################################################################ # ThreatFox IOCs: recent additions - CSV format # # Last updated: 2025-01-20 20:47:14 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-01-20 20:47:14", "1390166", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:47:11", "1390165", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:47:10", "1390163", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:47:10", "1390164", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:47:05", "1390162", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:46:50", "1390159", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:46:50", "1390160", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:46:50", "1390161", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:46:46", "1390158", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:46:01", "1390157", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 20:45:56", "1390156", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 20:45:42", "1390155", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 20:45:41", "1390154", "8.45.52.122:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-20 20:45:33", "1390153", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 20:45:31", "1390152", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 20:45:30", "1390151", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 20:45:27", "1390150", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 20:45:26", "1390149", "54.238.225.137:8000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "75", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch" "2025-01-20 20:45:08", "1390148", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 20:44:56", "1390147", "43.134.122.146:60000", "ip:port", "botnet_cc", "apk.viper_rat", "None", "Viper RAT", "", "75", "None", "drb-ra,ViperRAT", "0", "abuse_ch" "2025-01-20 20:44:55", "1390146", "39.40.179.62:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-20 20:43:06", "1390145", "103.154.55.82:11583", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-20 20:37:24", "1390142", "studio-teaching.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-20 20:37:24", "1390143", "nipoto-62948.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-20 20:36:52", "1390141", "https://pastebin.com/raw/cyX7R6Kt", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-20 20:35:22", "1390140", "http://81.161.229.110/htdocs/xmzgzwlkoaynncy.exe", "url", "payload_delivery", "win.masslogger", "None", "MASS Logger", "", "50", "https://urlscan.io/result/4a7e492e-10c6-498e-ab5c-b83408d4999a", "exe,masslogger,urlscan", "0", "juroots" "2025-01-20 20:35:21", "1390139", "http://81.161.229.110/htdocs/ncwtdprdytqedkj.exe", "url", "payload_delivery", "win.masslogger", "None", "MASS Logger", "", "50", "https://urlscan.io/result/6090e78c-aca2-43c0-b041-957ebcddd50f", "exe,masslogger,urlscan", "0", "juroots" "2025-01-20 20:34:39", "1390138", "http://66.63.187.214/263ff79562167f22/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/12ab67e4-4354-4428-a5c4-9356878185a5", "dll,stealc,urlscan", "0", "juroots" "2025-01-20 20:34:38", "1390137", "http://45.131.215.139/c262c2557c712ca5/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/7a87d6b2-b54d-435f-951c-5025e49609ac", "dll,stealc,urlscan", "0", "juroots" "2025-01-20 20:33:37", "1390136", "https://kentuckymentalhealth.com/up/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/b218adec-f4b7-4a6b-8860-3c818d98cf48", "clickfix,fakecaptcha,urlscan", "0", "juroots" "2025-01-20 20:30:37", "1390135", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 20:30:20", "1390133", "181.50.73.64:55522", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#55522", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 20:30:20", "1390134", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 20:30:19", "1390131", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 20:30:19", "1390132", "35.167.94.35:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/35.167.94.35#443", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 20:29:43", "1390130", "154.221.21.196:2053", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.221.21.196#2053", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-01-20 20:15:05", "1390129", "ninepp9vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/ninepp9vs.top", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 20:14:25", "1390128", "onepp1vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/onepp1vs.top", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390121", "https://rewardtide.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390122", "https://rollaritheju.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390123", "https://rainy-lamep.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390124", "https://moonehobno.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390125", "https://reliedevopoi.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390126", "https://carfeuspitt.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:01", "1390127", "https://elfinyamen.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:00", "1390119", "https://swallowsowwe.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:13:00", "1390120", "https://encirelk.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 20:10:52", "1390118", "swallowsowwe.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/swallowsowwe.cyou", "virustotal", "0", "DonPasci" "2025-01-20 20:10:51", "1390117", "encirelk.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/encirelk.cyou", "virustotal", "0", "DonPasci" "2025-01-20 20:10:43", "1390116", "rewardtide.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/rewardtide.shop", "virustotal", "0", "DonPasci" "2025-01-20 20:10:42", "1390115", "rollaritheju.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/rollaritheju.shop", "virustotal", "0", "DonPasci" "2025-01-20 20:10:33", "1390114", "rainy-lamep.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/rainy-lamep.bond", "virustotal", "0", "DonPasci" "2025-01-20 20:10:32", "1390113", "moonehobno.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/moonehobno.bond", "virustotal", "0", "DonPasci" "2025-01-20 20:10:31", "1390111", "reliedevopoi.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/reliedevopoi.bond", "virustotal", "0", "DonPasci" "2025-01-20 20:10:31", "1390112", "carfeuspitt.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/carfeuspitt.bond", "virustotal", "0", "DonPasci" "2025-01-20 20:10:30", "1390110", "elfinyamen.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/elfinyamen.bond", "virustotal", "0", "DonPasci" "2025-01-20 20:10:20", "1390108", "cq65040.tw1.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/cq65040.tw1.ru", "c2,domain,rat,virustotal", "0", "DonPasci" "2025-01-20 20:10:20", "1390109", "a1074338.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/a1074338.xsph.ru", "c2,domain,rat,virustotal", "0", "DonPasci" "2025-01-20 20:04:38", "1390106", "185.76.79.26:24443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/185.76.79.26", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci" "2025-01-20 20:04:22", "1390105", "143.198.153.124:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/143.198.153.124", "AS14061,censys,DIGITALOCEAN-ASN,EvilGoPhish,panel,Phishing", "0", "DonPasci" "2025-01-20 20:04:08", "1390104", "23736-47762.bacloud.info", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/213.252.232.209+23736-47762.bacloud.info", "AS61272,C2,censys,Havoc,IST-AS", "0", "DonPasci" "2025-01-20 20:04:05", "1390103", "87.242.88.155:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/87.242.88.155", "AS208677,C2,censys,CLOUDRU-AS,Mythic", "0", "DonPasci" "2025-01-20 20:04:00", "1390100", "103.195.101.225:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/103.195.101.225", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-01-20 20:04:00", "1390101", "34.59.116.243:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/34.59.116.243", "AS396982,AsyncRAT,C2,censys,GOOGLE-CLOUD-PLATFORM,RAT", "0", "DonPasci" "2025-01-20 20:04:00", "1390102", "23.95.106.22:20205", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/23.95.106.22", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-01-20 20:03:37", "1390098", "213.159.66.34:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/213.159.66.34", "AS44477,C2,censys,RAT,Remcos,STARK-INDUSTRIES", "0", "DonPasci" "2025-01-20 20:03:37", "1390099", "185.208.158.201:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.208.158.201", "AS42624,C2,censys,RAT,Remcos,SWISSNETWORK02", "0", "DonPasci" "2025-01-20 20:03:36", "1390097", "194.163.151.98:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/194.163.151.98", "AS51167,C2,censys,CONTABO,RAT,Remcos", "0", "DonPasci" "2025-01-20 19:47:18", "1390095", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:47:16", "1390094", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:47:15", "1390093", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:47:14", "1390092", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:47:09", "1390091", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:46:54", "1390088", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:46:54", "1390089", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:46:54", "1390090", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:46:50", "1390087", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:46:05", "1390086", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 19:45:59", "1390085", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 19:45:45", "1390084", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 19:45:35", "1390083", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 19:45:33", "1390082", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 19:45:32", "1390081", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 19:45:30", "1390080", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 19:45:13", "1390079", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 18:47:18", "1390077", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:47:16", "1390076", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:47:15", "1390075", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:47:14", "1390074", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:47:08", "1390073", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:46:53", "1390070", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:46:53", "1390071", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:46:53", "1390072", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:46:50", "1390069", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:46:05", "1390068", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 18:45:59", "1390067", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 18:45:45", "1390066", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 18:45:35", "1390065", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 18:45:33", "1390064", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 18:45:32", "1390063", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 18:45:30", "1390062", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 18:45:12", "1390061", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 18:17:45", "1390055", "reddit-02.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:45", "1390056", "reddit-2.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:45", "1390057", "reddit-91.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:45", "1390058", "reddit-50.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:45", "1390059", "reddit-0.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390039", "reddit-02.neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390040", "reddit-9.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390041", "reddit-8.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390042", "reddit-7.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390043", "reddit-96.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390044", "reddit-6.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390045", "reddit-55.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390046", "reddit-5.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390047", "reddit-4.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390048", "reddit-53.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390049", "reddit-23.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390050", "reddit-3.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390051", "reddit-92.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390052", "reddit-82.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390053", "reddit-42.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:44", "1390054", "reddit-12.lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390024", "reddit-31.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390025", "reddit-1.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390026", "reddit-20.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390027", "reddit-0.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390028", "reddit-9.prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390029", "reddit-4.prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390030", "reddit-63.prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390031", "reddit-1.prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390032", "reddit-90.prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390033", "reddit-0.prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390034", "reddit-7.neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390035", "reddit-64.neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390036", "reddit-53.neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390037", "reddit-62.neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:43", "1390038", "reddit-32.neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390008", "reddit-8.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390009", "reddit-57.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390010", "reddit-7.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390011", "reddit-16.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390012", "reddit-6.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390013", "reddit-5.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390014", "reddit-24.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390015", "reddit-04.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390016", "reddit-4.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390017", "reddit-33.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390018", "reddit-23.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390019", "reddit-13.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390020", "reddit-3.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390021", "reddit-2.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390022", "reddit-81.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:42", "1390023", "reddit-71.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389993", "reddit-8.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389994", "reddit-7.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389995", "reddit-76.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389996", "reddit-85.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389997", "reddit-55.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389998", "reddit-4.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1389999", "reddit-13.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390000", "reddit-1.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390001", "reddit-30.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390002", "reddit-00.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390003", "reddit-59.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390004", "reddit-39.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390005", "reddit-9.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390006", "reddit-88.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:41", "1390007", "reddit-48.xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389978", "reddit-15.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389979", "reddit-5.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389980", "reddit-74.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389981", "reddit-34.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389982", "reddit-72.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389983", "reddit-2.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389984", "reddit-51.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389985", "reddit-41.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389986", "reddit-31.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389987", "reddit-01.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389988", "reddit-1.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389989", "reddit-40.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389990", "reddit-0.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389991", "reddit-9.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:40", "1389992", "reddit-38.zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389962", "reddit-60.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389963", "reddit-0.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389964", "reddit-68.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389965", "reddit-57.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389966", "reddit-5.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389967", "reddit-03.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389968", "reddit-32.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389969", "reddit-1.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389970", "reddit-50.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389971", "reddit-30.cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389972", "reddit-29.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389973", "reddit-8.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389974", "reddit-67.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389975", "reddit-47.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389976", "reddit-6.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:39", "1389977", "reddit-55.byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389945", "reddit-57.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389946", "reddit-66.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389947", "reddit-26.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389948", "reddit-6.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389949", "reddit-25.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389950", "reddit-5.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389951", "reddit-54.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389952", "reddit-04.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389953", "reddit-4.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389954", "reddit-03.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389955", "reddit-3.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389956", "reddit-52.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389957", "reddit-22.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389958", "reddit-12.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389959", "reddit-71.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389960", "reddit-61.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:38", "1389961", "reddit-11.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389929", "reddit-68.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389930", "reddit-7.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389931", "reddit-6.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389932", "reddit-5.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389933", "reddit-44.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389934", "reddit-4.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389935", "reddit-73.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389936", "reddit-3.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389937", "reddit-62.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389938", "reddit-2.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389939", "reddit-11.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389940", "reddit-1.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389941", "reddit-09.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389942", "reddit-9.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389943", "reddit-28.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:37", "1389944", "reddit-8.jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389913", "reddit-8.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389914", "reddit-67.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389915", "reddit-76.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389916", "reddit-66.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389917", "reddit-46.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389918", "reddit-25.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389919", "reddit-5.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389920", "reddit-84.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389921", "reddit-34.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389922", "reddit-4.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389923", "reddit-72.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389924", "reddit-0.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389925", "reddit-5.vyki.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389926", "reddit-49.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389927", "reddit-9.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:36", "1389928", "reddit-98.ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389896", "reddit-63.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389897", "reddit-33.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389898", "reddit-13.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389899", "reddit-3.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389900", "reddit-32.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389901", "reddit-1.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389902", "reddit-30.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389903", "reddit-10.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389904", "reddit-00.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389905", "reddit-0.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389906", "reddit-99.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389907", "reddit-79.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389908", "reddit-69.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389909", "reddit-39.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389910", "reddit-9.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389911", "reddit-68.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:35", "1389912", "reddit-08.rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389879", "reddit-97.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389880", "reddit-87.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389881", "reddit-57.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389882", "reddit-47.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389883", "reddit-7.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389884", "reddit-76.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389885", "reddit-46.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389886", "reddit-6.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389887", "reddit-85.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389888", "reddit-35.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389889", "reddit-25.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389890", "reddit-5.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389891", "reddit-94.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389892", "reddit-24.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389893", "reddit-04.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389894", "reddit-4.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:34", "1389895", "reddit-73.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389863", "reddit-66.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389864", "reddit-36.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389865", "reddit-6.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389866", "reddit-5.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389867", "reddit-04.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389868", "reddit-4.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389869", "reddit-83.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389870", "reddit-53.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389871", "reddit-3.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389872", "reddit-2.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389873", "reddit-29.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389874", "reddit-9.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389875", "reddit-88.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389876", "reddit-48.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389877", "reddit-18.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:33", "1389878", "reddit-8.ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389845", "reddit-5.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389846", "reddit-14.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389847", "reddit-4.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389848", "reddit-83.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389849", "reddit-73.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389850", "reddit-32.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389851", "reddit-2.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389852", "reddit-41.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389853", "reddit-31.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389854", "reddit-21.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389855", "reddit-01.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389856", "reddit-1.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389857", "reddit-90.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389858", "reddit-00.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389859", "reddit-0.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389860", "reddit-79.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389861", "reddit-8.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:32", "1389862", "reddit-07.jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389829", "reddit-9.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389830", "reddit-8.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389831", "reddit-66.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389832", "reddit-5.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389833", "reddit-74.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389834", "reddit-4.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389835", "reddit-3.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389836", "reddit-62.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389837", "reddit-81.fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389838", "reddit-29.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389839", "reddit-19.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389840", "reddit-9.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389841", "reddit-8.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389842", "reddit-47.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389843", "reddit-6.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:31", "1389844", "reddit-35.zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389812", "reddit-9.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389813", "reddit-88.