################################################################ # ThreatFox IOCs: recent additions - CSV format # # Last updated: 2024-11-21 08:00:12 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2024-11-21 08:00:12", "1346595", "154.216.16.54:6092", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/402dc87138121e2ac00c7bc65bbdd39a9ab0091c3a1b163066924887a20ab361/", "remcos", "0", "abuse_ch" "2024-11-21 07:13:48", "1346593", "45.155.37.158:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:13:48", "1346594", "45.83.20.213:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:13:47", "1346590", "149.154.153.2:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:13:47", "1346591", "46.249.38.179:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:13:47", "1346592", "79.132.130.23:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346574", "yrmdkujkkbbz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346575", "ysdwk0l8xass.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346576", "yu4cf2njdqtv.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346577", "z0326e3cp6wo.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346578", "zboa9irfs2bv.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346579", "zdjs22x7jie8.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346580", "zhwt1lf5gclu.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346581", "zl7bmlfq8n9w.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346582", "zml0liy8t9ec.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346583", "zoki7ma89z7b.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346584", "zpo18lm8vg1x.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346585", "zsm954jr5ek4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346586", "zt3nnzr70hn0.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346587", "ztg55ej90ari.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346588", "zv46ga4ntybq.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:57", "1346589", "zx4u41mgxq6x.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346554", "whvffwd7zphw.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346555", "wi1w9yu1vush.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346556", "wom4o4cutfx6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346557", "wpvf6nome553.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346558", "ws97loclildz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346559", "wswis3sptby1.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346560", "wuxj658w482y.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346561", "wvj9kgl9ihhe.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346562", "wy208n1h4fx4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346563", "x2r9bglz76r7.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346564", "x99ahfftf28l.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346565", "xc9jzl8n3mya.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346566", "xdct138800gn.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346567", "xnmicwdmlkqm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346568", "xqqoo0a8zk0w.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346569", "y3mpywhmem7t.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346570", "y626kbnryktm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346571", "y9s73mnvurxr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346572", "yczi2ujcyyro.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:56", "1346573", "yoeedt2afs6g.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346532", "usgdwvnaa1ld.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346533", "usqgw2bvlxf1.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346534", "ut6qohwra5lm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346535", "uvann7a8dc4s.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346536", "uztmazsno4y5.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346537", "v8i86sawgtga.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346538", "vikjurbmmiu2.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346539", "vivh2xlt9i6q.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346540", "vp9c9rziba2a.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346541", "vrrbk7ykz8h1.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346542", "vsvflq7ehwmc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346543", "vt55pc7kyb0b.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346544", "vtv3exgyhiph.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346545", "vty734e9v4uv.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346546", "vw5ml50769aa.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346547", "vy9u47oyzltu.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346548", "w30vk3531dej.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346549", "w3nhid8w6qhc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346550", "w4wgwgvmf9ct.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346551", "w5e57imddx2p.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346552", "wbljk8p8ddm8.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:55", "1346553", "whko7loy7h5z.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346511", "rjql4nicl6bg.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346512", "rkffupb7i1gv.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346513", "rvjuigv5fasw.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346514", "sbeo0cztn1kh.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346515", "sgl7og2qswmm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346516", "sgztlhpq7hjh.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346517", "si00bu9fv5he.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346518", "si500s8ghrhk.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346519", "st5j8zqdrppf.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346520", "sv3pldc5gkdl.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346521", "svviz5wc7lgg.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346522", "sxauicqq93vc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346523", "sy2ove7rm8xj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346524", "t1473sdzlxpz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346525", "tbt0aqol3sp2.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346526", "tsaljzw4n08y.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346527", "tue8ewbznzuh.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346528", "tyfqgmpj6mdp.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346529", "u9trr3isvdhq.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346530", "ugko9g5ipa4o.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:54", "1346531", "ugm94zjzl5nl.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346490", "peck4grakjq3.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346491", "pjwdypu4zhcj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346492", "prsmqbgcl655.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346493", "pw32n6xs44kz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346494", "q23npiabi1b9.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346495", "q653kbddwgwo.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346496", "qbl27phekk7p.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346497", "qc0dv69e1ub0.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346498", "qdmq0x08ez76.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346499", "qiqpq7vl7l8f.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346500", "qk6a1ahb63uz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346501", "qu8z6xvgn574.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346502", "qvb4xvuxv34j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346503", "qw93n29j3ckj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346504", "qw9a58vunuja.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346505", "qydstwmw2imy.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346506", "r2c9fj5fxeks.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346507", "r6o2sj70m85m.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346508", "rc5f77iac2pk.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346509", "rdjpjf4dogbk.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:53", "1346510", "rg26t2dc4hf4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346469", "nbjbppl4to3z.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346470", "ncx7jf2irofs.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346471", "ndwz99m5qq9e.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346472", "nevkq7lku38l.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346473", "nfggas3od8ft.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346474", "nhkvd56j82xw.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346475", "nhl2mrxdfwpr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346476", "nl60gv2bh1oy.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346477", "nn2lzqkvvqas.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346478", "npww7jbq9bby.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346479", "nqegf98i8b6z.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346480", "nt000parpu2j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346481", "nvgirtryox1z.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346482", "o337yf9fh4bf.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346483", "o4eylekzbn1c.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346484", "o74k3j5jb3fi.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346485", "ovekd5n3gklq.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346486", "p4jydxsh9rfy.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346487", "pajdiulm557o.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346488", "pbx71kj2i60y.