19 08:03:21", "1571179", "150.139.144.85:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/150.139.144.85", "AS136195,C2,censys,CHINATELECOM-QINGDAO-CLOUDBASE,RAT", "0", "DonPasci"
"2025-08-19 08:03:14", "1571178", "172.234.86.225:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2025-08-20 00:44:45", "100", "https://search.censys.io/hosts/172.234.86.225", "AdaptixC2,AKAMAI-LINODE-AP,AS63949,C2,censys", "0", "DonPasci"
"2025-08-19 08:02:58", "1571177", "137.131.128.143:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://search.censys.io/hosts/137.131.128.143", "AS31898,C2,censys,ORACLE-BMC-31898,Stealc,Stealer", "0", "DonPasci"
"2025-08-19 08:02:50", "1571175", "51.20.142.120:5995", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:38", "100", "https://search.censys.io/hosts/51.20.142.120", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 08:02:50", "1571176", "13.60.69.76:25565", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.60.69.76", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 08:02:49", "1571174", "102.96.214.19:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:08", "100", "https://search.censys.io/hosts/102.96.214.19", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 08:02:48", "1571172", "103.20.102.255:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:43:11", "100", "https://search.censys.io/hosts/103.20.102.255", "AS140817,C2,censys,DcRAT,ODSONLINE-AS-VN,RAT", "0", "DonPasci"
"2025-08-19 08:02:48", "1571173", "196.251.72.146:1597", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:45:45", "100", "https://search.censys.io/hosts/196.251.72.146", "AS401120,C2,censys,CHEAPY-HOST,DcRAT,RAT", "0", "DonPasci"
"2025-08-19 08:02:37", "1571171", "95.217.57.151:100", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-08-19 08:02:27", "1571170", "39.104.50.190:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/39.104.50.190", "ALIBABA-CN-NET,AS37963,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-08-19 08:02:23", "1571169", "212.162.149.228:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:16", "100", "https://search.censys.io/hosts/212.162.149.228", "AS64236,C2,censys,RAT,Remcos,UNREAL-SERVERS", "0", "DonPasci"
"2025-08-19 08:02:05", "1571168", "103.178.57.150:89", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:19", "100", "https://search.censys.io/hosts/103.178.57.150", "AS141159,C2,censys,CobaltStrike,cs-watermark-100000,INCOMPARABLEHKNET-AS-AP", "0", "DonPasci"
"2025-08-19 08:02:04", "1571166", "103.146.125.195:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.146.125.195", "AS141159,C2,censys,CobaltStrike,cs-watermark-100000,INCOMPARABLEHKNET-AS-AP", "0", "DonPasci"
"2025-08-19 08:02:04", "1571167", "154.201.71.196:8005", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.201.71.196", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-19 08:02:03", "1571165", "117.72.175.125:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/117.72.175.125", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-08-19 08:02:02", "1571164", "81.69.98.230:50011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/81.69.98.230", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-19 07:05:27", "1571159", "172.94.96.90:8088", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-19 06:02:57", "1571157", "http://91.196.34.1", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://tria.ge/250819-c9e1xszkx8", "AS207957,C2,stealc,stealer,triage", "0", "DonPasci"
"2025-08-19 06:02:08", "1571156", "regional-around.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-a1y2bsel41", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-19 06:02:07", "1571154", "morning-divorce.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-fx34rsgn2v", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-19 06:02:07", "1571155", "45.141.26.133:5000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250819-d13ajazmz6", "AS142299,C2,triage,xworm", "0", "DonPasci"
"2025-08-19 05:50:15", "1571153", "46.246.14.5:7044", "ip:port", "botnet_cc", "win.vjw0rm", "None", "Vjw0rm", "", "100", "None", "Vjw0rm", "0", "abuse_ch"
"2025-08-19 05:50:06", "1571152", "46.246.14.5:2703", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-19 05:25:14", "1571151", "5.83.218.183:4467", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-08-19 05:10:24", "1571150", "107.189.18.107:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-19 05:06:46", "1571149", "mail.akastatementspdf.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch"
"2025-08-19 05:01:57", "1571148", "ventasio.info", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-19 05:01:23", "1571147", "liveksz.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch"
"2025-08-19 05:00:40", "1571146", "https://historydress.xyz/mxi.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "https://bazaar.abuse.ch/sample/5a49835be382bce0aefe1476a4bda212335f1e9f8b49c4d9026435d4e776304f/", "OffLoader", "0", "abuse_ch"
"2025-08-19 04:18:25", "1571050", "www.is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:24", "1571051", "www.in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:23", "1571052", "in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:23", "1571091", "https://falconmx.top/wwwap/sunnyday", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "https://bsky.app/profile/andychaobal.bsky.social/post/3lwppbf3d622c", "ClickFix,SmartApeSG", "0", "iceberg"
"2025-08-19 04:18:23", "1571092", "https://revise-akmo.com/ajax/pixi.min.js", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "https://bsky.app/profile/andychaobal.bsky.social/post/3lwppdx6gkc2c", "ClickFix,SmartApeSG", "0", "iceberg"
"2025-08-19 04:18:22", "1571093", "https://wi2ns.com/res/ratefeature", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "https://bsky.app/profile/andychaobal.bsky.social/post/3lwppdx6gkc2c", "ClickFix,SmartApeSG", "0", "iceberg"
"2025-08-19 04:18:22", "1571105", "144.126.144.70:8000", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://threatquery.com/engines/ip.html?value=144.126.144.70&type=ip", "AS40021,c2,LokiBot,threatquery", "0", "threatquery"
"2025-08-19 04:18:21", "1571106", "154.44.15.83:8886", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://threatquery.com/engines/ip.html?value=154.44.15.83&type=ip", "AS979,c2,LokiBot,threatquery", "0", "threatquery"
"2025-08-19 04:18:21", "1571107", "7c63a1520ce81dc43d2170ef1570b49627655d33e4987be2cccf8e99d9d4c99f", "sha256_hash", "payload", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/3e81c05a-d1d6-47c5-97c1-83274a78e3c7", "exe,infostealer,signed,stealer", "0", "ninjacatcher"
"2025-08-19 04:18:21", "1571108", "94.181.203.77:8188", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/3e81c05a-d1d6-47c5-97c1-83274a78e3c7", "c2,infostealer,stealer", "0", "ninjacatcher"
"2025-08-19 04:18:21", "1571109", "94.181.203.77:44233", "ip:port", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "https://app.any.run/tasks/3e81c05a-d1d6-47c5-97c1-83274a78e3c7", "c2,infostealer,stealer", "0", "ninjacatcher"
"2025-08-19 04:18:20", "1571110", "https://www.epifonica.com/wp-content/plugins/wp-containment-means/?r=bd1odhrwczovl2rxcmridi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-19 04:18:18", "1571047", "bootasactive.icu", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,domain,mirai", "0", "redrabytes"
"2025-08-19 04:18:17", "1571049", "is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:15", "1571048", "94.154.35.109:999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes"
"2025-08-19 04:18:14", "1570820", "http://196.251.80.130:4565/wget.sh", "url", "payload_delivery", "unknown", "None", "Unknown malware", "2025-08-18 22:40:30", "75", "https://greedybear.honeynet.org", "honeypot", "0", "greedybear"
"2025-08-19 04:18:14", "1571046", "94.154.35.109:4515", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "c2,mirai", "0", "redrabytes"
"2025-08-19 04:18:13", "1570819", "venamst.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-08-19 04:18:12", "1570818", "https://venamst.top/ooaw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-08-19 04:18:11", "1570815", "http://americovespucci.shop/45cc90de006049c9.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "", "None", "0", "pitachu"
"2025-08-19 04:18:11", "1570817", "116.203.166.184:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "None", "0", "pitachu"
"2025-08-19 04:18:10", "1570814", "americovespucci.shop", "domain", "botnet_cc", "win.stealc", "None", "Stealc", "", "50", "", "None", "0", "pitachu"
"2025-08-19 04:18:07", "1570769", "is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:07", "1570770", "www.is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:06", "1570771", "in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:06", "1570772", "www.in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-19 04:18:05", "1570807", "http://23.146.184.21/adb.sh", "url", "payload_delivery", "unknown", "None", "Unknown malware", "2025-08-19 16:50:23", "75", "https://greedybear.honeynet.org", "honeypot", "0", "greedybear"
"2025-08-19 04:17:56", "1571096", "oficios2026.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "1", "tanner"
"2025-08-19 04:17:55", "1571103", "http://206.245.167.38:9999/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS136557,Host Universal Pty Ltd,supershell", "0", "antiphishorg"
"2025-08-19 04:17:54", "1571104", "206.245.167.38:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 20:02:37", "100", "None", "AS136557,Host Universal Pty Ltd,supershell", "0", "antiphishorg"
"2025-08-19 04:12:20", "1571139", "sdfaklfsdklffjsdfj.com", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake,ClickFix", "0", "threatcat_ch"
"2025-08-19 04:12:20", "1571142", "dasdasidjasjdkasdttt.com", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake,ClickFix", "0", "threatcat_ch"
"2025-08-19 04:12:20", "1571143", "fixclomyfodp.cloud", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake,ClickFix", "0", "threatcat_ch"
"2025-08-19 04:12:19", "1571144", "87.120.126.150:80", "ip:port", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake,ClickFix", "0", "threatcat_ch"
"2025-08-19 04:12:19", "1571145", "ititoiaitoaitoiakkaka.com", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake,ClickFix", "0", "threatcat_ch"