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389814", "reddit-8.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389815", "reddit-7.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389816", "reddit-96.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389817", "reddit-36.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389818", "reddit-04.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389819", "reddit-3.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389820", "reddit-22.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389821", "reddit-2.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389822", "reddit-81.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389823", "reddit-21.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389824", "reddit-1.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389825", "reddit-0.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389826", "reddit-44.vwgl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389827", "reddit-81.vwgl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:30", "1389828", "reddit-0.vwgl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389796", "reddit-8.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389797", "reddit-6.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389798", "reddit-45.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389799", "reddit-35.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389800", "reddit-25.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389801", "reddit-04.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389802", "reddit-4.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389803", "reddit-53.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389804", "reddit-92.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389805", "reddit-62.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389806", "reddit-52.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389807", "reddit-12.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389808", "reddit-91.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389809", "reddit-22.vhzm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389810", "reddit-40.vhzm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:29", "1389811", "reddit-39.vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389780", "reddit-8.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389781", "reddit-57.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389782", "reddit-7.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389783", "reddit-56.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389784", "reddit-36.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389785", "reddit-5.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389786", "reddit-54.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389787", "reddit-4.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389788", "reddit-83.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389789", "reddit-3.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389790", "reddit-2.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389791", "reddit-91.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389792", "reddit-71.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389793", "reddit-61.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389794", "reddit-0.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:28", "1389795", "reddit-9.nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389763", "reddit-56.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389764", "reddit-6.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389765", "reddit-5.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389766", "reddit-74.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389767", "reddit-54.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389768", "reddit-53.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389769", "reddit-72.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389770", "reddit-2.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389771", "reddit-61.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389772", "reddit-90.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389773", "reddit-59.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389774", "reddit-49.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389775", "reddit-78.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389776", "reddit-58.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389777", "reddit-38.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389778", "reddit-28.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:27", "1389779", "reddit-18.qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389747", "reddit-0.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389748", "reddit-29.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389749", "reddit-08.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389750", "reddit-5.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389751", "reddit-4.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389752", "reddit-3.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389753", "reddit-2.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389754", "reddit-0.qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389755", "reddit-59.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389756", "reddit-49.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389757", "reddit-09.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389758", "reddit-9.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389759", "reddit-98.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389760", "reddit-8.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389761", "reddit-7.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:26", "1389762", "reddit-86.mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389729", "reddit-4.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389730", "reddit-93.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389731", "reddit-83.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389732", "reddit-23.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389733", "reddit-13.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389734", "reddit-3.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389735", "reddit-62.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389736", "reddit-12.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389737", "reddit-2.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389738", "reddit-91.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389739", "reddit-61.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389740", "reddit-51.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389741", "reddit-21.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389742", "reddit-11.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389743", "reddit-1.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389744", "reddit-90.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389745", "reddit-50.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:25", "1389746", "reddit-10.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389713", "reddit-69.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389714", "reddit-49.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389715", "reddit-19.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389716", "reddit-9.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389717", "reddit-78.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389718", "reddit-48.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389719", "reddit-8.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389720", "reddit-87.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389721", "reddit-67.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389722", "reddit-7.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389723", "reddit-6.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389724", "reddit-65.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389725", "reddit-55.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389726", "reddit-35.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389727", "reddit-5.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:24", "1389728", "reddit-04.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389696", "reddit-8.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389697", "reddit-5.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389698", "reddit-94.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389699", "reddit-3.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389700", "reddit-81.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389701", "reddit-31.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389702", "reddit-1.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389703", "reddit-0.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389704", "reddit-19.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389705", "reddit-9.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389706", "reddit-6.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389707", "reddit-15.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389708", "reddit-53.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389709", "reddit-3.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389710", "reddit-82.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389711", "reddit-1.gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:23", "1389712", "reddit-99.knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389680", "reddit-0.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389681", "reddit-8.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389682", "reddit-7.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389683", "reddit-23.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389684", "reddit-3.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389685", "reddit-72.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389686", "reddit-81.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389687", "reddit-00.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389688", "reddit-0.zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389689", "reddit-8.fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389690", "reddit-66.fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389691", "reddit-6.fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389692", "reddit-25.fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389693", "reddit-05.fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389694", "reddit-84.fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:22", "1389695", "reddit-9.xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389662", "reddit-74.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389663", "reddit-04.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389664", "reddit-4.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389665", "reddit-83.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389666", "reddit-43.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389667", "reddit-33.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389668", "reddit-3.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389669", "reddit-82.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389670", "reddit-72.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389671", "reddit-62.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389672", "reddit-52.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389673", "reddit-2.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389674", "reddit-61.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389675", "reddit-11.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389676", "reddit-01.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389677", "reddit-1.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389678", "reddit-90.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:21", "1389679", "reddit-10.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389646", "reddit-59.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389647", "reddit-9.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389648", "reddit-88.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389649", "reddit-58.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389650", "reddit-48.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389651", "reddit-28.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389652", "reddit-8.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389653", "reddit-97.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389654", "reddit-67.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389655", "reddit-27.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389656", "reddit-7.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389657", "reddit-6.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389658", "reddit-45.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389659", "reddit-25.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389660", "reddit-5.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:20", "1389661", "reddit-94.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389629", "reddit-29.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389630", "reddit-98.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389631", "reddit-7.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389632", "reddit-26.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389633", "reddit-6.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389634", "reddit-5.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389635", "reddit-4.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389636", "reddit-12.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389637", "reddit-90.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389638", "reddit-0.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389639", "reddit-18.sjtx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389640", "reddit-7.sjtx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389641", "reddit-36.sjtx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389642", "reddit-24.sjtx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389643", "reddit-1.sjtx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389644", "reddit-99.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:19", "1389645", "reddit-79.lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389612", "reddit-15.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389613", "reddit-5.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389614", "reddit-34.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389615", "reddit-3.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389616", "reddit-22.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389617", "reddit-2.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389618", "reddit-31.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389619", "reddit-6.qgqy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389620", "reddit-22.qgqy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389621", "reddit-89.pemy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389622", "reddit-58.qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389623", "reddit-48.qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389624", "reddit-17.qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389625", "reddit-76.qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389626", "reddit-3.qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389627", "reddit-01.qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:18", "1389628", "reddit-69.zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389596", "reddit-77.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389597", "reddit-37.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389598", "reddit-85.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389599", "reddit-44.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389600", "reddit-14.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389601", "reddit-4.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389602", "reddit-3.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389603", "reddit-82.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389604", "reddit-42.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389605", "reddit-2.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389606", "reddit-91.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389607", "reddit-21.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389608", "reddit-1.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389609", "reddit-79.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389610", "reddit-09.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:17", "1389611", "reddit-6.kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389580", "reddit-5.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389581", "reddit-94.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389582", "reddit-4.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389583", "reddit-13.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389584", "reddit-3.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389585", "reddit-32.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389586", "reddit-2.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389587", "reddit-91.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389588", "reddit-0.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389589", "reddit-99.vykm.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389590", "reddit-08.vykm.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389591", "reddit-6.vykm.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389592", "reddit-3.vykm.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389593", "reddit-9.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389594", "reddit-8.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:16", "1389595", "reddit-97.lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389562", "reddit-24.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389563", "reddit-4.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389564", "reddit-83.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389565", "reddit-3.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389566", "reddit-42.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389567", "reddit-2.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389568", "reddit-1.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389569", "reddit-90.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389570", "reddit-40.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389571", "reddit-0.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389572", "reddit-88.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389573", "reddit-68.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389574", "reddit-48.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389575", "reddit-57.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389576", "reddit-17.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389577", "reddit-7.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389578", "reddit-6.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:15", "1389579", "reddit-95.wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389545", "reddit-56.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389546", "reddit-26.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389547", "reddit-45.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389548", "reddit-5.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389549", "reddit-4.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389550", "reddit-3.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389551", "reddit-61.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389552", "reddit-90.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389553", "reddit-30.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389554", "reddit-10.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389555", "reddit-0.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389556", "reddit-39.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389557", "reddit-29.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389558", "reddit-9.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389559", "reddit-48.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389560", "reddit-7.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:14", "1389561", "reddit-36.xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389526", "wettransfer78.tqfa.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389527", "wettransfer67.tqfa.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389528", "wettransfer05.tqfa.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389529", "wettransfer13.tqfa.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389530", "wettransfer71.tqfa.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389531", "reddit-69.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389532", "reddit-8.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389533", "reddit-7.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389534", "reddit-55.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389535", "reddit-5.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389536", "reddit-04.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389537", "reddit-83.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389538", "reddit-2.loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389539", "reddit-9.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389540", "reddit-88.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389541", "reddit-78.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389542", "reddit-17.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389543", "reddit-07.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:13", "1389544", "reddit-7.zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389510", "wettransfer54.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389511", "wettransfer53.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389512", "wettransfer43.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389513", "wettransfer33.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389514", "wettransfer52.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389515", "wettransfer22.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389516", "wettransfer81.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389517", "wettransfer11.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389518", "wettransfer80.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389519", "wettransfer58.ckfb.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389520", "wettransfer35.ckfb.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389521", "wettransfer53.ckfb.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389522", "wettransfer42.ckfb.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389523", "wettransfer21.ckfb.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389524", "wettransfer90.ckfb.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:12", "1389525", "wettransfer29.tqfa.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389492", "wettransfer97.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389493", "wettransfer87.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389494", "wettransfer47.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389495", "wettransfer16.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389496", "wettransfer75.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389497", "wettransfer45.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389498", "wettransfer04.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389499", "wettransfer72.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389500", "wettransfer41.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389501", "wettransfer99.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389502", "wettransfer79.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389503", "wettransfer19.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389504", "wettransfer88.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389505", "wettransfer48.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389506", "wettransfer46.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389507", "wettransfer06.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389508", "wettransfer55.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:11", "1389509", "wettransfer25.tynd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389475", "wettransfer60.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389476", "wettransfer59.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389477", "wettransfer09.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389478", "wettransfer48.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389479", "wettransfer97.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389480", "wettransfer55.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389481", "wettransfer64.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389482", "wettransfer93.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389483", "wettransfer13.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389484", "wettransfer82.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389485", "wettransfer72.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389486", "wettransfer81.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389487", "wettransfer51.zghf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389488", "wettransfer29.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389489", "wettransfer58.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389490", "wettransfer18.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:10", "1389491", "wettransfer08.jyse.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389458", "wettransfer48.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389459", "wettransfer28.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389460", "wettransfer18.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389461", "wettransfer77.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389462", "wettransfer27.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389463", "wettransfer17.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389464", "wettransfer46.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389465", "wettransfer16.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389466", "wettransfer45.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389467", "wettransfer35.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389468", "wettransfer25.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389469", "wettransfer64.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389470", "wettransfer54.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389471", "wettransfer04.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389472", "wettransfer42.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389473", "wettransfer31.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:09", "1389474", "wettransfer11.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389441", "wettransfer45.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389442", "wettransfer35.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389443", "wettransfer05.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389444", "wettransfer94.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389445", "wettransfer24.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389446", "wettransfer14.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389447", "wettransfer62.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389448", "wettransfer32.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389449", "wettransfer02.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389450", "wettransfer71.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389451", "wettransfer61.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389452", "wettransfer41.