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:52", "1346489", "pdw0v9voxlxr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346447", "kse2q7uxyrwp.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346448", "kz6ec7e8b65d.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346449", "l3ofrslrqi1c.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346450", "l6twpf9rs4tr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346451", "lexcomak5gr4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346452", "lvxu4bay2zbi.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346453", "lw4j77uju8pp.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346454", "m09y74kg48fn.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346455", "m4tx2apfmoxo.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346456", "mckag832orba.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346457", "mfwnbxvt9qme.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346458", "midyxlu6b22f.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346459", "mjxuo21v7m61.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346460", "mlapn50uxw9v.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346461", "mmmpa1byo300.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346462", "mmr9xlyxzx82.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346463", "mqmjiiw89dh7.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346464", "mtqdvzkai700.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346465", "n0915tjvju0p.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346466", "n2uc737ef71m.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346467", "najmubn5aaq8.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:51", "1346468", "nb7kh0ch7jhi.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346426", "hwxw76qvnvsi.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346427", "hxc1x3no0o4j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346428", "i18t3jshekua.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346429", "i3iubj73c21c.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346430", "i404wfndsogw.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346431", "ic3xmpvjda0f.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346432", "il3xglyjmtyc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346433", "ilp3urzo9kag.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346434", "isdeio7algf8.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346435", "jawiqrzaactj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346436", "jbqqapfqwsbx.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346437", "jc51pt290y0n.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346438", "jcpx6uvkyi6j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346439", "jelkm7pxeiej.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346440", "jh0ybbi2x3qi.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346441", "jhgpbf6btiyx.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346442", "jq6j4xahl9bc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346443", "jyss7n9vmgie.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346444", "k6r7vemk6bvp.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346445", "kbkdtwucfl40.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:50", "1346446", "kkpjp9jzbzba.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346405", "eveduk5ox1qx.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346406", "exnlmrzjk9qc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346407", "f4crfba23nw6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346408", "f6s4n6w41oov.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346409", "fek3qya20lid.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346410", "flnenmtgtmua.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346411", "fribbomlqhr6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346412", "ftxodsy5xwbu.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346413", "g3in90m5caz2.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346414", "g604vf7250p7.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346415", "gpk97r68ualc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346416", "gx6xly9rp6vl.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346417", "gxisp0gpznx3.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346418", "h2klkgn348b4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346419", "h7wlytwy4x04.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346420", "h81fx7sj8srr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346421", "h9rs75hncwhe.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346422", "hkk3112645hz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346423", "hlt3vsvywu0h.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346424", "hmcrbt08mwns.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:49", "1346425", "hrc7wx3t279t.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346383", "bxsoogjl68x4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346384", "by209mp9ux7l.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346385", "c8g7qp4v5wrz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346386", "cea3571xxgik.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346387", "cqmeb9oww6ge.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346388", "cvnsiogvl3kt.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346389", "cxmol7xleuko.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346390", "cxt4dbxe5z8j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346391", "dad1zg44n0bn.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346392", "dbehn6j4eo8w.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346393", "didfn4ti9dub.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346394", "djdcwrayut4e.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346395", "doj6z5i9g803.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346396", "dxjeucbj4p0j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346397", "e0et68offggh.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346398", "e0kp1z1172fc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346399", "e0x9x2elinlq.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346400", "e0z7zira31kl.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346401", "e61wl4hvygsm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346402", "e7ivqfhnss0x.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346403", "em384aqhmcf4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:48", "1346404", "enf3gev34gis.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346363", "a01fubohct6o.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346364", "a1w5xfjqmsqg.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346365", "a1ybrgv4l17q.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346366", "a4tgoqi1cm8x.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346367", "a8bxv8lqe1m0.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346368", "amwnef8mjo4v.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346369", "aqjmrj6al93j.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346370", "au97foecnlrm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346371", "avwtkc23ffmw.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346372", "ax0n8xgcoxrb.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346373", "b0m5wu1321oc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346374", "b72o02l2ilc6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346375", "bb7yagbjh97a.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346376", "bm8h637h6iyq.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346377", "bmdcn5celetq.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346378", "bnaqhh4afsbk.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346379", "bnpuxnov7lhr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346380", "bqlv6aj9kcse.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346381", "brqs41ehse7h.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:47", "1346382", "bw59chpi635u.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346342", "7xe3hsgshou7.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346343", "7xr6qqar5udj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346344", "7xwz4hw8dts9.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346345", "7zggkh833im1.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346346", "809b03x27fi6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346347", "83z0nl2piwr8.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346348", "86ishytz9u7v.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346349", "8nxybioj7yyr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346350", "8u7r35mu2e4g.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346351", "8wgq2x4dybx9.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346352", "919gdzdsh875.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346353", "91vk7tzyjz50.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346354", "93532tdctv9n.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346355", "949akcta77hb.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346356", "96lwn3t0l09d.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346357", "97t3nh4kk510.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346358", "9czpsd7vz7ki.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346359", "9izvqig6y2x2.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346360", "9n6bmko47gxe.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346361", "9rib57u1zu3c.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:46", "1346362", "9yi98fh7usy1.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346320", "56ay6pdta1cj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346321", "56isecfkc6o5.