"2025-08-19 04:02:46", "1571140", "35.178.201.56:12925", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:46", "100", "https://search.censys.io/hosts/35.178.201.56", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 04:02:46", "1571141", "13.247.120.203:2087", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:47", "100", "https://search.censys.io/hosts/13.247.120.203", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-19 04:02:36", "1571138", "94.154.35.183:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 20:13:27", "90", "None", "latrodectus", "0", "Rony"
"2025-08-19 04:01:22", "1571137", "161.35.140.56:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.140.56", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:21", "1571134", "152.203.19.154:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/152.203.19.154", "AS3816,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:21", "1571135", "20.0.202.73:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.0.202.73", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:21", "1571136", "8.210.4.119:8090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/8.210.4.119", "AS45102,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:20", "1571132", "18.196.182.162:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.196.182.162", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:20", "1571133", "18.196.182.162:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.196.182.162", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:19", "1571131", "223.245.8.144:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/223.245.8.144", "AS4134,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:17", "1571130", "4.224.113.146:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/4.224.113.146", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-19 04:01:10", "1571129", "47.93.51.60:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.93.51.60", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-08-19 04:01:09", "1571128", "8.152.2.86:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/8.152.2.86", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-08-19 04:01:04", "1571127", "62.60.245.136:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:02:57", "100", "https://search.censys.io/hosts/62.60.245.136", "AS211522,C2,censys,HYPERCORELTD,Unam", "0", "dyingbreeds_"
"2025-08-19 04:00:56", "1571126", "106.15.137.41:2", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/106.15.137.41", "AS37963,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:55", "1571125", "47.100.130.127:69", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.100.130.127", "AS37963,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:51", "1571124", "45.55.203.19:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "2025-08-19 04:02:49", "100", "https://search.censys.io/hosts/45.55.203.19", "AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "dyingbreeds_"
"2025-08-19 04:00:49", "1571123", "46.246.82.15:3000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:47:23", "100", "https://search.censys.io/hosts/46.246.82.15", "AS42708,C2,censys,RAT", "0", "dyingbreeds_"
"2025-08-19 04:00:46", "1571121", "nhvc.c7.cl", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-19 04:02:42", "100", "https://search.censys.io/hosts/104.21.96.1+nhvc.c7.cl", "AS13335,C2,censys,CLOUDFLARENET", "0", "dyingbreeds_"
"2025-08-19 04:00:46", "1571122", "135.181.41.9:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-20 00:43:52", "100", "https://search.censys.io/hosts/135.181.41.9", "AS24940,C2,censys,HETZNER-AS", "0", "dyingbreeds_"
"2025-08-19 04:00:45", "1571120", "support.suter-mthal.ch", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-19 04:02:42", "100", "https://search.censys.io/hosts/13.48.106.87+support.suter-mthal.ch", "AMAZON-02,AS16509,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:31", "1571119", "195.177.94.100:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:39", "100", "https://search.censys.io/hosts/195.177.94.100", "AS214961,C2,censys,RAT,STELLARGROUPSAS", "0", "dyingbreeds_"
"2025-08-19 04:00:28", "1571118", "134.122.207.54:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:02:35", "100", "https://search.censys.io/hosts/134.122.207.54", "AS152194,C2,censys,Supershell", "0", "dyingbreeds_"
"2025-08-19 04:00:21", "1571117", "118.128.151.82:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:02:19", "75", "https://search.censys.io/hosts/118.128.151.82", "AS138195,C2,censys,RAT", "0", "dyingbreeds_"
"2025-08-19 04:00:20", "1571116", "112.196.218.9:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:02:19", "75", "https://search.censys.io/hosts/112.196.218.9", "AS138195,C2,censys,RAT", "0", "dyingbreeds_"
"2025-08-19 04:00:16", "1571115", "119.29.231.118:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:38", "100", "https://search.censys.io/hosts/119.29.231.118", "AS45090,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:15", "1571114", "34.87.104.27:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:22", "100", "https://search.censys.io/hosts/34.87.104.27", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM", "0", "dyingbreeds_"
"2025-08-19 04:00:13", "1571113", "148.135.102.75:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:02:04", "100", "https://search.censys.io/hosts/148.135.102.75", "AS35916,C2,censys,MULTA-ASN1", "0", "dyingbreeds_"
"2025-08-19 04:00:08", "1571112", "103.146.158.129:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:18", "100", "https://search.censys.io/hosts/103.146.158.129", "AS142403,C2,censys", "0", "dyingbreeds_"
"2025-08-19 04:00:07", "1571111", "8.155.16.146:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:02:04", "100", "https://search.censys.io/hosts/8.155.16.146", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-08-19 02:50:59", "1571101", "18.171.55.104:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:09", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 02:50:59", "1571102", "18.171.55.104:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:09", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 02:49:28", "1571100", "dev.johnnetcli999.win", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:48:50", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 02:49:22", "1571099", "2n9kf8y7533c0.cfc-execute.bj.baidubce.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:48:45", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-19 02:10:27", "1571097", "https://b.dev.drakeinternationalagency.com", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 15:10:25", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 02:10:27", "1571098", "b.dev.drakeinternationalagency.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 15:10:26", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-19 01:10:07", "1571094", "198.12.126.169:8787", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-08-19 01:10:07", "1571095", "107.172.132.35:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-08-19 00:40:04", "1571090", "155.94.155.240:6403", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:44:16", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-19 00:03:04", "1571088", "logya.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:01:11", "100", "https://search.censys.io/hosts/185.161.209.117+logya.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-08-19 00:03:04", "1571089", "sdk-api.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:01:11", "100", "https://search.censys.io/hosts/185.161.209.117+sdk-api.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-08-19 00:03:03", "1571087", "41.216.188.199:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:01:05", "100", "https://search.censys.io/hosts/41.216.188.199", "AS211138,C2,censys,panel,PRIVATEHOSTING-NET,Unam", "0", "DonPasci"
"2025-08-19 00:02:48", "1571085", "187.201.97.119:2455", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:48", "1571086", "187.201.97.119:2628", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571081", "187.201.97.119:1200", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571082", "187.201.97.119:1540", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571083", "187.201.97.119:1311", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:47", "1571084", "187.201.97.119:2079", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:46", "1571078", "187.201.97.119:2456", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:46", "1571079", "187.201.97.119:591", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:42", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:46", "1571080", "187.201.97.119:808", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571074", "187.201.97.119:771", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571075", "187.201.97.119:2181", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571076", "187.201.97.119:2405", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:45", "1571077", "187.201.97.119:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:43", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-19 00:02:44", "1571071", "178.221.72.11:2281", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:38", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:44", "1571072", "178.221.72.11:8013", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:38", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:44", "1571073", "178.221.72.11:17629", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:38", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:43", "1571068", "178.221.72.11:44409", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:43", "1571069", "178.221.72.11:23", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:43", "1571070", "178.221.72.11:222", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:42", "1571066", "178.221.72.11:18080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:42", "1571067", "178.221.72.11:29406", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:39", "100", "https://search.censys.io/hosts/178.221.72.11", "AS8400,C2,censys,Quasar,RAT,TELEKOM-AS", "0", "DonPasci"
"2025-08-19 00:02:41", "1571065", "45.55.203.19:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-08-19 04:00:36", "100", "https://search.censys.io/hosts/45.55.203.19", "AS14061,C2,censys,DIGITALOCEAN-ASN,Hookbot", "0", "DonPasci"
