################################################################ # ThreatFox IOCs: recent additions - CSV format # # Last updated: 2025-05-15 03:00:37 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-05-15 03:00:37", "1523202", "https://7lancery.digital/goj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/523aa6dde8a98cc96de0f7a33f4c8736e5c536f02ed4ad561c76fe246f67d0c3/", "lumma", "0", "abuse_ch" "2025-05-15 03:00:18", "1523201", "http://ck92448.tw1.ru/5d8ad51b.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-15 02:53:53", "1523198", "ec2-54-183-101-23.us-west-1.compute.amazonaws.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-15 02:36:08", "1523197", "zdqdc.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-15 01:55:12", "1523196", "182.16.26.210:56105", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-15 00:18:05", "1523195", "ndgpt.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-15 00:02:09", "1523194", "194.195.251.227:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/194.195.251.227", "AKAMAI-LINODE-AP,AS63949,censys,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-05-15 00:01:52", "1523193", "37.252.19.120:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/37.252.19.120", "AS9123,C2,censys,Havoc,TIMEWEB-AS", "0", "DonPasci" "2025-05-15 00:01:49", "1523192", "206.206.126.216:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/206.206.126.216", "AS16276,C2,censys,Hookbot,OVH", "0", "DonPasci" "2025-05-15 00:01:44", "1523191", "45.141.84.229:15647", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/45.141.84.229", "AS206728,C2,censys,MEDIALAND-AS,RAT,Sectop", "0", "DonPasci" "2025-05-15 00:01:42", "1523189", "186.169.82.245:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/186.169.82.245", "AS3816,AsyncRAT,C2,censys,COLOMBIA,RAT", "0", "DonPasci" "2025-05-15 00:01:42", "1523190", "3.215.185.215:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/3.215.185.215", "AMAZON-AES,AS14618,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-15 00:01:40", "1523188", "8.218.254.239:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/8.218.254.239", "ALIBABA-CN-NET,AS45102,C2,censys,Supershell", "0", "DonPasci" "2025-05-15 00:01:30", "1523187", "3.17.164.16:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/3.17.164.16", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci" "2025-05-15 00:01:27", "1523185", "196.251.85.128:9090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/196.251.85.128", "AS401120,C2,censys,CHEAPY-HOST,RAT,Remcos", "0", "DonPasci" "2025-05-15 00:01:27", "1523186", "172.111.244.102:37830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/172.111.244.102", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-15 00:01:14", "1523184", "134.175.229.167:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/134.175.229.167", "AS45090,C2,censys,CobaltStrike,TENCENT-NET-AP", "0", "DonPasci" "2025-05-15 00:01:07", "1523183", "39.100.76.142:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/39.100.76.142", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-14 22:57:05", "1523182", "45.85.117.100:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-15 02:56:46", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-05-14 22:56:33", "1523181", "31.172.75.39:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-15 02:56:16", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-05-14 20:58:23", "1523176", "203.161.41.12:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:09", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 20:57:30", "1523175", "144.172.92.144:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:55:23", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 20:55:56", "1523174", "ns1.xzbxhy.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:01", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 20:55:55", "1523173", "ns1.protmotion.org", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:00", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 20:54:38", "1523172", "81.49.67.85:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:52:51", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-14 20:54:21", "1523171", "78.168.171.59:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:52:34", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-14 20:53:05", "1523170", "47.106.122.211:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-15 02:51:28", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-14 20:50:30", "1523169", "https://0posseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/3ccb9faef9dbef3d2f6116b69d9282eb4d12de78c7602df150cb606f6f2b0a50/", "lumma", "0", "abuse_ch" "2025-05-14 20:46:57", "1523168", "161.132.45.92:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:45:41", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-14 20:46:21", "1523167", "154.246.7.106:22", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:45:20", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-14 20:27:42", "1523166", "https://uovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dd1170d6628c0f63e2f2e7e86fed5092a1c93d579bdbdb52c677031dec24c9c0/", "lumma", "0", "abuse_ch" "2025-05-14 20:27:38", "1523165", "https://saxecocnak.live/manj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dd1170d6628c0f63e2f2e7e86fed5092a1c93d579bdbdb52c677031dec24c9c0/", "lumma", "0", "abuse_ch" "2025-05-14 20:27:27", "1523164", "https://mblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dd1170d6628c0f63e2f2e7e86fed5092a1c93d579bdbdb52c677031dec24c9c0/", "lumma", "0", "abuse_ch" "2025-05-14 20:27:26", "1523163", "https://laminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dd1170d6628c0f63e2f2e7e86fed5092a1c93d579bdbdb52c677031dec24c9c0/", "lumma", "0", "abuse_ch" "2025-05-14 20:27:19", "1523162", "https://emphatakpn.bet/ladk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dd1170d6628c0f63e2f2e7e86fed5092a1c93d579bdbdb52c677031dec24c9c0/", "lumma", "0", "abuse_ch" "2025-05-14 20:27:05", "1523161", "https://7posseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dd1170d6628c0f63e2f2e7e86fed5092a1c93d579bdbdb52c677031dec24c9c0/", "lumma", "0", "abuse_ch" "2025-05-14 20:20:14", "1523160", "176.100.37.167:6215", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-05-14 20:17:47", "1523159", "bklbd.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 20:06:48", "1523158", "191.96.39.104:23082", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:31", "1523152", "dripnfinesse.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:31", "1523153", "gohardorgohome.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:31", "1523154", "greatday.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:31", "1523155", "greatyear.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:31", "1523156", "nuevosegurotodoriesgo.dynuddns.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:31", "1523157", "steadypressure.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:30", "1523151", "doncu2029.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 20:06:10", "1523150", "iraq-domains.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots" "2025-05-14 20:05:58", "1523149", "hhhbotnecior.zapt", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots" "2025-05-14 20:05:39", "1523148", "189.159.170.218:2009", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "", "c2,dcrat", "0", "juroots" "2025-05-14 20:05:25", "1523147", "https://pastebin.com/raw/ZeMXgLxG", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "", "c2,dcrat", "0", "juroots" "2025-05-14 20:05:05", "1523145", "r.mapsonfogs.com", "domain", "botnet_cc", "win.bunitu", "None", "Bunitu", "", "50", "", "bunitu,c2", "0", "juroots" "2025-05-14 20:05:05", "1523146", "w.mapsonfogs.com", "domain", "botnet_cc", "win.bunitu", "None", "Bunitu", "", "50", "", "bunitu,c2", "0", "juroots" "2025-05-14 20:04:45", "1523144", "141.134.187.129:3389", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-14 20:02:14", "1523143", "118.122.8.155:3780", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/118.122.8.155#3780", "c2,netsupport,shodan", "0", "juroots" "2025-05-14 20:01:54", "1523139", "118.107.42.200:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/118.107.42.200", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Hookbot", "0", "DonPasci" "2025-05-14 20:01:54", "1523140", "84.46.239.239:8085", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/84.46.239.239#8085", "bruteratel,c2,shodan", "0", "juroots" "2025-05-14 20:01:54", "1523141", "206.206.126.216:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-15 02:49:27", "100", "https://search.censys.io/hosts/206.206.126.216", "AS16276,C2,censys,Hookbot,OVH", "0", "DonPasci" "2025-05-14 20:01:54", "1523142", "45.141.233.103:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-15 02:51:00", "100", "https://search.censys.io/hosts/45.141.233.103", "AS214943,C2,censys,Hookbot,RAILNET", "0", "DonPasci" "2025-05-14 20:01:53", "1523137", "84.46.239.239:8081", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/84.46.239.239#8081", "bruteratel,c2,shodan", "0", "juroots" "2025-05-14 20:01:53", "1523138", "146.70.213.35:10443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/146.70.213.35#10443", "bruteratel,c2,shodan", "0", "juroots" "2025-05-14 20:01:52", "1523134", "91.99.15.185:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/91.99.15.185", "AS24940,C2,censys,HETZNER-AS,Mythic", "0", "DonPasci" "2025-05-14 20:01:52", "1523135", "35.153.129.150:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:50:27", "100", "https://search.censys.io/hosts/35.153.129.150", "AMAZON-AES,AS14618,C2,censys,Mythic", "0", "DonPasci" "2025-05-14 20:01:52", "1523136", "212.69.167.73:4443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/212.69.167.73#4443", "bruteratel,c2,shodan", "0", "juroots" "2025-05-14 20:01:47", "1523133", "179.116.100.236:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:47:29", "100", "https://search.censys.io/hosts/179.116.100.236", "AS26599,AsyncRAT,C2,censys,RAT,TELEFONICA", "0", "DonPasci" "2025-05-14 20:01:46", "1523132", "196.251.116.59:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:48:54", "100", "https://search.censys.io/hosts/196.251.116.59", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-05-14 20:01:44", "1523131", "103.194.104.136:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.194.104.136", "ANTBOX1-AS-AP,AS138995,C2,censys,Supershell", "0", "DonPasci" "2025-05-14 20:01:41", "1523130", "217.160.208.94:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/217.160.208.94", "AS8560,C2,censys,IONOS-AS,payload,Sliver", "0", "DonPasci" "2025-05-14 20:01:35", "1523128", "103.229.81.70:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/103.229.81.70", "AS214036,C2,censys,open-dir,payload,Sliver,ULTAHOST-AS", "0", "DonPasci" "2025-05-14 20:01:35", "1523129", "45.55.98.63:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/45.55.98.63", "AS14061,C2,censys,DIGITALOCEAN-ASN,open-dir,payload,Sliver", "0", "DonPasci" "2025-05-14 20:01:29", "1523127", "62.60.226.114:40102", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/62.60.226.114", "AS214351,C2,censys,FEMOIT,RAT,Remcos", "0", "DonPasci" "2025-05-14 20:01:28", "1523126", "176.65.141.185:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:47:02", "100", "https://search.censys.io/hosts/176.65.141.185", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci" "2025-05-14 20:01:27", "1523125", "124.198.131.190:4000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/124.198.131.190", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci" "2025-05-14 20:01:08", "1523124", "8.210.77.1:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:29", "100", "https://search.censys.io/hosts/8.210.77.1", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-14 20:01:07", "1523123", "8.216.94.191:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:30", "100", "https://search.censys.io/hosts/8.216.94.191", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-14 19:26:40", "1523122", "mkqtw.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 18:15:21", "1522776", "27.124.2.240:80", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-14 17:46:16", "1522493", "https://saraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f4d96aca90e5218b27a7d4a539d8ff5a16a6c4b94900bf1044c39254d51174fb/", "lumma", "0", "abuse_ch" "2025-05-14 17:10:16", "1522340", "http://94.156.179.222/PhpProcessorApiwindowsuniversalDownloads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-14 16:58:24", "1522336", "mmxbx.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 16:17:29", "1522335", "vmkkb.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 16:02:00", "1522334", "209.38.71.109:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:49:35", "100", "https://search.censys.io/hosts/209.38.71.109", "AS14061,C2,censys,Covenant,DIGITALOCEAN-ASN", "0", "DonPasci" "2025-05-14 16:01:52", "1522333", "8.130.15.174:5006", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:52:36", "100", "https://search.censys.io/hosts/8.130.15.174", "ALIBABA-CN-NET,AS37963,C2,censys,Havoc", "0", "DonPasci" "2025-05-14 16:01:49", "1522332", "45.141.233.43:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/45.141.233.43", "AS214943,C2,censys,Hookbot,RAILNET", "0", "DonPasci" "2025-05-14 16:01:48", "1522331", "5.34.182.45:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:51:43", "100", "https://search.censys.io/hosts/5.34.182.45", "AS15626,C2,censys,GF-UA,Mythic", "0", "DonPasci" "2025-05-14 16:01:40", "1522329", "115.190.31.168:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/115.190.31.168", "AS137718,C2,censys,Supershell,VOLCANO-ENGINE", "0", "DonPasci" "2025-05-14 16:01:40", "1522330", "149.126.95.249:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/149.126.95.249", "AS152179,C2,censys,GCNL-AS-AP,Supershell", "0", "DonPasci" "2025-05-14 16:01:26", "1522328", "195.133.63.98:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:48:43", "100", "https://search.censys.io/hosts/195.133.63.98", "AS9123,C2,censys,RAT,Remcos,TIMEWEB-AS", "0", "DonPasci" "2025-05-14 16:01:08", "1522327", "192.3.105.209:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/192.3.105.209", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-14 15:35:15", "1522326", "202.95.22.2:6081", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-14 15:26:19", "1522325", "bjrgt.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 14:26:21", "1522324", "jerry2.duckdns.org", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "", "XWorm", "0", "abuse_ch" "2025-05-14 14:16:23", "1522323", "https://vfeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c7903d94acc6d003135a00580ec939b4a1d00cd29134c5102e2fdc2721ee9072/", "lumma", "0", "abuse_ch" "2025-05-14 14:16:15", "1522322", "https://rposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/19efb8d0433038e6ed941fa340abd5e3da45091b2f36d627399726ff9085dfe0/", "lumma", "0", "abuse_ch" "2025-05-14 14:16:06", "1522321", "https://oaraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/6219da25d26ed564c1dcec7d07de68be07c0d1f0b115d5f6d26a9705e83d3480/", "lumma", "0", "abuse_ch" "2025-05-14 14:16:04", "1522320", "https://lovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/86d89c64120d73bf15528f32e1a154220c2e0b3e6e298574b76bcfad29e005df/", "lumma", "0", "abuse_ch" "2025-05-14 14:15:58", "1522319", "192.227.211.214:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/1ad2d76eb5e812665f27710f900cad4ee93fe1e06d0de0778f26913f86d250fe/", "XWorm", "0", "abuse_ch" "2025-05-14 14:15:56", "1522317", "https://eofeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4dc7b323937d69931b9d9992152acc761d65d269594d799c347c4612222f6975/", "lumma", "0", "abuse_ch" "2025-05-14 14:15:56", "1522318", "https://etestcawepr.run/dsap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2b44c012c4cfc78d174bf93981813b6186834a80f33e62fd7baf0e58e8a934af/", "lumma", "0", "abuse_ch" "2025-05-14 14:15:43", "1522316", "https://8qovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c7903d94acc6d003135a00580ec939b4a1d00cd29134c5102e2fdc2721ee9072/", "lumma", "0", "abuse_ch" "2025-05-14 14:15:42", "1522315", "https://4testcawepr.run/dsap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c7903d94acc6d003135a00580ec939b4a1d00cd29134c5102e2fdc2721ee9072/", "lumma", "0", "abuse_ch" "2025-05-14 14:15:41", "1522314", "https://3flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/da451e8c6fb5af42a6d2d45a6dc3a4278a957284116392522a25b1cb62570c88/", "lumma", "0", "abuse_ch" "2025-05-14 14:15:40", "1522313", "https://0easterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/19efb8d0433038e6ed941fa340abd5e3da45091b2f36d627399726ff9085dfe0/", "lumma", "0", "abuse_ch" "2025-05-14 14:00:51", "1522312", "https://vposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2cff2d8379bed82a5e4a3620d03dd6a01858a42e0401d9cbfefde6bba3d04951/", "lumma", "0", "abuse_ch" "2025-05-14 14:00:42", "1522311", "https://oflowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2cff2d8379bed82a5e4a3620d03dd6a01858a42e0401d9cbfefde6bba3d04951/", "lumma", "0", "abuse_ch" "2025-05-14 13:55:42", "1522310", "https://sfeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c1defb66f8225e116e1f88b4315cff1710da4b416db76455b72017e6c4cb926c/", "lumma", "0", "abuse_ch" "2025-05-14 13:55:36", "1522309", "https://fflowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7def3b8e561e449ae17839d3648d3ea192bb52397126987f29387bf370166780/", "lumma", "0", "abuse_ch" "2025-05-14 13:55:33", "1522308", "https://earaucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7def3b8e561e449ae17839d3648d3ea192bb52397126987f29387bf370166780/", "lumma", "0", "abuse_ch" "2025-05-14 13:55:29", "1522307", "https://39easterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7def3b8e561e449ae17839d3648d3ea192bb52397126987f29387bf370166780/", "lumma", "0", "abuse_ch" "2025-05-14 13:40:24", "1522306", "https://tripfnote.shop/bev", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/745dcae558f1ef01bcb3f06d6cd58375236374e9c4ad9723adf42103c3be4f89/", "lumma", "0", "abuse_ch" "2025-05-14 13:40:16", "1522305", "https://5orjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/745dcae558f1ef01bcb3f06d6cd58375236374e9c4ad9723adf42103c3be4f89/", "lumma", "0", "abuse_ch" "2025-05-14 13:31:31", "1522292", "https://pravaix.top/lv/xf_addon.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114506341593944154", "SmartApeSG", "0", "monitorsg" "2025-05-14 13:31:31", "1522293", "pravaix.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-14 13:08:41", "100", "https://infosec.exchange/@monitorsg/114506341593944154", "SmartApeSG", "0", "monitorsg" "2025-05-14 13:31:30", "1522294", "https://pravaix.top/lv/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114506341593944154", "SmartApeSG", "0", "monitorsg" "2025-05-14 13:31:30", "1522296", "https://probuildgroupusa.com/fsps.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114506341593944154", "SmartApeSG", "0", "monitorsg" "2025-05-14 13:31:29", "1522295", "https://pravaix.top/lv/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114506341593944154", "SmartApeSG", "0", "monitorsg" "2025-05-14 13:31:29", "1522297", "probuildgroupusa.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-14 22:11:18", "100", "https://infosec.exchange/@monitorsg/114506341593944154", "SmartApeSG", "0", "monitorsg" "2025-05-14 13:31:28", "1522298", "https://beginning.sparkattraction.com/profileLayout", "url", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-05-14 13:31:27", "1522299", "beginning.sparkattraction.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-14 14:12:47", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-05-14 13:31:27", "1522300", "23.27.134.95:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-14 17:36:21", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-05-14 13:30:39", "1522304", "https://testcawepr.run/dsap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4d1a17147b37d4e5e1eb793925956103e514b17ed4af469739b93bd986bc8682/", "lumma", "0", "abuse_ch" "2025-05-14 13:30:30", "1522303", "https://hbarmgek.digital/bmx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8ff59ca7502586d622336da673f02eb5ec4cedeb61c3b3c274019bcf8a9256e9/", "lumma", "0", "abuse_ch" "2025-05-14 13:30:25", "1522302", "https://cornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4d1a17147b37d4e5e1eb793925956103e514b17ed4af469739b93bd986bc8682/", "lumma", "0", "abuse_ch" "2025-05-14 13:18:17", "1522301", "dkpfb.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 12:37:00", "1522291", "hjfct.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 12:35:15", "1522290", "216.9.224.45:16465", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/4ad700fe5c1900e5700f70cd44eeea8a85cb69aeb4c93f17651104f2f32e0c71/", "remcos", "0", "abuse_ch" "2025-05-14 12:30:18", "1522289", "web.svhhelp.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-05-14 12:02:28", "1522288", "185.28.119.149:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony" "2025-05-14 12:01:54", "1522287", "213.152.162.108:45998", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/213.152.162.108", "AS49453,C2,censys,GLOBALLAYER,RAT,Venom", "0", "DonPasci" "2025-05-14 12:01:53", "1522286", "193.37.212.91:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:48:35", "100", "https://search.censys.io/hosts/193.37.212.91", "AS44901,BELCLOUD,C2,censys,Havoc", "0", "DonPasci" "2025-05-14 12:01:49", "1522285", "45.94.4.239:1338", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/45.94.4.239", "AS212219,C2,censys,HOSTINGDUNYAM,Quasar,RAT", "0", "DonPasci" "2025-05-14 12:01:48", "1522284", "156.238.245.37:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/156.238.245.37", "AS142032,C2,censys,HFTCL-AS-AP,Hookbot", "0", "DonPasci" "2025-05-14 12:01:47", "1522282", "165.22.22.203:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:46:04", "100", "https://search.censys.io/hosts/165.22.22.203", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-05-14 12:01:47", "1522283", "217.154.22.37:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:49:46", "100", "https://search.censys.io/hosts/217.154.22.37", "AS8560,C2,censys,IONOS-AS,Mythic", "0", "DonPasci" "2025-05-14 12:01:46", "1522281", "138.68.163.131:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:44:35", "100", "https://search.censys.io/hosts/138.68.163.131", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-05-14 12:01:41", "1522280", "82.153.241.186:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:52:52", "100", "https://search.censys.io/hosts/82.153.241.186", "AS210538,AsyncRAT,C2,censys,KEYUBU,RAT", "0", "DonPasci" "2025-05-14 12:01:40", "1522279", "87.110.19.86:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:53:06", "100", "https://search.censys.io/hosts/87.110.19.86", "APOLLO-AS,AS12578,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-14 12:01:39", "1522278", "164.90.170.149:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.90.170.149", "AS14061,C2,censys,DIGITALOCEAN-ASN,Supershell", "0", "DonPasci" "2025-05-14 12:01:30", "1522277", "91.222.173.125:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:53:21", "100", "https://search.censys.io/hosts/91.222.173.125", "AS43641,C2,censys,Sliver,SOLLUTIUM-NL", "0", "DonPasci" "2025-05-14 12:01:29", "1522275", "161.132.45.92:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:45:41", "100", "https://search.censys.io/hosts/161.132.45.92", "AS3132,C2,censys,Red,Sliver", "0", "DonPasci" "2025-05-14 12:01:29", "1522276", "35.181.167.49:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:50:28", "100", "https://search.censys.io/hosts/35.181.167.49", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci" "2025-05-14 12:01:09", "1522274", "43.138.0.179:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:29", "100", "https://search.censys.io/hosts/43.138.0.179", "AS45090,C2,censys,CobaltStrike,cs-watermark-0,TENCENT-NET-AP", "0", "DonPasci" "2025-05-14 12:01:08", "1522273", "110.40.142.234:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/110.40.142.234", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci" "2025-05-14 12:01:05", "1522272", "8.216.94.191:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:30", "100", "https://search.censys.io/hosts/8.216.94.191", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-14 11:35:18", "1522271", "106.250.166.45:5747", "ip:port", "botnet_cc", "win.rms", "Gussdoor,Remote Manipulator System,RuRAT", "RMS", "", "100", "None", "RemoteManipulator", "0", "abuse_ch" "2025-05-14 11:15:21", "1522270", "http://inventscience.st:443/FrKZ", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/217d3f5d070bc36124e9c1e6051c208a44dc33aa5c3ba8f69aa9641bdcbcf8e0/", "cobaltstrike", "0", "abuse_ch" "2025-05-14 10:54:45", "1522269", "mahud.