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346322", "56twol6whmuw.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346323", "5k9b8nmc0x8r.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346324", "5pnoroy33rs6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346325", "5t1etvjo7mks.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346326", "5tdp1iu4ihcc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346327", "5u42wjin0vfz.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346328", "5vemrk03ekz1.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346329", "6bbqbdc2b960.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346330", "6ijcq51cepr6.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346331", "6l96lk6edlyf.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346332", "6vfmbabg9pc9.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346333", "6z96z4mk84dc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346334", "76bwxwes4lsm.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346335", "7aitzo5gvl32.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346336", "7brlqqqwvjmj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346337", "7c4eg8zwt2g4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346338", "7ju937zqujo0.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346339", "7mhh5gky493r.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346340", "7n1hfolmrnbl.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:45", "1346341", "7srgwdrxaogy.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346299", "2b1iajzctif7.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346300", "2j06j0zbw4fa.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346301", "3c2xflq8mztc.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346302", "3c4vbp09o4vi.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346303", "3e60zvd64d8y.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346304", "3ibjpmls5x46.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346305", "3mttjimj67ty.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346306", "3rcsnn36p6s5.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346307", "3rlfa7w0bz37.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346308", "3vf80x1nn2fl.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346309", "3wea9rl1rgeg.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346310", "40vzdof7rw3k.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346311", "42grunsnoe9w.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346312", "43xlybjsso81.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346313", "45urhm0ldgxb.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346314", "498t20uubi3o.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346315", "4hk1bcnxbse0.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346316", "4llsz5uucm4c.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346317", "4mo318kk29i4.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346318", "4moudqs62qop.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:44", "1346319", "4vtje1w38exh.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346290", "0981sldrltbr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346291", "0cveatwx9onj.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346292", "0rhagsowd21x.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346293", "11lcj1foy666.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346294", "120kgwc4jfly.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346295", "14l0gvqa2wfs.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346296", "19eirqhj1ptr.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346297", "1huvyn540lvf.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 07:09:43", "1346298", "20vg4bnmsm2g.live", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "", "BumbleBee", "0", "abuse_ch" "2024-11-21 06:07:09", "1346289", "45.77.64.151:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2024-11-21 06:07:08", "1346287", "123.57.69.200:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-21 06:07:08", "1346288", "110.40.36.87:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:07:06", "1346285", "8.210.234.49:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:07:06", "1346286", "212.115.54.214:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch" "2024-11-21 06:07:05", "1346284", "129.204.86.107:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch" "2024-11-21 06:07:04", "1346283", "47.108.137.47:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:07:00", "1346282", "117.18.3.53:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:06:55", "1346281", "47.95.17.42:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch" "2024-11-21 06:06:26", "1346280", "198.98.49.132:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-21 06:05:47", "1346279", "154.211.13.143:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:05:44", "1346278", "116.204.21.94:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-21 06:05:43", "1346277", "47.108.60.233:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:05:41", "1346276", "47.108.60.233:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:05:40", "1346275", "43.131.246.114:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch" "2024-11-21 06:05:26", "1346274", "43.139.248.193:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-21 06:05:22", "1346273", "150.158.10.232:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:05:18", "1346272", "43.142.166.217:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-21 06:05:13", "1346271", "117.72.14.90:89", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-21 06:04:55", "1346270", "116.204.21.94:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-21 06:04:16", "1346265", "18.246.231.120:80", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "None", "infostealer,lokibot,stealer", "0", "SarlackLab" "2024-11-21 06:04:16", "1346267", "https://89c9bebf541c17a229d921556d14a4ffd4.com/MWZjODg0YjhhMWVi/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2024-11-21 06:04:15", "1346266", "remcosnov24.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "c2,duckdns,remcos", "0", "DaveLikesMalwre" "2024-11-21 06:04:14", "1346262", "https://bsfchile.com/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2024-11-21 06:04:14", "1346263", "https://bsfchile.com/work/das.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2024-11-21 06:04:14", "1346264", "https://bsfchile.com/work/fix.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2024-11-21 06:04:13", "1346254", "http://38.180.147.18:80/palofd", "url", "payload_delivery", "win.spectre", "None", "Spectre Rat", "", "75", "", "PA,palo alto,Spectre", "0", "stopransom" "2024-11-21 06:04:06", "1346268", "http://67.207.85.215:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS14061,DigitalOcean LLC,supershell", "0", "antiphishorg" "2024-11-21 06:04:05", "1346269", "67.207.85.215:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS14061,DigitalOcean LLC,supershell", "0", "antiphishorg" "2024-11-20 20:47:21", "1346261", "103.54.153.76:56001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://urlhaus.abuse.ch/host/aviationchartersolutions.com/", "AsyncRAT", "0", "NDA0E" "2024-11-20 20:21:59", "1346260", "www.aviationchartersolutions.com", "domain", "payload_delivery", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://urlhaus.abuse.ch/host/www.aviationchartersolutions.com/", "AsyncRAT,Donut,DonutInjector,DonutLoader", "0", "NDA0E" "2024-11-20 20:21:44", "1346259", "aviationchartersolutions.com", "domain", "payload_delivery", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://urlhaus.abuse.ch/host/aviationchartersolutions.com/", "AsyncRAT,Donut,DonutInjector,DonutLoader", "0", "NDA0E" "2024-11-20 15:41:13", "1346251", "nyciot.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113516006827293965", "KongTuke", "0", "monitorsg" "2024-11-20 15:41:13", "1346252", "https://nyciot.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113516006827293965", "KongTuke", "0", "monitorsg" "2024-11-20 15:41:10", "1346250", "https://nyciot.com/je5vl.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113516006827293965", "KongTuke", "0", "monitorsg" "2024-11-20 15:41:09", "1346224", "segurofinalizar.shop", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113515584195173024", "SmartApeSG", "0", "monitorsg" "2024-11-20 15:41:08", "1346226", "https://segurofinalizar.shop/work/fix2.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113515584195173024", "SmartApeSG", "0", "monitorsg" "2024-11-20 15:41:07", "1346227", "https://segurofinalizar.shop/work/xxx.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113515584195173024", "SmartApeSG", "0", "monitorsg" "2024-11-20 15:41:05", "1346225", "https://segurofinalizar.shop/work/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113515584195173024", "SmartApeSG", "0", "monitorsg" "2024-11-20 15:41:04", "1346223", "https://segurofinalizar.shop/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113515584195173024", "SmartApeSG", "0", "monitorsg" "2024-11-20 15:41:03", "1346203", "https://jaipurraj.com/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2024-11-20 15:41:02", "1346204", "https://jaipurraj.com/work/das.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2024-11-20 15:41:01", "1346205", "https://jaipurraj.com/work/fix.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2024-11-20 15:41:00", "1346206", "http://94.156.177.41/simple/five/PvqDq929BSx_A_D_M1n_a.php", "url", "botnet_cc", "apk.lokibot", "None", "LokiBot", "", "100", "None", "AS214943,lokibot,Railnet LLC", "0", "antiphishorg" "2024-11-20 15:40:58", "1346217", "192.129.178.61:9001", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "https://www.shodan.io/host/192.129.178.61", "c2,dcrat", "0", "juroots" "2024-11-20 15:40:57", "1346218", "45.158.14.11:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "", "c2,hookbot", "0", "juroots" "2024-11-20 15:40:56", "1346219", "185.251.91.157:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2024-11-20 15:40:13", "1346253", "http://31.177.109.184/8331a12a495c21b2.