"2025-08-19 00:02:40", "1571064", "102.117.173.45:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:43:07", "100", "https://search.censys.io/hosts/102.117.173.45", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci"
"2025-08-19 00:02:39", "1571063", "170.64.163.25:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:44:40", "100", "https://search.censys.io/hosts/170.64.163.25", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-08-19 00:02:33", "1571062", "38.12.25.253:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:00:28", "100", "https://search.censys.io/hosts/38.12.25.253", "AROSS-AS,AS400619,C2,censys,Supershell", "0", "DonPasci"
"2025-08-19 00:02:24", "1571061", "95.216.183.76:444", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.216.183.76", "AS24940,C2,censys,HETZNER-AS,Sliver", "0", "DonPasci"
"2025-08-19 00:02:23", "1571060", "85.192.40.185:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:48:23", "100", "https://search.censys.io/hosts/85.192.40.185", "AEZA-AS,AS210644,C2,censys,Sliver", "0", "DonPasci"
"2025-08-19 00:02:20", "1571059", "198.135.50.115:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:45:49", "100", "https://search.censys.io/hosts/198.135.50.115", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2025-08-19 00:02:19", "1571057", "172.111.137.67:2889", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:44:42", "100", "https://search.censys.io/hosts/172.111.137.67", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-08-19 00:02:19", "1571058", "94.154.35.190:63288", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:48:37", "100", "https://search.censys.io/hosts/94.154.35.190", "AS214943,C2,censys,RAILNET,RAT,Remcos", "0", "DonPasci"
"2025-08-19 00:02:16", "1571055", "112.196.218.3:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:00:20", "100", "https://search.censys.io/hosts/112.196.218.3", "AS138195,C2,censys,Gh0st,MOACKCOLTD-AS-AP,RAT", "0", "DonPasci"
"2025-08-19 00:02:16", "1571056", "45.204.211.26:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-08-19 04:00:19", "100", "https://search.censys.io/hosts/45.204.211.26", "AS62468,C2,censys,Gh0st,HKCLOUDX,RAT", "0", "DonPasci"
"2025-08-19 00:02:00", "1571054", "98.159.110.66:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:51:18", "100", "https://search.censys.io/hosts/98.159.110.66", "AS-GLOBALTELEHOST,AS63023,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-19 00:01:59", "1571053", "160.30.231.250:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:14", "100", "https://search.censys.io/hosts/160.30.231.250", "AS134765,C2,censys,CHINANET-YUNNAN-IDC1,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 23:05:18", "1571045", "45.204.214.131:6666", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-18 23:03:27", "1571042", "f4bbe87b4638b47542ffbeca02924bdc0ce5c12d", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:27", "1571043", "def8f6f353bf6df2793667ed16294253a6ecebb378a2b0f0fcc95be10f115c80", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:27", "1571044", "37e490924cc7d25899183fe7c096f48d", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:26", "1571038", "a4203690aa231979c8991cd60b11a782", "md5_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:26", "1571039", "878e62bf58e0613ca7cf214ab09e1afd33d92513", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:26", "1571040", "be69dda3a21c5ce0348ef647b59f09d5c3b599b9dbfa7e914906f26e1596044d", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:26", "1571041", "54e93344046d4bc4c65b2d5c6de9df6e", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:25", "1571035", "077ee004efa72af9ac67d3cd4dc7dd63", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:25", "1571036", "69e5e3fc2a20a3ec17ce85f5089e0ef74db079ea", "sha1_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:25", "1571037", "1dfeb104751544afbe70f792ef95535246eba683cdf47f21cb62038f8b5d86d6", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:24", "1571032", "7ec90f69baad27c237eda9ae87dca203", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:24", "1571033", "abfef647f0d1a27f5700bd9482d30ff0939914bd", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:24", "1571034", "6c291112aed1fd2f2b054084cf167a877a1f47410208a5460c2b2a173d06311c", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:23", "1571029", "941131e8cab2348700ac56e91a368490", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:23", "1571030", "9730664dd3cb50705c29aa53b10597708ba6f1af", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:23", "1571031", "c0bd18efb507d677ccaafc069c5a33fd865105369029b25dbfd2f41d7098f587", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:22", "1571026", "68996bb7f7838f26dbc3499d7e84f9c6", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:22", "1571027", "d62d14e264aca1f02198d5f972789d745282a6d4", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:22", "1571028", "8fd8f4f0859bcd3a297e8824174dd66b62fe471f65d0c205a71d813092ea2dcd", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:21", "1571023", "04be5380462bdef17f618a6118cfd1f7", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:21", "1571024", "a0b05f0e29152abf094f0310cbc0f214f752a039", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:21", "1571025", "e652137d75dc278b1867671a62661276100afd0e3f7d62ed07b6bc27e5a1277f", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:20", "1571020", "cc73dbe245adc540ae0d2e1e7b082c86", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:20", "1571021", "9a4b207353e49d68ecaa947631c37072fb69f600", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:20", "1571022", "e1a0ab5cadb0af718230bb8f907c649a313f1ff7bcbed6745c678811ce8a4465", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:19", "1571017", "e59da04b96a70cf9f9edecb9e5d58b76", "md5_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:19", "1571018", "af1e0315ac7ceb1a593a3c62e0e05f381ff4811b", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:19", "1571019", "6f664c203dd6229bd6245be9deee565d02947dacde82bbe29589684174f10f1a", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:18", "1571014", "9c8b0713f90196e542a5532b77188043", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:18", "1571015", "35d8f1a3d6ae16af077a9adb0c891ff584505757", "sha1_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:18", "1571016", "6ef10a2b79a761a18c6351d623cc52ef989a6ab06b37fdb07f5fb473b1c05c2b", "sha256_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:17", "1571011", "bc3c8bd8635c13c2e49fafd9c4cb36ed", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:17", "1571012", "2f8871571386f703838ffec8a4e4f4ef1b5f8830", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:17", "1571013", "03ab6e2ebf53bc40eda7425e96ca01d28a7894102964afda982e6528728852fd", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:16", "1571008", "eabf1bf8ee758190d049cfa3b71472b3", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:16", "1571009", "ca60bde42f7f9ef23341960ffc3bd909fca31e1c", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:16", "1571010", "f4e59d8cd60f7ab60b877af61cb4424964050adb7acd0edbf11c23dfe32966cd", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:15", "1571005", "9e89b3a9bca360ebf229b43715ed693e", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:15", "1571006", "08117e13a26ae8281c9d1987097b410e66b2fc9a", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:15", "1571007", "b1cdbe8e1e934c534624de96d05507ba42100a32d4d201d1be6e5fca7f7f36d4", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:14", "1571001", "47480dda823cc75f3a8e17afd15d11c70d4cddbb89a8227fff3a3a77921e334e", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:14", "1571002", "417272ec7e839732342191324da04ed5", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:14", "1571003", "421fd6c4c3f0c35b543b759f301980808bfddad2", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:14", "1571004", "d623ebd387e46bf8cb0f970d6238d95e5e3226ffce22a987e9565e65753ac603", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:13", "1570998", "7a0bd1cc99236bcab7acb21efb90fcdf612cc14e51d837d9e773f63ebc37c8de", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:13", "1570999", "262369e346ffaa8941ca7b3dcdce2208", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:13", "1571000", "5f2cc06c5c18450a3ffde26b56d08176975f2b93", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:12", "1570995", "a9d06b2a9305936f9218902987037b1bfd25ff20480184daa0c895f0448fbca0", "sha256_hash", "payload", "win.resolver_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:12", "1570996", "9851da89b46524d554d7a5d3091b4917", "md5_hash", "payload", "win.resolver_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:12", "1570997", "41d31be6e7285c539d6744edd7d01ad426432bdc", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:11", "1570992", "8199d7e3b09f674e7937b483e6cd14e145cb668136d5288c432eef51d59507fb", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:11", "1570993", "81d51c4b48540d0edff1d2bcf21cbf76", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:11", "1570994", "9acd826bb158989c116920f36fe2e2b23a758076", "sha1_hash", "payload", "win.resolver_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:10", "1570989", "94d0084fb4121ce1d42f363b54ec8aac2caed34bcbbcf952b8c397cd4be32ecd", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:10", "1570990", "8a18cf15ab5139d2d29a3b1666645d72", "md5_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:10", "1570991", "05ae5cab5ef2031878a4a7078aed848e00828015", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:09", "1570987", "4558d2235e5b0377cb9f1be81a0c8884", "md5_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:09", "1570988", "ba73edea1ee77c5da696751dadc8e64bf49d6a0d", "sha1_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:08", "1570984", "c5d114281446624722dd908297ce65ea", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:08", "1570985", "95c0ebccd0c6e98d3b919e05c4a84a496e7a6188", "sha1_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:08", "1570986", "cf1153dad2c1b9920dbe8104f86a915b2bff536cc8553993d21321f6470421d3", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:07", "1570981", "acce530072008f7e4a77a8696743cdea", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:07", "1570982", "e3eaae13965d032db8b9f025094b7ba375fdaf6f", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