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 10:46:10", "1522262", "flyfrtee.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:10", "1522263", "genxhkwr.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:10", "1522264", "swauh.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:10", "1522265", "fahrenl.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:10", "1522266", "racxilb.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:10", "1522267", "hdtvwz.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:10", "1522268", "detemjj.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522251", "erioxmza.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522252", "backdbp.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522253", "prozyre.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522254", "cobwuxr.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522255", "incinux.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522256", "lathflk.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522257", "voyagjeup.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522258", "foistc.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522259", "pubivxz.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522260", "racoqd.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:09", "1522261", "genuitz.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522243", "onsrdbld.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522244", "steabza.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522245", "chercw.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522246", "tacticoo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522247", "flatll.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522248", "apjmxc.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522249", "explri.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:08", "1522250", "snaklvx.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522235", "ringj.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522236", "lategja.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522237", "serapf.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522238", "voydagist.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522239", "bondvq.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522240", "beatart.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522241", "ozenlul.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:07", "1522242", "kidneu.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522225", "repubjc.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522226", "casswjp.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522227", "childpc.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522228", "metaca.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522229", "jzourneyy.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522230", "glldsv.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522231", "solxlac.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522232", "tucuoq.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522233", "tumcvkc.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:06", "1522234", "saltjfs.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:05", "1522220", "pingytb.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:05", "1522221", "deviludp.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:05", "1522222", "macjajm.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:05", "1522223", "discrk.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:46:05", "1522224", "revwugi.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-05-14 10:35:14", "1522219", "147.185.221.28:29832", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-14 10:18:57", "1522218", "dugem.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-14 09:57:06", "1522217", "stoshiloversdie.top", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "100", "None", "loader,Maison Worm,maisonworm", "0", "pancak3lullz" "2025-05-14 08:52:31", "1522216", "24.177.67.19:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:50:03", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-14 08:51:55", "1522215", "212.11.64.175:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:49:38", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-14 08:45:33", "1522214", "7dd26568049fac1b87f676ecfaac9ba0", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/Gunra%20Ransomware", "gunra,ransomware", "0", "TheRavenFile" "2025-05-14 08:02:19", "1522213", "195.123.211.151:80", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/195.123.211.151", "AS50979,C2,censys,hacktool,ITL-LV,Mimikatz,open-dir", "0", "DonPasci" "2025-05-14 08:02:13", "1522212", "51.38.140.93:1337", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/51.38.140.93", "AS16276,C2,censys,Gafgyt,OVH", "0", "DonPasci" "2025-05-14 08:02:08", "1522211", "199.103.95.5:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/199.103.95.5", "AS397441,C2,censys,moobot,ORBITAL", "0", "DonPasci" "2025-05-14 08:01:55", "1522210", "51.89.205.218:7878", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/51.89.205.218", "AS16276,C2,censys,DcRAT,OVH,RAT", "0", "DonPasci" "2025-05-14 08:01:54", "1522209", "91.236.230.234:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony" "2025-05-14 08:01:52", "1522208", "45.155.124.123:4449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/45.155.124.123", "AS210538,C2,censys,KEYUBU,RAT,Venom", "0", "DonPasci" "2025-05-14 08:01:51", "1522204", "69.62.119.97:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:52:24", "100", "https://search.censys.io/hosts/69.62.119.97", "AS-HOSTINGER,AS47583,C2,censys,Havoc", "0", "DonPasci" "2025-05-14 08:01:51", "1522205", "85.217.171.203:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:53:04", "100", "https://search.censys.io/hosts/85.217.171.203", "AS44901,BELCLOUD,C2,censys,Havoc", "0", "DonPasci" "2025-05-14 08:01:51", "1522206", "185.177.59.217:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:47:53", "100", "https://search.censys.io/hosts/185.177.59.217", "AS44901,BELCLOUD,C2,censys,Havoc", "0", "DonPasci" "2025-05-14 08:01:51", "1522207", "91.92.128.3:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:53:24", "100", "https://search.censys.io/hosts/91.92.128.3", "AS44901,BELCLOUD,C2,censys,Havoc", "0", "DonPasci" "2025-05-14 08:01:46", "1522203", "102.117.174.178:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:43:11", "100", "https://search.censys.io/hosts/102.117.174.178", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci" "2025-05-14 08:01:41", "1522200", "88.237.19.77:3000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:53:11", "100", "https://search.censys.io/hosts/88.237.19.77", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-05-14 08:01:41", "1522201", "88.237.19.77:222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:53:11", "100", "https://search.censys.io/hosts/88.237.19.77", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-05-14 08:01:41", "1522202", "23.95.106.22:11240", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:49:57", "100", "https://search.censys.io/hosts/23.95.106.22", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-14 08:01:40", "1522198", "188.218.201.194:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:48:11", "100", "https://search.censys.io/hosts/188.218.201.194", "AS30722,AsyncRAT,C2,censys,RAT,VODAFONE-IT-ASN", "0", "DonPasci" "2025-05-14 08:01:40", "1522199", "144.172.104.135:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:44:49", "100", "https://search.censys.io/hosts/144.172.104.135", "AS14956,AsyncRAT,C2,censys,RAT,ROUTERHOSTING", "0", "DonPasci" "2025-05-14 08:01:24", "1522196", "206.189.158.128:6156", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:49:27", "100", "https://search.censys.io/hosts/206.189.158.128", "AS14061,C2,censys,DIGITALOCEAN-ASN,RAT,Remcos", "0", "DonPasci" "2025-05-14 08:01:24", "1522197", "191.96.207.241:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:48:18", "100", "https://search.censys.io/hosts/191.96.207.241", "AS199654,C2,censys,OXIDE-GROUP-LIMITED,RAT,Remcos", "0", "DonPasci" "2025-05-14 08:01:05", "1522195", "8.141.113.34:8002", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:24", "100", "https://search.censys.io/hosts/8.141.113.34", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-14 08:01:04", "1522194", "120.55.126.188:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:58", "100", "https://search.censys.io/hosts/120.55.126.188", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" "2025-05-14 07:40:50", "1522193", "6t.czlw.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-14 07:35:03", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-14 06:55:28", "1522098", "gamingglide.fun", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/8.219.163.113+gamingglide.fun", "AS45102,C2,censys", "0", "dyingbreeds_" "2025-05-14 06:55:28", "1522099", "forthepape.shop", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/196.251.71.99+forthepape.shop", "AS401120,C2,censys,CHEAPY-HOST", "0", "dyingbreeds_" "2025-05-14 06:55:27", "1522100", "113.45.7.125:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 06:04:30", "100", "https://search.censys.io/hosts/113.45.7.125", "AS55990,C2,censys", "0", "dyingbreeds_" "2025-05-14 06:55:26", "1522101", "8.137.22.68:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 04:01:04", "100", "https://search.censys.io/hosts/8.137.22.68", "AS37963,C2,censys", "0", "dyingbreeds_" "2025-05-14 06:55:26", "1522102", "43.140.243.146:5000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:32", "100", "https://search.censys.io/hosts/43.140.243.146", "AS45090,C2,censys", "0", "dyingbreeds_" "2025-05-14 06:55:25", "1522103", "118.178.132.223:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:44:01", "90", "https://search.censys.io/hosts/118.178.132.223", "AS37963,C2,censys", "0", "dyingbreeds_" "2025-05-14 06:55:25", "1522104", "212.11.64.175:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:49:37", "90", "https://search.censys.io/hosts/212.11.64.175", "AS42624,C2,censys,SWISSNETWORK02", "0", "dyingbreeds_" "2025-05-14 06:55:25", "1522105", "110.42.67.92:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:01:36", "100", "https://search.censys.io/hosts/110.42.67.92", "AS136188,C2,censys,Supershell", "0", "dyingbreeds_" "2025-05-14 06:55:24", "1522106", "128.90.113.56:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:44:21", "100", "https://search.censys.io/hosts/128.90.113.56", "AS40861,C2,censys,PARAD-40-ASN,RAT", "0", "dyingbreeds_" "2025-05-14 06:55:24", "1522109", "181.162.142.255:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-14 04:01:45", "100", "https://search.censys.io/hosts/181.162.142.255", "AS7418,C2,censys,RAT", "0", "dyingbreeds_" "2025-05-14 06:55:23", "1522107", "23.145.40.182:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:49:51", "100", "https://search.censys.io/hosts/23.145.40.182", "AS400587,C2,censys,Mythic,RYAMER", "0", "dyingbreeds_" "2025-05-14 06:55:23", "1522108", "176.65.141.106:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:47:00", "100", "https://search.censys.io/hosts/176.65.141.106", "AS215240,C2,censys,Mythic", "0", "dyingbreeds_" "2025-05-14 06:55:22", "1522115", "124.223.31.188:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/124.223.31.188", "AS45090,censys,Viper", "0", "dyingbreeds_" "2025-05-14 06:55:21", "1522110", "94.156.144.8:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:53:32", "100", "https://search.censys.io/hosts/94.156.144.8", "AS44901,BELCLOUD,C2,censys", "0", "dyingbreeds_" "2025-05-14 06:55:21", "1522114", "182.254.226.64:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/182.254.226.64", "AS45090,censys,Viper", "0", "dyingbreeds_" "2025-05-14 06:55:21", "1522116", "34.16.98.59:10443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.16.98.59", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:20", "1522117", "38.242.207.249:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.242.207.249", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:20", "1522118", "3.15.182.97:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.15.182.97", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:17", "1522119", "157.180.74.217:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/157.180.74.217", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:17", "1522120", "178.62.29.13:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/178.62.29.13", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:17", "1522121", "185.15.76.86:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.15.76.86", "AS48348,censys,CLOUDBUILDERS,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:16", "1522122", "47.239.100.100:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.239.100.100", "AS45102,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:16", "1522123", "43.134.17.236:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.134.17.236", "AS132203,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:16", "1522124", "176.9.192.244:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/176.9.192.244", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:15", "1522125", "52.213.183.75:8081", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.213.183.75", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:15", "1522126", "5.129.199.150:49302", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/5.129.199.150", "AS9123,censys,GoPhish,Phishing,TIMEWEB-AS", "0", "dyingbreeds_" "2025-05-14 06:55:14", "1522127", "192.3.232.13:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/192.3.232.13", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:14", "1522128", "198.46.190.114:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/198.46.190.114", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:14", "1522129", "203.177.95.83:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/203.177.95.83", "AS4775,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:13", "1522130", "51.21.82.91:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.21.82.91", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:13", "1522131", "156.244.39.143:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/156.244.39.143", "AS138915,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:12", "1522135", "35.156.170.65:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.156.170.65", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:11", "1522132", "20.243.80.179:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.243.80.179", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:11", "1522133", "172.188.24.67:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.188.24.67", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:11", "1522134", "13.51.175.116:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.51.175.116", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:09", "1522136", "35.156.170.65:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.156.170.65", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:09", "1522139", "181.32.35.248:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/181.32.35.248", "AS3816,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:08", "1522137", "52.70.41.85:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.70.41.85", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:08", "1522138", "187.33.147.142:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/187.33.147.142", "AS49635,censys,CLOUDING,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:07", "1522140", "101.6.4.134:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/101.6.4.134", "AS24348,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:07", "1522143", "3.12.120.187:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.12.120.187", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:05", "1522141", "3.106.217.162:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.106.217.162", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:05", "1522142", "35.184.1.230:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.184.1.230", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:04", "1522144", "129.204.203.252:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/129.204.203.252", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-14 06:55:04", "1522152", "metatrader5.pw", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz" "2025-05-14 06:55:04", "1522153", "guarda.su", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz" "2025-05-14 06:55:04", "1522154", "lobstergroowingto.sbs", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "100", "None", "loader,Maison Worm,maisonworm", "0", "pancak3lullz" "2025-05-14 06:55:00", "1521815", "asdkjczxmeuw.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:59", "1521816", "zxvnqwejlkgh.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:59", "1521817", "mznvqiweurty.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:58", "1521818", "plmzxqwieruo.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:58", "1521819", "vxmnsdkjweqz.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:58", "1521820", "qpwalskdjzmx.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:57", "1521822", "xnzwoeirplad.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:57", "1521823", "qwenmzlxktyu.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:56", "1521821", "zmxncvaoiwqe.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:56", "1521824", "nmasdqwpeiru.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:55", "1521825", "qowuensmzxcv.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:55", "1521826", "wqemzxncpiou.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:55", "1521827", "zbqwmnzxopru.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:53", "1521828", "xpoiwnzqlaks.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:53", "1521829", "qpeuwmxnzvka.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:53", "1521830", "zcnvqpweoriu.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:52", "1521831", "lksmzqwenxop.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:52", "1521832", "oby2349.giize.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:52", "1521833", "envio07.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:51", "1521834", "http://api.playanext.com", "url", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:50", "1521813", "qweiozmnxvla.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:50", "1521814", "lkjzmxnqpwer.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:48", "1522076", "naroowlagendbend.sbs", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "100", "None", "loader,Maison Worm,maisonworm", "0", "pancak3lullz" "2025-05-14 06:54:47", "1522077", "185.156.72.72:416", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 06:40:31", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:47", "1522078", "185.156.72.72:419", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 13:13:21", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:47", "1522079", "185.156.72.72:421", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 13:10:40", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:46", "1522080", "185.156.72.72:426", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:55:35", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:46", "1522082", "185.156.72.72:430", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:58:49", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:45", "1522081", "185.156.72.19:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 02:05:57", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:43", "1522083", "185.156.72.72:427", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 04:03:35", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:43", "1522084", "185.156.72.72:418", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:37:55", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:43", "1522085", "185.156.72.72:431", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:49:41", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:42", "1522086", "185.156.72.72:417", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:03:58", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:42", "1522087", "185.156.72.72:423", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:12:04", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:41", "1522088", "185.156.72.72:428", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 11:38:10", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:41", "1522089", "185.156.72.72:425", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:47:02", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:41", "1522090", "185.156.72.72:420", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:41:42", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:40", "1522095", "185.156.72.72:422", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 11:54:51", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:40", "1522096", "185.156.72.72:429", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:31:29", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:39", "1522097", "185.156.72.72:424", "ip:port", "botnet_cc", "win.tofsee", "Gheg", "Tofsee", "2025-05-14 12:16:53", "100", "None", "backconnect,proxy_cfg,Tofsee", "0", "Bitsight" "2025-05-14 06:54:37", "1521842", "lygep.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 23:44:54", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-14 06:54:36", "1521810", "oct-estimation.gl.at.ply.gg", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:35", "1521811", "elon20252025subdominmain2025.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:35", "1521812", "hsjafklweqmn.click", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:34", "1521808", "manlichcopfbeet.top", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "100", "None", "loader,Maison Worm,maisonworm", "0", "pancak3lullz" "2025-05-14 06:54:34", "1521809", "46.3.197.109:5977", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "", "None", "0", "JaffaCakes118" "2025-05-14 06:54:33", "1521798", "cujob.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 20:15:08", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-14 06:54:33", "1521799", "entrinidad.cfd", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-14 06:54:32", "1521782", "qaxib.