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389453", "wettransfer31.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389454", "wettransfer21.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389455", "wettransfer50.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389456", "wettransfer40.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:08", "1389457", "wettransfer59.husf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389423", "wettransfer70.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389424", "wettransfer30.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389425", "wettransfer00.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389426", "wettransfer08.zplg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389427", "wettransfer84.zplg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389428", "wettransfer03.zplg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389429", "wettransfer41.zplg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389430", "wettransfer89.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389431", "wettransfer59.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389432", "wettransfer29.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389433", "wettransfer09.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389434", "wettransfer48.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389435", "wettransfer08.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389436", "wettransfer57.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389437", "wettransfer17.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389438", "wettransfer56.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389439", "wettransfer75.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:07", "1389440", "wettransfer65.lxtf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389405", "wettransfer54.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389406", "wettransfer53.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389407", "wettransfer12.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389408", "wettransfer11.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389409", "wettransfer49.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389410", "wettransfer08.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389411", "wettransfer97.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389412", "wettransfer57.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389413", "wettransfer47.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389414", "wettransfer16.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389415", "wettransfer64.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389416", "wettransfer24.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389417", "wettransfer14.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389418", "wettransfer33.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389419", "wettransfer72.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389420", "wettransfer42.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389421", "wettransfer81.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:06", "1389422", "wettransfer90.qujh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389387", "wettransfer22.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389388", "wettransfer12.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389389", "wettransfer02.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389390", "wettransfer81.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389391", "wettransfer61.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389392", "wettransfer51.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389393", "wettransfer21.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389394", "wettransfer90.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389395", "wettransfer80.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389396", "wettransfer60.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389397", "wettransfer50.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389398", "wettransfer00.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389399", "wettransfer84.dghj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389400", "wettransfer74.dghj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389401", "wettransfer20.dghj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389402", "wettransfer78.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389403", "wettransfer58.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:05", "1389404", "wettransfer55.vaqi.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389370", "wettransfer48.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389371", "wettransfer38.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389372", "wettransfer77.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389373", "wettransfer37.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389374", "wettransfer17.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389375", "wettransfer76.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389376", "wettransfer26.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389377", "wettransfer16.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389378", "wettransfer06.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389379", "wettransfer35.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389380", "wettransfer05.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389381", "wettransfer84.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389382", "wettransfer24.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389383", "wettransfer43.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389384", "wettransfer23.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389385", "wettransfer72.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:04", "1389386", "wettransfer32.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389353", "wettransfer89.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389354", "wettransfer97.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389355", "wettransfer87.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389356", "wettransfer77.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389357", "wettransfer96.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389358", "wettransfer75.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389359", "wettransfer74.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389360", "wettransfer62.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389361", "wettransfer61.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389362", "wettransfer41.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389363", "wettransfer21.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389364", "wettransfer20.lowk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389365", "wettransfer99.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389366", "wettransfer89.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389367", "wettransfer59.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389368", "wettransfer49.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:03", "1389369", "wettransfer19.vfwk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:02", "1389349", "wettransfer52.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:02", "1389350", "wettransfer42.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:02", "1389351", "wettransfer32.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:02", "1389352", "wettransfer30.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389333", "wettransfer87.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389334", "wettransfer46.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389335", "wettransfer36.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389336", "wettransfer45.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389337", "wettransfer05.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389338", "wettransfer22.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389339", "wettransfer60.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389340", "wettransfer69.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389341", "wettransfer39.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389342", "wettransfer29.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389343", "wettransfer47.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389344", "wettransfer37.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389345", "wettransfer27.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389346", "wettransfer95.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389347", "wettransfer74.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:01", "1389348", "wettransfer24.rrxk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389317", "wettransfer17.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389318", "wettransfer36.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389319", "wettransfer65.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389320", "wettransfer14.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389321", "wettransfer04.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389322", "wettransfer83.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389323", "wettransfer63.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389324", "wettransfer53.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389325", "wettransfer80.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389326", "wettransfer50.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389327", "wettransfer30.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389328", "wettransfer79.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389329", "wettransfer59.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389330", "wettransfer49.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389331", "wettransfer19.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:17:00", "1389332", "wettransfer48.zjvm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389300", "wettransfer55.zwgr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389301", "wettransfer20.zwgr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389302", "wettransfer55.qezn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389303", "wettransfer35.qezn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389304", "wettransfer43.qezn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389305", "wettransfer70.qezn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389306", "wettransfer74.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389307", "wettransfer14.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389308", "wettransfer92.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389309", "wettransfer62.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389310", "wettransfer42.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389311", "wettransfer61.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389312", "wettransfer51.fdwn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389313", "wettransfer59.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389314", "wettransfer49.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389315", "wettransfer97.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:59", "1389316", "wettransfer47.xirn.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389283", "wettransfer02.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389284", "wettransfer77.qequ.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389285", "wettransfer17.qequ.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389286", "wettransfer58.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389287", "wettransfer97.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389288", "wettransfer37.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389289", "wettransfer76.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389290", "wettransfer25.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389291", "wettransfer74.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389292", "wettransfer44.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389293", "wettransfer21.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389294", "wettransfer90.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389295", "wettransfer60.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389296", "wettransfer50.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389297", "wettransfer30.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389298", "wettransfer20.dbft.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:58", "1389299", "wettransfer29.xlcs.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389265", "wettransfer78.xtnw.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389266", "wettransfer68.xtnw.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389267", "wettransfer27.xtnw.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389268", "wettransfer71.xtnw.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389269", "wettransfer72.fejw.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389270", "wettransfer26.wyru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389271", "wettransfer95.wyru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389272", "wettransfer19.qaru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389273", "wettransfer97.qaru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389274", "wettransfer77.qaru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389275", "wettransfer57.qaru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389276", "wettransfer45.qaru.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389277", "wettransfer88.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389278", "wettransfer38.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389279", "wettransfer27.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389280", "wettransfer86.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389281", "wettransfer14.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:57", "1389282", "wettransfer04.xoqu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389248", "wettransfer11.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389249", "wettransfer70.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389250", "wettransfer40.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389251", "wettransfer30.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389252", "wettransfer98.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389253", "wettransfer78.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389254", "wettransfer55.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389255", "wettransfer03.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389256", "wettransfer32.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389257", "wettransfer12.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389258", "wettransfer81.haqx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389259", "wettransfer39.qibx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389260", "wettransfer15.qibx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389261", "wettransfer93.qibx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389262", "wettransfer53.qibx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389263", "wettransfer81.qibx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:56", "1389264", "wettransfer71.qibx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389230", "wettransfer86.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389231", "wettransfer56.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389232", "wettransfer46.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389233", "wettransfer26.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389234", "wettransfer06.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389235", "wettransfer85.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389236", "wettransfer75.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389237", "wettransfer45.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389238", "wettransfer25.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389239", "wettransfer15.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389240", "wettransfer84.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389241", "wettransfer63.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389242", "wettransfer43.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389243", "wettransfer23.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389244", "wettransfer13.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389245", "wettransfer82.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389246", "wettransfer42.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:55", "1389247", "wettransfer91.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389212", "wettransfer78.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389213", "wettransfer08.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389214", "wettransfer86.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389215", "wettransfer75.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389216", "wettransfer35.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389217", "wettransfer84.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389218", "wettransfer74.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389219", "wettransfer54.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389220", "wettransfer81.fkfy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389221", "wettransfer89.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389222", "wettransfer29.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389223", "wettransfer19.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389224", "wettransfer98.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389225", "wettransfer38.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389226", "wettransfer08.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389227", "wettransfer77.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389228", "wettransfer57.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:54", "1389229", "wettransfer27.gsxx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389194", "wettransfer51.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389195", "wettransfer00.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389196", "wettransfer97.rmcz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389197", "wettransfer87.rmcz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389198", "wettransfer44.rmcz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389199", "wettransfer14.rmcz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389200", "wettransfer99.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389201", "wettransfer89.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389202", "wettransfer78.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389203", "wettransfer26.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389204", "wettransfer75.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389205", "wettransfer93.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389206", "wettransfer43.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389207", "wettransfer23.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389208", "wettransfer71.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389209", "wettransfer90.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389210", "wettransfer70.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:53", "1389211", "wettransfer20.rujy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389176", "wettransfer31.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389177", "wettransfer90.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389178", "wettransfer60.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389179", "wettransfer88.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389180", "wettransfer38.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389181", "wettransfer28.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389182", "wettransfer07.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389183", "wettransfer96.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389184", "wettransfer05.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389185", "wettransfer90.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389186", "wettransfer40.sxrz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389187", "wettransfer78.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389188", "wettransfer97.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389189", "wettransfer55.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389190", "wettransfer63.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389191", "wettransfer53.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389192", "wettransfer23.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:52", "1389193", "wettransfer91.fvhz.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389156", "wettransfer84.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389157", "wettransfer03.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389158", "wettransfer92.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389159", "wettransfer42.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389160", "wettransfer51.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389161", "wettransfer11.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389162", "wettransfer70.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389163", "wettransfer36.xelj.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389164", "wettransfer89.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389165", "wettransfer49.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389166", "wettransfer68.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389167", "wettransfer48.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389168", "wettransfer28.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389169", "wettransfer97.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389170", "wettransfer27.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389171", "wettransfer55.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389172", "wettransfer35.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389173", "wettransfer94.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389174", "wettransfer64.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:51", "1389175", "wettransfer24.teqg.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389135", "wettransfer64.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389136", "wettransfer04.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389137", "wettransfer22.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389138", "wettransfer31.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389139", "wettransfer21.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389140", "wettransfer90.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389141", "wettransfer00.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389142", "wettransfer59.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389143", "wettransfer08.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389144", "wettransfer36.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389145", "wettransfer26.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389146", "wettransfer84.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389147", "wettransfer64.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389148", "wettransfer33.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389149", "wettransfer50.wojq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389150", "wettransfer39.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389151", "wettransfer48.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389152", "wettransfer86.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389153", "wettransfer16.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389154", "wettransfer75.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:50", "1389155", "wettransfer45.dyxk.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389115", "ffzh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389116", "jylh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389117", "cklh.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389118", "byzg.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389119", "zekf.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389120", "xeqe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389121", "prxd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389122", "neqd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389123", "lufd.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389124", "wettransfer31.mirth.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389125", "wettransfer20.mirth.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389126", "wettransfer10.mirth.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389127", "wettransfer89.fyxy.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389128", "wettransfer05.fyxy.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389129", "wettransfer69.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389130", "wettransfer87.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389131", "wettransfer77.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389132", "wettransfer27.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389133", "wettransfer96.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:49", "1389134", "wettransfer86.nuxq.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389096", "lzdx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389097", "zusv.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389098", "fyvu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389099", "xotu.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389100", "gmvr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389101", "knnr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389102", "qlkr.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389103", "mnxq.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389104", "qkvp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389105", "nzlp.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389106", "vhzm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389107", "vdjm.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389108", "vwgl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389109", "fkbl.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389110", "zomk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389111", "jrjk.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389112", "ntmj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389113", "rdbj.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:48", "1389114", "vyki.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389084", "loom.pw", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389085", "zocv.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389086", "xesr.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389087", "wuwn.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389088", "vykm.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389089", "lymh.net", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389090", "kjvy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389091", "qgqy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389092", "pemy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389093", "qigy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389094", "zidy.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 18:16:47", "1389095", "sjtx.