:07", "1570983", "4b4982e94f9c61148a9041d5978640c4572d39091a2100682e5630fb3a36cc01", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:06", "1570978", "ac14c5976e2db88002ef800b2fd6eb7b", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:06", "1570979", "771ecac81d6b2e71dd6d781126c23b8c49560183", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:06", "1570980", "22fd3414fdff1f6de0a3f6335b2101cf3f15110c2caaf0d1c052cf81180a7269", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:05", "1570975", "c06a5c61aaf7af4f005814d409c6735d", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:05", "1570976", "8f7a87b5ff070c6f4427f0dcf3096ad3e534767f", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:05", "1570977", "11054dce4fad0bb9f29a1597c35562e495b0dfba3613e665906b40342759f382", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:04", "1570972", "0da3d6163e946124e407772e5bbffd31", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:04", "1570973", "5ac31bef9f05ac35237206710bfc0c2c6fe87669", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:04", "1570974", "1ea7f4f3ec42aedf88a507209209db05f7b90ae91e5b40d3fcca8dc4cfcb7d8f", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:03", "1570969", "c61d70aa2f9d37f6b7a340225da18103", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:03", "1570970", "20e3e72278a83202571e2f88ccd0813dd82bce14", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:03", "1570971", "f00ddfca55cd75dc518bbddafd3f5c7327916d430fb2575e3c87cf93ac5c2db8", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:02", "1570967", "6acced38080d1185ceda86fdc2fdefc7d5cfea9e", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:02", "1570968", "3ee3ca6f1aed8d072fe437a84916f0054c5af1060eb3b50cd66f6be52ab13c61", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:01", "1570964", "2639cd26f280bf3a8f8d4d9839e6e54047ca7493", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:01", "1570965", "fefcf51745f418e4d6d8d4a62dd2bf723ab2bb21c5965523ecd0e670eec1f9aa", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:01", "1570966", "6e2178613d2271b0b398cd307fad3e40", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:00", "1570961", "501a5bc2c309e8406ebf4c1fe91c1ef682a4abfb", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:00", "1570962", "bf22aa6233aabdac037bec172864e7f916541a7c87d320ca4716a3f478073816", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:03:00", "1570963", "5a701ea8d043d796b70efd951de9d679", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:59", "1570958", "1f9ffef0cfa3d2bd97a98135df8ed207df73a8b0", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:59", "1570959", "4aa835e4f60ef32752666a447dc715c519c4808fb4ff31b513a3f4362506849a", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:59", "1570960", "a48f03bf1ee28b7cf10fe4c650077740", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:58", "1570955", "1e0bd700152ade3a4d3e55f6f390623e4a9dcd9d", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:58", "1570956", "3fbba653ca6358559bff144d4e3709b67403a76572dcfc4c888d4d3715c7f69f", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:58", "1570957", "e337df633e880d637d853fcfd07e7a28", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:57", "1570952", "3ae4228a42f08422812a0e8a0eb2b7be1ccdcbfc", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:57", "1570953", "cc5523d066cc89f88c78bd5223b2ffd9d53580911761229f206d88c0ebb61f7a", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:57", "1570954", "97d559dcd7566dc41f25f61523ace2a9", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:56", "1570949", "1da73c4cf59fbe2769818f479e0ab5f3557ec31b", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:56", "1570950", "08d6d7bcb6593ab6101221bc25172fb22e9dcff816a29482a8b8ee82b89c12e3", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:56", "1570951", "b12ae4740ba6be9e720de4ee30fc277e", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:55", "1570946", "a7af3302460fb6d3e68d9f28f830b502d2822c29", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:55", "1570947", "0cf6212d1f5a46d4ddebdaa4dea81e0cdff6ea3f81a41edff6b3cb8cc333bbff", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:55", "1570948", "cb9424576cd272eff131650382267d52", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:54", "1570943", "f17e749e2c637f1bd8318a3bf15473a2b7643c5e", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:54", "1570944", "6bc1c41e0568a5d2d70731d75713da66273e1e541347e2bb42a20609acb9fa48", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:54", "1570945", "f513a2ed8a51b4b35685410cb50102be", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:53", "1570939", "5d974b5f821b19e0234c2ee767f9f5a1", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:53", "1570940", "1a694b14d4d0f7cb705e53ae7ffce043c59f53e1", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:53", "1570941", "af4a20981ee2de6a7bb6e38f6e278a12a0136e93a24ca9e4dcb7171b31bbff8e", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:53", "1570942", "fb12771e1cb1945303a8aeab511c20fd", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:52", "1570936", "17be57ab8fcedb82505534232bf6091b", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:52", "1570937", "7a0f34706cf317e9eeac50d8c2ede4b97df22aeb", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:52", "1570938", "dbdb1c481ddee8c98490f308da404fe05178f7c18ec429794f343569fa717bd2", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:51", "1570933", "ce972d5a71b444f76c625f48f77dcac5", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:51", "1570934", "c876812afb06ea2c6d8c78aec6a451187f558733", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:51", "1570935", "3e33513a6afdaece0a3415f556a44d20bede9f42e14b942f3ff042db3e1c2a01", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:50", "1570930", "349826efb7acb9f8ca1e7535dececbe9", "md5_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:50", "1570931", "70da1350713b5f9124ba8cd7718d8cb70249c831", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:50", "1570932", "0d020706ebe19402f93d6f2cba1e6c9fc980ff65c88d692d76303cfcad076c48", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:49", "1570927", "ff301080d9616525ced3a29bfc8e4ac4", "md5_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:49", "1570928", "67ab196a126cea13830a9627ea86411d8de6f602", "sha1_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:49", "1570929", "1c75529ff92349afa72529f987ec451059027e7fafb0f7c8733959af3352a50c", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:48", "1570924", "105ef1a50293008c0f283a5712b104c2", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:48", "1570925", "1e00fa9c86a412d1bc3055e57a1dde541f997ac0", "sha1_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:48", "1570926", "40393e6ab52ce311c22ae923a8d094569669ad4be287ce0e22cc2cc47343d506", "sha256_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:47", "1570921", "123c468c9bdfab161e5033fc900ef73a", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:47", "1570922", "d35f24df4838219ce41281154812d9cd140ced1b", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:47", "1570923", "2c35c24bdd434cf329bb45dce96e7499cdd231f182c9e679a01770fc006aac69", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:46", "1570918", "2885c02642e5f460ab96a828729ed4ec", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:46", "1570919", "e8cc5c482a409b8501294e9683511e6cbff9fc4c", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:46", "1570920", "a7f7a2ba4874202dd3c17d81618c0f5f03421b13fe9b48a81f475025f97f2fd3", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:45", "1570914", "15c0f6587e713de3cc2a87d01f4ef228ed6998b16ba6249b2238084f8a03ec32", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:45", "1570915", "5838cb23489e11a4a1d36f8870adff4d", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:45", "1570916", "5ad8975ec780c5d7fc1486102575359579edf19c", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:45", "1570917", "fd0353eae1463ca86ac2145e88558bbac6ad0ba2564df068bb3531bb0e56be41", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:44", "1570911", "4baaf3102c3fcee3ace9f2b9f7e41911bde638845853467fe09d68eef485e128", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:44", "1570912", "ef12955d3040c98fb9a9ac67a1ad6f55", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:44", "1570913", "6034f6adae251b6bbf2b86a5229194fc2626bf7e", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:43", "1570908", "ba54f462d6a7943cb5e93fe5de11443218956f4fbb353e7edf96808287195fda", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:43", "1570909", "5ac32719da8bca952542b01c9dd515d3", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:43", "1570910", "de7d55469f740e80fe3f4da2b6d0649941886fc2", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:42", "1570905", "59fbd48bd0fbf6c13df7a564fadb4dbea8870de7baaa7973c50818eff7b90c0f", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:42", "1570906", "128d4ff33e74e5cf794df0693be2678c", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:42", "1570907", "86071d4f2d76fbe58abd698504fcf2869d163d1c", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:41", "1570902", "7b467d82dd8dc94bf7339c7f4349b64d940d37d2c6510ae48dfdc9b53bed9682", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:41", "1570903", "0bb002d3392a220cbef6783cb3dcc9fd", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:41", "1570904", "ceaaad14cb93ea831901247a6c5f3b8220f231ea", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:40", "1570899", "1b218216a2ba0ddd30211beaae5240356831cc8854414f6788e6d9775f1228ec", "sha256_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:40", "1570900", "262878cfdf94e190a145d2dd5ca261b5", "md5_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:40", "1570901", "95e03fdf7fbe559e94fa4e08a241e3ffaca83a9e", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:39", "1570896", "e5ff9e36b4202eaa20fb6929be35838119df1d21246f410fd7902f03e96ca4c5", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:39", "1570897", "193a801f0c460f5b705974b7b274c86f", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:39", "1570898", "f0884b89c3b03d940de0a558e6bdd80eccb48ffb", "sha1_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:38", "1570893", "41c8bc8ed857bb7cce77f3155bf6f558da54d6797b25eacac570d00da23bcbf5", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:38", "1570894", "d6c47092bd741ffbd422fe0ab9618bdc", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:38", "1570895", "46d3b346a55113f2c696e52dc7e1bdb89b4db985", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:37", "1570890", "aca862498dc80512772af2d41368322b102d3d34fbb7538436ec8881b17c217d", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:37", "1570891", "305401380b16b0d17cb8ca76d6f44a6e", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:37", "1570892", "9577451b77b0a6454950191e6a85806aea6dfb3c", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:36", "1570887", "347e17e0cd18a42580f88ee2b4775ec5cab9df30e994fb8f01df8ed02f7d7bc1", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:36", "1570888", "89c633e2dc2d8dab388e95fa26af9e77", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:36", "1570889", "c0bf15476f50c9a0da046623247ef83c1245f901", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:35", "1570884", "d86c56b0d865cb03e95a8b5b9168d2b04d3cc685bb3e32f46a9d86129768fa1a", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:35", "1570885", "fafae4086b51b354132f586bf8f55a82", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:35", "1570886", "54c57a3a86ea8b5df00ece988ce8400ce5e3fc4c", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:34", "1570881", "1622d2b40a4fdbbb296ecf1e6668fbdbe6f10b84ffa1bb15217b91924cc71a29", "sha256_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:34", "1570882", "e47133883942fa94487bc7dd9319cd1b", "md5_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:34", "1570883", "680f7304025b664ca1b2253c63c962de19335cb1", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:33", "1570878", "5885dbee75437bb8e608840aa4cebc3c81652b4998babf704ac5890718186d1e", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:33", "1570879", "219c32eaa0e3d2206ef6e2065db9da7d", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:33", "1570880", "33e55b7d68f1201200c430de06920b6e5d93080e", "sha1_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:32", "1570875", "6b1b772478431d588e30424cd1ee0bb53d2c902dbd27b3ce56a8c7a886637ddf", "sha256_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:32", "1570876", "91770b901492ddc202a214975266d7b3", "md5_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:32", "1570877", "318e10d363d1376b4ea9beaa73463027834bc124", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:31", "1570872", "dc54117b965674bad3d7cd203ecf5e7fc822423a3f692895cf5e96e83fb88f6a", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:31", "1570873", "7e6bf818519be0a20dbc9bcb9e5728c6", "md5_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:31", "1570874", "770ffd65328f6212185ce28f13e0888c341e80f7", "sha1_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:30", "1570869", "b5013ef4816a0aa0f82f1af06204c59b6cb7a491d44233f99b2545cd127d0a34", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:30", "1570870", "081b5fb48eab820ccf47065e724cc9b6", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:30", "1570871", "73f9469507d6162303821fc97d4809a2968f4ba3", "sha1_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:29", "1570865", "6c656c70f7e8cab19cf80c0bc635c87a8cf9f025", "sha1_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:29", "1570866", "bcc78c66712818fe9210decc75a17a59af1f2b422b70250090a00a7521ae6173", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:29", "1570867", "8d026e01fcc9789f150b2c114f2feede", "md5_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:29", "1570868", "d773f53ca94acfb3df5cfa7ae87b0632608072ff", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:28", "1570862", "28850304b7dec114540b05fbedaed9c213d7e48e", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:28", "1570863", "820991734191028c1b5eb2a17e5849bc9059f17ae532db6075fab18e163f9402", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:28", "1570864", "f4fa2d3ab5e5df5614decc3b9d74594b", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:27", "1570859", "7ba29e7e52fcc373524e25ff25d3de41bb55e6cb", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:27", "1570860", "a1a9a1eb021b4358e6585bd24332ec331ab91973b4286eee6f82f778997bfc33", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:27", "1570861", "0dcfa83bc32f60d83428021a250188c8", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:26", "1570856", "c4107361d8367d63b5c6d4cc5edc90be3d1f1066", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:26", "1570857", "aaa5b20a90d1f1755d39e6e228f8d4a4060d9da1451d9dd54a6e85fa2dd9ceef", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:26", "1570858", "b25ccec179bdd3c5f8cba03fc36f0e17", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:25", "1570853", "e0a95b211c58f2cd19cda50a7c631f02e864501a", "sha1_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:25", "1570854", "afb0c85ccefd94461f8ad1f377617addb956d064969023cd9dd55a96ac870a92", "sha256_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:25", "1570855", "6b5bc9a194f67b4da88b86892708e796", "md5_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:24", "1570850", "4f7cb63d85e80a87cc46a8e3ba83566e8181aec4", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:24", "1570851", "dbc0e8b108b4e270877bd6bab0e90e45a206065733483d47481bd8f3638a3001", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:24", "1570852", "ff6d5147e78b5c900d16f6a2b5e4d382", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:23", "1570847", "07ea7c138d75fb56f2ae1fe28245eff05a59321b", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:23", "1570848", "8a90f7e70b20b610a027c1377adfe7858d7bf093af37e44ff78d62550a7c793a", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:23", "1570849", "b0cc124a0acc736f10b8c24791106a2a", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:22", "1570844", "91e54fb4f080288d64954ed9211b03778fba0be6", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:22", "1570845", "510b589fe7b65c47c9599f18a6d26ff8dbd7d1cb13689948004dba9893b8b89e", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:22", "1570846", "d44d45a0ec6ba61ccb9627ec9adb8168", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:21", "1570842", "db588f801e81a69dce2baf10d3c5178830ec99375c44e06846775b80a8d3536e", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:21", "1570843", "ee15ac3e79fabc49c22e5f9e04d036ae", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:20", "1570839", "49dc8828403fab25387e57ef50ea2e5b92a61a54fbdaeec924a368ee4f35a60c", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:20", "1570840", "76482e447cfbe7caac0cac43125da2ac", "md5_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:20", "1570841", "bcd8db5067b49e266b341ac5c956f6adba19d568", "sha1_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:19", "1570836", "e733b5d3f57e88dce901c45eeae3de358de460cc107c6c51ed2e8ebaf0ba25c9", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:19", "1570837", "69a47130e70f4cb75e57a2244270bf99", "md5_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:19", "1570838", "3b302ec64a7ba735a6c84c981df21464de9807c1", "sha1_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:18", "1570833", "3e866746e562701703c6f99ed328c232f6fe8e1a2dec8ec5000ea25eeb7592bf", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:18", "1570834", "25c90f7524acf1c6347becc8942677b4", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:18", "1570835", "08bd906b5cbe374927dd853998b067c89ee6872d", "sha1_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:17", "1570829", "ff467712b26a05c0078d7ddcb95b1e4250822bf1", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:17", "1570830", "951f28fa3b1668bdb2b300dac35138c35776d57955f17031d46fc6802ab14fb4", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:17", "1570831", "331af0393b908473a004ceaf3e3a78f9", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:17", "1570832", "32239a96fc8c72c90cef300ed8d33a0f1d37df56", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:16", "1570826", "e36829ac9ab9906ce542d05ff0e7ebc81bb8a807", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:16", "1570827", "d3bdfd3d8cf142a243fcecb73a15f683c87e6d1969e559a158c6b3705ed1d4fb", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:16", "1570828", "b0bebe8b8e499abfef3b02ff7e0e9f85", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:15", "1570824", "6566cf90850e894917dfea4674f4bc9d8ef10e667cb9b981ed27dca073b0771e", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:15", "1570825", "0b7082399ec0ab2a8f1bdff01a602f6d", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:02:14", "1570823", "0b68909bb64e7375ca87368182037b9010526ae7", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-18 23:00:28", "1570822", "196.251.87.149:62520", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 22:49:13", "1570821", "www.diuwdx.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:05", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-18 20:55:48", "1570813", "http://113.44.139.80:5006/po9E", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/951f28fa3b1668bdb2b300dac35138c35776d57955f17031d46fc6802ab14fb4/", "cobaltstrike", "0", "abuse_ch"
"2025-08-18 20:48:53", "1570812", "95.214.208.42:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:48:40", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 20:46:49", "1570811", "34.193.94.14:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:41", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 20:46:39", "1570810", "27.128.208.206:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:46:32", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 20:45:45", "1570809", "195.177.94.188:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:45:39", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-08-18 20:45:34", "1570808", "188.48.83.169:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:45:28", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-18 20:05:19", "1570795", "104.234.25.103:1010", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 20:03:21", "1570794", "121.196.211.235:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/121.196.211.235", "ALIBABA-CN-NET,AS37963,C2,censys,RAT", "0", "DonPasci"
"2025-08-18 20:03:20", "1570793", "108.181.23.233:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/108.181.23.233", "AS40676,C2,censys,RAT", "0", "DonPasci"