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 19:44:23", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-14 06:54:14", "1521752", "gypuq.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 19:07:59", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-14 06:29:27", "1522192", "eduardocaballero5070.duckdns.org", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "AsyncRAT,RAT", "0", "abuse_ch" "2025-05-14 06:26:01", "1522191", "23.95.197.208:1412", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "https://bazaar.abuse.ch/sample/a1af56c872f76eb2f3c8e76692fb3dfc84310115126d5636006dadba6dcac560/", "Mirai", "0", "abuse_ch" "2025-05-14 06:10:56", "1522190", "barmgek.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-14 10:46:10", "50", "", "c2,lumma", "0", "juroots" "2025-05-14 06:10:42", "1522189", "wordinfos.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "", "c2,Marbled", "0", "juroots" "2025-05-14 06:09:57", "1522188", "digiscap.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "50", "", "landupdate808", "0", "juroots" "2025-05-14 06:09:21", "1522187", "178.75.102.190:1595", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 06:09:08", "1522186", "nzxtsh.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-14 06:08:54", "1522185", "soundcloudxyinialol14881.duckdns.org", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "", "c2,quasar", "0", "juroots" "2025-05-14 06:08:34", "1522183", "147.185.221.20:57386", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots" "2025-05-14 06:08:34", "1522184", "147.185.221.28:35553", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots" "2025-05-14 06:08:18", "1522182", "ammarsy.no-ip.biz", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots" "2025-05-14 06:08:05", "1522181", "shiroweb-52633.portmap.host", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "", "c2,nanocore", "0", "juroots" "2025-05-14 06:07:47", "1522180", "182.188.188.18:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "", "c2,darkcomet", "0", "juroots" "2025-05-14 06:07:29", "1522176", "73.114.241.65:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-14 06:07:29", "1522177", "73.114.241.65:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-14 06:07:29", "1522178", "73.114.241.65:8080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-14 06:07:29", "1522179", "73.114.241.65:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-14 06:06:58", "1522175", "https://pastebin.com/raw/3as7fu4y", "url", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-14 06:06:16", "1522173", "https://api.telegram.org/bot7671302806:AAGMIaSyEX23eVuRP_7fYeiVJprDcDI1cNs/", "url", "botnet_cc", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "50", "", "agenttesla,c2", "0", "juroots" "2025-05-14 06:06:16", "1522174", "https://api.telegram.org/bot7844826162:AAHmkutzU62TUPvnEGO_jSKI8EsX0HUPGsg/", "url", "botnet_cc", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "50", "", "agenttesla,c2", "0", "juroots" "2025-05-14 06:05:08", "1522172", "http://154.198.49.116/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196cd65-9298-776b-b0f6-b8658d1358f4", "c2,hookbot,urlscan", "0", "juroots" "2025-05-14 06:05:07", "1522171", "http://45.79.214.249/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196cd65-8929-734f-bfce-3bc22681560d", "c2,hookbot,urlscan", "0", "juroots" "2025-05-14 06:04:30", "1522168", "47.238.99.123:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:59", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-05-14 06:04:30", "1522169", "194.87.29.62:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/194.87.29.62#9000", "c2,sectop,shodan", "0", "juroots" "2025-05-14 06:04:30", "1522170", "77.83.246.34:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-14 06:04:29", "1522167", "137.220.205.227:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-14 06:04:16", "1522166", "193.233.48.28:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/193.233.48.28#10001", "c2,extreme,shodan", "0", "juroots" "2025-05-14 06:04:08", "1522165", "154.82.92.116:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-05-14 06:04:02", "1522164", "52.66.197.93:33060", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/52.66.197.93#33060", "c2,netsupport,shodan", "0", "juroots" "2025-05-14 06:03:27", "1522162", "162.254.85.213:8081", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/162.254.85.213#8081", "bruteratel,c2,shodan", "0", "juroots" "2025-05-14 06:03:27", "1522163", "84.46.239.239:9443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/84.46.239.239#9443", "bruteratel,c2,shodan", "0", "juroots" "2025-05-14 06:03:09", "1522160", "185.125.218.138:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:47:48", "50", "https://www.shodan.io/host/185.125.218.138#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-14 06:03:09", "1522161", "51.210.241.127:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:51:48", "50", "https://www.shodan.io/host/51.210.241.127#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-14 06:02:52", "1522158", "118.31.114.149:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/118.31.114.149#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-14 06:02:52", "1522159", "1.92.100.230:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/1.92.100.230#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-14 06:02:51", "1522157", "8.134.80.60:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/8.134.80.60#50050", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-14 06:02:37", "1522156", "192.238.128.191:8444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:00", "50", "https://www.shodan.io/host/192.238.128.191#8444", "c2,cobaltstrike,cs-watermark-1234567890,shodan", "0", "juroots" "2025-05-14 05:50:15", "1522155", "http://034148cm.nyashware.ru/LinePollGeolongpollflowertracklocalCdnTemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-14 05:19:38", "1522150", "afa819c9427731d716d4516f2943555f24ef13207f75134986ae0b67a0471b84", "sha256_hash", "payload", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "chihuahua", "0", "juroots" "2025-05-14 05:19:38", "1522151", "c9bc4fdc899e4d82da9dd1f7a08b57ac62fc104f93f2597615b626725e12cae8", "sha256_hash", "payload", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "chihuahua", "0", "juroots" "2025-05-14 05:19:08", "1522147", "https://flowers.hold-me-finger.xyz/index2.php", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "c2,Chihuahua", "0", "juroots" "2025-05-14 05:19:08", "1522148", "https://cat-watches-site.xyz/", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "c2,Chihuahua", "0", "juroots" "2025-05-14 05:19:08", "1522149", "https://cdn.findfakesnake.xyz/", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "c2,Chihuahua", "0", "juroots" "2025-05-14 05:19:04", "1522146", "https://onedrive.office-note.com/res?a=c&b=&c=8f2669e5-01c0-4539-8d87-110513256828&s=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI4YTJlNmI1MDQ4M2E5MWYyODkzNTQ4Y2M1MDUwMdg1NyIsInN1YiI6IjEzN2JkZG0zYjZhOTYiQ.vXOOM_cWpG2OmzSx5t2l9A6ecnMKFzunS4LWccgfPjA", "url", "payload_delivery", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "Chihuahua", "0", "juroots" "2025-05-14 04:30:20", "1522145", "182.16.26.210:56104", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-14 04:01:23", "1522112", "104.37.4.139:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:43:32", "100", "https://search.censys.io/hosts/104.37.4.139", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-14 04:01:23", "1522113", "185.244.30.120:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:48:02", "100", "https://search.censys.io/hosts/185.244.30.120", "AS211619,C2,censys,MAXKO,RAT,Remcos", "0", "DonPasci" "2025-05-14 04:01:22", "1522111", "45.74.15.230:3402", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:51:13", "100", "https://search.censys.io/hosts/45.74.15.230", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci" "2025-05-14 02:58:25", "1522094", "8.137.60.154:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:21", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 02:57:50", "1522093", "45.40.245.61:3306", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:45", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 02:57:20", "1522092", "34.30.162.132:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:17", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 02:54:29", "1522091", "132.162.30.34.bc.googleusercontent.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:53:40", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-14 01:25:15", "1522075", "http://658055cm.nyashvibe.ru/imageLineProcessAuthlongpollApilinuxgeneratorWpPublic.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-14 01:11:22", "1522074", "f6191f83d4d774186de75dcaa6664475", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:21", "1522072", "523bce63df0d085e3b8bfe6bbc255da9f326de9d", "sha1_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:21", "1522073", "19eae2f123de215358ddd7dc698c52de2a905a5f09e7336df35c8d276a96df6a", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:20", "1522070", "fc1bf10c936144f163a063c0a606182990494baa6a52dfbbf92ce0652f3c2dd4", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:20", "1522071", "9ded32e7337c48fa5b23f65c8e40a499", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:19", "1522068", "9005ac6371c30817ae904ba0d95d0ac2", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:19", "1522069", "a3786589f06d51272e5348e5b82522d73a0ca610", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:18", "1522066", "aab747f34aabc85edd95697a080cc504fd119bb4", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:18", "1522067", "09b8f5086105916ba4705a1b64c8e4d4e0e3a6146928eabdd355f6d595f2a97c", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:17", "1522064", "57b8242373a01247b681b6bf4ae2e581bbf1583f0dde371e2081846efae7ff7f", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:17", "1522065", "1c5897275ff16bb4e22c42d66118fe7f", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:16", "1522062", "e8a616c7d2ac84b4aa3494a42b16c36e", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:16", "1522063", "fc9f9029a012de9f7efe4a7cdc4606fe0236a5c5", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:15", "1522060", "92bb7e43618e9f9ba0e3b038e94d84fa9f60ef66", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:15", "1522061", "d9c88eddbf8b28dacce8fb4799131563b7921723dec4f5e3e61dfb0dd14f7fa3", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:14", "1522058", "cf1f146ffa6951e45c24eada8fcef9fae06e8c7613ea0a5438d7bb6b868cadc9", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:14", "1522059", "7b8b919d261182cecbd5bf05c5430052", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:13", "1522056", "3c7faf3f6b5406ee3fdbef5d196cee1c", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:13", "1522057", "3e8cef8ec8f4a34aa79fbba5fad9e224581c61f2", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:12", "1522055", "d0a1e8a02c2721bccd8019f6a43367caf20759117087e676c70140f564bfe5d7", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:11", "1522053", "91a6e5fdea328d1352f1722743409569", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:11", "1522054", "221796a22d57a4ac2c958810feed433568dfe3cc", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:10", "1522051", "35f332cb8a9141749175643c1bc28ca3400d7723", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:10", "1522052", "fc51f7fa455614e41628301c8ca91008e183fe2a2b02c0c05daf912afe0d1ee2", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:09", "1522049", "d1965a6643ba775b05e4e5b6ab616d350973f418dbe02b2c61722af805d51034", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:09", "1522050", "bbfa51a063fe00e9af2aba6e79637367", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:08", "1522047", "f620d28d1d20c9c30e0845595363a78a", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:08", "1522048", "d26fc299da0f2b7447c74e9f1d9b1e488babd103", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:07", "1522045", "ca6da3df1fe62ac775796c86e8c0a02285fa6be4", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:07", "1522046", "26abea627fdf075469f1b9613bea3c71b84dec05a135a0f3f9d3296dbc35ceb3", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:06", "1522043", "ca081d2e9e512e1516edc180262c4309dda83ad714a281abd26fc1a658bced01", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:06", "1522044", "54a08afb7d4946dfdd48d907bd2af047", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:05", "1522042", "eabe1199f54d2fc1c166ef74ae4247194a81a1c0", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:04", "1522040", "1ce4f36e1af6db1cd550d8e59edd093a86f9ec7a38535fab1b3b111f2bb7bd1e", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:04", "1522041", "7c65a65de4f4c34cbc5809f1d3748de2", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:03", "1522038", "339990a47839ba0e9a657db6fbd71861", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:03", "1522039", "833e75228d35292dc1df20e5ce66a9264c66f1ff", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:02", "1522036", "d6f93fd4213478f359a03701cfb827c3e3398f4e", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:02", "1522037", "e3716110ea1af3d3c25e6aca80b9e899236cf3c03ab3da4fa6271f9580d7cb61", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:01", "1522034", "d1ea7576611623c6a4ad1990ffed562e8981a3aa209717065eddc5be37a76132", "sha256_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:01", "1522035", "fccebee340a7006a339835a290922397", "md5_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:11:00", "1522033", "11c46dfce66a8ffc66ea8fdafeab3a34075bf5e2", "sha1_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:59", "1522031", "c3f39d499f8599e009697219a0c0f9b5fd91848b693fcaf4abdc0d15bdc67de0", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:59", "1522032", "b27c1ca4c65a3f38a999bdf3b82d5892", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:58", "1522029", "3167685ffbdae55b00485896310fe2f4", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:58", "1522030", "8782a78e6e4fe3c8f4d328e434a685e5d383a8f5", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:57", "1522027", "a1b706b3aa0aee0d3f534a2823af03afc44c975c", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:57", "1522028", "0fd46aca09c54c256d22420d2ac3e947ff204a42a24158dfcb562de18a77f3f1", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:56", "1522025", "ef544f7901ed91aac0bcdaee79efe2b1ce0b4ccac2480d299ffb6ff73d219dfd", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:56", "1522026", "c1762a46571fa6263cd8a41c09ec504f", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:55", "1522023", "d18961f7777d329e17cfb824926d9e12", "md5_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:55", "1522024", "60ab7ab3e8827020e2bd8b8ab87804f78d1cc265", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:54", "1522021", "33449875f0e73069d556993e9fcf17a1a106d622", "sha1_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:54", "1522022", "f69330c83662ef3dd691f730cc05d9c4439666ef363531417901a86e7c4d31c8", "sha256_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:53", "1522019", "251d313029b900f1060b5aef7914cc258f937b7b4de9aa6c83b1d6c02b36863e", "sha256_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:53", "1522020", "4a0a08c82240db20360672de20493455", "md5_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:52", "1522017", "bb019e89241c79b4265a3882acbe34a2", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:52", "1522018", "5afd347fecbf0d91fa65551aa774e975b60e8a0a", "sha1_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:51", "1522015", "684371446d0f381f810bfd1d6752de8156a98ba6", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:51", "1522016", "c6c4432433d8b941918424991c48d57fef0d0dfedc26b8fec66422f58c2ec8c5", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:50", "1522014", "530754366ad022c86eccadf13ad98ed2", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:49", "1522012", "0f6600d28bbf66d46d4534df04abbf048d4ed19d", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:49", "1522013", "3decb568098f09397ec9c9766b0e5a62a48e044650077efd60ce1b9c9ff81b22", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:48", "1522010", "5d3abe1d8ca8911b52a3214094e08885cd8865f4b755eed859ed4a064d413686", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:48", "1522011", "26354481796aadd8dfd2cf550da38af3", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:47", "1522008", "fb4bce7c4f63a8d01ae6fb03f81a50a3", "md5_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:47", "1522009", "3a4da57458b512b0ce80bd0bafac22d80e22f843", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:46", "1522006", "20776ab7de2142d956a56aee60a798b191a2f3f8", "sha1_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:46", "1522007", "da708865f674fbc18b17baeb8d6c8ceeb1b786fe5abdcd0d31027973d9bb6eeb", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:45", "1522004", "35ae90a081aa0fb9930d285e0215e006220cccc4f074ca231c19fb4422c836dd", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:45", "1522005", "7539e0a21bfef1cd4ae5aeb133044397", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:44", "1522002", "30ddc9e3123c62668c9caf42eafd6490", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:44", "1522003", "cfb0bd56294b42ab81726ad085a9fc1ddd456281", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:43", "1522000", "32cc29e4476f5124186e7e1df51cd54805a8127a", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:43", "1522001", "a2c04f5816ac05a481acbd7b2b67b7c54419bec8362b779e68cd1ccae3011639", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:42", "1521998", "3990e4a6f16492f77e0e7990cfcd58992049de5ba0102e41a79bf1db99263f13", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:42", "1521999", "1ceb2aa299705ff0f0a79b370e37a004", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:41", "1521997", "30af0362c8916770e503ec04ef177e1c4292f00b", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:40", "1521995", "1c61fb7f2ada5e253447b191849e3a36822e9999b61dd29822fcf58ba0e7ed70", "sha256_hash", "payload", "win.mydoom", "Novarg,Mimail", "MyDoom", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:40", "1521996", "5f5eb8ecba78add0b710de1b90583492", "md5_hash", "payload", "win.mydoom", "Novarg,Mimail", "MyDoom", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:39", "1521993", "cbc20d948b257762d8623b0386b68dac", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:39", "1521994", "6b817be7049c4909927bd3e4f95b51d8494256af", "sha1_hash", "payload", "win.mydoom", "Novarg,Mimail", "MyDoom", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:38", "1521991", "90109f95d5333825cc745566eeda55d580c31047", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:38", "1521992", "1a3782043885a87014863b98fc9f26a5be064c2ac800e0c00e2591ad1cbd152a", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:37", "1521989", "81bd6ea18c2d8064b8ea858311ec0949d7e8181d6877fb9e339b83af976c86f1", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:37", "1521990", "adac4bd2d36c782fb6e4f0a8a9210dd5", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:36", "1521987", "ef6e69eec26b9f6e31c9004ee9baf4ce", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:36", "1521988", "fe1595de8370f24524d82861bdc0891661e8bf4d", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:35", "1521985", "1b08499fa0e7487dd5cab3d34931e486d06a2e36", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:35", "1521986", "626264a78556f96610652533d7c99b1cb354561abe5042360fbca5e332b3f3ce", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:34", "1521983", "6f4245e6fc909528580e36c0ac716d6e8b19df8f6ce43bd93f526f282f3e86ec", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:34", "1521984", "dff8faf384f73a3793a293e0c86e70b1", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:33", "1521981", "ea33e5f1f39f1bcd667f384573c2783a", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:33", "1521982", "fd9f086344e900bea706d75ae0a2badbf1d5f718", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:32", "1521979", "da0865444039fb35956ca92a45afb9b7968b79f7", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:32", "1521980", "35b794d4747a303debb144fe67fa9c110ad260194380bd436cab7bb22347f5ee", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:31", "1521977", "a88391b49d0976012147ca697e2fcf77ebf6461025d24ca7653738821f6bc314", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:31", "1521978", "23a154c7cf2f71f0739e7f2e001c7cb0", "md5_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:30", "1521975", "51c3ee745cdd5d28f4efdddbed39986b", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:30", "1521976", "83fe2aaa8fcec9455f62a7c4f1b0ca2c1505d38c", "sha1_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:29", "1521973", "ad0746bed739513307b1f86fff0bb4075400ff55", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:29", "1521974", "cf9e29c9c2315237b9230d3f01e55c60f5e7c89b980ce78912258b1bee2f4124", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:28", "1521972", "1e1ccc1785e17228bef673b6acbf98b4", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:27", "1521970", "b40aab1d296ef4ffc732265039157e67d644ed5c", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:27", "1521971", "503a91087f5b3b18723dfc3c742fcc06bebf2e63d1820430f2d57788c5f620c3", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:26", "1521967", "c36dc5a0aeb5c3336271fb87f814d08922d19231", "sha1_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:26", "1521968", "2c0263fa35e989ef8f1e55c760a886d24ece9af3755a0a38c81e4c6cbad04106", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:26", "1521969", "8e540d64e3920110eefc684b5f65fc43", "md5_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:25", "1521965", "b96bdf8fdd17d4bdd46cd5ab489237e7411dfbf4acb7dcd7ff5e4dd578a6e38d", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:25", "1521966", "2ab2cc70273398789929e4944829a03e", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:24", "1521963", "30acd877846ffcc2894939e2053bda70", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:24", "1521964", "a25f20a925563c6143c61e9c8410b054ba035450", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:23", "1521961", "5608fae9bb384751e5cdfd9b712da1bf4b3fd0ca", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:23", "1521962", "316de33842f7975bd6933f32a69cf09018f2f197b14bb2f8d768bf5bd4c121ba", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:22", "1521959", "05443c3fb13a31403332286049f85a59b0f1ad8de930b70a0adf270844a37cab", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:22", "1521960", "8092ceee4ab7bbcda71adc96d001baf2", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:21", "1521957", "7ef2a9fa48c460b16738aa9c90e01e18", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:21", "1521958", "1c31a97c892bc19fe578b077065a931917788db4", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:20", "1521956", "69d001a51ef6c45bb3434214b0b52ceff0973c0949e8bb9bd327a3ffd89f8273", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:19", "1521954", "1a636d27f91213d418359c4002e6e93b", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:19", "1521955", "b7b6b7dbf49001e96e9d57eef8ffabb411c1b2c0", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:18", "1521952", "0ed13c01576a93fc2901382885abb4adb3dced17", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:18", "1521953", "f110a97f62555e728429d0ae8763f21a80af26b8262178a9da5b585c95dcf43b", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:17", "1521950", "2673f98efbc942d0aba67697b4d92746c6f3675c14c28ec06fb5249bdb98f3bb", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:17", "1521951", "80620d178225995de8d7d9afc19c7166", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:16", "1521948", "030dfe386556b6b4b4c3bb1c353c2264", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:16", "1521949", "ff98c3d3af1376c02a23e7358ba81f3dcc5b7813", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:15", "1521946", "9ec43b20b11d70b02fea313ba5efdfd366dcdd3c", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:15", "1521947", "ebde51ef655b4f9e118c003ed1f7ff99b270f6e5be71d89110e2de657dce0de4", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:14", "1521944", "55d05771086c5acc0c6275be9e1366819b5bb941a1bfb85ea4a1721ce6486a85", "sha256_hash", "payload", "win.revenge_rat", "Revetrat", "Revenge RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:14", "1521945", "dc9474121cb6a50b67c515e90467efe8", "md5_hash", "payload", "win.revenge_rat", "Revetrat", "Revenge RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:13", "1521942", "114813e2d18fefa8b3843c94800b1a28", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:13", "1521943", "ba55dd6b32a2f2ecb9b014ff363a37640df1a13f", "sha1_hash", "payload", "win.revenge_rat", "Revetrat", "Revenge RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:12", "1521940", "f4045791c0e21dd0e2f2b51301b5a292d2c7e6d5", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:12", "1521941", "01ff3660d3e6035e8594ad7e044fbeb2d163c674fada45ab6b7ef6eb4e3cb04f", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:11", "1521938", "6306e4d202e4a5cab6912937dc64733f8644a9342b836051bdf9215eefb0b7ad", "sha256_hash", "payload", "win.darkstrat", "None", "DarkStRat", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:11", "1521939", "70b2cc759d2c247769f4c54414dde3b2", "md5_hash", "payload", "win.darkstrat", "None", "DarkStRat", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:10", "1521936", "6dc9eeaa01a79d8ca32cb76308db82c1", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:10", "1521937", "672d31db72a068af404da50d33c09f3c9eb442c8", "sha1_hash", "payload", "win.darkstrat", "None", "DarkStRat", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:08", "1521934", "95dd4407f1e33c9569196a7dc1a1c7a2edbdf4c7", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:08", "1521935", "2a46cb0bcaddf532d54171c0466e6fe92d4fb3ecd7cd9e1bc70160dbb1952d53", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:07", "1521932", "116c096a488f53b298d3bac99942770afd3d791ae376534f050e6e4642c2fbb4", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:07", "1521933", "4f475ce89de8c65bec36c9d9a01fe0f0", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:06", "1521930", "957529e18b285e7cbc2bcf89dac79810", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:06", "1521931", "d9853bd44d2e32d89eaf10595a3d65be9190b91a", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:05", "1521929", "a2de2cb77a0743306df3819dc370fbc760bc4f702c6fdc65a5fe28e4d1ae262e", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:04", "1521927", "e28ae7b4bea0953eab64b186f8fdb9d2", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:04", "1521928", "d3fc75f664e984577846253d3ceaa4e4d548dc95", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:03", "1521925", "11d0102eb185cfec062e079e7a3e154a471595ec", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:03", "1521926", "7f23f4eca324810dbc7d0c5b9b4eed63be3b835bed774424f142f615dc141740", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:01", "1521924", "3b966016ad42813ca8079ccbc52d87ab", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:00", "1521922", "353abe4426099aea2251dfef985cb4ac9c8b2bc0", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:10:00", "1521923", "689f73ebf7a35fc72b080171c1c6dd03935179a2781caced9f689c4ff5bad07e", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:59", "1521920", "5ca9bb8bb1e9e1daa9ede12a40586807dde9483576e381da42214a7b2ee9960b", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:59", "1521921", "8be8d084c0b02abec340c41a3aa20532", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:58", "1521918", "e0e3b2d46bf5ef17d6895eb3797ea69e", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:58", "1521919", "74672944d0012b7581fe4590a7eb8967594e6acb", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:57", "1521916", "9205d65ba5ecaff4a37d758528e2416c9729969c", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:57", "1521917", "29bb96a896e470b9378a4ec20cfac0f868106a1291f05b0f8e6a19efe43347b7", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:55", "1521914", "263bea60cb02db85af694ff258f9249f17ae23ccdb9e9ce32d6582611b3f2174", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:55", "1521915", "6ea04375d8d8be36f24f73f422f05133", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:54", "1521912", "e2be583abf5e542c131834d021872291", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:54", "1521913", "64142dddf2e439701283efe4cb85b8ff731b3f18", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:53", "1521910", "8e60b7068b3faeef80f7071f4fa53b9f6ef1a191", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:53", "1521911", "1fbd69a781f6b2704496419eb9d082fa673915698fcf921badaffbe4479ef09e", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:52", "1521908", "0b940e55c9eb2244ac13eeabf3cf87e3c5244817ad8e18c9b7a53ef602dbd2ad", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:52", "1521909", "3d7b1c835510c29e1cb07a476e3f225c", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:51", "1521906", "5b55c40e5d41053bcec802e47866286d", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:51", "1521907", "ecde8cc19a42f20ac66d196f43baffe5fa5f59ec", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:50", "1521903", "fc7924445ad281748b3f2dd2a0fc273f", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:50", "1521904", "2f97b0848b5d7a45e6fc8cc799e22f6ff72caaa9", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:50", "1521905", "074be35efc9958bbd58024030c73fabf38d98619ad7cb52e21594723d558382f", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:49", "1521901", "fcb8037e912a45dcdccc34c711e773edf5e06860", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:49", "1521902", "1700826104f536f6b6894f1081a20118e1adf5c9848af4fd9e79364c604b0033", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:48", "1521900", "6a3ce9b511342e088633f32ce12bf2b0", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:47", "1521898", "90b5f72a93323391b8efbec9bc38549cb5cd21a9", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:47", "1521899", "16ec2deb206d609106e140a0160a8de30d4c456a06717d1bca37590036e32641", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:46", "1521896", "cae5d3825916ada5b36025d9f0030a769a8444abebfe35cae0a2cf18673bce49", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:46", "1521897", "0c4d7e3c7858c29ce7269e5652f880ab", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:45", "1521894", "3488c0f786b1a9708b81e9c4a0d9da15", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:45", "1521895", "5250c0f8005c875f4f48d48dd8938903418bcc5e", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:44", "1521892", "7e3a6388641b3812e8cdb694f3efb30b29c43816", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:44", "1521893", "d2c9e0ae874d1ef5395110d03325ab3415f74ec6ee6405776ad6e89d5e467b4a", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:43", "1521891", "7452fb19f12b7e1f5e1cf8e67c8bbafc", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:42", "1521889", "713e727dfc0c9f2efec8a261982a443d43c6cb0a", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:42", "1521890", "46549b5ece9eb382452749c43ec2e39268733e7c99f45bf6cb1eaa2537eeaaaa", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:41", "1521887", "cc28e89b7347d421d6d3432a240473de1bf1348e1a5b8913d53d7f8b9113ec2c", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:41", "1521888", "af9fa64a9e2d4a78aa0064ea1c8a3eb9", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:40", "1521886", "31916a9e6b7ff1023a1d33cc3610ebed032faac7", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:39", "1521884", "a592787cb0e7514aa255ba6a84ae079340563acf496d4b19f24730ce699b88f7", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:39", "1521885", "42cb2c3dbdb030160895062a09319fdd", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:38", "1521882", "90b580827dff4853a401cf6b92ff7403", "md5_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:38", "1521883", "65c7052f3b828572361ca62a2870be3bec1ac20c", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:37", "1521880", "52b9a0a4ad89a25d8f8ba19c712db084af1f0203", "sha1_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:37", "1521881", "c26f2213b177de9e1d20a9d44646e97041c01321bbbb0602759706996043c425", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:35", "1521878", "cbf5514df284884dcef002cd1f83501bd72fe47df3b091c15386d203040ea2ae", "sha256_hash", "payload", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:35", "1521879", "6fa9788ab962490b9c5609797d5922a1", "md5_hash", "payload", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:34", "1521877", "b5b35a9f3e2d33f3f6eb8f53317fdb4e27b903b6", "sha1_hash", "payload", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:32", "1521874", "d7b8fa0373bf46ee46688bf224b83cae7eb1070c", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:32", "1521875", "350ea0a5caf7e7eef53a845593e9eae15bc11e62ed1ba27e709a20a357bacada", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:32", "1521876", "7fd3df347b55a66a7d4c1455e59ed05c", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:31", "1521873", "61f9c775a57a43ff6b858bd6c4c99dea", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:30", "1521871", "af09ea71e43f11f14960964c1e3f1a6042453e46", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:30", "1521872", "cf594d0970d6a71c802e5a261b41c2e2fa68f2ff7958d6f48872bc4954efd34d", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:28", "1521869", "61e85a87e75a6d595a4502111f5514cb9672af129cd171a5b505e37df3293f27", "sha256_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:28", "1521870", "2f98316e9ea5223c7274e08426412000", "md5_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:27", "1521867", "dac04e511722609ead43aae0c8de9fcd", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:27", "1521868", "c269fdcc8885349cea6372a7e2c177e360828d0b", "sha1_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:26", "1521865", "9cfd53a54f9f4be6904fb6b09f867dea1bbe62a1", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:26", "1521866", "0c28eb7a5971ae39142885fb30f006faca49e481c93c91fed37ea82faa0e07a8", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:25", "1521864", "2e16e6cde5af30a952aaa81919bc7c28", "md5_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:24", "1521862", "d45261b53e50c75f9611336dee951a5676b666ac", "sha1_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:24", "1521863", "17394e487c879264d746b98bccacc2ccd93b05eaa47d6140d7fa44d644d0ebd1", "sha256_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:23", "1521861", "1cd77df3d2c42abe10ed440fb733406b", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:22", "1521859", "d541d88d0579dd98546728027bfc489a677cc6ff", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 01:09:22", "1521860", "b2b35b54af3651e73420009255ab5fe52f9c5450f4ad5ea7c85ecaa8c3618e08", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim" "2025-05-14 00:04:47", "1521858", "45.66.249.59:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony" "2025-05-14 00:02:22", "1521857", "195.82.146.47:8704", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/195.82.146.47", "AS47105,C2,censys,DEDBROPRO,rhadamanthys,stealer", "0", "DonPasci" "2025-05-14 00:02:20", "1521856", "52.247.73.225:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/52.247.73.225", "AS8075,C2,censys,CobaltStrike,MICROSOFT-CORP-MSN-AS-BLOCK,open-dir", "0", "DonPasci" "2025-05-14 00:01:45", "1521855", "177.103.63.129:5000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-14 04:00:56", "100", "https://search.censys.io/hosts/177.103.63.129", "AS27699,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci" "2025-05-14 00:01:44", "1521854", "154.198.49.116:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-14 04:00:52", "100", "https://search.censys.io/hosts/154.198.49.116", "ANTBOX1-AS-AP,AS138995,C2,censys,Hookbot", "0", "DonPasci" "2025-05-14 00:01:43", "1521852", "176.65.141.106:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:00:48", "100", "https://search.censys.io/hosts/176.65.141.106", "-Reserved,AS215240,C2,censys,Mythic", "0", "DonPasci" "2025-05-14 00:01:43", "1521853", "196.251.80.205:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:00:47", "100", "https://search.censys.io/hosts/196.251.80.205", "AS401120,C2,censys,CHEAPY-HOST,Mythic", "0", "DonPasci" "2025-05-14 00:01:42", "1521851", "196.251.80.110:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:00:47", "100", "https://search.censys.io/hosts/196.251.80.110", "AS401120,C2,censys,CHEAPY-HOST,Mythic", "0", "DonPasci" "2025-05-14 00:01:37", "1521849", "167.114.215.75:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:46:11", "100", "https://search.censys.io/hosts/167.114.215.75", "AS16276,AsyncRAT,C2,censys,OVH,RAT", "0", "DonPasci" "2025-05-14 00:01:37", "1521850", "88.237.19.77:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:53:11", "100", "https://search.censys.io/hosts/88.237.19.77", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-05-14 00:01:36", "1521848", "103.190.81.180:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:43:17", "100", "https://search.censys.io/hosts/103.190.81.180", "AS63737,AsyncRAT,C2,censys,RAT,VIETSERVER-AS-VN", "0", "DonPasci" "2025-05-14 00:01:32", "1521847", "143.244.185.65:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/143.244.185.65", "AS14061,C2,censys,DIGITALOCEAN-ASN,payload,Sliver", "0", "DonPasci" "2025-05-14 00:01:25", "1521845", "52.247.73.225:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:51:53", "100", "https://search.censys.io/hosts/52.247.73.225", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Sliver", "0", "DonPasci" "2025-05-14 00:01:25", "1521846", "46.101.169.156:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:51:24", "100", "https://search.censys.io/hosts/46.101.169.156", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-05-14 00:01:05", "1521844", "45.192.99.197:9997", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 04:00:21", "100", "https://search.censys.io/hosts/45.192.99.197", "AS137899,C2,censys,CobaltStrike,cs-watermark-666666666,ILAYERLIMITED-AS-AP", "0", "DonPasci" "2025-05-14 00:01:04", "1521843", "110.42.232.120:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:37", "100", "https://search.censys.io/hosts/110.42.232.120", "AS45090,C2,censys,CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP", "0", "DonPasci" "2025-05-13 23:35:14", "1521841", "47.83.15.102:7777", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-13 22:40:14", "1521837", "185.208.158.206:5145", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch" "2025-05-13 20:54:39", "1521807", "95.219.229.29:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:53:38", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-13 20:53:33", "1521806", "75.2.47.6:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-15 02:52:29", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-13 20:53:29", "1521805", "70.27.138.41:2078", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:52:25", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-13 20:52:43", "1521804", "47.246.50.110:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-15 02:51:33", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-13 20:52:29", "1521803", "45.87.246.156:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-15 02:51:19", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-13 20:52:20", "1521802", "45.33.88.161:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-14 19:52:42", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-13 20:50:56", "1521801", "217.160.208.94:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:49:46", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-13 20:49:33", "1521800", "193.92.250.206:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:48:36", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-13 20:02:30", "1521797", "119.3.166.133:18443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-15 02:44:04", "100", "https://search.censys.io/hosts/119.3.166.133", "AS55990,BianLian,C2,censys,HWCSNET", "0", "DonPasci" "2025-05-13 20:02:02", "1521796", "20.67.235.113:80", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "2025-05-14 04:01:08", "100", "https://search.censys.io/hosts/20.67.235.113", "AS8075,C2,censys,Ermac,MICROSOFT-CORP-MSN-AS-BLOCK,panel", "0", "DonPasci" "2025-05-13 20:01:54", "1521795", "204.48.27.82:8443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:49:25", "100", "https://search.censys.io/hosts/204.48.27.82", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci" "2025-05-13 20:01:51", "1521793", "154.198.49.116:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-15 02:45:18", "100", "https://search.censys.io/hosts/154.198.49.116", "ANTBOX1-AS-AP,AS138995,C2,censys,Hookbot", "0", "DonPasci" "2025-05-13 20:01:51", "1521794", "45.79.214.249:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-15 02:51:16", "100", "https://search.censys.io/hosts/45.79.214.249", "AKAMAI-LINODE-AP,AS63949,C2,censys,Hookbot", "0", "DonPasci" "2025-05-13 20:01:49", "1521791", "196.251.80.180:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:49:06", "100", "https://search.censys.io/hosts/196.251.80.180", "AS401120,C2,censys,CHEAPY-HOST,Mythic", "0", "DonPasci" "2025-05-13 20:01:49", "1521792", "139.84.168.224:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:44:39", "100", "https://search.censys.io/hosts/139.84.168.224", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci" "2025-05-13 20:01:43", "1521790", "3.215.185.215:8001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:50:12", "100", "https://search.censys.io/hosts/3.215.185.215", "AMAZON-AES,AS14618,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-13 20:01:32", "1521789", "5.22.215.2:8000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/5.22.215.2", "AS202053,C2,censys,open-dir,payload,Sliver,UPCLOUD", "0", "DonPasci" "2025-05-13 20:01:31", "1521788", "46.101.169.156:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:51:24", "100", "https://search.censys.io/hosts/46.101.169.156", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-05-13 20:01:26", "1521787", "104.37.172.225:14645", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:43:30", "100", "https://search.censys.io/hosts/104.37.172.225", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci" "2025-05-13 20:01:25", "1521785", "195.82.147.97:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:48:46", "100", "https://search.censys.io/hosts/195.82.147.97", "AS203834,C2,censys,DEDBROPRO-AS,RAT,Remcos", "0", "DonPasci" "2025-05-13 20:01:25", "1521786", "172.111.150.194:3872", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:46:22", "100", "https://search.censys.io/hosts/172.111.150.194", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci" "2025-05-13 20:01:07", "1521784", "45.192.99.197:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 06:04:07", "100", "https://search.censys.io/hosts/45.192.99.197", "AS137899,C2,censys,CobaltStrike,cs-watermark-666666666,ILAYERLIMITED-AS-AP", "0", "DonPasci" "2025-05-13 20:01:06", "1521783", "45.192.99.197:9998", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:43", "100", "https://search.censys.io/hosts/45.192.99.197", "AS137899,C2,censys,CobaltStrike,cs-watermark-666666666,ILAYERLIMITED-AS-AP", "0", "DonPasci" "2025-05-13 19:40:27", "1521781", "https://captcha.xajy.press/2avt578pjv", "url", "payload_delivery", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "", "ClearFake", "1", "ttakvam" "2025-05-13 19:00:25", "1521751", "18.141.106.224:11729", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-13 19:00:24", "1521750", "52.77.3.235:11729", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-13 19:00:22", "1521749", "54.169.93.143:11729", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-13 19:00:21", "1521748", "52.74.74.86:11729", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-13 19:00:17", "1521747", "3.1.16.19:11729", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-13 18:28:50", "1521745", "https://directxapps.shop/NILdR0uHd0xf2wKhJXsaGal67PZbxnPg", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Malware", "0", "Chamindu_X" "2025-05-13 18:20:52", "1521709", "https://lx7v9.top/fs/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114501161446139790", "SmartApeSG", "0", "monitorsg" "2025-05-13 18:20:52", "1521711", "lx7v9.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114501161446139790", "SmartApeSG", "0", "monitorsg" "2025-05-13 18:20:51", "1521712", "https://lx7v9.top/fs/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114501161446139790", "SmartApeSG", "0", "monitorsg" "2025-05-13 18:20:51", "1521713", "https://daviddarle.fr/wp-content/leks.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114501161446139790", "SmartApeSG", "0", "monitorsg" "2025-05-13 18:20:51", "1521718", "cylud.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 15:57:54", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 18:20:50", "1521716", "192.241.129.238:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 18:20:48", "1521715", "jevun.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 15:33:47", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 18:20:48", "1521717", "47.108.182.192:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 18:20:47", "1521740", "bedym.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 16:14:42", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 18:20:47", "1521744", "91.212.166.68:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SocGholish", "0", "threatcat_ch" "2025-05-13 17:05:13", "1521743", "103.156.25.10:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-13 16:58:22", "1521742", "206.217.136.195:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:09", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-13 16:55:50", "1521741", "cloud.fitcloud.ip-ddns.