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "None", "Stealc", "0", "abuse_ch" "2024-11-20 15:31:39", "1346249", "106.75.33.253:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:06", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:31:36", "1346248", "139.180.190.205:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:05:42", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-20 15:31:35", "1346247", "113.45.142.235:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:05:36", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:31:33", "1346246", "16.162.220.217:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:11", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-20 15:31:32", "1346245", "129.204.11.57:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:04:56", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:31:23", "1346244", "47.108.72.55:83", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:10", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2024-11-20 15:31:18", "1346243", "8.152.216.26:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:06:50", "100", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch" "2024-11-20 15:31:02", "1346242", "45.140.168.166:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:30:54", "1346241", "202.95.12.137:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:06:28", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2024-11-20 15:30:24", "1346240", "110.40.138.5:4545", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:06:00", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:54", "1346239", "8.156.64.248:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:00", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2024-11-20 15:29:53", "1346238", "152.32.206.5:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:49", "1346237", "81.70.19.128:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:04:59", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2024-11-20 15:29:44", "1346236", "118.195.137.190:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:05", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:42", "1346235", "120.27.215.186:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:10", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:39", "1346234", "60.204.138.63:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:05:15", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:38", "1346233", "162.14.73.44:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:07:08", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:37", "1346232", "108.61.181.191:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:35", "1346230", "106.55.134.168:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:35", "1346231", "118.195.137.190:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:05:32", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:28", "1346229", "124.222.164.43:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 15:29:25", "1346228", "124.222.164.43:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 06:04:45", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2024-11-20 12:53:47", "1346222", "87.121.86.8:5055", "ip:port", "botnet_cc", "jar.strrat", "None", "STRRAT", "", "100", "https://bazaar.abuse.ch/sample/11f48863ce899743c5276b47296e3ba355b3974f1b22401c6c1d90a8ec81321c/", "STRRAT", "0", "NDA0E" "2024-11-20 12:53:25", "1346221", "badmiles.ddns.net", "domain", "botnet_cc", "jar.strrat", "None", "STRRAT", "", "100", "https://bazaar.abuse.ch/sample/11f48863ce899743c5276b47296e3ba355b3974f1b22401c6c1d90a8ec81321c/", "STRRAT", "0", "NDA0E" "2024-11-20 12:40:05", "1346220", "http://101.133.156.69:7001/fwlink", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/fe3848b53bf6701306cb0fa9618527dbad319a882d2d1307f8693f005c61c772/", "cobaltstrike", "0", "abuse_ch" "2024-11-20 10:34:18", "1346216", "http://179.60.149.194:8080/vxhxrqnb", "url", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "", "AS395839,c2,darkgate,drk2,HOSTKEY-USA,payload", "0", "DonPasci" "2024-11-20 10:34:17", "1346215", "http://91.243.50.68:8080/rdullfph", "url", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "", "AS34665,c2,darkgate,jma755,payload,PINDC-AS", "0", "DonPasci" "2024-11-20 10:34:16", "1346214", "http://91.243.50.68:8080/eqvukhda", "url", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "", "AS34665,c2,darkgate,jma755,payload,PINDC-AS", "0", "DonPasci" "2024-11-20 10:17:42", "1346213", "91.243.50.68:80", "ip:port", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "https://tria.ge/241114-cml6qaslgy", "AS34665,c2,darkgate,jma755,PINDC-AS", "0", "DonPasci" "2024-11-20 10:10:57", "1346212", "164.132.5.124:1111", "ip:port", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "https://tria.ge/241119-axpcqaxglg", "AS16276,c2,darkgate,Derry,OVH", "0", "DonPasci" "2024-11-20 10:08:48", "1346211", "reateberam.com", "domain", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-20 10:02:24", "1346209", "179.60.149.194:80", "ip:port", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "https://tria.ge/241119-senmksyaqk/behavioral1", "AS395839,c2,darkgate,drk2,HOSTKEY-USA", "0", "DonPasci" "2024-11-20 10:02:24", "1346210", "179.60.149.194:8080", "ip:port", "botnet_cc", "win.darkgate", "Meh,MehCrypter", "DarkGate", "", "100", "https://tria.ge/241119-senmksyaqk/behavioral1", "AS395839,c2,darkgate,drk2,HOSTKEY-USA,payload", "0", "DonPasci" "2024-11-20 09:52:40", "1346208", "https://bestmarsgood.com/test/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-20 09:52:38", "1346207", "https://cerwintifed.com/test/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-20 06:55:10", "1346202", "http://94.156.177.41/simple/five/fre.php", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://bazaar.abuse.ch/sample/f942a3046520f7838e33a1116faf8b9a6615756f044551651207f53b755a024d/", "lokibot", "0", "abuse_ch" "2024-11-20 06:23:32", "1346194", "http://121.127.253.28:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS152194,CTG Server Limited,supershell", "0", "antiphishorg" "2024-11-20 06:23:31", "1346195", "121.127.253.28:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS152194,CTG Server Limited,supershell", "0", "antiphishorg" "2024-11-20 05:51:02", "1346064", "xboxapicenter.com", "domain", "botnet_cc", "win.minibus", "None", "MINIBUS", "2024-11-19 20:42:05", "49", "https://ti.qianxin.com/blog/articles/qax-intelligence-sandbox-helps-you-detect-malware-disguised-as-job-search-websites-cn", "None", "0", "johannes" "2024-11-20 05:51:01", "1346065", "https://2pxsdtxngssu3vqqujdfgu4bsmlkp3d2ytctawznlhhez6tq57wzpzqd.onion:55314/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:45", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:51:01", "1346066", "https://3bh22ezbxub3dopbqja7jjymdussvwgl3eu4xzlsdyagtnhzxy3tr3id.onion:3367/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:46", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:51:00", "1346069", "https://4rnzfvzybry65auecpi3n67c6ynuunvs77qpk45svyhhsj6oisibk3qd.onion:39567/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:47", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:59", "1346068", "https://4jtsmu3u4yrbehjf4rzfwsswhpc7ohs4nrfnlfu3xebteeaf4uv3okyd.onion:37151/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:46", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:58", "1346067", "https://3zs4zdszo3lesutdbuenzvlspuh6wljj6eyntv73dxxig3bk2wcskrad.onion:15842/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:46", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:56", "1346070", "https://5bqxmurmtkqlzis65uu22aspcuhivb6vpzpcpma5wfl5ngz2ha6oxzqd.onion:18231/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:47", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:55", "1346071", "https://64iahnunyhf6ph6qvakjp22a3j6wlvl4sdmbh6elwri6up5gpnm7xkyd.onion:33960/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:48", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:55", "1346072", "https://6agzykvu3rjnwpdnky777ffxb5dj4fiemftho4tsoeakp2xa542pj7id.onion:34024/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:48", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:54", "1346073", "https://6kykjg6h7sjqru5puc57mb2nhd2bwhtewdswnsg4rlr3rw6t4iqrpgyd.onion:13392/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:48", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:53", "1346074", "https://6praos6qyi3b5kcurfqe4kyh5ihu4k3z6mjbggkixnfyhbpomy5szoad.onion:4123/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:49", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:52", "1346075", "https://6s75xlg3auzdnccos4re4hrmcxyg6fivxsqm3cldv2gowl2engljtqyd.onion:58212/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2024-11-19 21:55:49", "49", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "None", "0", "johannes" "2024-11-20 05:50:51", "1346187", "https://c9bebf541c17a229d921556d14a4ffd4.com/MWZjODg0YjhhMWVi/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2024-11-20 05:50:51", "1346188", "https://64b6c9bebf541c17a229d921556d14a4ffd4.com/MWZjODg0YjhhMWVi/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2024-11-20 05:50:50", "1346189", "https://74b6c9bebf541c17a229d921556d14a4ffd4.com/MWZjODg0YjhhMWVi/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2024-11-20 05:50:49", "1346191", "http://95.163.152.15/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AEZA INTERNATIONAL LTD,AS210644,unam", "0", "antiphishorg" "2024-11-20 01:08:41", "1346192", "azurestorage.world", "domain", "payload_delivery", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-20 