"2025-08-18 20:03:06", "1570792", "109.123.239.148:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/109.123.239.148", "AS141995,C2,CAPL-AS-AP,censys,Gafgyt,open-dir", "0", "DonPasci"
"2025-08-18 20:03:00", "1570791", "160.30.21.27:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-08-19 04:01:02", "100", "https://search.censys.io/hosts/160.30.21.27", "AS150862,C2,censys,MAYTINHVPSTTT-VN,moobot", "0", "DonPasci"
"2025-08-18 20:02:59", "1570790", "160.30.21.42:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-08-19 04:01:03", "100", "https://search.censys.io/hosts/160.30.21.42", "AS150862,C2,censys,MAYTINHVPSTTT-VN,moobot", "0", "DonPasci"
"2025-08-18 20:02:51", "1570789", "20.199.67.52:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:45:54", "100", "https://search.censys.io/hosts/20.199.67.52", "AS8075,C2,censys,Covenant,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-08-18 20:02:48", "1570788", "15.168.3.125:10261", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:11", "100", "https://search.censys.io/hosts/15.168.3.125", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 20:02:47", "1570787", "78.12.193.1:20058", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:48:06", "100", "https://search.censys.io/hosts/78.12.193.1", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 20:02:46", "1570786", "124.156.225.126:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-08-20 00:43:40", "100", "https://search.censys.io/hosts/124.156.225.126", "AS132203,C2,censys,DcRAT,RAT,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-08-18 20:02:44", "1570785", "188.226.169.207:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-20 00:45:27", "100", "https://search.censys.io/hosts/188.226.169.207", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-08-18 20:02:43", "1570784", "pbj.cukurukuk.fun", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-19 04:00:46", "100", "https://search.censys.io/hosts/103.235.75.42+pbj.cukurukuk.fun", "AS135444,C2,censys,Havoc,IDNIC-IKUBARU-AS-ID", "0", "DonPasci"
"2025-08-18 20:02:42", "1570783", "187.201.97.119:1024", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:41", "1570780", "187.201.97.119:1913", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:41", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:41", "1570781", "187.201.97.119:1963", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:41", "1570782", "187.201.97.119:554", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:44", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:40", "1570779", "187.201.97.119:1194", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:40", "100", "https://search.censys.io/hosts/187.201.97.119", "AS8151,C2,censys,Quasar,RAT,UNINET", "0", "DonPasci"
"2025-08-18 20:02:29", "1570778", "77.110.106.206:9999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/77.110.106.206", "AEZA-AS,AS210644,C2,censys,payload,Sliver", "0", "DonPasci"
"2025-08-18 20:02:01", "1570777", "154.201.84.67:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:57", "100", "https://search.censys.io/hosts/154.201.84.67", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-18 20:02:00", "1570776", "18.171.150.254:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:08", "100", "https://search.censys.io/hosts/18.171.150.254", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 20:01:59", "1570774", "58.181.246.7:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:51:01", "100", "https://search.censys.io/hosts/58.181.246.7", "AS7693,C2,censys,CobaltStrike,COMNET-TH,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 20:01:59", "1570775", "116.203.31.207:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:31", "100", "https://search.censys.io/hosts/116.203.31.207", "AS24940,C2,censys,CobaltStrike,cs-watermark-987654321,HETZNER-AS", "0", "DonPasci"
"2025-08-18 20:01:57", "1570773", "94.154.35.196:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 20:13:28", "90", "None", "latrodectus", "0", "Rony"
"2025-08-18 18:54:45", "1570767", "epidmov.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250818-wy336awxc1", "None", "0", "burger"
"2025-08-18 18:30:59", "1570768", "https://epidmov.top/xiwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/510b589fe7b65c47c9599f18a6d26ff8dbd7d1cb13689948004dba9893b8b89e/", "lumma", "0", "abuse_ch"
"2025-08-18 18:09:55", "1570735", "is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 18:09:54", "1570736", "www.is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 18:09:54", "1570737", "in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 18:09:53", "1570738", "www.in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 18:03:24", "1570766", "154.91.84.130:7000", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250818-p9sy1atly7", "AS399077,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-08-18 18:03:14", "1570764", "l5ewog1zc.localto.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2025-08-18 18:03:14", "100", "https://tria.ge/250818-tb9w3svzez", "C2,domain,njrat,triage", "0", "DonPasci"
"2025-08-18 18:03:14", "1570765", "lwtgiajga.localto.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2025-08-18 18:03:14", "100", "https://tria.ge/250818-pywkratkt6", "C2,domain,njrat,triage", "0", "DonPasci"
"2025-08-18 18:02:57", "1570763", "34.226.189.142:48733", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://tria.ge/250818-qjc1jagn2x", "AS14618,C2,RedLine,RedlineStealer,stealer,triage", "0", "DonPasci"
"2025-08-18 18:02:23", "1570762", "kecfcnyn-28082.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-pqe8sstjt9", "C2,domain,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570757", "88.150.6.17:2374", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q71rhatqx9", "AS43341,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570758", "100.42.20.0:2374", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q71rhatqx9", "AS46841,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570759", "1.0.1.0:2374", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q71rhatqx9", "C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570760", "88.150.6.17:666", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q3vppagr5y", "AS43341,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:22", "1570761", "88.150.6.17:6666", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-q3vppagr5y", "AS43341,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:21", "1570756", "kalilinujikoll-37508.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-tt6mdav1cz", "C2,domain,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:14", "1570752", "yehsnop.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250818-v78jkawvgx", "asyncrat,C2,domain,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:14", "1570753", "satybsa.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250818-v78jkawvgx", "asyncrat,C2,domain,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:14", "1570754", "103.116.52.102:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250818-rwekkahl3v", "AS150895,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:14", "1570755", "103.116.52.102:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-19 04:00:48", "100", "https://tria.ge/250818-rwekkahl3v", "AS150895,asyncrat,C2,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:13", "1570751", "yehnsops.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250818-v78jkawvgx", "asyncrat,C2,domain,rat,triage", "0", "DonPasci"
"2025-08-18 18:02:02", "1570750", "started-knives.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250818-t7yhxsan71", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-18 17:00:24", "1570749", "http://453971cm.nyash.es/eternalimageVideoPipeGameflowerLocalprivateCentral.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-08-18 16:10:48", "1570748", "https://a.dev.drakeinternationalagency.com", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 01:10:24", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-18 16:02:54", "1570747", "194.180.158.22:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:45:37", "100", "https://search.censys.io/hosts/194.180.158.22", "AS39798,censys,EvilGoPhish,MIVOCLOUD,panel,Phishing", "0", "DonPasci"
"2025-08-18 16:02:40", "1570744", "16.63.35.98:44818", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.35.98", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 16:02:40", "1570745", "43.198.222.90:27017", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:02", "100", "https://search.censys.io/hosts/43.198.222.90", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 16:02:40", "1570746", "43.207.199.12:5900", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:04", "100", "https://search.censys.io/hosts/43.207.199.12", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 16:02:30", "1570743", "185.208.159.71:3001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:19", "100", "https://search.censys.io/hosts/185.208.159.71", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-08-18 16:02:28", "1570742", "118.195.183.125:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:00:27", "100", "https://search.censys.io/hosts/118.195.183.125", "AS45090,C2,censys,Supershell,TENCENT-NET-AP", "0", "DonPasci"
"2025-08-18 16:02:19", "1570741", "195.177.94.188:4444", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:45:40", "100", "https://search.censys.io/hosts/195.177.94.188", "AS214961,C2,censys,Sliver,STELLARGROUPSAS", "0", "DonPasci"
"2025-08-18 16:02:16", "1570740", "216.9.224.52:2080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:22", "100", "https://search.censys.io/hosts/216.9.224.52", "AS44382,C2,censys,RAT,Remcos,WHITELABEL", "0", "DonPasci"
"2025-08-18 16:01:58", "1570739", "98.159.110.65:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:51:18", "100", "https://search.censys.io/hosts/98.159.110.65", "AS-GLOBALTELEHOST,AS63023,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 15:35:20", "1570734", "5.83.218.183:4670", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-08-18 15:35:17", "1570733", "5.83.218.183:4470", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-08-18 15:05:10", "1570732", "154.194.35.243:7826", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-08-18 14:10:23", "1570731", "45.204.213.211:8", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 14:00:05", "1570730", "46.161.27.145:80", "ip:port", "botnet_cc", "win.treasurehunter", "huntpos", "TreasureHunter", "2025-08-20 01:24:02", "50", "https://tracker.viriback.com/index.php?q=46.161.27.145", "TreasureHunter,ViriBack", "0", "abuse_ch"