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://x.com/crep1x/status/1881404758843699402", "distribution,Lumma,SelfAU3", "0", "crep1x" "2025-01-20 17:47:19", "1389083", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:47:16", "1389082", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:47:15", "1389081", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:47:14", "1389080", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:47:09", "1389079", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:46:54", "1389076", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:46:54", "1389077", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:46:54", "1389078", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:46:50", "1389075", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:46:05", "1389074", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 17:45:59", "1389073", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 17:45:45", "1389072", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 17:45:35", "1389071", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 17:45:32", "1389070", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 17:45:31", "1389069", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 17:45:28", "1389068", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 17:45:10", "1389067", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 17:42:02", "1389066", "92.255.57.155:80", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "https://urlhaus.abuse.ch/host/92.255.57.155/", "Booking.com,ClickFix,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:38:25", "1389065", "rewiesbadcheked.com", "domain", "payload_delivery", "win.amadey", "None", "Amadey", "", "100", "https://urlhaus.abuse.ch/url/3407134/", "Amadey,booking.com,ClickFix,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:38:17", "1389064", "http://rewiesbadcheked.com/", "url", "payload_delivery", "win.amadey", "None", "Amadey", "", "100", "https://urlhaus.abuse.ch/url/3407134/", "Amadey,booking.com,ClickFix,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:23:58", "1389063", "jandupdate873.webredirect.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-01-20 17:23:36", "1389062", "forward-holly.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots" "2025-01-20 17:23:14", "1389061", "mim.no-ip.net", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "", "c2,nanocore", "0", "juroots" "2025-01-20 17:22:55", "1389060", "letsgetdigging.hopto.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-01-20 17:18:05", "1389059", "113.45.252.9:6666", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/113.45.252.9#6666", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-01-20 17:17:20", "1389058", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-20 17:17:04", "1389057", "31.0.103.77:10080", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/31.0.103.77#10080", "c2,extreme,shodan", "0", "juroots" "2025-01-20 17:16:10", "1389055", "161.35.89.124:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/161.35.89.124#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-20 17:16:10", "1389056", "23.227.199.95:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/23.227.199.95#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-20 17:16:09", "1389054", "185.117.72.249:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/185.117.72.249#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-20 17:15:48", "1389053", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:47", "1389049", "181.50.73.64:56522", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56522", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:47", "1389050", "52.43.67.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/52.43.67.6#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:47", "1389051", "181.50.73.64:56822", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56822", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:47", "1389052", "181.50.73.64:56222", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56222", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:46", "1389046", "181.50.73.64:56322", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56322", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:46", "1389047", "181.50.73.64:56122", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56122", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:15:46", "1389048", "181.50.73.64:56022", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56022", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 17:14:19", "1389045", "roomsvisitor9934224.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389037", "commentsvisitor58100.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389038", "concernguest68549.com", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389039", "feedbackguest485121.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389040", "feedbackpage91293.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389041", "parner-id1501202500.com", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389042", "reportguest4893921.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389043", "reportguest4895921.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:14:18", "1389044", "rooms19821.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "100", "https://x.com/greenplan_it/status/1881337291094012097", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:13:02", "1389036", "issueguest495139.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "50", "https://x.com/DaveLikesMalwre/status/1880989843464864191", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:13:01", "1389034", "issueguest495039.world", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "50", "https://x.com/DaveLikesMalwre/status/1880989843464864191", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:13:01", "1389035", "issueguest495839.com", "domain", "payload_delivery", "win.danabot", "None", "DanaBot", "", "50", "https://x.com/DaveLikesMalwre/status/1880989843464864191", "booking.com,ClickFix,DanaBot,FakeCaptcha", "0", "abuse_ch" "2025-01-20 17:09:04", "1389033", "147.45.44.200:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "75", "https://bazaar.abuse.ch/sample/18b281c467bde8cf246990bf8bacf1e8fd8d70107a04aa528f9f56343f15b690/", "NetSupport,RAT", "0", "abuse_ch" "2025-01-20 17:05:29", "1389031", "88.151.192.8:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "75", "https://bazaar.abuse.ch/sample/f87600e4df299d51337d0751bcf9f07966282be0a43bfa3fd237bf50471a981e/", "DanaBot", "0", "abuse_ch" "2025-01-20 17:05:29", "1389032", "178.253.55.80:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "75", "https://bazaar.abuse.ch/sample/f87600e4df299d51337d0751bcf9f07966282be0a43bfa3fd237bf50471a981e/", "DanaBot", "0", "abuse_ch" "2025-01-20 17:05:28", "1389030", "31.177.108.229:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "75", "https://bazaar.abuse.ch/sample/f87600e4df299d51337d0751bcf9f07966282be0a43bfa3fd237bf50471a981e/", "DanaBot", "0", "abuse_ch" "2025-01-20 16:47:17", "1389029", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:47:14", "1389028", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:47:13", "1389026", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:47:13", "1389027", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:47:07", "1389025", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:59", "1389024", "44.198.12.114:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:52", "1389021", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:52", "1389022", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:52", "1389023", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:48", "1389020", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:06", "1389019", "ns1.cotilah.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:46:02", "1389018", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 16:45:57", "1389017", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 16:45:42", "1389016", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 16:45:33", "1389015", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 16:45:31", "1389014", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 16:45:30", "1389013", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 16:45:27", "1389012", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 16:45:08", "1389011", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 16:04:10", "1389010", "34.27.146.70:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "", "100", "https://search.censys.io/hosts/34.27.146.70", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Posh", "0", "DonPasci" "2025-01-20 16:04:09", "1389009", "18.180.198.238:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "https://search.censys.io/hosts/18.180.198.238", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci" "2025-01-20 16:04:08", "1389008", "18.132.213.43:6881", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/18.132.213.43", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-20 16:03:58", "1389007", "128.90.103.11:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.103.11", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-01-20 16:03:57", "1389005", "23.26.108.93:1999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/23.26.108.93", "AS23470,AsyncRAT,C2,censys,RAT,RELIABLESITE", "0", "DonPasci" "2025-01-20 16:03:57", "1389006", "194.213.3.100:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/194.213.3.100", "AS212027,AsyncRAT,C2,censys,PEBBLEHOST,RAT", "0", "DonPasci" "2025-01-20 16:03:34", "1389004", "rogers-authentication.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.143.1.71+rogers-authentication.com", "AS198953,C2,censys,PROTON66,RAT,Remcos", "0", "DonPasci" "2025-01-20 16:03:17", "1389003", "159.75.114.131:5465", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/159.75.114.131", "AS45090,C2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci" "2025-01-20 15:47:24", "1389001", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:47:24", "1389002", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:47:21", "1389000", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:47:20", "1388998", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:47:20", "1388999", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:47:14", "1388997", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:46:59", "1388994", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:46:59", "1388995", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:46:59", "1388996", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:46:55", "1388993", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:46:08", "1388992", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 15:46:03", "1388991", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 15:45:48", "1388990", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 15:45:39", "1388989", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 15:45:37", "1388988", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 15:45:36", "1388987", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 15:45:33", "1388986", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 15:45:17", "1388985", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 15:12:00", "1388984", "trial.buyintercomsonline.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113861309610270821", "SocGholish", "0", "monitorsg" "2025-01-20 15:01:15", "1388983", "refeplacieud.click", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://bazaar.abuse.ch/sample/e36a4502ab814a284a91fe9497689ec2eb0eeb70aae50502fa45b178b1ad034d/", "LummaStealer", "0", "abuse_ch" "2025-01-20 14:59:18", "1388977", "f2db20a1353bd4384ecb6a24fce94ceac73a32a12b654d15b559454ca686e2b4", "sha256_hash", "payload", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "Joker" "2025-01-20 14:59:17", "1388978", "e5a87de0c42ae3623fa79ab93529417acf47c1cf1de09c0229e0566e66067b28", "sha256_hash", "payload", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "Joker" "2025-01-20 14:59:16", "1388979", "926369b540e2f133c41d26e5ae36cc36572514e6c376b83dc6a8a676c081a318", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "", "RedLine", "0", "Joker" "2025-01-20 14:59:16", "1388980", "b682165c83920ef53701d66dbc579701c402201b8dd0c150a7f3fff5195274fd", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "", "RedLine", "0", "Joker" "2025-01-20 14:59:15", "1388981", "7802d5ba1a55e070258c29be56b5cfada559cd462bf6ed5d6aa5804b06e46112", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "AsyncRAT", "0", "Joker" "2025-01-20 14:59:15", "1388982", "6ad3cc48fe9e71640c1b3b08ae7363271465e126dd412efbd5bf18cc5bbf709c", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "AsyncRAT", "0", "Joker" "2025-01-20 14:47:46", "1388975", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:46", "1388976", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:43", "1388974", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:42", "1388973", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:41", "1388972", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:35", "1388971", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:21", "1388968", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:21", "1388969", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:21", "1388970", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:47:17", "1388967", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:46:29", "1388966", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 14:46:25", "1388965", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 14:46:09", "1388964", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 14:45:59", "1388963", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 14:45:58", "1388962", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 14:45:56", "1388961", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 14:45:54", "1388960", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 14:45:38", "1388959", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 14:18:05", "1388958", "147.45.44.255:80", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://app.any.run/tasks/96408e3d-2cd2-4aef-a924-fcab83e43936", "AS215789,KARINAR,netsupport,rat", "0", "DonPasci" "2025-01-20 14:17:51", "1388956", "traktortany.org", "domain", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "", "TrickMo", "0", "abuse_ch" "2025-01-20 14:17:51", "1388957", "skyfrostweb.cn.com", "domain", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "", "TrickMo", "0", "abuse_ch" "2025-01-20 14:17:31", "1388954", "http://traktortany.org/c", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "", "TrickMo", "0", "abuse_ch" "2025-01-20 14:17:31", "1388955", "http://skyfrostweb.cn.com/c", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "", "TrickMo", "0", "abuse_ch" "2025-01-20 14:17:09", "1388953", "195.133.13.106:80", "ip:port", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "75", "", "TrickMo", "0", "abuse_ch" "2025-01-20 14:15:04", "1388947", "https://dsdpx.top/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113861075911812888", "SmartApeSG", "0", "monitorsg" "2025-01-20 14:15:04", "1388948", "dsdpx.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113861075911812888", "SmartApeSG", "0", "monitorsg" "2025-01-20 14:15:03", "1388949", "https://dsdpx.top/work/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113861075911812888", "SmartApeSG", "0", "monitorsg" "2025-01-20 14:15:03", "1388950", "https://dsdpx.top/work/help.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113861075911812888", "SmartApeSG", "0", "monitorsg" "2025-01-20 14:15:02", "1388951", "https://mffaccessories.com/file.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113861075911812888", "SmartApeSG", "0", "monitorsg" "2025-01-20 14:15:02", "1388952", "https://corepatchcraft.com/updates/system-components/2025-release/updates_api.php", "url", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "", "100", "None", "None", "0", "Bitsight" "2025-01-20 14:05:15", "1388946", "http://cl85533.tw1.ru/ea6e4ea0.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-20 14:05:13", "1388945", "89.23.102.157:7452", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "100", "None", "OrcusRAT", "0", "abuse_ch" "2025-01-20 13:59:42", "1388944", "stiryyilerk.help", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-20 13:47:35", "1388942", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:35", "1388943", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:33", "1388941", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:32", "1388940", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:31", "1388939", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:26", "1388938", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:11", "1388935", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:11", "1388936", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:11", "1388937", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:47:07", "1388934", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:46:21", "1388933", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 13:46:16", "1388932", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 13:46:01", "1388931", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 13:45:52", "1388930", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 13:45:50", "1388929", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 13:45:49", "1388928", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 13:45:46", "1388927", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 13:45:32", "1388926", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 13:45:14", "1388925", "147.45.44.255:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "None", "NetSupport", "0", "abuse_ch" "2025-01-20 12:47:49", "1388923", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:49", "1388924", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:46", "1388922", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:45", "1388921", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:44", "1388920", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:38", "1388919", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:25", "1388918", "39.100.70.46:9568", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:23", "1388915", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:23", "1388916", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:23", "1388917", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:47:19", "1388914", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:46:32", "1388913", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 12:46:27", "1388912", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 12:46:11", "1388911", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 12:46:01", "1388910", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 12:45:59", "1388909", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 12:45:57", "1388908", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 12:45:55", "1388907", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 12:45:40", "1388906", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 12:39:02", "1388868", "accommodation-hydrogen.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:39:02", "1388869", "land-long.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:39:02", "1388870", "est-review.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:39:01", "1388871", "ca-assessing.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:39:00", "1388872", "allows-announces.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:39:00", "1388873", "drive-mens.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:39:00", "1388874", "started-chelsea.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:59", "1388875", "unable-39391.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:59", "1388876", "forward-floppy.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:59", "1388877", "activity-weight.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:58", "1388878", "approved-versus.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:58", "1388880", "virtual-pointed.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:57", "1388879", "jynx.uncofig.com", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:56", "1388883", "gold-blackberry.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:55", "1388881", "ohio-chris.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:54", "1388882", "robert2day-54368.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:53", "1388884", "boiko300-55617.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:53", "1388885", "regarding-states.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:53", "1388886", "made-differential.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:52", "1388887", "board-tigers.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:52", "1388888", "airport-forums.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:52", "1388890", "house-jungle.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:51", "1388889", "wide-casting.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:51", "1388891", "indian-tall.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:50", "1388892", "enter-flowers.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:50", "1388893", "fact-stakeholders.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:49", "1388895", "147.185.221.17:13256", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:48", "1388894", "185.94.29.228:4444", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:46", "1388867", "l-drive.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:45", "1388866", "193.161.193.99:52920", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:44", "1388896", "147.185.221.24:58981", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:44", "1388897", "45.141.27.242:7777", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:44", "1388898", "147.185.221.25:21289", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:43", "1388899", "147.185.221.25:21282", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:43", "1388900", "109.176.252.16:80", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:43", "1388902", "147.185.221.25:1319", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:42", "1388901", "148.75.231.6:25565", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:41", "1388903", "147.185.221.25:1315", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:41", "1388904", "147.185.221.25:1998", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:38:41", "1388905", "147.185.221.25:7703", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "20January2025,iocbottest", "0", "Gi7w0rm" "2025-01-20 12:04:35", "1388865", "104.225.129.141:4018", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/104.225.129.141", "AS395092,BianLian,C2,censys,SHOCK-1", "0", "DonPasci" "2025-01-20 12:04:09", "1388864", "217.160.22.184:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/217.160.22.184", "AS8560,C2,censys,Covenant,IONOS-AS", "0", "DonPasci" "2025-01-20 12:04:03", "1388863", "172.81.62.103:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.81.62.103", "AS398019,C2,censys,DYNU,Havoc", "0", "DonPasci" "2025-01-20 12:04:01", "1388862", "181.162.184.19:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/181.162.184.19", "AS7418,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci" "2025-01-20 12:03:59", "1388861", "159.65.125.64:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.65.125.64", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-01-20 12:03:31", "1388860", "185.196.11.39:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.196.11.39", "AS42624,C2,censys,RAT,Remcos,SWISSNETWORK02", "0", "DonPasci" "2025-01-20 11:47:40", "1388858", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:40", "1388859", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:37", "1388857", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:36", "1388856", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:35", "1388855", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:30", "1388854", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:16", "1388851", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:16", "1388852", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:16", "1388853", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:47:12", "1388850", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:46:25", "1388849", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 11:46:20", "1388848", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 11:46:06", "1388847", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 11:45:56", "1388846", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 11:45:53", "1388845", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 11:45:52", "1388844", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 11:45:49", "1388843", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 11:45:26", "1388842", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 10:47:51", "1388841", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:50", "1388840", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:48", "1388839", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:47", "1388838", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:46", "1388837", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:41", "1388836", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:26", "1388833", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:26", "1388834", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:26", "1388835", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:47:22", "1388832", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:46:35", "1388831", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 10:46:30", "1388830", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 10:46:13", "1388829", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 10:46:01", "1388828", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 10:45:59", "1388827", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 10:45:57", "1388826", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 10:45:54", "1388825", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 10:45:32", "1388824", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 10:28:47", "1388822", "https://cowertbabei.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:47", "1388823", "https://learnyprocce.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:46", "1388817", "https://celeryddepende.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:46", "1388818", "https://shapeguidecaz.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:46", "1388819", "https://abaft-taboo.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:46", "1388820", "https://conquemappe.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:46", "1388821", "https://noxiuos-utopi.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:45", "1388813", "https://joyoushammen.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:45", "1388814", "https://keenrustiz.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:45", "1388815", "https://mushyomittel.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:28:45", "1388816", "https://politicafausx.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-20 10:27:53", "1388812", "twentytj20vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388802", "nineff9pn.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388803", "nineuu9th.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388804", "oneff1pn.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388805", "onevv1fr.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388806", "sixff6pn.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388807", "sixuu6th.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388808", "sixb6vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388809", "oneb1vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388810", "eitb8vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:52", "1388811", "fiveb5vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388793", "eightff8pn.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388794", "nineqq9vt.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388795", "oneqq1vt.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388796", "oneuu1th.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388797", "twentyss20sb.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388798", "fortyss14sb.