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:53:50", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-13 16:02:23", "1521739", "83.136.255.63:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/83.136.255.63", "AS202053,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUD", "0", "DonPasci" "2025-05-13 16:02:12", "1521738", "mail.exchangeodds.live", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:01:29", "100", "https://search.censys.io/hosts/81.0.247.170+mail.exchangeodds.live", "AS51167,censys,CONTABO,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-05-13 16:02:11", "1521737", "45.155.124.123:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:01:21", "100", "https://search.censys.io/hosts/45.155.124.123", "AS210538,C2,censys,KEYUBU,panel,Unam", "0", "DonPasci" "2025-05-13 16:01:57", "1521736", "93.232.110.241:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-15 02:53:29", "100", "https://search.censys.io/hosts/93.232.110.241", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci" "2025-05-13 16:01:55", "1521735", "181.235.5.14:8090", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-15 02:47:43", "100", "https://search.censys.io/hosts/181.235.5.14", "AS3816,C2,censys,COLOMBIA,DcRAT,RAT", "0", "DonPasci" "2025-05-13 16:01:52", "1521734", "89.40.31.201:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:53:16", "100", "https://search.censys.io/hosts/89.40.31.201", "AS215117,C2,censys,Havoc,HOSTERDADDY", "0", "DonPasci" "2025-05-13 16:01:50", "1521733", "48.210.87.192:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-14 04:00:57", "100", "https://search.censys.io/hosts/48.210.87.192", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Quasar,RAT", "0", "DonPasci" "2025-05-13 16:01:48", "1521730", "118.107.42.205:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-14 04:00:51", "100", "https://search.censys.io/hosts/118.107.42.205", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Hookbot", "0", "DonPasci" "2025-05-13 16:01:48", "1521731", "154.58.204.42:2053", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-14 04:00:53", "100", "https://search.censys.io/hosts/154.58.204.42", "AS214036,C2,censys,Hookbot,ULTAHOST-AS", "0", "DonPasci" "2025-05-13 16:01:48", "1521732", "118.107.42.203:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-14 04:00:51", "100", "https://search.censys.io/hosts/118.107.42.203", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Hookbot", "0", "DonPasci" "2025-05-13 16:01:40", "1521729", "176.65.134.77:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:46:57", "100", "https://search.censys.io/hosts/176.65.134.77", "-Reserved,AS215240,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-13 16:01:38", "1521728", "88.151.192.114:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:00:35", "100", "https://search.censys.io/hosts/88.151.192.114", "AS215540,C2,censys,GCS-AS,Supershell", "0", "DonPasci" "2025-05-13 16:01:28", "1521727", "4.247.18.217:8090", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/4.247.18.217", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,open-dir,payload,Sliver", "0", "DonPasci" "2025-05-13 16:01:23", "1521725", "196.251.117.82:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/196.251.117.82", "AS401116,C2,censys,NYBULA,RAT,Remcos", "0", "DonPasci" "2025-05-13 16:01:23", "1521726", "46.246.82.16:8090", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:51:26", "100", "https://search.censys.io/hosts/46.246.82.16", "AS42708,C2,censys,GLESYS,RAT,Remcos", "0", "DonPasci" "2025-05-13 16:01:22", "1521723", "176.65.138.19:2080", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:46:58", "100", "https://search.censys.io/hosts/176.65.138.19", "AS215462,BUGGZ-HOSTING,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-13 16:01:22", "1521724", "186.169.82.245:8888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:48:08", "100", "https://search.censys.io/hosts/186.169.82.245", "AS3816,C2,censys,COLOMBIA,RAT,Remcos", "0", "DonPasci" "2025-05-13 16:01:04", "1521721", "113.44.67.208:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 04:00:14", "100", "https://search.censys.io/hosts/113.44.67.208", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci" "2025-05-13 16:01:04", "1521722", "47.105.108.63:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:48", "100", "https://search.censys.io/hosts/47.105.108.63", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci" "2025-05-13 16:01:01", "1521719", "124.243.182.13:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:55:12", "100", "https://search.censys.io/hosts/124.243.182.13", "AS136907,C2,censys,CobaltStrike,cs-watermark-987654321,HWCLOUDS-AS-AP", "0", "DonPasci" "2025-05-13 16:01:01", "1521720", "118.145.185.128:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 04:00:19", "100", "https://search.censys.io/hosts/118.145.185.128", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci" "2025-05-13 15:11:43", "1521714", "147.185.221.28:23974", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-05-13 15:11:17", "1521710", "really-laundry.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-05-13 15:11:06", "1521708", "https://pastebin.com/raw/Qsc2PnjK", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-05-13 15:10:40", "1521706", "54.39.19.186:47825", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:52:03", "50", "", "c2,remcos", "0", "juroots" "2025-05-13 15:10:40", "1521707", "76.121.13.90:5353", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-13 15:10:22", "1521705", "wizz111.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-13 15:09:35", "1521691", "server3.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521692", "server3.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521693", "server4.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521694", "server4.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521695", "server5.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521696", "server5.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521697", "server6.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521698", "server6.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521699", "server7.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521700", "server7.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521701", "server8.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521702", "server8.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521703", "server9.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:35", "1521704", "server9.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:34", "1521685", "server1.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:34", "1521686", "server1.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:34", "1521687", "server10.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:34", "1521688", "server10.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:34", "1521689", "server2.retoti.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:09:34", "1521690", "server2.trumops.com", "domain", "botnet_cc", "win.glupteba", "None", "Glupteba", "", "50", "", "c2,glupteba", "0", "juroots" "2025-05-13 15:08:46", "1521684", "fetdmpg7z.localto.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-13 15:08:21", "1521683", "http://35.79.162.205/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196ca30-89d4-7189-9336-fea9e27667a7", "c2,supershell,urlscan", "0", "juroots" "2025-05-13 15:07:45", "1521682", "165.227.204.99:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/165.227.204.99#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-13 15:07:26", "1521681", "181.131.217.135:9001", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-15 02:47:43", "50", "https://www.shodan.io/host/181.131.217.135#9001", "c2,dcrat,shodan", "0", "juroots" "2025-05-13 15:07:12", "1521680", "103.214.108.82:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/103.214.108.82#10001", "c2,extreme,shodan", "0", "juroots" "2025-05-13 15:06:58", "1521679", "3.25.189.37:3562", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/3.25.189.37#3562", "c2,netsupport,shodan", "0", "juroots" "2025-05-13 15:06:39", "1521678", "95.131.202.38:5986", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/95.131.202.38#5986", "bruteratel,c2,shodan", "0", "juroots" "2025-05-13 15:05:47", "1521676", "91.103.140.247:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:53:17", "50", "https://www.shodan.io/host/91.103.140.247#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-13 15:05:47", "1521677", "96.9.124.125:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/96.9.124.125#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-13 15:05:44", "1521675", "140.143.132.170:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/140.143.132.170#80", "c2,cobaltstrike,cs-watermark-666666,shodan", "0", "juroots" "2025-05-13 14:56:01", "1521674", "dyky.press", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 14:57:25", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 14:08:44", "1521636", "metatrader5.info", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz" "2025-05-13 14:08:43", "1521637", "ledger-en.pro", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz" "2025-05-13 14:08:42", "1521639", "8.134.70.73:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:20", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 14:08:41", "1521638", "107.173.35.54:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 04:00:17", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 14:08:36", "1521641", "kihqk.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 11:37:15", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 14:08:35", "1521655", "https://settings-win-data-microsoft.live/siglost", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114500447975214379", "KongTuke", "0", "monitorsg" "2025-05-13 14:08:34", "1521656", "settings-win-data-microsoft.live", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-15 03:08:21", "100", "https://infosec.exchange/@monitorsg/114500447975214379", "KongTuke", "0", "monitorsg" "2025-05-13 14:08:33", "1521657", "zovdt.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 12:44:41", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 14:08:32", "1521658", "electnum.org", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "None", "c2", "0", "ninjacatcher" "2025-05-13 14:08:30", "1521659", "https://api.telegram.org/bot8163109147:AAE4J4BK-oAb322FeKTdlOYdLrWFphLUxKE/sendMessage?chat_id=7886581547", "url", "botnet_cc", "win.snake", "EKANS,SNAKEHOSE", "Snake", "", "100", "", "None", "1", "zuum" "2025-05-13 14:08:29", "1521663", "http://27.106.125.187:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 20:03:23", "100", "None", "AS136907,HUAWEI CLOUDS,supershell", "0", "antiphishorg" "2025-05-13 14:08:28", "1521664", "https://soap2dayfree.top/lv/xf_addon.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114500686636119422", "SmartApeSG", "0", "monitorsg" "2025-05-13 14:08:27", "1521665", "soap2dayfree.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-13 13:10:34", "100", "https://infosec.exchange/@monitorsg/114500686636119422", "SmartApeSG", "0", "monitorsg" "2025-05-13 14:08:26", "1521666", "https://soap2dayfree.top/lv/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114500686636119422", "SmartApeSG", "0", "monitorsg" "2025-05-13 14:08:25", "1521667", "https://soap2dayfree.top/lv/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114500686636119422", "SmartApeSG", "0", "monitorsg" "2025-05-13 14:08:24", "1521668", "https://daviddarle.fr/wp-content/bule.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114500686636119422", "SmartApeSG", "0", "monitorsg" "2025-05-13 14:08:23", "1521669", "daviddarle.fr", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-13 15:11:20", "100", "https://infosec.exchange/@monitorsg/114500686636119422", "SmartApeSG", "0", "monitorsg" "2025-05-13 14:08:21", "1521670", "www.oceandentalcare.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-13 13:16:02", "100", "https://infosec.exchange/@monitorsg/114500689735699672", "SocGholish", "0", "monitorsg" "2025-05-13 14:08:19", "1521671", "kypa.press", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 13:15:30", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 14:08:18", "1521672", "https://www.oceandentalcare.com/profileLayout", "url", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-05-13 14:08:17", "1521673", "wydi.press", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-13 13:25:45", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 12:56:52", "1521662", "149.56.201.216:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-15 02:55:26", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-05-13 12:50:33", "1521661", "https://beasterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ef544f7901ed91aac0bcdaee79efe2b1ce0b4ccac2480d299ffb6ff73d219dfd/", "lumma", "0", "abuse_ch" "2025-05-13 12:50:32", "1521660", "https://baraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ef544f7901ed91aac0bcdaee79efe2b1ce0b4ccac2480d299ffb6ff73d219dfd/", "lumma", "0", "abuse_ch" "2025-05-13 12:02:17", "1521654", "45.95.175.213:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-15 02:51:24", "100", "https://search.censys.io/hosts/45.95.175.213", "AS29066,BianLian,C2,censys,VELIANET-AS", "0", "DonPasci" "2025-05-13 12:02:10", "1521653", "41.216.189.248:5555", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/41.216.189.248", "31mRemastered,AS211138,C2,censys,Gafgyt,PRIVATEHOSTING-NET", "0", "DonPasci" "2025-05-13 12:02:01", "1521652", "81.0.247.170:7080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 07:54:21", "100", "https://search.censys.io/hosts/81.0.247.170", "AS51167,censys,CONTABO,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-05-13 12:02:00", "1521651", "45.155.124.123:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:01:21", "100", "https://search.censys.io/hosts/45.155.124.123", "AS210538,C2,censys,KEYUBU,panel,Unam", "0", "DonPasci" "2025-05-13 12:01:43", "1521650", "34.60.162.2:3389", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:50:25", "100", "https://search.censys.io/hosts/34.60.162.2", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Havoc", "0", "DonPasci" "2025-05-13 12:01:41", "1521649", "79.110.49.229:7001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-14 04:00:55", "100", "https://search.censys.io/hosts/79.110.49.229", "AS399486,C2,censys,Quasar,RAT,VIRTUO", "0", "DonPasci" "2025-05-13 12:01:40", "1521648", "23.94.99.5:5555", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-14 04:00:55", "100", "https://search.censys.io/hosts/23.94.99.5", "AS-COLOCROSSING,AS36352,C2,censys,Quasar,RAT", "0", "DonPasci" "2025-05-13 12:01:38", "1521647", "198.46.228.233:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:49:15", "100", "https://search.censys.io/hosts/198.46.228.233", "AS-COLOCROSSING,AS36352,C2,censys,Mythic", "0", "DonPasci" "2025-05-13 12:01:33", "1521645", "196.251.114.17:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:48:47", "100", "https://search.censys.io/hosts/196.251.114.17", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-05-13 12:01:33", "1521646", "darlon2025.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "None", "0", "pr0xylife" "2025-05-13 12:01:32", "1521644", "107.150.0.244:26339", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:43:34", "100", "https://search.censys.io/hosts/107.150.0.244", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci" "2025-05-13 12:01:30", "1521643", "107.173.210.67:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:00:36", "100", "https://search.censys.io/hosts/107.173.210.67", "AS-COLOCROSSING,AS36352,C2,censys,Supershell", "0", "DonPasci" "2025-05-13 12:01:01", "1521642", "38.207.176.60:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 04:00:14", "100", "https://search.censys.io/hosts/38.207.176.60", "AS139659,C2,censys,CobaltStrike,cs-watermark-391144938,LUCID-AS-AP", "0", "DonPasci" "2025-05-13 11:24:10", "1521633", "80.82.77.139:56206", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://www.virustotal.com/gui/ip-address/80.82.77.139/detection", "None", "0", "CowboyForever" "2025-05-13 11:24:10", "1521634", "cornerdurv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-14 10:46:07", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz" "2025-05-13 11:24:09", "1521635", "testcawepr.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-13 21:53:18", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz" "2025-05-13 09:04:31", "1521632", "sc.0x504.com", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:30", "1521629", "ahmiok.no-ip.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:30", "1521630", "dtd.gcdxw.space", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:30", "1521631", "watermelonbins.duckdns.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521614", "nwire.no-ip.org", "domain", "botnet_cc", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521615", "i-control.zapto.org", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521616", "mhayet.myftp.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521617", "singleangle.zapto.org", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521618", "word.word.hopto.org", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "2025-05-13 09:04:29", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521619", "elmajik.no-ip.org", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521620", "reishack.no-ip.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521621", "alsahali.no-ip.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521622", "m0sagal.linkpc.net", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521623", "mgoodoo.no-ip.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521624", "dllcautah22.mooo.com", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521625", "butah22.zapto.org", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521626", "mynoipghost.no-ip.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521627", "ewjll.no-ip.org", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:29", "1521628", "sihacker40.no-ip.biz", "domain", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521603", "94.154.46.141:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521604", "217.122.114.86:8254", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521605", "62.35.84.167:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521606", "87.178.162.248:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521607", "72.196.12.45:59138", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521608", "62.109.5.76:1890", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-05-14 20:01:25", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521609", "173.0.1.203:2808", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521610", "178.237.139.118:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521611", "88.247.162.153:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521612", "94.221.85.225:6789", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:28", "1521613", "81.57.39.10:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521596", "darkcomm.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521597", "109.201.165.20:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521598", "1.4.145.129:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521599", "86.25.234.230:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521600", "89.130.95.145:81", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521601", "176.251.222.24:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:27", "1521602", "84.162.182.157:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521587", "bobokokofull.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521588", "mjahanzaib.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521589", "raulrl555.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521590", "zemmour.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521591", "bilo2.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521592", "arwen.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521593", "molest.bounceme.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521594", "windowsupdatedns.sytes.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:25", "1521595", "w1dlolz.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521561", "echo13.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521562", "anpeiliang.3322.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521563", "angiebyr.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521564", "r6full.dyndns.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521565", "873j2jm.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521566", "giviker.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521567", "back.entrydns.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521568", "darkcomettr.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521569", "markveenstra.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521570", "poohbear.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521571", "new-legend.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521572", "kabaal08.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521573", "ww2.myftp.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521574", "koliseu.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521575", "noipkurd.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521576", "socksproxy21.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521577", "sususu.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521578", "aymanalbasha.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521579", "acro.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521580", "nexdablack.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521581", "xd04.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521582", "artic4server.bounceme.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521583", "derkleinestinker.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521584", "ibigrat.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521585", "2o6powa.dyndns.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:24", "1521586", "diablo39.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521534", "nemanjan00.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521535", "rosiesandra.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521536", "ccepic.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521537", "masha.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521538", "bnhlogs.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521539", "d4rk.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521540", "911ivana.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521541", "dodolover.dyndns.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521542", "mrwan.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521543", "swmoonrt.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521544", "cg.boomscape.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521545", "blacksh4de.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521546", "kindos223.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521547", "servercontrol.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521548", "jazibaba.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521549", "windowsmicro.serveirc.com", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521550", "mailtomedude.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521551", "bs.hsbc.com.al", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521552", "janos.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521553", "abibenisev.dyndns.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521554", "oujda.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521555", "telemaintenance.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521556", "omon600.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521557", "soso6.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521558", "egpt2.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521559", "hackerx6.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:23", "1521560", "bigfoooot.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521506", "hell222.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521507", "elmosquito.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521508", "ian2.fcuked.me.uk", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521509", "davesteriscool.no-ip.info", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521510", "microsoft.servehttp.com", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521511", "dcgen1.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521512", "goodluck.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521513", "thedarky.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521514", "nadico.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521515", "zabi1.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521516", "cantaprova1.