"2025-08-18 13:46:53", "1570691", "is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 13:46:53", "1570692", "www.is-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 13:46:52", "1570693", "in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 13:46:52", "1570694", "www.in-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-08-18 13:46:52", "1570695", "https://certificado.vouserpai.com.br/wp-content/plugins/wp-nasa-registry/index.php?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:51", "1570699", "https://escoladeimpressao3d.com.br/wp-content/plugins/wp-legal-cyberinteraction/?r=bD1odHRwczovL2tzYndtay5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:29", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:51", "1570700", "https://expresssafetyinc.com/wp-content/plugins/wp-software-malware/index.php?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:49", "1570696", "https://www.verdeta.it/wp-content/plugins/wp-open-multinetworked/?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:29", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:48", "1570697", "https://totalpropertycare.ae/wp-content/plugins/wp-machinery-skeletale/index.php?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:48", "1570698", "https://www.imax-host.com/alfinach/wp-content/plugins/wp-res-system/?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:47", "1570701", "https://epifonica.com/wp-content/plugins/wp-containment-means/index.php?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-18 23:37:06", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:46", "1570702", "https://pim.legrand.pl/wp-content/plugins/wp-control-dragnet/?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:46", "1570703", "https://smarttecho.net/wp-content/plugins/wp-water-standards/?r=bD1odHRwczovL2tzYndtay5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:45", "1570704", "https://charlie.yourwebsitedemos.com/webe/Mint-Heights/wp-content/plugins/wp-assemblage-security/index.php?r=bD1odHRwczovL2RxcmRidi5jb20v", "url", "payload_delivery", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2025-08-19 23:53:30", "95", "None", "Latrodectus", "0", "pancak3lullz"
"2025-08-18 13:46:45", "1570728", "cpanel.northtru.net", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/115049929393462539", "SocGholish", "0", "monitorsg"
"2025-08-18 13:46:44", "1570729", "http://46.161.27.145/paper/websiteofficialnewcock.php", "url", "botnet_cc", "win.treasurehunter", "huntpos", "TreasureHunter", "", "100", "None", "AS43350,NForce Entertainment B.V.,treasurehunter", "0", "antiphishorg"
"2025-08-18 12:30:30", "1570727", "49.228.131.165:2429", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-18 12:10:45", "1570726", "https://116.203.166.184", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 14:10:36", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-18 12:02:43", "1570723", "13.247.180.242:56324", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.247.180.242", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:43", "1570724", "40.192.2.32:4567", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:57", "100", "https://search.censys.io/hosts/40.192.2.32", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:43", "1570725", "13.40.3.205:34210", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:49", "100", "https://search.censys.io/hosts/13.40.3.205", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:42", "1570720", "43.207.199.12:10000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:04", "100", "https://search.censys.io/hosts/43.207.199.12", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:42", "1570721", "43.207.199.12:52200", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:04", "100", "https://search.censys.io/hosts/43.207.199.12", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:42", "1570722", "35.180.8.137:427", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:47", "100", "https://search.censys.io/hosts/35.180.8.137", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 12:02:39", "1570719", "185-196-10-10.cprapid.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-08-19 04:00:45", "100", "https://search.censys.io/hosts/185.196.10.10+185-196-10-10.cprapid.com", "AS42624,C2,censys,Havoc,SWISSNETWORK02", "0", "DonPasci"
"2025-08-18 12:02:36", "1570718", "155.94.155.240:4000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-19 04:00:37", "100", "https://search.censys.io/hosts/155.94.155.240", "AS214943,C2,censys,Quasar,RAILNET,RAT", "0", "DonPasci"
"2025-08-18 12:02:35", "1570717", "104.248.144.119:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-20 00:43:16", "100", "https://search.censys.io/hosts/104.248.144.119", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-08-18 12:02:30", "1570716", "3.149.190.172:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:46:34", "100", "https://search.censys.io/hosts/3.149.190.172", "AMAZON-02,AS16509,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-08-18 12:02:29", "1570715", "191.96.207.101:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:30", "100", "https://search.censys.io/hosts/191.96.207.101", "AS199654,AsyncRAT,C2,censys,OXIDE-GROUP-LIMITED,RAT", "0", "DonPasci"
"2025-08-18 12:02:28", "1570714", "195.35.20.235:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 04:00:28", "100", "https://search.censys.io/hosts/195.35.20.235", "AS-HOSTINGER,AS47583,C2,censys,Supershell", "0", "DonPasci"
"2025-08-18 12:02:20", "1570713", "139.84.214.159:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/139.84.214.159", "AS-VULTR,AS20473,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-08-18 12:02:19", "1570711", "118.178.194.57:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-20 00:43:34", "100", "https://search.censys.io/hosts/118.178.194.57", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci"
"2025-08-18 12:02:19", "1570712", "185.208.156.201:8989", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-ke7rfs1ps5", "AS42624,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 12:02:15", "1570710", "ulkum.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-18 12:02:15", "100", "https://tria.ge/250818-gx47hazqz7", "asyncrat,C2,domain,rat,triage", "0", "DonPasci"
"2025-08-18 12:02:01", "1570709", "account-reached.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250818-l8tmcssvew", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-18 12:01:58", "1570707", "18.171.150.254:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:08", "100", "https://search.censys.io/hosts/18.171.150.254", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 12:01:58", "1570708", "47.102.21.22:10001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:45", "100", "https://search.censys.io/hosts/47.102.21.22", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 12:01:57", "1570706", "43.134.189.185:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:15", "100", "https://search.censys.io/hosts/43.134.189.185", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-08-18 11:55:21", "1570705", "103.176.197.6:53", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 10:49:47", "1570663", "trendmnicro.qzz.io", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:04", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-18 10:49:46", "1570662", "sliv.ogzhenren.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:03", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-18 10:10:36", "1570661", "147.185.221.30:65365", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-08-18 09:15:33", "1570660", "146.70.143.132:7705", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 08:49:04", "1570659", "54.248.115.247:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-08-20 00:47:46", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-08-18 08:47:12", "1570658", "217.165.152.225:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-08-20 00:46:22", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-08-18 08:46:47", "1570657", "202.10.47.169:9000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-08-19 19:46:30", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-08-18 08:30:34", "1570656", "8.149.137.211:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 08:20:18", "1570655", "196.251.92.69:28288", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-08-18 08:02:36", "1570652", "51.84.175.155:20277", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:47:40", "100", "https://search.censys.io/hosts/51.84.175.155", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:36", "1570653", "18.171.204.198:1244", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:58", "100", "https://search.censys.io/hosts/18.171.204.198", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:36", "1570654", "16.63.157.158:3128", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.157.158", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:35", "1570651", "3.28.136.187:2281", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:46:36", "100", "https://search.censys.io/hosts/3.28.136.187", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 08:02:25", "1570650", "134.122.207.55:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-08-19 07:00:04", "100", "https://search.censys.io/hosts/134.122.207.55", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Supershell", "0", "DonPasci"
"2025-08-18 08:02:13", "1570649", "176.46.158.66:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:44:52", "100", "https://search.censys.io/hosts/176.46.158.66", "AS208317,C2,censys,RAT,Remcos,SF-DIGITALSERVICES", "0", "DonPasci"