01:08:41", "1346193", "fwaax.life", "domain", "payload_delivery", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-20 00:04:46", "1346190", "217.195.153.246:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "75", "None", "latrodectus", "0", "Rony" "2024-11-19 21:57:12", "1346186", "yebmhucezgghpzwvgqi5y2djfufgtrwcbbta547oaxw5kzi6sa2hopad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346160", "kvlrfiowwiwft7od7mlbdcxouuozm56dqv4uyhfcdbabqydv3htolvid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346161", "l234audkv4np4z7ifp2apoven7hzbyjrfvteoh6fvjarc6cd6vxfe4ad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346162", "nuco75srh4vta5zglxcp4ziabljitvr5yfeqcnwzdauufkzo3hd2w3qd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346163", "nxwhpmhofmoglbaq66de3bl3hp5x5y6d7cnwhldjzdex4dokchzeqlad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346164", "odvrlneiow77fspjz4lrj425jo7fmd5cv4q3iasjcqwe35ybei7wabyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346165", "purcdflu3cqzjfc3rwzr2jxz2e6yiaiks4ej2sn4t4hux2lnksfe3dqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346166", "qryejmh3imdjrvns2rbncl3gfw5a2etzwktm2uplavp7jn4stw3lbwqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346167", "rabwadnfs35sjfmrvka7vras7hj3s22aixx72da5x3zbsnk3cxxo77qd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346168", "rucaoeomop3yeepq5iyawcxjjt6x3tah5flbai2fewotjwomf6xqvxqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346169", "s26a7zwwxapsmm3hi3awsz7cd5mjwxhl3gd6bplhiwvekm4hys2u32qd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346170", "s626jyykfd2vpeel7rswnlmwsjcumjgwsw2hdo3shphtih64ayu7n6yd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346171", "sj3jle6rfggaumbex4fqhb63vj7so5sy6e7wlgrlmayk3pmhtmgtwfid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346172", "sj5ud3jiqkp47zza57xvrpno5tw6nrvxbxzvgn4k2fmyzzprhf6jxxid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346173", "srssvp2lk3vnwttncfxogitwrdo5y7nljcj6razz3ghjqdpxp4x2m2yd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346174", "tnpiydtimuugdaixsyuew4nofzggjdsyyo3ctw2uzi4drll4axm3diyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346175", "twlittqpz6hslkwrwaczn6b55jb4iz46erykvrnzhlyfssnk5uwwlmyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346176", "uup6i2g2uhsmsts6t4h5s652hficknfnpzs662x2q3iym5ddninyemad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346177", "vbtzr7t7y7pxduueznc4mntv2zgrt66m4zvore5jahma2s7do7kguead.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346178", "vf4ucetbu7qcy3p3d7ayntpzhjo3fzlaszu3y4wzhq642hdw2ptxn7yd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346179", "vkz4q4hufi2ekksnwo2op4e5dgj7vatip2nvwmo2vsodmuau46yxmyyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346180", "vor57f3yvqw3ddq4o3gkzkqdvczenmf5isiyb7vp7tc7xiokrjxxzcqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346181", "vt6r47ek7oi2svzj2s4pguogzwumlulju4zkdf6nh7xnkugylxuy7tad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346182", "vwmnexb2eiaencaw64hcrvv7tucksas6qbms5acpa222m2c5wigq3syd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346183", "wdmr4ow76xfig5rgffnufdu7o4abkowc7keqeaiq7fkrxofwsue5wtyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346184", "wwbshp6hgnvtqwtbychvrchldbwifnf7djlpnuvf45dgn5up7w4xqqqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:11", "1346185", "xbeopilgchtzd5u7yu36jlsp5cfgaqeuxkaon7yjle7lrtb3abi476id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346133", "64iahnunyhf6ph6qvakjp22a3j6wlvl4sdmbh6elwri6up5gpnm7xkyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346134", "6agzykvu3rjnwpdnky777ffxb5dj4fiemftho4tsoeakp2xa542pj7id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346135", "6kykjg6h7sjqru5puc57mb2nhd2bwhtewdswnsg4rlr3rw6t4iqrpgyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346136", "6praos6qyi3b5kcurfqe4kyh5ihu4k3z6mjbggkixnfyhbpomy5szoad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346137", "6s75xlg3auzdnccos4re4hrmcxyg6fivxsqm3cldv2gowl2engljtqyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346138", "6uhcvcp6hm2rvajmsrqhi6q5kgel2vwencjvnxouwv7a7erbwydjx6id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346139", "6x6k5kgzgtajkimxkto4m6eqcxfhcxirlwwtfsjd3ilwqfp5ovnyu2id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346140", "7bbkpvrpatpzrreu36bzemj7fejgglqqzwdn4avgvpf67zwqpzc44vqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346141", "7oqgixcydaoxc3ayv6raiufxmwpd22oeo56rbitbyv7ndmjqhsl5m7qd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346142", "aonw5ldru6t4xwwl4ifzonaggkm7gcpegiyaccryzh64yzks3fkabiyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346143", "ayah2jmok6u7eo6rtksfaxo6zcz6cgjpwnxtdo66jolz26ymaq6ssfid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346144", "b5z6wlu5427v5dyw3ax3agclku7gmtmnwiepjif3w6styzifcnl6vfqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346145", "bcxed2rymdhu7s2tec2xjtscfaqdvdyqxtasif6ym5epuyxddcrjncid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346146", "cpxqqmy3xerxafsupnj2ucccgxnbbjujf5rfrvxdlkqxczidfz5rloyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346147", "cr5rnanscwakq3amo5nvdl4kdkhgbxv37aaqbqmmtjt6ufkwtke7suid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346148", "dqgpc53vh2rzagqolhyesfwhtnivr7l7gl745vy3wzzdpzca4epoy6qd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346149", "dy4upangcmvzpx56we77keuhvtta2734w2upg3nuloqyxlhmipt63fid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346150", "e6f6ex6jdvwjv5453eeakpxa5l3fz255zmfpgtw7oxynepfm334725id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346151", "exmd723nzabqwzd2iq3yjcqsavz6o65vxyl465vedfiiaefdjv3oiwyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346152", "fnnkuvyleutbgw65bedvueiflhytyds5fu6vxeg56ihr5qu6getug7ad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346153", "fthappkft575kd4snugjnqg7nbk5noxd7jnyvprulecbadzjkpszclyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346154", "gqqw74q2ig2vfnrwhm6ulxe2ipzieckpiozjufvhhsxoidy5wjq2bmqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346155", "j62wwivnsntjporvag3u3xc3rfrqio25a7lhxamgfnjd7kdnhpnu7eqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346156", "j6ra6hqk7cssp5fazkwlltqdfbgl3azhktccc2hefoco46p4qhvgcgid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346157", "knrkrkipiff7vxymch6t54b2n2wnizt6baqsbp24zyfmaggstjwpb6id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346158", "kohtbl3ucs6xvqosbxd7dnfh5y3ag6tjix3bdflz4p5dw4g3g62oygid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:10", "1346159", "kqt3ukq3rrodfxd7ce75rboussy6slxdprzcierd65oq26ddgpelyqid.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:09", "1346127", "2pxsdtxngssu3vqqujdfgu4bsmlkp3d2ytctawznlhhez6tq57wzpzqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:09", "1346128", "3bh22ezbxub3dopbqja7jjymdussvwgl3eu4xzlsdyagtnhzxy3tr3id.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:09", "1346129", "3zs4zdszo3lesutdbuenzvlspuh6wljj6eyntv73dxxig3bk2wcskrad.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:09", "1346130", "4jtsmu3u4yrbehjf4rzfwsswhpc7ohs4nrfnlfu3xebteeaf4uv3okyd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:09", "1346131", "4rnzfvzybry65auecpi3n67c6ynuunvs77qpk45svyhhsj6oisibk3qd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:57:09", "1346132", "5bqxmurmtkqlzis65uu22aspcuhivb6vpzpcpma5wfl5ngz2ha6oxzqd.onion", "domain", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "0", "NDA0E" "2024-11-19 21:56:40", "1346126", "https://yebmhucezgghpzwvgqi5y2djfufgtrwcbbta547oaxw5kzi6sa2hopad.onion:3054/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:39", "1346125", "https://xbeopilgchtzd5u7yu36jlsp5cfgaqeuxkaon7yjle7lrtb3abi476id.onion:29454/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:38", "1346124", "https://wwbshp6hgnvtqwtbychvrchldbwifnf7djlpnuvf45dgn5up7w4xqqqd.onion:43728/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:37", "1346123", "https://wdmr4ow76xfig5rgffnufdu7o4abkowc7keqeaiq7fkrxofwsue5wtyd.onion:60499/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:36", "1346122", "https://vwmnexb2eiaencaw64hcrvv7tucksas6qbms5acpa222m2c5wigq3syd.onion:22567/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:35", "1346121", "https://vt6r47ek7oi2svzj2s4pguogzwumlulju4zkdf6nh7xnkugylxuy7tad.onion:23133/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:34", "1346120", "https://vor57f3yvqw3ddq4o3gkzkqdvczenmf5isiyb7vp7tc7xiokrjxxzcqd.onion:30408/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:33", "1346119", "https://vkz4q4hufi2ekksnwo2op4e5dgj7vatip2nvwmo2vsodmuau46yxmyyd.onion:37379/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:32", "1346117", "https://vbtzr7t7y7pxduueznc4mntv2zgrt66m4zvore5jahma2s7do7kguead.onion:14099/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:32", "1346118", "https://vf4ucetbu7qcy3p3d7ayntpzhjo3fzlaszu3y4wzhq642hdw2ptxn7yd.onion:20898/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:31", "1346116", "https://uup6i2g2uhsmsts6t4h5s652hficknfnpzs662x2q3iym5ddninyemad.onion:38869/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:30", "1346115", "https://twlittqpz6hslkwrwaczn6b55jb4iz46erykvrnzhlyfssnk5uwwlmyd.onion:44045/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:29", "1346114", "https://tnpiydtimuugdaixsyuew4nofzggjdsyyo3ctw2uzi4drll4axm3diyd.onion:38584/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:28", "1346113", "https://srssvp2lk3vnwttncfxogitwrdo5y7nljcj6razz3ghjqdpxp4x2m2yd.onion:16259/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:26", "1346112", "https://sj5ud3jiqkp47zza57xvrpno5tw6nrvxbxzvgn4k2fmyzzprhf6jxxid.onion:46597/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:25", "1346111", "https://sj3jle6rfggaumbex4fqhb63vj7so5sy6e7wlgrlmayk3pmhtmgtwfid.onion:48986/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:24