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521517", "rexxxi.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521518", "pepito.servebeer.com", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521519", "lanixxx.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521520", "host9.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521521", "poubelle707.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521522", "myvista.mine.nu", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521523", "brandoon.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521524", "florianhacker.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521525", "merkuzerk.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521526", "damacana.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521527", "lamer.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521528", "rat12345.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521529", "roonscape.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521530", "mrtriplesam.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521531", "dekah.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521532", "abualaa-2.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:22", "1521533", "canony.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521494", "http://elevatorupdawn.eu/c", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521495", "http://controlsync.at/oyloexhu1gtb0wpy", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521496", "http://controlsync.at/umnumoq9aprxlm1qmh", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521497", "skiracer.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521498", "icetea.sytes.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521499", "dog29.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521500", "cihatx2.no-ip.biz", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521501", "hackingftw.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521502", "thedeathtoyouall.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521503", "mydarkrat.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521504", "zoraffi.no-ip.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:21", "1521505", "manson19.zapto.org", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:20", "1521491", "http://mobiportal.at/hpuex9yu0lfad7pjoxcl", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:20", "1521492", "http://unifyconsole.at/5brj2flqq7wh7o72td", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:20", "1521493", "http://mobiportal.at/diiz8shhcf", "url", "botnet_cc", "apk.trickmo", "None", "TrickMo", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521481", "146.103.53.86:23966", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521482", "196.251.86.237:415", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521483", "45.13.225.203:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521484", "149.88.87.187:12345", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521485", "148.135.95.104:12345", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521486", "45.143.166.71:12345", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521487", "89.58.36.144:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521488", "193.181.23.162:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521489", "195.133.47.11:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:19", "1521490", "62.106.66.149:12345", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521470", "209.141.48.207:12345", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521471", "156.253.227.62:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521472", "45.170.248.16:12345", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521473", "156.253.227.62:9999", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521474", "31.58.58.113:666", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521475", "148.135.95.104:23977", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521476", "87.121.84.102:4444", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521477", "128.0.118.59:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521478", "95.140.156.252:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521479", "157.230.3.112:666", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:18", "1521480", "23.137.100.69:4258", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:17", "1521468", "comunidad.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:17", "1521469", "mayajaal.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521441", "flameon.ath.cx", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521442", "antileak.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521443", "lilidega.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521444", "rippiin.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521445", "turkojantroyan.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521446", "tahriiiii.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521447", "nice-apps.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521448", "me.fisnikk.com", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521449", "canearda2121.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521450", "batata.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521451", "fr1zzyftw.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521452", "deathisland.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521453", "xxrxx.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521454", "kriderat.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521455", "mr-extra1.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521456", "mr-nani.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521457", "themasterrr.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521458", "googlechrome.servegame.com", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521459", "wkdwilliams.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521460", "thepiratebgserver.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521461", "azazsxsx14.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521462", "freakaleak.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521463", "c4.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521464", "chemi.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521465", "a101544.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521466", "dofushunter.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:16", "1521467", "zekooo.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521416", "sledmoresrat2011.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521417", "fukyou.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521418", "loxlox.hopto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521419", "sametreis.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521420", "1301.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521421", "cygate11.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521422", "n4v2.ipv4.pl", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521423", "benehack.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521424", "twentysix.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521425", "mario90.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521426", "arhowardhome.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521427", "chaky.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521428", "stealer-victim.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521429", "daniel159.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521430", "mp3.dyndns-free.com", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521431", "aleacc2929.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521432", "almora.game-host.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521433", "faresvip.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521434", "base32234.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521435", "snoops.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521436", "protestantes.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521437", "topsecret7.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521438", "simox.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521439", "vvxx.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:15", "1521440", "kitkit.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521394", "mondiali2012.hopto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521395", "jonta.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521396", "mcuwolf.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521397", "mario713.servegame.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521398", "troyano.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521399", "soyindetectable.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521400", "s-net.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521401", "tototeamo.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521402", "spaceship.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521403", "mechack1.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521404", "tzgdanny.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521405", "niyax.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521406", "cyphelit.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521407", "pakboby.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521408", "d4w.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521409", "my1.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521410", "5254.dyndns.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521411", "comeonjohn.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521412", "https.servebeer.com", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521413", "je3t.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521414", "7625.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:12", "1521415", "vadhantvad.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521367", "mempbifi1.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521368", "microsofts.myvnc.com", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521369", "onlyneedmyknife.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521370", "cyphelit.zaptop.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521371", "4perfectcircle.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521372", "ristoo.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521373", "kp96.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521374", "doctorproz.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521375", "runescape2005.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521376", "flameon.servegame.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521377", "lolzorsimacow.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521378", "icheetosbutter.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521379", "web271w.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521380", "instigateron.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521381", "davidserverrat.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521382", "bul.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521383", "anonymous.kicks-ass.net", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521384", "secure1337.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521385", "yougotpwned.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521386", "duc5690.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521387", "paagerio.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521388", "disco4.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521389", "petrospaok.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521390", "elvinchaos.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521391", "wtr.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521392", "server-private.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:11", "1521393", "camfrogupdate.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521341", "masoom.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521342", "nuka.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521343", "cyphelit.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521344", "vzrealize.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521345", "jurizaran0ff.kicks-ass.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521346", "amaan.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521347", "victimefr.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521348", "snoahhs.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521349", "downloader999.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521350", "spynetbot.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521351", "piloto.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521352", "kuhbloom.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521353", "xc.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521354", "mbukana.sytes.net", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521355", "r00tb0x.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521356", "arsys123.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521357", "sefaziker.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521358", "vasherpwnz.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521359", "updates.dyndns.tv", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521360", "deansserver.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521361", "mojesve.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521362", "1337leeders.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521363", "cyphelit.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521364", "amfa.dyndns.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521365", "vpsdaniel00.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:10", "1521366", "chememo1.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521316", "theshark10.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521317", "xodleh1979.gicp.net", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521318", "warlock1337.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521319", "mymusiconline.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521320", "ghost3000.zapto.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521321", "lamercihat.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521322", "ohblain.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521323", "codex2.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521324", "hob4.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521325", "hanswurst123456.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521326", "ayoubayoub.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521327", "theunruled.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521328", "darkbyte.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521329", "nickyalmeida.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521330", "ihostforrsgp.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521331", "rahulsharma.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521332", "mys-terious.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521333", "histeria747.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521334", "corpie.bounceme.net", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521335", "kushten.no-ip.info", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521336", "antidot1.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521337", "zenon.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521338", "javiercuyas.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521339", "xxroyalxx.no-ip.biz", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:09", "1521340", "giganous.no-ip.org", "domain", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521303", "188.228.66.228:82", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521304", "5.38.116.187:81", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521305", "84.122.168.183:81", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521306", "94.224.183.79:1050", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521307", "92.104.46.126:45051", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521308", "62.34.140.91:81", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521309", "188.228.66.228:81", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521310", "88.210.225.235:81", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521311", "5.38.116.187:82", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521312", "62.212.72.166:5599", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521313", "88.228.235.55:1863", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521314", "109.110.97.113:22", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:08", "1521315", "46.50.163.71:81", "ip:port", "botnet_cc", "win.cybergate", "Rebhip", "CyberGate", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:07", "1521300", "massaprilbackup.duckdns.org", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:07", "1521301", "oct-departments.gl.at.ply.gg", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:07", "1521302", "massapril2025.duckdns.org", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:06", "1521296", "46.250.74.88:5353", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:06", "1521297", "103.253.73.180:9080", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:06", "1521298", "94.26.90.81:5552", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:06", "1521299", "saw-bm.gl.at.ply.gg", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:05", "1521293", "wwwtas.no-ip.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:05", "1521294", "mhzlhhhhhh4444-53583.portmap.io", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:05", "1521295", "46.250.75.254:5353", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521281", "azontop.linkpc.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521282", "3058.cloudvonline.contact", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521283", "15800442.ddns.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521284", "apple-useful.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521285", "are-learners.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521286", "stock-correction.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521287", "pxzycheat-61468.portmap.io", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521288", "house-allowed.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521289", "channel-hitting.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521290", "looking-mortgage.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521291", "semlegit.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:04", "1521292", "itachituff.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:02", "1521280", "https://vovecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:01", "1521279", "https://6aeneasq.live/nmgj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:00", "1521274", "https://w8tortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:00", "1521275", "https://hhtardwarehu.icu/Sbdsa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:00", "1521276", "https://9snakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:00", "1521277", "https://35civitasu.run/werrp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:04:00", "1521278", "https://dopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:59", "1521268", "https://osnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:59", "1521269", "https://lhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:59", "1521270", "https://ghomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:59", "1521271", "https://4searchilyo.run/gsna", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:59", "1521272", "https://taretories.live/trki", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:59", "1521273", "https://apraetori.live/vepr", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:58", "1521263", "https://2clatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:58", "1521264", "https://c7praetori.live/vepr", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:58", "1521265", "https://p7datawavej.digital/bafy", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:58", "1521266", "https://ebrandihx.run/lowp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:58", "1521267", "https://4orjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521256", "https://hhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521257", "https://qborjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521258", "https://ozmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521259", "https://klinepdwk.live/amtw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521260", "https://vobeliske.digital/tqwh", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521261", "https://ubrandihx.run/lowp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:57", "1521262", "https://7grizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:56", "1521254", "https://tsnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:56", "1521255", "https://ubuzzarddf.live/ktnt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:54", "1521253", "https://kaovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:53", "1521248", "https://0orijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:53", "1521249", "https://pariosefqcu.shop/wrqo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:53", "1521250", "https://eeczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:53", "1521251", "https://6hclarmodq.top/qoxo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:53", "1521252", "https://ysnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521241", "https://2winterpwthc.digital/juab", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521242", "https://mexitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521243", "https://7featurlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521244", "https://7overcovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521245", "https://eoblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521246", "https://iwhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:52", "1521247", "https://2homewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:51", "1521236", "https://ivoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:51", "1521237", "https://ymedicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:51", "1521238", "https://kzmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:51", "1521239", "https://7tropiscbs.live/iuwxx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:51", "1521240", "https://4flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:50", "1521230", "https://rovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:50", "1521231", "https://fbuzzarddf.live/ktnt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:50", "1521232", "https://rvecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:50", "1521233", "https://ndescenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:50", "1521234", "https://j0orijinalecza.net/kazd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:50", "1521235", "https://dfeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:49", "1521225", "https://avecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:49", "1521226", "https://tmedicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:49", "1521227", "https://9descenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:49", "1521228", "https://7zmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:49", "1521229", "https://1eczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521218", "https://5phygcsforum.