"2025-08-18 08:01:58", "1570648", "156.238.243.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:59", "100", "https://search.censys.io/hosts/156.238.243.63", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-08-18 08:01:57", "1570647", "202.182.127.147:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:10", "100", "https://search.censys.io/hosts/202.182.127.147", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-08-18 08:01:56", "1570646", "45.93.138.140:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-19 04:00:11", "100", "https://search.censys.io/hosts/45.93.138.140", "AS-HOSTINGER,AS47583,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-08-18 07:20:14", "1570645", "196.251.114.106:5085", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-08-18 07:10:25", "1570643", "https://t.dev.drakeinternationalagency.com", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-18 15:10:26", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-18 07:10:25", "1570644", "t.dev.drakeinternationalagency.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-19 01:10:24", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-18 06:55:12", "1570642", "8.137.13.182:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2025-08-18 06:55:11", "1570640", "8.148.153.196:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-08-18 06:55:11", "1570641", "1.94.112.86:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:49:09", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-08-18 06:54:33", "1570639", "198.98.57.26:4434", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-08-18 06:14:13", "1570512", "http://213.209.150.166/g7hen3xxf/Login.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "None", "amadey,AS214943,Railnet LLC", "0", "antiphishorg"
"2025-08-18 06:14:10", "1570591", "http://103.245.231.188/vtubers.sh", "url", "payload_delivery", "unknown", "None", "Unknown malware", "2025-08-18 05:20:28", "75", "https://greedybear.honeynet.org", "honeypot", "0", "greedybear"
"2025-08-18 06:05:06", "1570638", "80.253.246.79:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-08-18 06:02:37", "1570636", "51.21.167.88:11913", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-dfry3abq71", "AS16509,C2,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 06:02:37", "1570637", "customer-cheats.gl.at.ply.gg", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-cjpgnszta1", "C2,domain,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 06:02:36", "1570633", "up.drivers-bp.com", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-f24wvsz1ax", "C2,domain,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 06:02:36", "1570634", "pop-kruger.gl.at.ply.gg", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-fn4c6szny3", "C2,domain,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 06:02:36", "1570635", "ie-sorts.gl.at.ply.gg", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250818-fqmhfaznz4", "C2,domain,quasar,rat,triage", "0", "DonPasci"
"2025-08-18 06:02:09", "1570631", "terang.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250818-b93ljsyqw5", "C2,domain,rat,remcos,triage", "0", "DonPasci"
"2025-08-18 06:02:09", "1570632", "46.247.108.46:5888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:47:24", "100", "https://tria.ge/250818-d4tgssck31", "AS58087,C2,rat,remcos,triage", "0", "DonPasci"
"2025-08-18 06:02:03", "1570630", "lines-clothes.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250818-c1fabsbn8v", "C2,domain,triage,xworm", "0", "DonPasci"
"2025-08-18 06:02:02", "1570629", "174.138.185.97:25144", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250818-cnllksbm5x", "AS19318,C2,triage,xworm", "0", "DonPasci"
"2025-08-18 05:40:22", "1570628", "http://cu08926.tw1.ru/d777d38d.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-08-18 05:20:45", "1570627", "160.25.72.95:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:44:26", "75", "https://bazaar.abuse.ch/sample/caef8879c0d342104b19377c5854b3b500d1c66f46ba1f0eea7dba6ab3562bf3/", "remcos", "0", "abuse_ch"
"2025-08-18 05:15:17", "1570626", "http://a1139089.xsph.ru/9bb5ecd9.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-08-18 04:50:25", "1570625", "216.250.251.108:62520", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-08-18 04:15:35", "1570624", "154.23.184.28:8880", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-08-18 04:10:38", "1570622", "https://type.plex.name", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-18 06:10:25", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-18 04:10:38", "1570623", "type.plex.name", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-08-18 06:10:25", "75", "None", "reeqc,Vidar", "0", "abuse_ch"
"2025-08-18 04:02:55", "1570621", "91.107.131.27:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/91.107.131.27", "AS24940,C2,censys,hacktool,HETZNER-AS,Mimikatz,open-dir", "0", "DonPasci"
"2025-08-18 04:02:35", "1570618", "108.137.69.124:59345", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:43:23", "100", "https://search.censys.io/hosts/108.137.69.124", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:35", "1570619", "16.63.157.158:45628", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.157.158", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:35", "1570620", "16.63.157.158:50478", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:25", "100", "https://search.censys.io/hosts/16.63.157.158", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:34", "1570617", "18.171.204.198:31594", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-08-20 00:44:58", "100", "https://search.censys.io/hosts/18.171.204.198", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-08-18 04:02:12", "1570616", "206.123.152.38:33672", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-08-20 00:46:07", "100", "https://search.censys.io/hosts/206.123.152.38", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-08-18 04:01:08", "1570614", "168.231.85.187:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/168.231.85.187", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:08", "1570615", "51.254.117.114:6969", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.254.117.114", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:07", "1570611", "40.127.11.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/40.127.11.59", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:07", "1570612", "104.40.48.31:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.40.48.31", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:07", "1570613", "164.92.178.59:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.92.178.59", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:06", "1570609", "18.211.27.156:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.211.27.156", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:06", "1570610", "89.116.33.68:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/89.116.33.68", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:05", "1570607", "52.59.154.37:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.59.154.37", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:05", "1570608", "91.134.61.204:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/91.134.61.204", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:04", "1570606", "52.59.154.37:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.59.154.37", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:03", "1570604", "42.51.33.254:4300", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/42.51.33.254", "AS56005,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:03", "1570605", "185.252.146.196:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.252.146.196", "AS204997,censys,FIRSTBYTE-AS,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:02", "1570603", "191.253.20.150:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/191.253.20.150", "AS263526,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:01:01", "1570602", "54.253.42.246:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.253.42.246", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-08-18 04:00:43", "1570601", "140.112.72.144:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/140.112.72.144", "AS17716,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-08-18 04:00:32", "1570600", "103.90.72.175:2053", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-08-18 04:02:30", "100", "https://search.censys.io/hosts/103.90.72.175", "AS216154,C2,censys,CLODO,RAT", "0", "dyingbreeds_"
"2025-08-18 04:00:26", "1570599", "185.208.159.71:20000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:19", "100", "https://search.censys.io/hosts/185.208.159.71", "AS42624,C2,censys,RAT,SWISSNETWORK02", "0", "dyingbreeds_"
"2025-08-18 04:00:25", "1570598", "185.208.159.71:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:45:19", "100", "https://search.censys.io/hosts/185.208.159.71", "AS42624,C2,censys,RAT,SWISSNETWORK02", "0", "dyingbreeds_"
"2025-08-18 04:00:24", "1570597", "95.217.57.151:102", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-08-20 00:48:41", "100", "https://search.censys.io/hosts/95.217.57.151", "AS24940,C2,censys,HETZNER-AS,RAT", "0", "dyingbreeds_"
"2025-08-18 04:00:11", "1570595", "43.160.245.171:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:37", "100", "https://search.censys.io/hosts/43.160.245.171", "AS132203,C2,censys", "0", "dyingbreeds_"
"2025-08-18 04:00:10", "1570594", "192.238.128.167:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:14", "100", "https://search.censys.io/hosts/192.238.128.167", "AS138995,C2,censys", "0", "dyingbreeds_"
"2025-08-18 04:00:08", "1570593", "autoconfig.box.livrocentauros.cfd", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/45.143.11.34+autoconfig.box.livrocentauros.cfd", "AS25693,C2,censys,VIRMACH", "0", "dyingbreeds_"
"2025-08-18 04:00:07", "1570592", "autodiscover.box.livrocentauros.cfd", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/45.143.11.34+autodiscover.box.livrocentauros.cfd", "AS25693,C2,censys,VIRMACH", "0", "dyingbreeds_"
"2025-08-18 02:50:18", "1570590", "185.141.24.28:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:50:11", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-18 02:48:56", "1570589", "cloud.defenderblt.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-08-20 00:48:49", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-08-18 02:35:57", "1570588", "https://t.me/hdjajfjwjfuaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/395e5f06d542dc2d14440de8c5c05e71f1fd787999c2816f2a031841977a3e21/", "lumma", "0", "abuse_ch"
"2025-08-18 02:35:50", "1570587", "https://dimijrw.top/xkjd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/395e5f06d542dc2d14440de8c5c05e71f1fd787999c2816f2a031841977a3e21/", "lumma", "0", "abuse_ch"
# Number of entries: 713