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388799", "eightvv8fr.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388800", "eightuu8th.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:27:51", "1388801", "fourqq4vt.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "", "c2,domain,virustotal", "0", "DonPasci" "2025-01-20 10:25:49", "1388791", "joyoushammen.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/joyoushammen.cyou", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:49", "1388792", "keenrustiz.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/keenrustiz.cyou", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:48", "1388790", "mushyomittel.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/mushyomittel.cyou", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:40", "1388789", "politicafausx.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/politicafausx.shop", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:39", "1388787", "celeryddepende.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/celeryddepende.shop", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:39", "1388788", "quitgirlek.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/quitgirlek.shop", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:37", "1388785", "shapeguidecaz.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/shapeguidecaz.shop", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:37", "1388786", "avoidspaderik.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/avoidspaderik.shop", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:27", "1388784", "abaft-taboo.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/abaft-taboo.bond", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:26", "1388783", "conquemappe.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/conquemappe.bond", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:24", "1388781", "noxiuos-utopi.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/noxiuos-utopi.bond", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:24", "1388782", "cowertbabei.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/cowertbabei.bond", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:23", "1388780", "learnyprocce.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/learnyprocce.bond", "lumma,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:11", "1388779", "f1076005.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/f1076005.xsph.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:10", "1388778", "a1075950.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/a1075950.xsph.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:09", "1388776", "a1076044.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/a1076044.xsph.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:09", "1388777", "a1076034.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/a1076034.xsph.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:08", "1388775", "a1075974.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/a1075974.xsph.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:06", "1388774", "artemcy5.beget.tech", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/artemcy5.beget.tech", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:25:05", "1388773", "artemccf.beget.tech", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/artemccf.beget.tech", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-20 10:24:59", "1388772", "fivepp5vs.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/fivepp5vs.top", "c2,domain,VirusTotal", "0", "DonPasci" "2025-01-20 10:24:58", "1388771", "sixvv6fr.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/sixvv6fr.top", "c2,domain,VirusTotal", "0", "DonPasci" "2025-01-20 09:48:10", "1388770", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:48:09", "1388769", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:48:06", "1388768", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:48:05", "1388767", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:48:04", "1388766", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:47:58", "1388765", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:47:42", "1388762", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:47:42", "1388763", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:47:42", "1388764", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:47:37", "1388761", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:46:47", "1388760", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 09:46:42", "1388759", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 09:46:25", "1388758", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 09:46:13", "1388757", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 09:46:10", "1388756", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 09:46:09", "1388755", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 09:46:05", "1388754", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 09:45:43", "1388753", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 09:40:13", "1388710", "https://crystaltreasures.shop/get-going-forward.html", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:12", "1388711", "http://inforta.org/677f7cc1f8daa9ec66ec2bdb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:12", "1388712", "http://centralpointvi.live/6788b6e57199479121372d2f", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:12", "1388713", "http://beastviguyt.shop/6787779e36c5731a2f92b56a", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:11", "1388714", "https://kangshart.shop/loading-take-time-pathv1.html", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:10", "1388715", "https://gustavu.shop/path0forwarding-stepv2.html", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:09", "1388716", "http://generatorauc.pro/676532b046cfbdecfd800dbf", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:09", "1388717", "http://centralpointvi.live/6788c43e3daf0b9bc9af5af2", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:03", "1388719", "http://sos-ch-dk-2.exo.io/lets-start-file/bot-verification-check-r6.html", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:40:00", "1388718", "http://trafonyx.com/675ad6f75bb4cd3916e7cad5", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:39:59", "1388747", "adidya354-21806.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "", "None", "0", "lontze7" "2025-01-20 09:39:59", "1388749", "ghecbjcmdfghfkg.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "75", "", "Kongtuke,LandUpdate808", "1", "hyperbole" "2025-01-20 09:39:58", "1388750", "mdinjlkfcajkjck.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "75", "", "Kongtuke,LandUpdate808", "1", "hyperbole" "2025-01-20 09:39:57", "1388751", "nzy3tvbb72g3.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "75", "", "Kongtuke,LandUpdate808", "1", "hyperbole" "2025-01-20 09:39:57", "1388752", "fnnkcnemajnnaja.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "75", "", "Kongtuke,LandUpdate808", "1", "hyperbole" "2025-01-20 09:02:17", "1388748", "45.141.86.26:443", "ip:port", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "", "60", "None", "None", "0", "Rony" "2025-01-20 08:47:55", "1388745", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:55", "1388746", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:52", "1388744", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:50", "1388742", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:50", "1388743", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:43", "1388741", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:26", "1388738", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:26", "1388739", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:26", "1388740", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:47:22", "1388737", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:46:30", "1388736", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 08:46:24", "1388735", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 08:46:08", "1388734", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 08:45:57", "1388733", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 08:45:55", "1388732", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 08:45:54", "1388731", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 08:45:51", "1388730", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 08:45:35", "1388729", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 08:45:26", "1388728", "43.141.132.194:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-20 08:45:17", "1388727", "141.11.109.176:1337", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-01-20 08:44:40", "1388726", "198.211.102.26:8082", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 08:43:14", "1388725", "106.54.38.80:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 08:41:59", "1388723", "83.229.122.83:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-01-20 08:41:59", "1388724", "139.159.191.137:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2025-01-20 08:41:43", "1388722", "182.160.2.234:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-20 08:40:28", "1388721", "eskate.cfd", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-01-20 08:40:27", "1388720", "https://eskate.cfd/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-01-20 08:25:05", "1388707", "107.178.106.141:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/6ad3cc48fe9e71640c1b3b08ae7363271465e126dd412efbd5bf18cc5bbf709c/", "asyncrat", "0", "abuse_ch" "2025-01-20 08:25:05", "1388708", "107.178.106.141:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/6ad3cc48fe9e71640c1b3b08ae7363271465e126dd412efbd5bf18cc5bbf709c/", "asyncrat", "0", "abuse_ch" "2025-01-20 08:25:05", "1388709", "107.178.106.141:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/6ad3cc48fe9e71640c1b3b08ae7363271465e126dd412efbd5bf18cc5bbf709c/", "asyncrat", "0", "abuse_ch" "2025-01-20 08:25:04", "1388706", "107.178.106.141:2468", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/6ad3cc48fe9e71640c1b3b08ae7363271465e126dd412efbd5bf18cc5bbf709c/", "asyncrat", "0", "abuse_ch" "2025-01-20 08:22:39", "1388670", "cf6e4051d20e654347161dc77b59840a6270cad5e63b4a59a59148c37e776f99", "sha256_hash", "payload", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "Joker" "2025-01-20 08:22:39", "1388671", "32ff5935a43b3daa931b6df9b0a15886d28d77edba5370d4d7f5889fecaf88be", "sha256_hash", "payload", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "Joker" "2025-01-20 08:22:39", "1388672", "c5fd4ee7fef2655d5340221a2fe4990d0b744720fdb0b0530599b376c913bf7e", "sha256_hash", "payload", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "Joker" "2025-01-20 08:22:39", "1388673", "85282e7955b18fa98aff85e59b6c64e1e9f524a63369b5e307dabb1790a1f788", "sha256_hash", "payload", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "Joker" "2025-01-20 08:22:38", "1388674", "068af8016c36fce5cf1e1a4722c1dc0d6e02cb6ed58b61c2ba99a54d294cc274", "sha256_hash", "payload", "win.trickbot", "Trickster,TheTrick,TrickLoader", "TrickBot", "", "100", "", "None", "0", "Joker" "2025-01-20 08:22:38", "1388675", "5e1d7275b0abd484c15f186690db73c42e861311da3f5f048563636336933b4a", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "", "None", "0", "Joker" "2025-01-20 08:22:37", "1388703", "http://5.188.86.231/0b6451de14750b6f.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "", "None", "0", "lontze7" "2025-01-20 08:22:37", "1388704", "https://176.124.198.17/1da263bff25c8346.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "", "None", "0", "lontze7" "2025-01-20 08:20:05", "1388705", "163.172.125.253:333", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/62f8cfee286a706856ebe02b176db9169ae776c6609c23016868887ea6b0ab98/", "asyncrat", "0", "abuse_ch" "2025-01-20 08:04:32", "1388702", "129.226.211.194:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/129.226.211.194", "AS132203,C2,censys,hacktool,Mimikatz,open-dir,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-01-20 08:04:24", "1388701", "195.177.92.71:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/195.177.92.71", "AS214943,C2,censys,Gafgyt,open-dir,RAILNET", "0", "DonPasci" "2025-01-20 08:04:19", "1388700", "m99538kn.beget.tech", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.50.25.57+m99538kn.beget.tech", "AS198610,BEGET-AS,C2,censys,panel,Unam", "0", "DonPasci" "2025-01-20 08:04:10", "1388699", "185.150.189.29:8080", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/185.150.189.29", "AS23470,C2,censys,Ermac,panel,RELIABLESITE", "0", "DonPasci" "2025-01-20 08:04:04", "1388698", "ec2-3-138-181-50.us-east-2.compute.amazonaws.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/3.138.181.50+ec2-3-138-181-50.us-east-2.compute.amazonaws.com", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-01-20 08:04:01", "1388697", "62.60.238.149:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/62.60.238.149", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci" "2025-01-20 08:04:00", "1388696", "62.60.238.149:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/62.60.238.149", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci" "2025-01-20 08:03:55", "1388695", "195.3.223.146:4442", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/195.3.223.146", "AS201814,AsyncRAT,C2,censys,MEVSPACE,RAT", "0", "DonPasci" "2025-01-20 08:03:32", "1388694", "82.147.85.102:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/82.147.85.102", "ADMAN-AS,AS57494,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-01-20 07:47:43", "1388692", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:43", "1388693", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:40", "1388691", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:39", "1388690", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:38", "1388689", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:32", "1388688", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:17", "1388685", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:17", "1388686", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:17", "1388687", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:47:12", "1388684", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:46:21", "1388683", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 07:46:16", "1388682", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 07:45:59", "1388681", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 07:45:49", "1388680", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 07:45:47", "1388679", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 07:45:46", "1388678", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 07:45:44", "1388677", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 07:45:27", "1388676", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 06:57:04", "1388669", "memory-lottery.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-20 06:56:44", "1388668", "147.185.221.24:18545", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "", "c2,dcrat", "0", "juroots" "2025-01-20 06:50:26", "1388667", "https://keysoftgroup.net/up/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/989cbd4f-0089-4a5a-bc58-cc55477aec69", "clickfix,fakecaptcha,urlscan", "0", "juroots" "2025-01-20 06:48:52", "1388666", "http://107.174.102.173:8888/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/b4c45053-bc92-4630-9c81-b1e4ed6af480", "c2,supershell,urlscan", "0", "juroots" "2025-01-20 06:47:41", "1388665", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:40", "1388664", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:37", "1388663", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:35", "1388661", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:35", "1388662", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:29", "1388660", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:14", "1388657", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:14", "1388658", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:14", "1388659", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:47:09", "1388656", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:46:21", "1388655", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 06:46:16", "1388654", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 06:45:54", "1388653", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 06:45:43", "1388652", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 06:45:41", "1388651", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 06:45:40", "1388650", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 06:45:37", "1388649", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 06:45:21", "1388648", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 06:44:27", "1388647", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-20 06:44:10", "1388646", "3.95.187.183:9092", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/3.95.187.183#9092", "blackshades,c2,shodan", "0", "juroots" "2025-01-20 06:43:49", "1388645", "221.229.52.147:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/221.229.52.147#10001", "c2,extreme,shodan", "0", "juroots" "2025-01-20 06:43:28", "1388644", "199.127.62.165:444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/199.127.62.165#444", "asyncrat,c2,shodan", "0", "juroots" "2025-01-20 06:43:08", "1388643", "152.53.121.202:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/152.53.121.202#31337", "c2,shodan,sliver", "0", "juroots" "2025-01-20 06:42:50", "1388642", "13.125.238.218:587", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/13.125.238.218#587", "c2,netsupport,shodan", "0", "juroots" "2025-01-20 06:42:49", "1388641", "119.206.8.161:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/119.206.8.161#6001", "c2,netsupport,shodan", "0", "juroots" "2025-01-20 06:42:16", "1388638", "181.50.73.64:56422", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56422", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 06:42:16", "1388639", "181.50.73.64:57122", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57122", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 06:42:16", "1388640", "181.50.73.64:56922", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#56922", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 06:42:15", "1388637", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-20 06:22:26", "1388636", "45.159.223.177:6969", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://socket.dev/blog/malicious-pypi-package-targets-discord-developers-with-token-theft-and-backdoor", "pypi", "0", "juroots" "2025-01-20 06:21:20", "1388635", "http://radium.lol:42069/v2/3e728hd782dbyu12veyu2gd872fdg235jgg432fg/0/getupdates", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://socket.dev/blog/malicious-pypi-package-targets-discord-developers-with-token-theft-and-backdoor", "pypi", "0", "juroots" "2025-01-20 06:20:56", "1388552", "102.117.165.233:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/102.117.165.233", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "dyingbreeds_" "2025-01-20 06:20:55", "1388553", "ec2-16-163-143-235.ap-east-1.compute.amazonaws.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/16.163.143.235+ec2-16-163-143-235.ap-east-1.compute.amazonaws.com", "AMAZON-02,AS16509,C2,censys", "0", "dyingbreeds_" "2025-01-20 06:20:54", "1388554", "206.119.166.124:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/206.119.166.124", "AS133199,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:54", "1388555", "3.124.25.236:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.124.25.236", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:53", "1388556", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.68.48.57", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:53", "1388557", "3.109.90.115:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.109.90.115", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:53", "1388558", "208.113.165.80:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/208.113.165.80", "AS26347,censys,DREAMHOST-AS,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:51", "1388559", "64.23.141.146:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/64.23.141.146", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:51", "1388560", "178.62.197.222:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/178.62.197.222", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:51", "1388562", "3.94.243.31:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.94.243.31", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:50", "1388564", "203.161.42.115:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/203.161.42.115", "AS22612,censys,GoPhish,NAMECHEAP-NET,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:49", "1388563", "137.184.231.5:1724", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/137.184.231.5", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-20 06:20:47", "1388565", "79.107.141.76:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "https://search.censys.io/hosts/79.107.141.76", "AS25472,C2,censys,WIND-AS", "0", "dyingbreeds_" "2025-01-20 06:20:47", "1388634", "193.36.38.116:5000", "ip:port", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "phishing,phishingkit,sneaky,sneaky2fa", "0", "TheRavenFile" "2025-01-20 06:20:45", "1388561", "2ffahbg8eydhr96hx3x2lje2ymygt5iq.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-20 06:20:44", "1388550", "http://1.14.104.62:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS45090,Shenzhen Tencent Computer Systems Company Limited,supershell", "0", "antiphishorg" "2025-01-20 06:20:44", "1388551", "http://120.79.86.98:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS37963,Hangzhou Alibaba Advertising Co. Ltd.,supershell", "0", "antiphishorg" "2025-01-20 06:20:43", "1388448", "98.67.175.93:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-20 06:20:42", "1388397", "https://admarkam1.com/ZjQ2Njg0MWJjNGE0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-01-20 06:20:42", "1388446", "ponnyhurb.duckdns.org", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "nanocore,RAT", "0", "SarlackLab" "2025-01-20 06:20:42", "1388447", "burhanalassad.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-20 06:20:41", "1388396", "https://pildirmarkam.com/ZjQ2Njg0MWJjNGE0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-01-20 06:20:39", "1388357", "grapeprivatter.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:38", "1388358", "greyasskerz.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:38", "1388359", "gunnyperfecter.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:38", "1388360", "heartbreakingger.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:37", "1388361", "immureflagge.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:37", "1388362", "kneelsummone.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:36", "1388364", "milkycardypan.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:35", "1388363", "lookplaceasi.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:35", "1388365", "noiseutopiany.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:34", "1388366", "pancakemurkue.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:34", "1388367", "prisonnyselec.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:32", "1388368", "roommeallykuzo.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:32", "1388369", "spoilalikke.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:32", "1388370", "stiffspotte.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:31", "1388371", "tomdearyusok.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:30", "1388372", "unknownvastzv.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:30", "1388373", "writeimgaiin.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:30", "1388374", "writersupporsz.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:29", "1388375", "yellowscarfer.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:28", "1388376", "yummyzebreai.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:23", "1388355", "flimsuinnuei.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:23", "1388356", "frogscositeyrv.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:21", "1388353", "daretrappynos.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:21", "1388354", "diseasedpuff.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:20", "1388350", "cheapomitwelco.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:20", "1388351", "conversrobbyz.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:20", "1388352", "cruelvivewn.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:19", "1388347", "bowclammysocu.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:19", "1388349", "cellarlavisz.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:18", "1388348", "captunopineu.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:17", "1388345", "ballsshowerto.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:17", "1388346", "bloodymovuue.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:16", "1388341", "apparelconfine.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:16", "1388343", "asahamesolvez.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:16", "1388344", "attempwright.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:15", "1388340", "aboundineyeur.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:15", "1388342", "armycopeyus.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "1", "popeeyy" "2025-01-20 06:20:14", "1388314", "bc.nc-img.co", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:14", "1388315", "wargular.xyz", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:13", "1388316", "socket.bulforanalysis.online", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:13", "1388317", "handsl.org", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:12", "1388318", "getcssmodals.com", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:11", "1388319", "cantact.chat", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:11", "1388320", "ebatkopat.click", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:10", "1388312", "dobrowork.space", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:09", "1388310", "analyticsseolinks.online", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:09", "1388311", "gatetpere.space", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:09", "1388313", "privatstripp.tech", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:08", "1388308", "jquerywp.xyz", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:08", "1388309", "windowsupdate.io", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:07", "1388306", "brudget.net", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:07", "1388307", "cdn-statistics.com", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:06", "1388304", "wordpress-redirect.biz", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:06", "1388305", "tetsted.com", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:05", "1388299", "eeestats.com", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:05", "1388303", "schneemann.tech", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:04", "1388302", "api-chat.live", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:02", "1388300", "cpeciadogfoods.com", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:20:02", "1388301", "neshion.com", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:19:09", "1388190", "154.213.186.64:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-01-20 06:19:09", "1388191", "https://solve.hhxe.org/awjsx.captcha", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "clearfake,clickfix", "1", "ttakvam" "2025-01-20 06:19:08", "1388192", "solve.hhxe.org", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "clearfake,clickfix", "1", "ttakvam" "2025-01-20 06:19:07", "1388253", "store-locator.org", "domain", "botnet_cc", "js.magecart", "None", "magecart", "", "100", "", "None", "0", "Gi7w0rm" "2025-01-20 06:19:06", "1388255", "rednosehorse.