", "1346110", "https://s626jyykfd2vpeel7rswnlmwsjcumjgwsw2hdo3shphtih64ayu7n6yd.onion:57739/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:23", "1346109", "https://s26a7zwwxapsmm3hi3awsz7cd5mjwxhl3gd6bplhiwvekm4hys2u32qd.onion:10429/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:22", "1346108", "https://rucaoeomop3yeepq5iyawcxjjt6x3tah5flbai2fewotjwomf6xqvxqd.onion:8314/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:21", "1346107", "https://rabwadnfs35sjfmrvka7vras7hj3s22aixx72da5x3zbsnk3cxxo77qd.onion:48151/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:20", "1346106", "https://qryejmh3imdjrvns2rbncl3gfw5a2etzwktm2uplavp7jn4stw3lbwqd.onion:26196/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:19", "1346104", "https://odvrlneiow77fspjz4lrj425jo7fmd5cv4q3iasjcqwe35ybei7wabyd.onion:43303/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:19", "1346105", "https://purcdflu3cqzjfc3rwzr2jxz2e6yiaiks4ej2sn4t4hux2lnksfe3dqd.onion:17141/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:18", "1346103", "https://nxwhpmhofmoglbaq66de3bl3hp5x5y6d7cnwhldjzdex4dokchzeqlad.onion:25785/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:17", "1346102", "https://nuco75srh4vta5zglxcp4ziabljitvr5yfeqcnwzdauufkzo3hd2w3qd.onion:35495/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:16", "1346101", "https://l234audkv4np4z7ifp2apoven7hzbyjrfvteoh6fvjarc6cd6vxfe4ad.onion:48212/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:15", "1346100", "https://kvlrfiowwiwft7od7mlbdcxouuozm56dqv4uyhfcdbabqydv3htolvid.onion:26783/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:14", "1346099", "https://kqt3ukq3rrodfxd7ce75rboussy6slxdprzcierd65oq26ddgpelyqid.onion:14927/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:13", "1346098", "https://kohtbl3ucs6xvqosbxd7dnfh5y3ag6tjix3bdflz4p5dw4g3g62oygid.onion:55616/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:12", "1346097", "https://knrkrkipiff7vxymch6t54b2n2wnizt6baqsbp24zyfmaggstjwpb6id.onion:11844/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:11", "1346096", "https://j6ra6hqk7cssp5fazkwlltqdfbgl3azhktccc2hefoco46p4qhvgcgid.onion:35543/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:10", "1346095", "https://j62wwivnsntjporvag3u3xc3rfrqio25a7lhxamgfnjd7kdnhpnu7eqd.onion:26622/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:09", "1346094", "https://gqqw74q2ig2vfnrwhm6ulxe2ipzieckpiozjufvhhsxoidy5wjq2bmqd.onion:23899/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:07", "1346092", "https://fnnkuvyleutbgw65bedvueiflhytyds5fu6vxeg56ihr5qu6getug7ad.onion:18678/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:07", "1346093", "https://fthappkft575kd4snugjnqg7nbk5noxd7jnyvprulecbadzjkpszclyd.onion:52134/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:06", "1346091", "https://exmd723nzabqwzd2iq3yjcqsavz6o65vxyl465vedfiiaefdjv3oiwyd.onion:44004/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:04", "1346090", "https://e6f6ex6jdvwjv5453eeakpxa5l3fz255zmfpgtw7oxynepfm334725id.onion:15328/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:03", "1346089", "https://dy4upangcmvzpx56we77keuhvtta2734w2upg3nuloqyxlhmipt63fid.onion:49716/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:02", "1346088", "https://dqgpc53vh2rzagqolhyesfwhtnivr7l7gl745vy3wzzdpzca4epoy6qd.onion:55452/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:01", "1346087", "https://cr5rnanscwakq3amo5nvdl4kdkhgbxv37aaqbqmmtjt6ufkwtke7suid.onion:35724/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:56:00", "1346086", "https://cpxqqmy3xerxafsupnj2ucccgxnbbjujf5rfrvxdlkqxczidfz5rloyd.onion:36428/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:59", "1346085", "https://bcxed2rymdhu7s2tec2xjtscfaqdvdyqxtasif6ym5epuyxddcrjncid.onion:42332/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:58", "1346084", "https://b5z6wlu5427v5dyw3ax3agclku7gmtmnwiepjif3w6styzifcnl6vfqd.onion:13811/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:57", "1346083", "https://ayah2jmok6u7eo6rtksfaxo6zcz6cgjpwnxtdo66jolz26ymaq6ssfid.onion:44844/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:56", "1346082", "https://aonw5ldru6t4xwwl4ifzonaggkm7gcpegiyaccryzh64yzks3fkabiyd.onion:47210/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:55", "1346081", "https://7oqgixcydaoxc3ayv6raiufxmwpd22oeo56rbitbyv7ndmjqhsl5m7qd.onion:22408/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:53", "1346080", "https://7bbkpvrpatpzrreu36bzemj7fejgglqqzwdn4avgvpf67zwqpzc44vqd.onion:55965/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:52", "1346079", "https://6x6k5kgzgtajkimxkto4m6eqcxfhcxirlwwtfsjd3ilwqfp5ovnyu2id.onion:36112/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 21:55:51", "1346078", "https://6uhcvcp6hm2rvajmsrqhi6q5kgel2vwencjvnxouwv7a7erbwydjx6id.onion:4615/", "url", "botnet_cc", "win.raspberry_robin", "RaspberryRobin,QNAP-Worm,LINK_MSIEXEC", "Raspberry Robin", "", "75", "https://www.zscaler.com/blogs/security-research/unraveling-raspberry-robin-s-layers-analyzing-obfuscation-techniques-and", "RaspberryRobin", "1", "NDA0E" "2024-11-19 20:46:21", "1346076", "guaaug.com", "domain", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-19 20:46:21", "1346077", "uayyau.com", "domain", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "100", "", "None", "0", "Cryptolaemus1" "2024-11-19 18:48:54", "1345873", "51.83.116.4:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:53", "1345874", "38.91.106.252:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:52", "1345871", "37.59.213.49:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:52", "1345872", "38.91.107.224:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:51", "1345869", "161.129.66.141:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:51", "1345870", "212.83.165.136:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:50", "1345867", "67.213.212.55:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:50", "1345868", "212.83.137.165:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:49", "1345865", "212.83.143.49:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:49", "1345866", "162.210.192.171:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:48", "1345863", "192.3.179.139:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:47", "1345862", "144.172.111.24:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:47", "1345864", "185.45.195.140:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:46", "1345859", "172.86.96.114:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:46", "1345861", "107.175.229.142:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:45", "1345858", "167.88.168.2:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:45", "1345860", "95.169.180.227:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:43", "1345856", "45.61.141.192:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:42", "1345853", "144.172.122.12:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:42", "1345857", "167.88.166.112:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:40", "1345852", "144.172.86.16:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:40", "1345854", "207.189.164.106:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:40", "1345855", "173.211.70.205:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:39", "1345850", "216.107.139.52:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:39", "1345851", "144.172.76.24:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:37", "1345875", "5.9.43.90:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:36", "1345876", "51.83.116.3:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:35", "1345877", "67.213.212.39:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:35", "1345878", "162.19.7.46:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:34", "1345879", "198.7.56.74:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:33", "1345880", "67.213.210.60:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:33", "1345881", "198.7.61.67:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:32", "1345882", "212.83.143.151:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:32", "1345883", "67.213.212.54:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:31", "1345884", "162.0.220.218:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:30", "1345885", "173.244.208.78:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:29", "1345886", "162.245.185.35:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:28", "1345848", "154.7.253.113:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:27", "1345849", "77.83.199.142:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:26", "1345847", "79.141.162.154:80", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:48:25", "1345846", "https://213.159.75.95", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "sample,vidar", "0", "Lars" "2024-11-19 