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521219", "https://sovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521220", "https://t8zmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521221", "https://xpvecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521222", "https://jgrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521223", "https://sumeriavgv.digital/gaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:48", "1521224", "https://0geographys.run/eirq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521211", "https://4czmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521212", "https://zpraetori.live/vepr", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521213", "https://fvecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521214", "https://herosdecos.digital/gsh", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521215", "https://4tortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521216", "https://pexitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:47", "1521217", "https://3vorjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:46", "1521205", "https://8praetori.live/vepr", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:46", "1521206", "https://btortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:46", "1521207", "https://9viriatoe.live/laopx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:46", "1521208", "https://7xlsearchilyo.run/gsna", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:46", "1521209", "https://htechsyncq.run/riid", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:46", "1521210", "https://tninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:45", "1521199", "https://vtechmindj.live/pozz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:45", "1521200", "https://donnypollo.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:45", "1521201", "https://uorjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:45", "1521202", "https://2descenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:45", "1521203", "https://mopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:45", "1521204", "https://igitalmakertinggb.xyz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:44", "1521194", "https://5scriptao.digital/vpep", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:44", "1521195", "https://iexitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:44", "1521196", "https://rstuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:44", "1521197", "https://ininepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:44", "1521198", "https://hwordswfrdl.run/gaodx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:43", "1521190", "https://8eczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:43", "1521191", "https://mninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:43", "1521192", "https://wsnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:43", "1521193", "https://fvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:40", "1521185", "https://einsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:40", "1521186", "https://waeneasq.live/nmgj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:40", "1521187", "https://letcivitasu.run/werrp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:40", "1521188", "https://2medicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:40", "1521189", "https://flushelett.digital/baj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:39", "1521179", "https://rtortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:39", "1521180", "https://0overcovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:39", "1521181", "https://2haeneasq.live/nmgj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:39", "1521182", "https://fzstarofliught.top/wozd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:39", "1521183", "https://zzenithcorde.top/auid", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:39", "1521184", "https://fsumeriavgv.digital/gaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:38", "1521173", "https://gmeteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:38", "1521174", "https://logihubo.live/ioud", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:38", "1521175", "https://1stuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:38", "1521176", "https://0uparakehjet.run/kewk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:38", "1521177", "https://cpraetori.live/vepr", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:38", "1521178", "https://xzenithcorde.top/auid", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:37", "1521168", "https://3medicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:37", "1521169", "https://lbearjk.live/benj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:37", "1521170", "https://hsnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:37", "1521171", "https://knighetwhisper.top/lekd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:37", "1521172", "https://dstuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521160", "https://szmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521161", "https://nbiosphxere.digital/tqoa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521162", "https://atomicsmet.run/tuqz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521163", "https://fopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521164", "https://jtortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521165", "https://yscikevision.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521166", "https://4tremelzxiy.live/atok", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:36", "1521167", "https://bjaraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:35", "1521155", "https://lviriatoe.live/laopx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:35", "1521156", "https://dtortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:35", "1521157", "https://reflecwemy.run/rskp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:35", "1521158", "https://5eczamedikal.org/vax", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:35", "1521159", "https://zhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:34", "1521149", "https://texitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:34", "1521150", "https://csvecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:34", "1521151", "https://udescenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:34", "1521152", "https://ueczamedikal.org/vax", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:34", "1521153", "https://gieczamedikal.org/vax", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:34", "1521154", "https://qvinsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:33", "1521146", "https://deczamedikal.org/vax", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:33", "1521147", "https://csnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:33", "1521148", "https://eninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:32", "1521143", "https://fbrandihx.run/lowp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:32", "1521144", "https://nonsliebhz.live/tqiuz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:32", "1521145", "https://x2nodepathr.run/oturu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:31", "1521139", "https://x8snakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:31", "1521140", "https://k7tortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:31", "1521141", "https://gblackljjwc.run/banj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:31", "1521142", "https://jblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:30", "1521134", "https://eveningeatke.run/gaub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:30", "1521135", "https://morijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:30", "1521136", "https://firstezkpg.run/riow", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:30", "1521137", "https://qscriptao.digital/vpep", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:30", "1521138", "https://kzenithcorde.top/auid", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:29", "1521130", "https://y-grizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:29", "1521131", "https://ginsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:29", "1521132", "https://sflamingof.run/ogapds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:29", "1521133", "https://dmedicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:27", "1521128", "https://5clatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:27", "1521129", "https://6stuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:26", "1521123", "https://vsterpickced.digital/plSOz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:26", "1521124", "https://xlongitudde.digital/wizu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:26", "1521125", "https://doorwanzeh.live/anbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:26", "1521126", "https://norjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:26", "1521127", "https://bgrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:25", "1521119", "https://8orijinalecza.net/kazd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:25", "1521120", "https://gzopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:25", "1521121", "https://imedicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:25", "1521122", "https://yvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:24", "1521113", "https://0btcgeared.live/lbak", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:24", "1521114", "https://8meteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:24", "1521115", "https://ccsninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:24", "1521116", "https://htortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:24", "1521117", "https://5buzzarddf.live/ktnt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:24", "1521118", "https://4stuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:23", "1521107", "https://famprid.digital/tio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:23", "1521108", "https://3pomelohgj.top/uiads", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:23", "1521109", "https://yorjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:23", "1521110", "https://8octalfbsh.bet/mben", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:23", "1521111", "https://phomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:23", "1521112", "https://ntortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:22", "1521101", "https://gozmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:22", "1521102", "https://8orijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:22", "1521103", "https://9tortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:22", "1521104", "https://lancery.digital/goj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:22", "1521105", "https://wopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:22", "1521106", "https://aforjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:21", "1521096", "https://y4eczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:21", "1521097", "https://zorijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:21", "1521098", "https://079biosphxere.digital/tqoa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:21", "1521099", "https://asnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:21", "1521100", "https://wdarjkafsg.digital/aoiz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:20", "1521091", "https://ldisciplipna.top/eqwu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:20", "1521092", "https://bcivitasu.run/werrp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:20", "1521093", "https://maiantfuuk.run/oias", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:20", "1521094", "https://fdvecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:20", "1521095", "https://5techsyncq.run/riid", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:19", "1521088", "https://2ninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:19", "1521089", "https://bparakehjet.run/kewk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:19", "1521090", "https://iyinsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:18", "1521082", "https://pmedicalbitkisel.net/juj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:18", "1521083", "https://obrandihx.run/lowp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:18", "1521084", "https://ttortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:18", "1521085", "https://qopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:18", "1521086", "https://beczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:18", "1521087", "https://torijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:17", "1521076", "https://zblackljjwc.run/banj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:17", "1521077", "https://sblackljjwc.run/banj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:17", "1521078", "https://8exitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:17", "1521079", "https://uclatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:17", "1521080", "https://7flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:17", "1521081", "https://faeneasq.live/nmgj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:16", "1521070", "https://d1iorijinalecza.net/kazd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:16", "1521071", "https://dgrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:16", "1521072", "https://yq7zmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:16", "1521073", "https://qzmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:16", "1521074", "https://hgrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:16", "1521075", "https://iorijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:15", "1521068", "https://raexitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:15", "1521069", "https://movercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:13", "1521064", "https://ptortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:13", "1521065", "https://6overcovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:13", "1521066", "https://qucivitasu.run/werrp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:13", "1521067", "https://popusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:12", "1521058", "https://weczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:12", "1521059", "https://0voznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:12", "1521060", "https://ebuzzarddf.live/ktnt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:12", "1521061", "https://yorijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:12", "1521062", "https://porijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:12", "1521063", "https://ginterpwthc.digital/juab", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:11", "1521053", "https://leczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:11", "1521054", "https://9stuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:11", "1521055", "https://ngsnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:11", "1521056", "https://vwopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:11", "1521057", "https://gvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521046", "https://0mclatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521047", "https://rmeteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521048", "https://qsnakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521049", "https://1buzzarddf.live/ktnt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521050", "https://madagaeyrk.run/lazd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521051", "https://campylloir.run/ngshi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:10", "1521052", "https://1featurlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:09", "1521041", "https://rleczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:09", "1521042", "https://taigjmr.digital/xaf", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:09", "1521043", "https://oinsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:09", "1521044", "https://tmodelshiverd.icu/bJhnsj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:09", "1521045", "https://cvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:08", "1521037", "https://zivoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:08", "1521038", "https://9clatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:08", "1521039", "https://htinsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:08", "1521040", "https://norijinalecza.org/jub", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:07", "1521031", "https://quantdatai.live/iogaa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:07", "1521032", "https://neczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:07", "1521033", "https://morjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:07", "1521034", "https://vbrandihx.run/lowp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:07", "1521035", "https://tclimatologfy.top/kbud", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:07", "1521036", "https://tttechmindzs.live/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:06", "1521025", "https://zclatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:06", "1521026", "https://porifefyzc.live/xznv", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:06", "1521027", "https://u5eczamedikal.org/vax", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:06", "1521028", "https://udatawavej.digital/bafy", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:06", "1521029", "https://jtblackljjwc.run/banj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:06", "1521030", "https://pbchangeaie.top/geps", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:05", "1521019", "https://ngeographys.run/eirq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:05", "1521020", "https://6cinsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:05", "1521021", "https://starfiswh.live/omiga", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:05", "1521022", "https://1feczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:05", "1521023", "https://nexitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:05", "1521024", "https://yfeczamedikal.org/vax", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:04", "1521015", "https://7bexitiumt.digital/xane", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:04", "1521016", "https://veczakozmetik.net/qop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:04", "1521017", "https://tcrosshairc.life/dAnjhw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:04", "1521018", "https://hdisciplipna.top/eqwu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521008", "https://agformydab.run/gaus", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521009", "https://8cartograhphy.top/ixau", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521010", "https://hgraduatteusez.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521011", "https://1chemistrycworner.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521012", "https://xopusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521013", "https://0zvecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:03", "1521014", "https://yvdigitroopc.run/anbb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:02", "1521007", "https://hjclatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:01", "1521003", "https://stechguidet.digital/apdo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:01", "1521004", "https://jhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:01", "1521005", "https://6opusculy.top/keaj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:01", "1521006", "https://8wtechsyncq.run/riid", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:00", "1521000", "https://xdescenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:00", "1521001", "https://fdescenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 09:03:00", "1521002", "https://ehomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "13May2025,iocbottest", "0", "Gi7w0rm" "2025-05-13 08:56:22", "1520999", "209.97.162.113:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:10", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-13 08:54:14", "1520998", "www.q74vn.live", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:12", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-13 08:52:29", "1520997", "70.27.138.41:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-15 02:52:25", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-13 08:49:44", "1520996", "213.87.44.192:444", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-15 02:49:44", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-13 08:40:50", "1520995", "196.251.92.58:61033", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/fc1bf10c936144f163a063c0a606182990494baa6a52dfbbf92ce0652f3c2dd4/", "remcos", "0", "abuse_ch" "2025-05-13 08:40:16", "1520994", "http://leavesultr.xyz/RequestPollUpdateProcessProcessorbigloadDle.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-13 08:37:35", "1520993", "109.248.150.178:1604", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/81e955bc2fce8c61d27069db37356b3727c3a512ad61d2a0f85aa0e99bc4477a/", "RAT,RemcosRAT", "0", "abuse_ch" "2025-05-13 08:37:08", "1520992", "missiondomain.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://bazaar.abuse.ch/sample/81e955bc2fce8c61d27069db37356b3727c3a512ad61d2a0f85aa0e99bc4477a/", "RAT,RemcosRAT", "0", "abuse_ch" "2025-05-13 08:32:11", "1520991", "https://mmeteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/5d9616c5d390a9b2950122aca2ae19eb12d1454342bcca1a2c810a740652c09c/", "lumma", "0", "abuse_ch" "2025-05-13 08:27:06", "1520990", "https://5flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/96472d254da1d57bc6c17a248f5c2341e02e5606f2425b62d478ef46f9e70d58/", "lumma", "0", "abuse_ch" "2025-05-13 08:16:00", "1520989", "https://yposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b6b2c300ebeb0fd9a1a5901c5bcea7434f78276a57321dbeeae24f0191c6e0be/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:59", "1520988", "https://xaraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b7e2f5fcb13eb799e8958dc1fed9f1338a9997f59c48ccb66d9c0e6c0211aee8/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:58", "1520986", "https://uvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e3e5b7a32d43370dc2616ea5ea12d9d773e95be3f6c26d34ffb9bfa6e0d50d6e/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:58", "1520987", "https://veasterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b2687e7a79443d46b50f29a21e9edba49e51cf01520ac4ce61ba24b5490c5d4/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:57", "1520985", "https://t9flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2acd39841c32d27205531315a5968f0360d5cf51beeae842ddd4a417264c6aa9/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:55", "1520984", "https://pmeteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2acd39841c32d27205531315a5968f0360d5cf51beeae842ddd4a417264c6aa9/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:54", "1520983", "https://peasterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/612e6b64395d33382d049a690792e492f83021b6755496323b42cd0816609051/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:49", "1520982", "https://fzmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2acd39841c32d27205531315a5968f0360d5cf51beeae842ddd4a417264c6aa9/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:38", "1520981", "https://bblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fee3618c436ea51300cabd2a974af85e308fad4e5eced044349a434a47142f7b/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:35", "1520979", "https://3ameteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/59d393640b88fbe18ee7b4b8ebc5353bc9face075b729a0ee3abe78703612001/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:35", "1520980", "https://6araucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b2687e7a79443d46b50f29a21e9edba49e51cf01520ac4ce61ba24b5490c5d4/", "lumma", "0", "abuse_ch" "2025-05-13 08:15:34", "1520978", "https://0meteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/612e6b64395d33382d049a690792e492f83021b6755496323b42cd0816609051/", "lumma", "0", "abuse_ch" "2025-05-13 08:02:36", "1520977", "195.201.108.189:33336", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://bazaar.abuse.ch/sample/b3e22e5807d760e42761ae6772027ba0bbd37eaf005621e5459d66f48f86570d/", "None", "0", "abuse_ch" "2025-05-13 08:01:58", "1520975", "setup.apple.