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-01-20 06:12:07", "1388617", "30147b6691e5bc1a15c76cebf81b2de77d9099e8200b6ed9742c6e3b36505f34", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388618", "9bd53057c8905d508374698e2595301f0be1529ec4ebfa71c09ad0c01a562982", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388619", "4d64c2d1ae0de0f3066a6c020ab7aa5a9dd487c0cf1ff1ca2e93d98ff30e039f", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388620", "99fb7a40dbf6a042bcb77f67a5a76fe03ec3c6820ac5e15cb009795d545152ea", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388621", "d9e939f904a1cddf5fb8ffba14acbfe227ed5dfc4990b52a44d4dfd0baa6de4e", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388622", "0b33f08bc2917c4825c053754fc88e16b35d1a8fff4135595b265a4c6f850250", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388623", "cd347b9f558cf024df1dbb62ed7a0d72a2edc04b1330058cfa1baf4fc3894e03", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388624", "8aa28f35dbafc18a37b07fd15bb599e3c8de5b692117f1c6fd491bd03028a423", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388625", "d51db234d0236cd0dbfcf13adc33387f10920011537815d188eff012872e30be", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388626", "d0ce85ec31053478c67e4f53ca2ef9b7b1f0fda74621c9c7c8c1612772ca778c", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388627", "504d7714419931f80b734e212a9431ec98887c56ade8966c4d7cae58b28d49ca", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388628", "16bb3968e1112b63fef8a4e7bda9d021dfef6fd1955fdfa677545535a14a65b4", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388629", "659ede632d3bfc28d143c144fdba34d08b21c4f97ce6c9dc1fcd4d2bf5cc25e3", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388630", "463c9704fb009cd13e0ef50fa7d5035aa5f35b4841fe75ecab5c4a276601f837", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388631", "3fc35cab1272f769af309cb46375e21680f13d629181c7646cb0cf2c9b2e72e7", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388632", "517b43bf057877727387316d8538dc07599856eb428d43f512e89964a5dfb331", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:07", "1388633", "e54ce9939679c691dc5719e309a8d541183b6672269fd61013109ef0d8509b1e", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388596", "de8a0da702a491f610b9e85050d8641cadf4ed84edf4d151f94335b0d78d6636", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388597", "6d2a4d9e2fc6e4dac2c426851b4bdf86dd63a5515d8d853e622a0bc01d250ce9", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388598", "4a68bdfa3e31a8c063bbf94469160eb7998a556027d5ad33f37c347a71c2d3a4", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388599", "7c31c4d0308fb1d67f6af48a76138a9db19f494c1e9a12debdcca7382ad5418c", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388600", "5f9a5ad43a9f79976cd7014ce072429ef2edbae872b4226372cfb07d8a86b8a5", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388601", "3ac3ca18142a935608cb0d2c8d6421ebb9abc30bce93f094447b9c3f63fe791b", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388602", "9d97f3f55bc647911e14a36c83f263e91662cf9d13a2fc3ec7c92dedb8977d37", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388603", "c070749f95aeeefcd1c3a875c1b8e77b57cad0c8338436af9a3c9e1323fd4e11", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388604", "7eaed6fa867875119c3ebb40aa24716d91fdbccb2106fa4708ff0637920a920c", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388605", "fa26722e99763a29af160fae64183a47a57362b666753624b78e954c8cde0525", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388606", "9aa51d1c82fdbc8f0f27340180bd40faa7e76b8ac6d204b2d3548cfd0897d805", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388607", "58416315c61ed5cb2c754244ed5c081963dabf3e698b04226a00f978cd913e84", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388608", "f2f96e5ac1b4bd6cac49c71ca2010dcbe5751757483520cfc7dddf4fb7186044", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388609", "46af73560cafff5c8bbc16980d01641af0de3b689bc248dfb52afcf3a8a76a55", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388610", "7bff2404c2816c4e1576d449820f01e3f46e7c972beb1843e3b8da2e065f8dc3", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388611", "94ff4679dd5aec7874354c14132701ecdfbbb558c6011e4952d13bf843255529", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388612", "Ae6d88ea99e530f778ee6088862b50dfb6e8bb45857211e9105428c57c2a7b4a", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388613", "9aea0fdfead2e956bc0b4574c2b4cb2855dd9df6a5fd61d350f3285d249adfca", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388614", "c5d5054047a12efc68a67abd8f15069a853dd09800cd39d68df5a27702b45334", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388615", "a97371df7d51fe0aee1d54b5b233a1713f69224802b1da35337a3041788990e6", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:06", "1388616", "4b6bf40dc331c89e416ef012a6dc4f55c83136197be7115246b42e4f7a828baa", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388584", "08dad42da5aba6ef48fca27c783f78f06ab9ea7a933420e4b6b21e12e550dd7d", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388585", "33bc111238a0c6f10f6fe3288b5d4efe246c20efd8d85b4fe88f7d602d70738e", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388586", "50a64e97c6a5417023f3561f33291b448ce830a4d99c40356af67301c8fa7523", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388587", "6d4dd4334791c91bb09e7a91dd5c450b2c6e3348a5586de011c54ce3f473f619", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388588", "76fc76dc651c3cc9d766a6ad8a90f605326463bc4cb2f8f053d44dfbc913beee", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388589", "ad23f5c9bab137dc24343fc410f7587885aab6772dee5e75a216ed579c6ee420", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388590", "c497506fe2df57c39fcf92398f4864ca4bfcb1a6f2f80c3c520166bc61882855", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388591", "E49b085f5484531395b5a7903f004b2a02a2b4ebfa46116d1a665ba881b1f528", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388592", "c636120749b49f47fc8d42409ead6c51ea44bc40c815370997ca63f48acdf002", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388593", "79acdca5247ca9719f2f3a34c7942cd60b209f7b616efa5dd81e6656a8baf9a5", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388594", "70facc8ad5db172e235b4cc720a0edaedd4470b8a6ec5da8dee2758f4a1aafef", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 06:12:05", "1388595", "e9e4751c88d3a1a4bfdd5d07bb35636787b0d6fbf68b17642d3fe03cbe5ebf70", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "50", "https://intezer.com/blog/malware-analysis/weaponized-software-targets-chinese/", "pngplug,silverfox,valleyrat", "0", "juroots" "2025-01-20 05:47:12", "1388582", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:47:12", "1388583", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:47:09", "1388581", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:47:08", "1388579", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:47:08", "1388580", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:47:02", "1388578", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:46:48", "1388575", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:46:48", "1388576", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:46:48", "1388577", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:46:44", "1388574", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:45:58", "1388573", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 05:45:53", "1388572", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 05:45:39", "1388571", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 05:45:30", "1388570", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 05:45:28", "1388569", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 05:45:27", "1388568", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 05:45:25", "1388567", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 05:45:03", "1388566", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 04:47:09", "1388548", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:47:09", "1388549", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:47:06", "1388547", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:47:05", "1388546", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:47:04", "1388545", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:46:59", "1388544", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:46:46", "1388541", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:46:46", "1388542", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:46:46", "1388543", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:46:42", "1388540", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:45:57", "1388539", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 04:45:53", "1388538", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 04:45:40", "1388537", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 04:45:31", "1388536", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 04:45:29", "1388535", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 04:45:28", "1388534", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 04:45:26", "1388533", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 04:45:04", "1388532", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 04:41:03", "1388531", "172.232.58.59:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "QakBot", "0", "abuse_ch" "2025-01-20 04:04:37", "1388530", "104.238.57.44:56099", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/104.238.57.44", "AS8100,ASN-QUADRANET-GLOBAL,BianLian,C2,censys", "0", "DonPasci" "2025-01-20 04:04:11", "1388529", "111.196.132.53:8443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "https://search.censys.io/hosts/111.196.132.53", "AS4808,BRC4,C2,censys,CHINA169-BJ", "0", "DonPasci" "2025-01-20 04:04:09", "1388528", "15.236.55.38:1616", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/15.236.55.38", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-20 04:04:06", "1388524", "105.154.25.255:14113", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:06", "1388525", "105.154.25.255:61915", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:06", "1388526", "105.154.25.255:1521", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:06", "1388527", "105.154.25.255:1962", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:05", "1388519", "105.154.25.255:6881", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:05", "1388520", "105.154.25.255:20548", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:05", "1388521", "105.154.25.255:24454", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:05", "1388522", "105.154.25.255:2403", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:05", "1388523", "105.154.25.255:10260", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:04", "1388515", "105.154.25.255:10443", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:04", "1388516", "105.154.25.255:33199", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:04", "1388517", "105.154.25.255:36969", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:04", "1388518", "105.154.25.255:6007", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:03", "1388510", "105.154.25.255:4730", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:03", "1388511", "105.154.25.255:61483", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:03", "1388512", "105.154.25.255:789", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:03", "1388513", "105.154.25.255:6944", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:03", "1388514", "105.154.25.255:10261", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:02", "1388508", "105.154.25.255:1961", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:04:02", "1388509", "105.154.25.255:44755", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 04:03:58", "1388506", "185.150.189.29:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/185.150.189.29", "AS23470,C2,censys,Hookbot,RELIABLESITE", "0", "DonPasci" "2025-01-20 04:03:58", "1388507", "node1.playpokeninjas.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/104.21.80.1+node1.playpokeninjas.com", "AS13335,C2,censys,CLOUDFLARENET,Hookbot", "0", "DonPasci" "2025-01-20 04:03:35", "1388505", "185.208.159.167:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/185.208.159.167", "AS42624,C2,censys,Sliver,SWISSNETWORK02", "0", "DonPasci" "2025-01-20 04:03:32", "1388504", "portaal-belastingdienst.info", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.143.1.71+portaal-belastingdienst.info", "AS198953,C2,censys,PROTON66,RAT,Remcos", "0", "DonPasci" "2025-01-20 04:03:15", "1388503", "39.100.70.46:4656", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/39.100.70.46", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-01-20 03:47:05", "1388501", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:47:05", "1388502", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:47:03", "1388500", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:47:01", "1388499", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:47:00", "1388498", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:46:55", "1388497", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:46:42", "1388494", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:46:42", "1388495", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:46:42", "1388496", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:46:38", "1388493", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:45:54", "1388492", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 03:45:50", "1388491", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 03:45:34", "1388490", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 03:45:26", "1388489", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 03:45:24", "1388488", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 03:45:23", "1388487", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 03:45:21", "1388486", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 03:44:59", "1388485", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 02:47:05", "1388483", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:47:05", "1388484", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:47:03", "1388482", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:47:01", "1388481", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:47:00", "1388480", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:46:55", "1388479", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:46:42", "1388476", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:46:42", "1388477", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:46:42", "1388478", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:46:38", "1388475", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:45:55", "1388474", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 02:45:50", "1388473", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 02:45:37", "1388472", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 02:45:28", "1388471", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 02:45:26", "1388469", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 02:45:26", "1388470", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 02:45:23", "1388468", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 02:45:02", "1388467", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 01:47:06", "1388465", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:47:06", "1388466", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:47:04", "1388464", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:47:03", "1388463", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:47:02", "1388462", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:46:57", "1388461", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:46:43", "1388458", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:46:43", "1388459", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:46:43", "1388460", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:46:39", "1388457", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:45:56", "1388456", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 01:45:51", "1388455", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 01:45:37", "1388454", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 01:45:28", "1388453", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 01:45:26", "1388452", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 01:45:25", "1388451", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 01:45:22", "1388450", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 01:45:01", "1388449", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 00:47:11", "1388444", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:47:11", "1388445", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:47:08", "1388443", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:47:07", "1388441", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:47:07", "1388442", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:47:01", "1388440", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:46:47", "1388437", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:46:47", "1388438", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:46:47", "1388439", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:46:43", "1388436", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:45:58", "1388435", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-20 00:45:53", "1388434", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-20 00:45:39", "1388433", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 00:45:30", "1388432", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-20 00:45:28", "1388430", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 00:45:28", "1388431", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-20 00:45:25", "1388429", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-20 00:45:01", "1388428", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-20 00:35:20", "1388427", "104.248.130.195:963", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-01-20 00:04:10", "1388426", "15.156.194.143:2096", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/15.156.194.143", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-20 00:04:06", "1388421", "105.154.25.255:20000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:06", "1388422", "105.154.25.255:2004", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:06", "1388423", "105.154.25.255:2181", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:06", "1388424", "105.154.25.255:33389", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:06", "1388425", "105.154.25.255:37541", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:05", "1388416", "105.154.25.255:20546", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:05", "1388417", "105.154.25.255:27524", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:05", "1388418", "105.154.25.255:4839", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:05", "1388419", "105.154.25.255:4841", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:05", "1388420", "105.154.25.255:5432", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:03", "1388412", "105.154.25.255:1913", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:03", "1388413", "105.154.25.255:5900", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:03", "1388414", "105.154.25.255:20339", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:03", "1388415", "105.154.25.255:29305", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:02", "1388408", "105.154.25.255:2281", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:02", "1388409", "105.154.25.255:8883", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:02", "1388410", "105.154.25.255:9200", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:02", "1388411", "105.154.25.255:22449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:01", "1388406", "105.154.25.255:26140", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:01", "1388407", "105.154.25.255:50924", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/105.154.25.255", "AS36903,C2,censys,MT-MPLS,RAT,Venom", "0", "DonPasci" "2025-01-20 00:04:00", "1388405", "www.gstatic.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+www.gstatic.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-20 00:03:59", "1388404", "aadcdn.microsoft-onedrive.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+aadcdn.microsoft-onedrive.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-20 00:03:57", "1388403", "181.162.190.243:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/181.162.190.243", "AS7418,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci" "2025-01-20 00:03:56", "1388401", "213.176.94.228:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/213.176.94.228", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci" "2025-01-20 00:03:56", "1388402", "194.59.31.77:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/194.59.31.77", "AS399486,C2,censys,Hookbot,VIRTUO", "0", "DonPasci" "2025-01-20 00:03:52", "1388400", "134.122.189.27:56003", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/134.122.189.27", "AS152194,AsyncRAT,C2,censys,CTGSERVERLIMITED-AS-AP,RAT", "0", "DonPasci" "2025-01-20 00:03:51", "1388399", "134.122.189.39:56003", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/134.122.189.39", "AS152194,AsyncRAT,C2,censys,CTGSERVERLIMITED-AS-AP,RAT", "0", "DonPasci" "2025-01-20 00:03:49", "1388398", "94.156.167.51:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/94.156.167.51", "AS401120,C2,censys,CHEAPY-HOST,Supershell", "0", "DonPasci" "2025-01-19 23:50:19", "1388395", "http://a1073401.xsph.ru/4e2c0615.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-19 23:47:07", "1388393", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:47:07", "1388394", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:47:05", "1388392", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:47:03", "1388390", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:47:03", "1388391", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:46:57", "1388389", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:46:44", "1388386", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:46:44", "1388387", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:46:44", "1388388", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:46:40", "1388385", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:45:55", "1388384", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 23:45:51", "1388383", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 23:45:37", "1388382", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 23:45:29", "1388381", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 23:45:27", "1388380", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 23:45:26", "1388379", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 23:45:23", "1388378", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 23:45:01", "1388377", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 23:15:18", "1388339", "http://cd38713.tw1.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-19 22:47:08", "1388337", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:47:08", "1388338", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:47:05", "1388336", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:47:04", "1388335", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:47:03", "1388334", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:46:58", "1388333", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:46:44", "1388330", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:46:44", "1388331", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:46:44", "1388332", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:46:40", "1388329", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:45:55", "1388328", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 22:45:50", "1388327", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 22:45:36", "1388326", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 22:45:28", "1388325", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 22:45:26", "1388324", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 22:45:25", "1388323", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 22:45:22", "1388322", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 22:45:00", "1388321", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 21:47:10", "1388297", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:47:10", "1388298", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:47:08", "1388296", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:47:06", "1388294", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:47:06", "1388295", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:47:00", "1388293", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:46:46", "1388290", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:46:46", "1388291", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:46:46", "1388292", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:46:42", "1388289", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:45:57", "1388288", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 21:45:53", "1388287", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 21:45:39", "1388286", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 21:45:30", "1388285", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 21:45:28", "1388284", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 21:45:27", "1388283", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 21:45:25", "1388282", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 21:45:04", "1388281", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 21:10:16", "1388280", "192.169.69.25:6290", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "NanoCore,RAT", "0", "abuse_ch" "2025-01-19 21:00:18", "1388279", "http://eternitysystems.online/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-19 20:47:11", "1388277", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:47:11", "1388278", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:47:08", "1388276", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:47:07", "1388275", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:47:06", "1388274", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:47:01", "1388273", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:46:47", "1388270", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:46:47", "1388271", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:46:47", "1388272", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:46:43", "1388269", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:46:35", "1388268", "156.251.25.152:11002", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:45:58", "1388267", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 20:45:53", "1388266", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 20:45:42", "1388265", "85.110.200.47:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-19 20:45:39", "1388264", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 20:45:38", "1388263", "8.219.62.204:150", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-19 20:45:30", "1388262", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 20:45:28", "1388261", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 20:45:27", "1388260", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 20:45:25", "1388259", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 20:45:04", "1388258", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 20:43:41", "1388257", "154.8.198.185:60000", "ip:port", "botnet_cc", "apk.viper_rat", "None", "Viper RAT", "", "75", "None", "drb-ra,ViperRAT", "0", "abuse_ch" "2025-01-19 20:43:16", "1388256", "108.61.216.142:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-01-19 20:20:17", "1388254", "http://45.91.201.142/e344542ca4922af9.