18:48:22", "1345887", "51.83.116.7:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:21", "1345888", "66.29.129.54:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:21", "1345889", "174.138.176.78:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:20", "1345890", "162.245.185.38:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:19", "1345891", "174.138.176.74:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:19", "1345892", "212.83.142.149:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:18", "1345893", "23.105.170.32:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:18", "1345894", "212.83.137.30:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:17", "1345895", "23.105.170.30:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:17", "1345896", "162.0.220.219:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:17", "1345897", "162.210.192.135:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:16", "1345898", "5.9.43.88:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:16", "1345899", "108.181.132.117:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:15", "1345900", "212.83.138.60:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:15", "1345902", "162.19.7.58:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:14", "1345901", "66.29.128.241:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:13", "1345903", "67.213.212.49:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:13", "1345904", "174.138.176.77:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:13", "1345906", "67.213.212.48:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:12", "1345905", "5.9.43.92:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:11", "1345907", "212.83.138.192:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:11", "1345908", "212.83.138.132:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:10", "1345909", "67.213.210.118:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:10", "1345910", "108.181.132.115:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:10", "1345911", "212.83.143.103:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:09", "1345912", "212.83.143.97:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:09", "1345913", "173.244.208.72:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:08", "1345914", "67.213.212.47:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:08", "1345915", "162.19.7.56:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:08", "1345916", "162.19.7.47:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:07", "1345917", "51.254.149.59:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:07", "1345918", "23.105.170.35:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:06", "1345919", "209.159.153.21:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:06", "1345920", "212.83.143.204:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:05", "1345921", "67.213.210.61:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:04", "1345923", "173.244.208.73:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:03", "1345922", "38.91.107.229:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:48:02", "1345924", "67.211.211.115:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:31", "1345925", "212.83.138.245:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:31", "1345926", "108.181.132.118:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:30", "1345927", "162.245.185.37:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:29", "1345928", "66.29.128.245:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:23", "1345929", "161.129.66.139:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:23", "1345930", "144.76.167.25:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:22", "1345931", "67.213.212.51:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:22", "1345932", "212.83.165.102:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:21", "1345933", "162.0.220.220:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:21", "1345934", "38.91.107.2:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:21", "1345935", "162.245.185.36:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:20", "1345936", "51.83.116.6:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:20", "1345937", "198.7.56.71:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:19", "1345938", "162.210.197.69:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:19", "1345939", "209.159.153.19:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:19", "1345940", "212.83.143.223:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:18", "1345941", "162.19.7.49:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:18", "1345942", "67.213.210.62:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:17", "1345943", "195.154.43.86:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:17", "1345944", "67.211.211.117:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:16", "1345945", "67.213.210.167:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:15", "1345946", "67.213.210.168:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:14", "1345947", "162.0.220.216:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:14", "1345948", "212.83.143.118:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:45:13", "1345949", "173.244.208.84:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:34", "1345950", "212.83.143.191:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:34", "1345951", "144.76.167.34:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:34", "1345952", "198.7.56.72:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:33", "1345953", "138.201.21.218:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:33", "1345954", "212.83.138.186:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:32", "1345955", "173.244.208.81:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:32", "1345956", "67.213.212.53:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:31", "1345957", "162.19.7.61:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:30", "1345958", "162.19.7.60:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:30", "1345959", "162.19.7.59:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:30", "1345960", "195.154.43.182:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:29", "1345961", "162.0.220.214:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:29", "1345962", "38.91.106.214:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:28", "1345963", "108.181.132.116:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:28", "1345964", "212.83.142.100:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:28", "1345965", "212.83.137.142:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:26", "1345966", "23.105.170.33:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:26", "1345967", "212.83.137.150:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:26", "1345968", "198.7.56.73:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:25", "1345969", "144.76.167.23:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:25", "1345970", "67.213.212.52:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:24", "1345971", "162.210.192.136:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:24", "1345972", "51.254.167.45:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:24", "1345973", "212.83.143.211:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:23", "1346060", "https://tickerwell.com/web.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113511093384603631", "KongTuke", "0", "monitorsg" "2024-11-19 18:44:22", "1346061", "tickerwell.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113511093384603631", "KongTuke", "0", "monitorsg" "2024-11-19 18:44:22", "1346062", "https://tickerwell.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113511093384603631", "KongTuke", "0", "monitorsg" "2024-11-19 18:44:21", "1346063", "http://faybzuy3byz2v.top/1.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113511093384603631", "KongTuke", "0", "monitorsg" "2024-11-19 18:44:18", "1345974", "162.0.220.161:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:44:18", "1345975", "66.29.129.56:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:54", "1345976", "67.213.212.36:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:54", "1345977", "67.211.211.116:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:53", "1345978", "195.154.43.184:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:53", "1345979", "212.83.142.131:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:53", "1345981", "46.105.44.29:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:52", "1345980", "66.29.128.243:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:52", "1345984", "174.138.176.75:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:51", "1345982", "138.201.21.233:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:51", "1345983", "51.83.116.2:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:49", "1345985", "173.244.208.80:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:49", "1345986", "67.213.212.38:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:49", "1345987", "173.244.208.76:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:47", "1345988", "161.129.66.138:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:47", "1345989", "67.213.212.57:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:46", "1345990", "138.201.21.227:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:46", "1345992", "212.83.143.60:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:45", "1345991", "141.94.238.246:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:45", "1345993", "162.0.220.215:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:44", "1345994", "108.181.133.58:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:44", "1345995", "212.83.143.159:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:44", "1345996", "212.83.165.43:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:43", "1345997", "212.83.138.172:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:43", "1345998", "66.23.233.210:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:43", "1345999", "198.7.61.72:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:41", "1346000", "138.201.21.228:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:41", "1346001", "162.0.220.217:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:41", "1346002", "67.213.212.56:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:40", "1346003", "66.29.129.52:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:40", "1346004", "5.9.43.105:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:39", "1346005", "173.244.208.83:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:39", "1346006", "87.98.130.137:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:38", "1346007", "162.210.197.91:