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "None", "Stealc", "0", "abuse_ch" "2025-01-19 20:05:16", "1388252", "121.36.102.48:1111", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-01-19 20:04:40", "1388251", "23.227.198.237:57226", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/23.227.198.237", "AS29802,BianLian,C2,censys,HVC-AS", "0", "DonPasci" "2025-01-19 20:04:39", "1388250", "108.61.216.142:1433", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/108.61.216.142", "AS-VULTR,AS20473,BianLian,C2,censys", "0", "DonPasci" "2025-01-19 20:04:08", "1388248", "89.248.174.177:4449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/89.248.174.177", "AS202425,C2,censys,INT-NETWORK,RAT,Venom", "0", "DonPasci" "2025-01-19 20:04:08", "1388249", "45.136.70.29:2222", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/45.136.70.29", "AS44803,C2,censys,RAT,Venom,WEBDOCK-AS", "0", "DonPasci" "2025-01-19 20:04:04", "1388247", "101.99.75.151:4487", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/101.99.75.151", "AS45839,C2,censys,Quasar,RAT,SHINJIRU-MY-AS-AP", "0", "DonPasci" "2025-01-19 20:04:03", "1388245", "103.249.132.15:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.249.132.15", "AEZA-AS,AS210644,C2,censys,Mythic", "0", "DonPasci" "2025-01-19 20:04:03", "1388246", "95.111.218.51:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/95.111.218.51", "AS202053,C2,censys,Mythic,UPCLOUD", "0", "DonPasci" "2025-01-19 20:03:58", "1388243", "185.161.209.25:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/185.161.209.25", "AS42159,AsyncRAT,C2,censys,DELTAHOST-AS,RAT", "0", "DonPasci" "2025-01-19 20:03:58", "1388244", "23.175.50.116:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/23.175.50.116", "AS398357,AsyncRAT,C2,censys,ETHNC-ASN,RAT", "0", "DonPasci" "2025-01-19 20:03:57", "1388242", "egypt302.casacam.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/207.231.111.82+egypt302.casacam.net", "AS62633,AsyncRAT,C2,censys,RAT,SERVERDIME-SERVERCHEAP-HOSTRUSH", "0", "DonPasci" "2025-01-19 20:03:35", "1388240", "87.120.113.92:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/87.120.113.92", "AS401115,C2,censys,EKABI,Sliver", "0", "DonPasci" "2025-01-19 20:03:35", "1388241", "64.176.53.155:48329", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/64.176.53.155", "AS-VULTR,AS20473,C2,censys,Sliver", "0", "DonPasci" "2025-01-19 20:03:13", "1388239", "39.101.188.217:46980", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/39.101.188.217", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-01-19 19:47:11", "1388237", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:47:11", "1388238", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:47:08", "1388236", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:47:07", "1388235", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:47:06", "1388234", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:47:00", "1388233", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:46:46", "1388231", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:46:46", "1388232", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:46:45", "1388230", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:46:41", "1388229", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:45:56", "1388228", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 19:45:51", "1388227", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 19:45:38", "1388226", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 19:45:29", "1388225", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 19:45:27", "1388224", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 19:45:26", "1388223", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 19:45:24", "1388222", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 19:45:03", "1388221", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 19:08:51", "1388219", "another-echo.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 19:08:51", "1388220", "exchange-syndicate.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 19:08:50", "1388218", "america-depending.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 19:05:53", "1388217", "13.60.226.247:2000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.60.226.247#2000", "c2,netbus,shodan", "0", "juroots" "2025-01-19 19:05:33", "1388216", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/62.68.75.16#80", "c2,havoc,shodan", "0", "juroots" "2025-01-19 19:05:12", "1388215", "190.10.11.44:6000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/190.10.11.44#6000", "c2,netsupport,shodan", "0", "juroots" "2025-01-19 19:04:09", "1388213", "181.50.73.64:57022", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57022", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 19:04:09", "1388214", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 19:03:44", "1388211", "18.231.198.97:113", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/18.231.198.97#113", "blackshades,c2,shodan", "0", "juroots" "2025-01-19 19:03:44", "1388212", "18.170.50.71:2345", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/18.170.50.71#2345", "blackshades,c2,shodan", "0", "juroots" "2025-01-19 18:47:22", "1388209", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:47:22", "1388210", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:47:19", "1388208", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:47:18", "1388207", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:47:17", "1388206", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:47:12", "1388205", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:46:57", "1388204", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:46:56", "1388202", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:46:56", "1388203", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:46:52", "1388201", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:46:04", "1388200", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 18:45:58", "1388199", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 18:45:43", "1388198", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 18:45:33", "1388197", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 18:45:31", "1388195", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 18:45:31", "1388196", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 18:45:28", "1388194", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 18:45:09", "1388193", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 18:05:03", "1388189", "https://avoidspaderik.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7902e87ab677a55e32d8d354a1b225c67c89c871cdd711771dc5399f57fd6aef/", "lumma", "0", "abuse_ch" "2025-01-19 17:47:33", "1388187", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:33", "1388188", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:30", "1388186", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:29", "1388185", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:28", "1388184", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:23", "1388183", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:07", "1388180", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:07", "1388181", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:07", "1388182", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:47:03", "1388179", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:46:15", "1388178", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 17:46:10", "1388177", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 17:45:54", "1388176", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 17:45:45", "1388175", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 17:45:43", "1388174", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 17:45:42", "1388173", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 17:45:40", "1388172", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 17:45:24", "1388171", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 16:58:26", "1388170", "opal.wtf", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "", "c2,cobaltstrike", "0", "juroots" "2025-01-19 16:58:10", "1388169", "http://opal.wtf/bm6X", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "", "c2,cobaltstrike", "0", "juroots" "2025-01-19 16:55:17", "1388167", "Heya12-35320.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 16:55:17", "1388168", "back-spots.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 16:54:50", "1388166", "https://pastebin.com/raw/ay20NBKe", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 16:52:06", "1388165", "https://raiffeisen.pw/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/23053f1f-a517-4f47-83bf-fa1d65f66bcc", "clickfix,fakecaptcha,urlscan", "0", "juroots" "2025-01-19 16:47:55", "1388164", "69.16.249.54:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/69.16.249.54#10001", "c2,extreme,shodan", "0", "juroots" "2025-01-19 16:47:28", "1388163", "34.244.21.227:1604", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/34.244.21.227#1604", "c2,netsupport,shodan", "0", "juroots" "2025-01-19 16:47:23", "1388162", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:47:22", "1388161", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:47:20", "1388160", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:47:19", "1388159", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:47:18", "1388158", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:47:13", "1388157", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:46:57", "1388154", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:46:57", "1388155", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:46:57", "1388156", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:46:55", "1388150", "45.132.245.253:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/45.132.245.253#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 16:46:55", "1388151", "181.50.73.64:57322", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57322", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 16:46:55", "1388152", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 16:46:55", "1388153", "181.50.73.64:57722", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57722", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 16:46:54", "1388148", "181.50.73.64:57422", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57422", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 16:46:54", "1388149", "181.50.73.64:57622", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57622", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 16:46:53", "1388147", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:46:06", "1388146", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 16:46:01", "1388145", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 16:45:46", "1388144", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 16:45:37", "1388143", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 16:45:35", "1388142", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 16:45:34", "1388141", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 16:45:31", "1388140", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 16:45:13", "1388139", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 16:09:28", "1388133", "https://trickyobseel.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "19January2025,iocbottest", "0", "Gi7w0rm" "2025-01-19 16:09:27", "1388134", "https://steelysacckz.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "19January2025,iocbottest", "0", "Gi7w0rm" "2025-01-19 16:09:27", "1388135", "https://mshyhennyk.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "19January2025,iocbottest", "0", "Gi7w0rm" "2025-01-19 16:09:27", "1388136", "https://quitgirlek.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "19January2025,iocbottest", "0", "Gi7w0rm" "2025-01-19 16:09:26", "1388137", "https://curved-goose.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "19January2025,iocbottest", "0", "Gi7w0rm" "2025-01-19 16:09:26", "1388138", "https://futfilcreat.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "19January2025,iocbottest", "0", "Gi7w0rm" "2025-01-19 16:04:32", "1388132", "104.225.129.101:8465", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/104.225.129.101", "AS395092,BianLian,C2,censys,SHOCK-1", "0", "DonPasci" "2025-01-19 16:04:31", "1388131", "108.61.216.142:5060", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/108.61.216.142", "AS-VULTR,AS20473,BianLian,C2,censys", "0", "DonPasci" "2025-01-19 16:03:59", "1388129", "myaccount.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+myaccount.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 16:03:59", "1388130", "play.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+play.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 16:03:28", "1388128", "verifynavycu.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.143.1.71+verifynavycu.com", "AS198953,C2,censys,PROTON66,RAT,Remcos", "0", "DonPasci" "2025-01-19 15:47:29", "1388126", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:29", "1388127", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:27", "1388125", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:26", "1388124", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:25", "1388123", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:20", "1388122", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:07", "1388119", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:07", "1388120", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:07", "1388121", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:47:03", "1388118", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:46:17", "1388117", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 15:46:12", "1388116", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 15:45:58", "1388115", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 15:45:50", "1388114", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 15:45:48", "1388113", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 15:45:47", "1388112", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 15:45:44", "1388111", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 15:45:25", "1388110", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 15:26:36", "1388108", "124.71.164.7:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-19 15:26:36", "1388109", "46.29.160.177:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-19 15:26:35", "1388107", "185.186.245.33:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-19 15:26:34", "1388106", "118.89.79.204:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch" "2025-01-19 15:26:24", "1388105", "104.129.181.228:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-01-19 14:48:11", "1388103", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:48:11", "1388104", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:48:08", "1388102", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:48:06", "1388100", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:48:06", "1388101", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:47:59", "1388099", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:47:42", "1388096", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:47:42", "1388097", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:47:42", "1388098", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:47:37", "1388095", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:46:38", "1388094", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 14:46:32", "1388093", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 14:46:14", "1388092", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 14:46:05", "1388091", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 14:46:03", "1388090", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 14:46:02", "1388089", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 14:45:58", "1388088", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 14:45:38", "1388087", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 13:55:03", "1388086", "162.250.127.123:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/39e9de563fb308499965ea8c138875b302565d8747c0efb68b9a357f33d6670b/", "asyncrat", "0", "abuse_ch" "2025-01-19 13:47:25", "1388084", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:25", "1388085", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:22", "1388083", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:21", "1388081", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:21", "1388082", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:16", "1388080", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:03", "1388078", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:03", "1388079", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:47:02", "1388077", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:46:58", "1388076", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:46:17", "1388075", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 13:46:12", "1388074", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 13:45:59", "1388073", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 13:45:51", "1388072", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 13:45:49", "1388071", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 13:45:48", "1388070", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 13:45:44", "1388069", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 13:45:12", "1388068", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 12:49:04", "1388066", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:49:04", "1388067", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:49:01", "1388065", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:59", "1388063", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:59", "1388064", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:54", "1388062", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:30", "1388059", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:30", "1388060", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:30", "1388061", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:48:25", "1388058", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:47:24", "1388057", "www.nemonet.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:47:09", "1388056", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 12:46:58", "1388055", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 12:46:35", "1388054", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 12:46:24", "1388053", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 12:46:22", "1388052", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 12:46:20", "1388051", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 12:46:17", "1388050", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 12:45:57", "1388049", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 12:19:44", "1388047", "http://5.8.18.7/filezzz.php", "url", "botnet_cc", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "c2,gootloader", "0", "juroots" "2025-01-19 12:19:44", "1388048", "http://5.8.18.7/filesst.php", "url", "botnet_cc", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "c2,gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388039", "03a46ad7873ddb6663377282640d45e38697e0fdc1512692bcaee3cbba1aa016", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388040", "1fcc418bdd7d2d40e7f70b9d636735ab760e1044bb76f8c2232bd189e2fd8be7", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388041", "258cb1d60a000e8e0bb6dc751b3dc14152628d9dd96454a3137d124a132a4e69", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388042", "5d50a7cf15561f35ed54a2e442c3dfdac1d660dc18375f7e4105f50eec443f27", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388043", "7bcffa722687055359c600e7a9abf5d57c9758dccf65b288ba2e6f174b43ac57", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388044", "af50c735173326b2af2e2d2b4717590e813c67a65ba664104880dc5d6a58a029", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388045", "89672c08916dd38d9d4b7f5bbf7f39f919adcaebc7f8bb1ed053cb701005499a", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:18:06", "1388046", "0874d307fc45886d2751cd9e6816513dc3e1604e514ef1b291bbe7b1a887cd96", "sha256_hash", "payload", "js.gootloader", "SLOWPOUR", "GootLoader", "", "50", "https://github.com/sophoslabs/IoCs/blob/master/IOC-sheet_gootloader2025.csv", "gootloader", "0", "juroots" "2025-01-19 12:04:43", "1388037", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 12:04:43", "1388038", "217.111.88.98:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/217.111.88.98#443", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 12:04:14", "1388036", "38.146.27.20:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/38.146.27.20", "AS174,C2,censys,COGENT-174,Gafgyt", "0", "DonPasci" "2025-01-19 12:04:03", "1388035", "18.170.59.177:80", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/18.170.59.177", "AMAZON-02,AS16509,C2,censys,Ermac,panel", "0", "DonPasci" "2025-01-19 12:04:01", "1388034", "35.180.125.212:26009", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/35.180.125.212", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-19 12:03:58", "1388033", "accounts.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+accounts.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 12:03:57", "1388030", "content.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+content.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 12:03:57", "1388031", "accounts.youtube.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+accounts.youtube.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 12:03:57", "1388032", "apis.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+apis.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 12:03:53", "1388029", "102.117.162.103:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/102.117.162.103", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-01-19 12:03:49", "1388028", "149.126.95.29:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/149.126.95.29", "AS152179,AsyncRAT,C2,censys,GCNL-AS-AP,RAT", "0", "DonPasci" "2025-01-19 12:03:48", "1388026", "83.136.208.202:6745", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/83.136.208.202", "AS400897,AsyncRAT,C2,censys,PETROSKY,RAT", "0", "DonPasci" "2025-01-19 12:03:48", "1388027", "5.12.213.37:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/5.12.213.37", "AS8708,AsyncRAT,C2,censys,RAT,RCS-RDS", "0", "DonPasci" "2025-01-19 12:03:28", "1388025", "23.227.199.96:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/23.227.199.96", "AS29802,C2,censys,HVC-AS,Sliver", "0", "DonPasci" "2025-01-19 12:03:12", "1388024", "60.205.56.181:6666", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/60.205.56.181", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-01-19 12:03:11", "1388023", "23.247.130.245:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/23.247.130.245", "AS138152,C2,censys,CobaltStrike,cs-watermark-987654321,YISUCLOUDLTD-HK", "0", "DonPasci" "2025-01-19 12:00:17", "1388022", "185.222.57.84:55615", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-01-19 11:47:33", "1388020", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:33", "1388021", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:31", "1388019", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:30", "1388018", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:29", "1388017", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:24", "1388016", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:11", "1388014", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:11", "1388015", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:10", "1388013", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:47:07", "1388012", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:46:23", "1388011", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 11:46:19", "1388010", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 11:46:06", "1388009", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 11:45:56", "1388008", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 11:45:54", "1388007", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 11:45:53", "1388006", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 11:45:50", "1388005", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 11:45:34", "1388004", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 10:47:59", "1388002", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:59", "1388003", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:56", "1388001", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:55", "1388000", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:54", "1387999", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:48", "1387998", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:33", "1387995", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:33", "1387996", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:33", "1387997", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:47:29", "1387994", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:46:55", "1387993", "103.30.76.254:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-01-19 10:46:36", "1387992", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 10:46:30", "1387991", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 10:46:15", "1387990", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 10:46:06", "1387989", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 10:46:03", "1387988", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 10:46:02", "1387987", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 10:45:59", "1387986", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 10:45:44", "1387985", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 10:36:02", "1387984", "185.196.8.37:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "", "50", "https://tracker.viriback.com/index.php?q=185.196.8.37", "Amadey,ViriBack", "0", "abuse_ch" "2025-01-19 10:13:36", "1387982", "https://skistarteriz.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:36", "1387983", "https://yndo-pepper.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387975", "https://joinresperct.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387976", "https://imperialmaru.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387977", "https://coattoystreet.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387978", "https://kidimprinyj.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387979", "https://weardawwerz.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387980", "https://permussiduebuz.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:35", "1387981", "https://voyageprivato.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:34", "1387970", "https://writerendangez.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:34", "1387971", "https://smootycomper.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:34", "1387972", "https://givecuubys.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:34", "1387973", "https://imitiatcarvvh.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:34", "1387974", "https://steepfright.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:33", "1387965", "https://bellgoodysu.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:33", "1387966", "https://purringsawwyuz.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:33", "1387967", "https://aggresiwevommen.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:33", "1387968", "https://clammyrobiny.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:13:33", "1387969", "https://glibvisitiru.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-19 10:12:27", "1387964", "124.221.100.215:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/124.221.100.215", "AS45090,c2,censys,CN,cobaltstrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci" "2025-01-19 10:12:19", "1387963", "sensatiogener.sbs", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/sensatiogener.sbs", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:57", "1387962", "bellgoodysu.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/bellgoodysu.cyou", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:56", "1387961", "purringsawwyuz.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/purringsawwyuz.cyou", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:55", "1387960", "aggresiwevommen.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/aggresiwevommen.cyou", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:54", "1387959", "clammyrobiny.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/clammyrobiny.cyou", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:50", "1387958", "glibvisitiru.click", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/glibvisitiru.click", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:49", "1387957", "writerendangez.click", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/writerendangez.click", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:48", "1387956", "smootycomper.click", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/smootycomper.click", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:47", "1387955", "givecuubys.click", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/givecuubys.click", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:43", "1387954", "comptetscant.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/comptetscant.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:42", "1387953", "imitiatcarvvh.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/imitiatcarvvh.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:40", "1387951", "steepfright.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/steepfright.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:40", "1387952", "bikedtwittg.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/bikedtwittg.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:39", "1387950", "joinresperct.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/joinresperct.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:38", "1387949", "imperialmaru.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/imperialmaru.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:37", "1387948", "coattoystreet.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/coattoystreet.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:36", "1387946", "kidimprinyj.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/kidimprinyj.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:36", "1387947", "stewkickyuope.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/stewkickyuope.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:35", "1387945", "weardawwerz.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/weardawwerz.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:34", "1387944", "permussiduebuz.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/permussiduebuz.shop", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:26", "1387943", "voyageprivato.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/voyageprivato.bond", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:25", "1387941", "skistarteriz.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/skistarteriz.bond", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:25", "1387942", "yndo-pepper.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/yndo-pepper.bond", "c2,domain,stealer,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:15", "1387940", "cz41806.tw1.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/cz41806.tw1.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:14", "1387939", "gaming0558.mygamesonline.org", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/gaming0558.mygamesonline.org", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:13", "1387938", "cv38351.tw1.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/cv38351.tw1.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:12", "1387937", "a1075712.xsph.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/a1075712.xsph.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:07", "1387936", "thirtevv13fr.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/thirtevv13fr.top", "c2,domain,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:05", "1387934", "twelveuu12th.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/twelveuu12th.top", "c2,domain,VirusTotal", "0", "DonPasci" "2025-01-19 10:11:05", "1387935", "fivess5sb.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/fivess5sb.top", "c2,domain,VirusTotal", "0", "DonPasci" "2025-01-19 10:00:14", "1387933", "http://185.196.8.37/Gd85kkjf/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "None", "Amadey", "0", "abuse_ch" "2025-01-19 09:47:34", "1387931", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:34", "1387932", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:31", "1387930", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:30", "1387929", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:29", "1387928", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:24", "1387927", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:10", "1387924", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:10", "1387925", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:10", "1387926", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:47:06", "1387923", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:46:21", "1387922", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 09:46:16", "1387921", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 09:46:00", "1387920", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 09:45:50", "1387919", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 09:45:48", "1387918", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 09:45:46", "1387917", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 09:45:43", "1387916", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 09:45:18", "1387915", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 09:32:15", "1387907", "dee450c1654e768ba58402bebd7834c2f36a321284d736917d76934578992bca", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387908", "6cf0cfd51b09634194d679fb2c3d8706548e02125346be33ac62deb68f6f0190", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387909", "13d72d8ee7cdd0d2e343b6dc08b957c9796d411062c6be9d864bded9d7e4c9e1", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387910", "6e8a174a9bcf36890ed5b6b3666400b2393a45eb21ffe826067e3124f1377c21", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387911", "b9844b013059f5378d1906fd756b41ae402ed4f47a70f1b679da0b5b74346236", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387912", "d93858aef7e77a3e740e328a2c50b645ee5cd9e8424d56fe41a622816adb4fac", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387913", "e4354736e9ff09bcc51f7cc29e1423a656806031c661098254f26f7d317d0e04", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:32:15", "1387914", "6f3d87f3dcfd248e64d26cf338a19f41a6f93affdde5fab071a631ff38637757", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:28:40", "1387906", "4c53a8e41c934a3a9abef822a69a7372884978dfcc296b8ec9eab4d6a0fddbc5", "sha256_hash", "payload", "win.lockbit", "ABCD Ransomware", "LockBit", "", "50", "", "lockbit", "0", "juroots" "2025-01-19 09:18:36", "1387904", "levels-lcd.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 09:18:36", "1387905", "yet-involving.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-19 09:18:01", "1387902", "https://pitchseed.com/tmp/dtnnbtndj1-uhmy8s5e-29082/", "url", "payload_delivery", "win.emotet", "Geodo,Heodo", "Emotet", "", "50", "https://www.virustotal.com/gui/file/7d833c12911a22f6aa9e8bdb229975da90724526e2f4e93afa1d089db80a0491/detection", "emotet", "0", "juroots" "2025-01-19 09:18:01", "1387903", "https://www.mamajscakes.com/ytoawkr/gclxi-04u8tr-022249/", "url", "payload_delivery", "win.emotet", "Geodo,Heodo", "Emotet", "", "50", "https://www.virustotal.com/gui/file/7d833c12911a22f6aa9e8bdb229975da90724526e2f4e93afa1d089db80a0491/detection", "emotet", "0", "juroots" "2025-01-19 09:18:00", "1387899", "http://jacobsondevelopers.com/wp-content/m9yufwg62-ivbak8-8431/", "url", "payload_delivery", "win.emotet", "Geodo,Heodo", "Emotet", "", "50", "https://www.virustotal.com/gui/file/7d833c12911a22f6aa9e8bdb229975da90724526e2f4e93afa1d089db80a0491/detection", "emotet", "0", "juroots" "2025-01-19 09:18:00", "1387900", "http://www.shakeraleighbeauty.com/subscription/9qtkw7-57djmwa46x-074306828/", "url", "payload_delivery", "win.emotet", "Geodo,Heodo", "Emotet", "", "50", "https://www.virustotal.com/gui/file/7d833c12911a22f6aa9e8bdb229975da90724526e2f4e93afa1d089db80a0491/detection", "emotet", "0", "juroots" "2025-01-19 09:18:00", "1387901", "http://zabesholidays.me/api.mud/oyokx-xih3-8811/", "url", "payload_delivery", "win.emotet", "Geodo,Heodo", "Emotet", "", "50", "https://www.virustotal.com/gui/file/7d833c12911a22f6aa9e8bdb229975da90724526e2f4e93afa1d089db80a0491/detection", "emotet", "0", "juroots" "2025-01-19 09:06:54", "1387898", "198.27.81.184:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/198.27.81.184#10001", "c2,extreme,shodan", "0", "juroots" "2025-01-19 09:05:33", "1387894", "13.245.28.198:554", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.245.28.198#554", "c2,netsupport,shodan", "0", "juroots" "2025-01-19 09:05:33", "1387895", "13.245.28.198:55554", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.245.28.198#55554", "c2,netsupport,shodan", "0", "juroots" "2025-01-19 09:05:33", "1387896", "13.245.28.198:2154", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.245.28.198#2154", "c2,netsupport,shodan", "0", "juroots" "2025-01-19 09:05:33", "1387897", "13.37.233.210:5858", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.37.233.210#5858", "c2,netsupport,shodan", "0", "juroots" "2025-01-19 09:05:09", "1387892", "181.50.73.64:58122", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#58122", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 09:05:09", "1387893", "181.50.73.64:58322", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#58322", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 09:05:08", "1387888", "181.50.73.64:57522", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57522", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 09:05:08", "1387889", "181.50.73.64:58022", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#58022", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 09:05:08", "1387890", "181.50.73.64:57822", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/181.50.73.64#57822", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 09:05:08", "1387891", "54.68.48.57:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/54.68.48.57#80", "c2,gophish,phishing,shodan", "0", "juroots" "2025-01-19 09:04:29", "1387887", "http://194.59.31.82/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/77dbdf39-782b-4b34-8695-4bc8690971ae", "c2,hookbot,urlscan", "0", "juroots" "2025-01-19 09:03:58", "1387886", "http://37.139.129.142/htdocs/nnccyqnzfjhwokk.exe", "url", "payload_delivery", "win.masslogger", "None", "MASS Logger", "", "50", "https://urlscan.io/result/3946fdb6-459a-41f0-af0f-c2317528d32f", "exe,masslogger,urlscan", "0", "juroots" "2025-01-19 09:03:27", "1387885", "http://66.63.187.214/263ff79562167f22/mozglue.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/83d9a274-7b68-406b-84c2-afa1b1fce2d5", "dll,stealc,urlscan", "0", "juroots" "2025-01-19 09:02:18", "1387884", "https://stewkickyuope.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/530da88f-8275-48ae-bc24-57a2888eb999", "c2,lumma,urlscan", "0", "juroots" "2025-01-19 09:01:35", "1387883", "https://176.124.198.17/1da263bff25c8346.php", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/ceb5c36d-af42-4207-a0ae-fa64b0b4135c", "stealc,urlscan", "0", "juroots" "2025-01-19 09:01:34", "1387882", "http://5.188.86.231/0b6451de14750b6f.php", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/ecde3864-b787-452e-9c0f-8d84eb9f4832", "stealc,urlscan", "0", "juroots" "2025-01-19 08:47:08", "1387880", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:47:08", "1387881", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:47:06", "1387879", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:47:05", "1387878", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:47:04", "1387877", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:46:58", "1387876", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:46:44", "1387873", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:46:44", "1387874", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:46:44", "1387875", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:46:40", "1387872", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:45:56", "1387871", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 08:45:54", "1387869", "99.248.67.170:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-01-19 08:45:54", "1387870", "99.79.51.92:45954", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "75", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch" "2025-01-19 08:45:51", "1387868", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 08:45:38", "1387867", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 08:45:29", "1387866", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 08:45:27", "1387865", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 08:45:26", "1387864", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 08:45:23", "1387863", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 08:45:00", "1387862", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 08:43:57", "1387861", "18.218.8.239:5000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 08:43:19", "1387860", "117.135.238.171:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-01-19 08:30:09", "1387859", "41.216.183.179:3742", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-01-19 08:25:08", "1387858", "185.223.31.253:5552", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-01-19 08:04:24", "1387857", "94.198.40.6:20028", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "100", "https://search.censys.io/hosts/94.198.40.6", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci" "2025-01-19 08:04:20", "1387856", "156.238.253.131:80", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://search.censys.io/hosts/156.238.253.131", "AS8796,C2,censys,FD-298-8796,open-dir,Xworm", "0", "DonPasci" "2025-01-19 08:04:11", "1387855", "154.213.192.22:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/154.213.192.22", "AS51396,C2,censys,Gafgyt,open-dir,PFCLOUD", "0", "DonPasci" "2025-01-19 08:04:02", "1387854", "206.188.196.66:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://search.censys.io/hosts/206.188.196.66", "AS399629,BLNWX,C2,censys,kongtuke", "0", "DonPasci" "2025-01-19 08:03:57", "1387853", "3.88.195.76:788", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/3.88.195.76", "AMAZON-AES,AS14618,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-01-19 08:03:56", "1387852", "95.164.114.247:1011", "ip:port", "botnet_cc", "win.orcus_rat", "Schnorchel", "Orcus RAT", "", "100", "https://search.censys.io/hosts/95.164.114.247", "AS44477,C2,censys,Orcus,RAT,STARK-INDUSTRIES", "0", "DonPasci" "2025-01-19 08:03:48", "1387851", "109.199.101.109:70", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/109.199.101.109", "AS51167,AsyncRAT,C2,censys,CONTABO,RAT", "0", "DonPasci" "2025-01-19 08:03:47", "1387850", "66.225.254.143:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/66.225.254.143", "AS399486,AsyncRAT,C2,censys,RAT,VIRTUO", "0", "DonPasci" "2025-01-19 08:03:23", "1387848", "161.35.56.10:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/161.35.56.10", "AS14061,C2,censys,DIGITALOCEAN-ASN,RAT,Remcos", "0", "DonPasci" "2025-01-19 08:03:23", "1387849", "185.157.162.103:779", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/185.157.162.103", "AS42675,C2,censys,OBEHOSTING,RAT,Remcos", "0", "DonPasci" "2025-01-19 08:03:22", "1387847", "kela-vahvistaa.net", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.143.1.71+kela-vahvistaa.net", "AS198953,C2,censys,PROTON66,RAT,Remcos", "0", "DonPasci" "2025-01-19 08:03:10", "1387846", "120.26.164.174:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/120.26.164.174", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-19 07:50:07", "1387845", "http://452399cm.renyash.ru/_bigloadsqlbaseUniversalUploads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-19 07:47:00", "1387843", "94.20.88.63:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:47:00", "1387844", "94.20.88.63:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:57", "1387842", "82.67.60.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:56", "1387840", "80.64.30.50:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:56", "1387841", "81.70.49.19:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:51", "1387839", "51.96.90.80:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:37", "1387836", "35.77.10.21:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:37", "1387837", "35.79.20.13:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:37", "1387838", "35.79.20.7:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:46:33", "1387835", "20.5.43.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:45:50", "1387834", "cf.r8.lc", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 07:45:46", "1387833", "94.23.84.20:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-01-19 07:45:33", "1387832", "80.76.49.97:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 07:45:24", "1387831", "66.42.98.90:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "75", "None", "drb-ra,PupyRAT,RAT", "0", "abuse_ch" "2025-01-19 07:45:22", "1387830", "64.52.80.94:80", "ip:port", "botnet_cc", "win.meduza", "None", "Meduza Stealer", "", "75", "None", "drb-ra,MeduzaStealer", "0", "abuse_ch" "2025-01-19 07:45:21", "1387829", "62.68.75.16:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 07:45:19", "1387828", "54.87.32.39:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch" "2025-01-19 07:44:58", "1387827", "45.77.46.13:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-01-19 07:23:20", "1387826", "deedcompetlk.cyou", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 07:23:04", "1387825", "https://deedcompetlk.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 07:15:05", "1387824", "fnnkcnemajnnaja.top", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://bazaar.abuse.ch/sample/06d1c58ef9eaaabb7c036a635807916a60844785ce7be17e54ef9d6418f42206/", "KongTuke", "0", "abuse_ch" "2025-01-19 07:15:01", "1387823", "http://fnnkcnemajnnaja.top/1.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://bazaar.abuse.ch/sample/06d1c58ef9eaaabb7c036a635807916a60844785ce7be17e54ef9d6418f42206/", "KongTuke", "0", "abuse_ch" "2025-01-19 06:55:07", "1387822", "103.36.221.195:6661", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "ValleyRAT", "0", "abuse_ch" "2025-01-19 06:54:40", "1387818", "https://confidespill.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:54:40", "1387819", "https://vladimir-ulyanov.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:54:40", "1387820", "https://post-to-me.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:54:40", "1387821", "https://jammy-crusher.bond/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:53:57", "1387814", "confidespill.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:53:57", "1387815", "vladimir-ulyanov.com", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:53:57", "1387816", "post-to-me.com", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:53:57", "1387817", "jammy-crusher.bond", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-01-19 06:35:30", "1387521", "ssx.is", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "lumma,msi,trojan", "1", "ninjacatcher" "2025-01-19 06:35:30", "1387631", "https://kandercibebeler24.xyz/Y2VkNDY3OTIxNjc0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-01-19 06:35:28", "1387662", "91.151.93.62:6522", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-19 06:35:28", "1387664", "147.185.221.25:18976", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-19 06:35:27", "1387663", "homekoen.uswin.com.tr", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-19 06:35:27", "1387665", "ie-serving.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab" "2025-01-19 06:35:27", "1387754", "103-152-254-149.cprapid.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/103.152.254.149+103-152-254-149.cprapid.com", "AS7590,C2,censys", "0", "dyingbreeds_" "2025-01-19 06:35:26", "1387755", "piaozz.vip", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/144.48.8.193+piaozz.vip", "AS55933,C2,censys", "0", "dyingbreeds_" "2025-01-19 06:35:26", "1387756", "163.172.215.243:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/163.172.215.243", "AS12876,C2,censys,Supershell", "0", "dyingbreeds_" "2025-01-19 06:35:25", "1387758", "198.167.199.177:19132", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/198.167.199.177", "ABSTRACT,AS39287,C2,censys,RAT", "0", "dyingbreeds_" "2025-01-19 06:35:24", "1387760", "185.123.53.229:5000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.123.53.229", "AS62005,Botnet,BV-EU-AS,byob,C2,censys", "0", "dyingbreeds_" "2025-01-19 06:35:24", "1387761", "83.222.24.134:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://search.censys.io/hosts/83.222.24.134", "AS198610,BEGET-AS,C2,censys,Loader,T34loader", "0", "dyingbreeds_" "2025-01-19 06:35:24", "1387762", "64.227.157.239:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/64.227.157.239", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:23", "1387763", "46.41.134.153:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.41.134.153", "AS12824,censys,GoPhish,HOMEPL-AS,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:23", "1387764", "18.118.31.150:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.118.31.150", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:23", "1387765", "101.37.116.59:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/101.37.116.59", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:22", "1387766", "62.113.113.225:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/62.113.113.225", "AS48282,censys,GoPhish,Phishing,VDSINA-AS", "0", "dyingbreeds_" "2025-01-19 06:35:22", "1387767", "47.116.13.239:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.116.13.239", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:22", "1387768", "3.130.164.190:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.130.164.190", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:20", "1387769", "185.105.109.183:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.105.109.183", "AS210079,censys,EUROBYTE,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:20", "1387772", "60.250.100.243:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/60.250.100.243", "AS3462,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:19", "1387770", "15.207.89.93:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/15.207.89.93", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:18", "1387775", "223.167.229.205:8200", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/223.167.229.205", "AS17621,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:17", "1387771", "178.248.209.251:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/178.248.209.251", "AS197133,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:16", "1387773", "128.140.15.111:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/128.140.15.111", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:16", "1387774", "199.241.136.100:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/199.241.136.100", "AS29802,censys,GoPhish,HVC-AS,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:15", "1387776", "104.197.215.14:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.197.215.14", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 06:35:15", "1387777", "34.210.5.192:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.210.5.192", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-01-19 04:04:09", "1387735", "192.210.229.52:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/192.210.229.52", "AS-COLOCROSSING,AS36352,C2,censys,moobot", "0", "DonPasci" "2025-01-19 04:04:03", "1387734", "206.188.196.219:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://search.censys.io/hosts/206.188.196.219", "AS399629,BLNWX,C2,censys,kongtuke", "0", "DonPasci" "2025-01-19 04:03:56", "1387732", "159.65.220.207:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/159.65.220.207", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci" "2025-01-19 04:03:56", "1387733", "account.microsoft.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+account.microsoft.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 04:03:53", "1387731", "194.59.31.82:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/194.59.31.82", "AS399486,C2,censys,Hookbot,VIRTUO", "0", "DonPasci" "2025-01-19 04:03:49", "1387729", "95.214.54.164:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/95.214.54.164", "AS201814,AsyncRAT,C2,censys,MEVSPACE,RAT", "0", "DonPasci" "2025-01-19 04:03:49", "1387730", "74.120.121.82:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/74.120.121.82", "1GSERVERS,AS14315,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-01-19 04:03:29", "1387728", "206.166.251.48:63852", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/206.166.251.48", "AS399629,BLNWX,C2,censys,Sliver", "0", "DonPasci" "2025-01-19 04:03:26", "1387727", "172.94.9.168:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/172.94.9.168", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-01-19 04:03:25", "1387726", "161.35.219.59:7475", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/161.35.219.59", "AS14061,C2,censys,DIGITALOCEAN-ASN,RAT,Remcos", "0", "DonPasci" "2025-01-19 04:03:09", "1387724", "124.71.164.7:5001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/124.71.164.7", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci" "2025-01-19 04:03:09", "1387725", "101.201.54.74:11", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/101.201.54.74", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-01-19 03:30:04", "1387705", "http://185.246.65.175/d5b9b560.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-19 02:46:18", "1387694", "194.182.167.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 02:45:48", "1387693", "101.35.228.105:4431", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-01-19 01:55:03", "1387684", "196.119.225.21:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-01-19 00:04:10", "1387643", "193.233.237.190:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/193.233.237.190", "AS215096,C2,censys,MADHOST-AS,moobot", "0", "DonPasci" "2025-01-19 00:03:57", "1387640", "git.deneb.it", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/51.178.83.13+git.deneb.it", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci" "2025-01-19 00:03:57", "1387641", "outlook.upgrade1.zip", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/209.74.66.221+outlook.upgrade1.zip", "AS22612,C2,censys,Havoc,NAMECHEAP-NET", "0", "DonPasci" "2025-01-19 00:03:56", "1387639", "88.119.169.197:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/88.119.169.197", "AS61272,C2,censys,Havoc,IST-AS", "0", "DonPasci" "2025-01-19 00:03:54", "1387638", "200.109.24.238:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/200.109.24.238", "AS8048,C2,CANTV,censys,Quasar,RAT", "0", "DonPasci" "2025-01-19 00:03:48", "1387637", "43.156.95.75:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.156.95.75", "AS132203,C2,censys,Supershell,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-01-19 00:03:29", "1387636", "119.91.56.217:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/119.91.56.217", "AS45090,C2,censys,Sliver,TENCENT-NET-AP", "0", "DonPasci" "2025-01-19 00:03:25", "1387635", "annulation-mabanquebnp.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/193.143.1.71+annulation-mabanquebnp.com", "AS198953,C2,censys,PROTON66,RAT,Remcos", "0", "DonPasci" "2025-01-19 00:03:14", "1387634", "179.52.27.124:8181", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/179.52.27.124", "AS6400,C2,censys,Compania,PenTera", "0", "DonPasci" "2025-01-19 00:03:11", "1387633", "182.92.236.252:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/182.92.236.252", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-01-19 00:03:08", "1387632", "82.156.0.140:9900", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/82.156.0.140", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci" # Number of entries: 2403