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:38", "1346008", "51.68.244.19:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:37", "1346009", "209.159.153.20:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:37", "1346010", "144.76.167.37:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:27", "1346011", "212.83.137.94:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:26", "1346012", "162.19.7.53:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:26", "1346013", "162.19.7.57:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:25", "1346014", "5.9.43.93:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:25", "1346015", "162.19.7.50:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:25", "1346016", "67.213.212.40:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:24", "1346017", "138.201.21.238:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:24", "1346018", "212.83.143.147:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:23", "1346019", "138.201.21.232:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:23", "1346020", "212.83.165.109:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:22", "1346021", "195.154.43.221:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:22", "1346022", "67.213.212.58:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:22", "1346023", "66.29.129.53:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:21", "1346024", "67.213.210.115:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:21", "1346025", "23.105.170.34:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:21", "1346027", "174.138.176.76:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:20", "1346026", "38.91.107.220:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:20", "1346028", "67.211.211.114:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:19", "1346029", "212.83.137.239:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:19", "1346030", "66.29.128.246:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:18", "1346031", "162.19.7.48:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:17", "1346032", "212.83.165.199:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:17", "1346033", "212.83.142.158:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:16", "1346034", "209.159.153.22:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:16", "1346035", "5.9.43.85:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:16", "1346036", "144.76.167.18:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:15", "1346037", "66.29.128.244:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:15", "1346038", "51.83.116.5:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:15", "1346039", "67.213.212.50:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:14", "1346040", "161.129.66.140:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:13", "1346041", "212.83.142.145:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:13", "1346042", "144.76.167.26:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:13", "1346043", "212.83.142.114:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:12", "1346044", "67.213.210.175:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:11", "1346045", "195.154.43.198:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:11", "1346046", "195.154.43.189:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:10", "1346047", "66.29.128.242:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:10", "1346048", "108.181.133.59:443", "ip:port", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "NSOCKS", "0", "BlackLotusLabs" "2024-11-19 18:43:09", "1346049", "interocakate.com", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:43:09", "1346051", "antihicipate.com", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:43:08", "1346050", "promexucate.com", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:43:08", "1346052", "overedaxive-nonameraness.net", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:43:07", "1346053", "inofokable.net", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:43:07", "1346054", "overuvezor.com", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:43:06", "1346055", "dnslookips.com", "domain", "botnet_cc", "elf.ngioweb", "None", "Ngioweb", "", "80", "None", "None", "0", "BlackLotusLabs" "2024-11-19 18:40:04", "1346059", "http://115.48.10.59:38294/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2024-11-19 18:00:05", "1346058", "servicioremotoempresas.info", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-11-21 08:42:02", "75", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch" "2024-11-19 17:55:05", "1346057", "http://87.120.113.235/18/pin.php", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://bazaar.abuse.ch/sample/a4e13d5ddfed2748925ccf8cb2a08cf03f992de943e195aa73411e1fd2efab80/", "lokibot", "0", "abuse_ch" "2024-11-19 17:50:08", "1346056", "http://38.180.228.120/cpu/Default4/externalrequestlinuxPoll/Track2image/BetterTest_linux/TrafficLocallowlongpoll/AsyncProvider/Uploads/providerpipepythonserverAsyncGeneratortrackdatalifeDlecdn.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2024-11-19 16:56:06", "1345845", "mvce45.cyou", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "c2,vidar", "0", "Lars" "2024-11-19 15:31:14", "1345843", "45.76.250.221:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@GustyDusty/113503526715668724", "SocGholish", "0", "threatcat_ch" "2024-11-19 15:31:13", "1345844", "dashnex.plexusmarket.fund", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@GustyDusty/113503526715668724", "SocGholish", "0", "threatcat_ch" "2024-11-19 15:27:16", "1345841", "safigdata.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "Kongtuke,LandUpdate808", "0", "rmceoin" "2024-11-19 15:27:15", "1345842", "https://safigdata.com/wp.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "Kongtuke,LandUpdate808", "0", "rmceoin" "2024-11-19 15:01:12", "1345836", "https://viralnavigator.com/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113510157946516256", "SmartApeSG", "0", "monitorsg" "2024-11-19 15:01:11", "1345837", "https://viralnavigator.com/work/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113510157946516256", "SmartApeSG", "0", "monitorsg" "2024-11-19 15:01:10", "1345838", "https://viralnavigator.com/work/fix2.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113510157946516256", "SmartApeSG", "0", "monitorsg" "2024-11-19 15:01:09", "1345839", "https://viralnavigator.com/work/xxx.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113510157946516256", "SmartApeSG", "0", "monitorsg" "2024-11-19 14:55:10", "1345840", "96.126.118.61:4444", "ip:port", "botnet_cc", "win.xenorat", "None", "XenoRAT", "", "100", "None", "XenoRAT", "0", "abuse_ch" "2024-11-19 14:10:16", "1345835", "https://appr0dress.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/23506c79b6112f7a234c35b838faa9b51286df3bba27f27b7731aa0f23364139/", "lumma", "0", "abuse_ch" "2024-11-19 13:51:56", "1345832", "https://eegqzvxd.shop/work/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113509902540539525", "SmartApeSG", "0", "monitorsg" "2024-11-19 13:51:56", "1345834", "https://eegqzvxd.shop/work/xxx.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113509902540539525", "SmartApeSG", "0", "monitorsg" "2024-11-19 13:51:55", "1345831", "eegqzvxd.shop", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113509902540539525", "SmartApeSG", "0", "monitorsg" "2024-11-19 13:51:55", "1345833", "https://eegqzvxd.shop/work/fix2.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113509902540539525", "SmartApeSG", "0", "monitorsg" "2024-11-19 13:51:54", "1345830", "https://eegqzvxd.shop/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113509902540539525", "SmartApeSG", "0", "monitorsg" "2024-11-19 13:51:53", "1345827", "77.232.134.182:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2024-11-19 12:55:04", "1345828", "84.152.29.88:4444", "ip:port", "botnet_cc", "win.rozena", "None", "Rozena", "", "100", "", "Metasploit,Rozena", "0", "NDA0E" "2024-11-19 12:55:04", "1345829", "190.130.88.59:4444", "ip:port", "botnet_cc", "win.rozena", "None", "Rozena", "", "100", "", "Metasploit,Rozena", "0", "NDA0E" "2024-11-19 12:03:01", "1345826", "185.106.123.228:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "100", "https://bazaar.abuse.ch/sample/a75f0ee7a2d908811e20d66b2bb8f7849676901e6448ad4f12b2a7b299fd006f/", "DanaBot", "0", "NDA0E" "2024-11-19 12:03:00", "1345824", "193.42.36.59:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "100", "https://bazaar.abuse.ch/sample/a75f0ee7a2d908811e20d66b2bb8f7849676901e6448ad4f12b2a7b299fd006f/", "DanaBot", "0", "NDA0E" "2024-11-19 12:03:00", "1345825", "193.56.146.53:443", "ip:port", "botnet_cc", "win.danabot", "None", "DanaBot", "", "100", "https://bazaar.abuse.ch/sample/a75f0ee7a2d908811e20d66b2bb8f7849676901e6448ad4f12b2a7b299fd006f/", "DanaBot", "0", "NDA0E" "2024-11-19 12:01:07", "1345820", "94.156.177.41:80", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "2024-11-21 08:36:03", "75", "None", "infostealer,lokibot,stealer", "0", "SarlackLab" "2024-11-19 12:01:05", "1345821", "http://94.156.177.41/maxzi/five/PvqDq929BSx_A_D_M1n_a.php", "url", "botnet_cc", "apk.lokibot", "None", "LokiBot", "", "100", "None", "AS214943,lokibot,Railnet LLC", "0", "antiphishorg" "2024-11-19 11:40:35", "1345823", "162.251.122.76:7119", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/9b91f38ed7a92a5b3223698c5be0bb0daaa1230981501fd306f5b30744317bbc/", "remcos", "0", "abuse_ch" "2024-11-19 11:15:38", "1345822", "192.175.111.217:7080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/676b3029331da1aa727799097f0599bee2759ef668a97ef5bddcc56fc22c7096/", "emotet", "0", "abuse_ch" "2024-11-19 09:40:08", "1345819", "http://94.156.177.41/maxzi/five/fre.php", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "100", "None", "Loki", "0", "abuse_ch" # Number of entries: 767