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:01:29", "100", "https://search.censys.io/hosts/81.0.247.170+setup.apple.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-05-13 08:01:58", "1520976", "account.login.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-14 04:01:29", "100", "https://search.censys.io/hosts/81.0.247.170+account.login.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-05-13 08:01:42", "1520974", "176.123.4.184:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-15 02:46:52", "100", "https://search.censys.io/hosts/176.123.4.184", "ALEXHOST,AS200019,C2,censys,Havoc", "0", "DonPasci" "2025-05-13 08:01:39", "1520973", "45.144.212.170:5938", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-14 04:00:55", "100", "https://search.censys.io/hosts/45.144.212.170", "AS214940,C2,censys,KPRONET,Quasar,RAT", "0", "DonPasci" "2025-05-13 08:01:38", "1520972", "154.58.204.42:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-14 04:00:52", "100", "https://search.censys.io/hosts/154.58.204.42", "AS214036,C2,censys,Hookbot,ULTAHOST-AS", "0", "DonPasci" "2025-05-13 08:01:34", "1520970", "195.82.147.132:15647", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/195.82.147.132", "AS203834,C2,censys,DEDBROPRO-AS,RAT,Sectop", "0", "DonPasci" "2025-05-13 08:01:34", "1520971", "195.82.147.132:15747", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/195.82.147.132", "AS203834,C2,censys,DEDBROPRO-AS,RAT,Sectop", "0", "DonPasci" "2025-05-13 08:01:32", "1520967", "144.172.104.135:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:44:49", "100", "https://search.censys.io/hosts/144.172.104.135", "AS14956,AsyncRAT,C2,censys,RAT,ROUTERHOSTING", "0", "DonPasci" "2025-05-13 08:01:32", "1520968", "206.238.115.155:8443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:49:28", "100", "https://search.censys.io/hosts/206.238.115.155", "AS399077,AsyncRAT,C2,censys,RAT,TERAEXCH", "0", "DonPasci" "2025-05-13 08:01:32", "1520969", "88.229.2.85:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-15 02:53:10", "100", "https://search.censys.io/hosts/88.229.2.85", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-05-13 08:01:20", "1520965", "20.3.142.245:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:49:22", "100", "https://search.censys.io/hosts/20.3.142.245", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,Sliver", "0", "DonPasci" "2025-05-13 08:01:20", "1520966", "91.222.173.167:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:53:21", "100", "https://search.censys.io/hosts/91.222.173.167", "AS43641,C2,censys,Sliver,SOLLUTIUM-NL", "0", "DonPasci" "2025-05-13 08:01:16", "1520964", "94.130.34.243:4042", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:53:30", "100", "https://search.censys.io/hosts/94.130.34.243", "AS24940,C2,censys,HETZNER-AS,RAT,Remcos", "0", "DonPasci" "2025-05-13 08:01:01", "1520963", "106.14.53.177:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:31", "100", "https://search.censys.io/hosts/106.14.53.177", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-1234567890", "0", "DonPasci" "2025-05-13 07:55:29", "1520962", "209.54.102.170:5070", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:49:35", "75", "https://bazaar.abuse.ch/sample/abe9f5a753ad556b14feac51a67e6cfca4401c217d82b5520e3bc37751d31e99/", "remcos", "0", "abuse_ch" "2025-05-13 07:55:03", "1520961", "https://downtownisland.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-05-13 07:53:49", "1520959", "collarvase.info", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-05-13 07:53:49", "1520960", "detailcrowd.xyz", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-05-13 07:53:48", "1520957", "http://boneyarn.xyz/lui.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-05-13 07:53:48", "1520958", "https://summervegetable.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-05-13 07:42:51", "1520752", "44.223.25.179:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 07:42:51", "1520753", "152.136.165.180:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 07:35:15", "1520956", "https://macjajm.digital/snn", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/87b22dc6e19d8ae5d0a41560d6db0b3d7ae69a6e6a147fb5114b30ddf7710ace/", "lumma", "0", "abuse_ch" "2025-05-13 07:35:14", "1520955", "https://g2easterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/87b22dc6e19d8ae5d0a41560d6db0b3d7ae69a6e6a147fb5114b30ddf7710ace/", "lumma", "0", "abuse_ch" "2025-05-13 07:35:13", "1520954", "https://czmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/87b22dc6e19d8ae5d0a41560d6db0b3d7ae69a6e6a147fb5114b30ddf7710ace/", "lumma", "0", "abuse_ch" "2025-05-13 07:33:10", "1520946", "yh4x0620pw1ap.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520947", "ypki3cocq1asj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520948", "yqijzlle1r3rl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520949", "yv8yhgwsm81x7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520950", "zf8sn8l1c1c16.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520951", "zit5if516dao2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520952", "zpvptw82h5c00.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:10", "1520953", "zx1qk0w02fke7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520932", "whzw13p3r7lzp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520933", "wl2n961unpaix.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520934", "wz3qdxhxns2g4.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520935", "x357y9ss65tdu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520936", "x3an9oqhcf2mf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520937", "x70eca9dqaj6k.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520938", "xhuahzm5uiimo.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520939", "xjfbfo2a6koef.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520940", "xnxutbo5etuw9.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520941", "xtbt0ekpcxnak.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520942", "xxx4tb82ly3p2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520943", "y2iv17lkdmj55.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520944", "y37vxmir7miwq.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:09", "1520945", "y5i7fcp0z2vdv.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520917", "uh61rmo8drq8c.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520918", "uimcnlvkowuot.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520919", "uld7tnpvgr1ir.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520920", "unluozjsodi8i.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520921", "uod2mz4es33ka.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520922", "v0kgi0osnu7pw.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520923", "v0p0woy3f8ze7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520924", "v66tip8ogttrf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520925", "vncik1psdrrbl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520926", "vns5srpw5p315.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520927", "vqzguhj0laj7p.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520928", "vrnf4tj48nxod.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520929", "vs3b5qgn6ksql.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520930", "vujdfffgcjd7k.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:08", "1520931", "w79vt2diz7dml.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520903", "s8akau9vlsrbq.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520904", "scu2pm45pz9q2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520905", "sfrq624fuus5k.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520906", "si8p7wuxa7ddt.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520907", "sijq1m7wknt6g.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520908", "t9toueu4d6gzm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520909", "tcvttq08r9jty.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520910", "tfd48hex6n5ye.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520911", "tldemeczwtpb7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520912", "tmuu1ryu4fvbm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520913", "u2eqkj41hheze.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520914", "u7d1qd724touv.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520915", "uaooxwnck1qwk.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:07", "1520916", "ug2a0sj16kerd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520889", "q8r7omleri0pd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520890", "qcvgu67ml13r1.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520891", "qo5lmcyhdzxlf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520892", "quqd8ic552xs4.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520893", "qv4njcerh3hsj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520894", "qy6ctflx8ydfe.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520895", "r0lethdy5ytqp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520896", "r9mkypblrf7ai.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520897", "rjgkw1xkq6tgo.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520898", "rn07j0x1acnyz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520899", "rrfz818tk7l3b.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520900", "rxaswnnmmce9g.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520901", "rzxkvxyj2i9qj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:06", "1520902", "s6tbv8w63f840.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520872", "nins8k5g0f1dx.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520873", "nramyw3ac65tz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520874", "nucp69y9nhvm2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520875", "nz9sjxx21tp5x.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520876", "nzsgq8404xxkm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520877", "oefia9wp8je6z.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520878", "ogb5xkgmg4oju.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520879", "ogbh7anjjdjdd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520880", "os5ryl12zmx42.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520881", "oulq1xmd91yva.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520882", "p8ya80enl7muq.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520883", "phofkkfcuixei.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520884", "phwix4m5d2xcl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520885", "piur2ev55twj7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520886", "pl43cimufnrmu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520887", "pnqu4zi9mlahx.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:05", "1520888", "pz9k9kaihtptd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520858", "jqyeegna3lht2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520859", "k7b843izg720e.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520860", "k8tdxptwoarz9.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520861", "kb7o9tevgv0nj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520862", "knmekk4xh1yfu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520863", "kt1zpdc26avtr.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520864", "lsoj8le5dvbzq.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520865", "mt07ykdxl55cw.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520866", "n5d6y67plvnto.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520867", "n7fyq5glyab2j.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520868", "nbfg014yic1qb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520869", "nbs6lnzvk9nkg.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520870", "nd6h2ldqkvdw6.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:04", "1520871", "nia2qq0etuzpb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520844", "gvygkcpol74gy.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520845", "h28r6gebma715.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520846", "hb0nsim3indj8.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520847", "hij11nti41rxp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520848", "hlqz0e62ixrnp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520849", "ho0e0fu2f1ehu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520850", "hrjcfbz49zbdn.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520851", "htc8v674o5340.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520852", "hvrcruhojtv59.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520853", "i9lnrwpyl6q1s.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520854", "igdibsm1sy5ef.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520855", "ikp95oty597zb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520856", "il3ha3mtfvku8.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:03", "1520857", "iptckm8axh4up.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:02", "1520841", "gap5w2em9msor.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:02", "1520842", "gennj5glepbm3.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:02", "1520843", "ghyouopkphf2x.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520829", "dyrsovg0janxg.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520830", "e12sw2209cc53.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520831", "e21hhjf8659tt.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520832", "e3h08otb6xmu3.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520833", "eapnxzvi8p2dy.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520834", "ec8puhgxe2irq.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520835", "f24yew7yxdas9.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520836", "f5bdp5r97x63z.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520837", "f5l5coo21t986.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520838", "fa03e75bicux5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520839", "fk522cqcb411i.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:01", "1520840", "fl2ifygitryuh.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520813", "9k7m4sno3n6zf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520814", "9psg7n6nx8jpb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520815", "ai66uq00ax202.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520816", "atpk4sqovxf2y.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520817", "awfdktgdajxzt.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520818", "bnbm2ncu9edm7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520819", "bsobgla5ebrjj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520820", "cj92kmlm09rx6.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520821", "cmpf8huatefqk.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520822", "cn20xuahy8t1g.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520823", "csyn20vl3z4q0.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520824", "cwdnohn9obt5r.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520825", "darveicg7xcj0.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520826", "dn50y7ahnc1bj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520827", "dt2cg075ch11u.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:33:00", "1520828", "dt2hlgmn1nzpl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520801", "7m959mli25a72.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520802", "7qdvi1ojq79ap.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520803", "7vcfugjejghtu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520804", "822xkcv8p7yj5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520805", "830pmmvl3x3qb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520806", "86dcshj21wg6m.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520807", "8a3peanh4uz8e.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520808", "8k9dg54uoiaig.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520809", "902zrmiyj0203.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520810", "93k4iwdrz9dv0.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520811", "94sd02j2s8w5g.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:59", "1520812", "9ir8es90oecw2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520784", "5gimy9lgi9xbl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520785", "5izwfepuwh2ic.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520786", "5oqmgkgz5rf70.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520787", "5p981xjz7sbyt.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520788", "5sq4py78k91rm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520789", "5vhkbv1vxxsnm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520790", "6bs426zjqpbth.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520791", "6dbu605hajf1q.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520792", "6ep9wbu6v24n0.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520793", "6km9ottqfh6zn.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520794", "6q4rlo4sr8s85.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520795", "6vzdx310bfwa5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520796", "74of7b9bmuags.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520797", "7d0qhl3jn2xp2.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520798", "7d2zsoxb59ie1.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520799", "7dxudveyrs1qv.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:58", "1520800", "7e3xn5owh54h1.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520768", "2odsenx2yp0lo.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520769", "2yj7j6r9vo33o.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520770", "35vy1pligjgul.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520771", "397nrivd76yo3.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520772", "3jxjww65p5maz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520773", "3mar7y5c3r4zx.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520774", "3obruwxmqzonj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520775", "3w2o83k0n8265.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520776", "3y9cnn3ltwru4.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520777", "456iqa3y1dx4m.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520778", "4sntr015i7xom.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520779", "4ui23j0z9jjrn.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520780", "4v0qmowukun68.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520781", "54x58q8lib4hu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520782", "55ueww9semkcm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:57", "1520783", "59vajiveghhtk.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520754", "05by1jl7fjlpm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520755", "06g15h6u4co8d.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520756", "08cke7akux8kw.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520757", "0a2oobiviohq1.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520758", "0vmyb63gn2ptp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520759", "0vwdh086y6617.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520760", "16pul9mybq7xz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520761", "1j89dadarol4g.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520762", "1tznpvtx5dfm8.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520763", "20ztrlynhqrkl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520764", "296e90bwwbghd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520765", "2970uw58lq0x7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520766", "2ekg1e4hsed7c.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:32:56", "1520767", "2nviz2u0243nr.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520740", "daxbkb16ebdao.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520741", "m4ivqiz0weqy7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520742", "0ei4jxf0cszgd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520743", "54zgxvq8jzq81.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520744", "tesc2obtfbdke.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:07", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520745", "w1nd36e506qqi.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:08", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520746", "fc4v5wx4p4syq.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520747", "43wubiwvmajs3.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520748", "4w1b7rsnyg3sm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520749", "h8gw0cbhkkrrf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:03", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520750", "k2yu4bhadklet.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:08", "1520751", "wqfvb1lom02cg.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:09", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520724", "xfi23ljskvgtg.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:09", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520725", "ofvs2a3nhyrqi.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520726", "7o3zfbd5rf5mz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520727", "flewo6le618h7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520728", "r7rw9inm558jg.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520729", "7qjjcy6vg835x.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520730", "8sz83ieffpzwj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520731", "0eftob9vxa877.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520732", "0j62jm3djgxe7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520733", "v2vijxyqbqsbl.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:08", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520734", "vuu79f2ne8xl1.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:08", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520735", "ew3crbjgfbbhd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520736", "lqhhfpiqp5chx.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520737", "f3be5ccj5ioc7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520738", "1ngmbwokqkiov.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:07", "1520739", "nh0hujf2w5xi9.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520707", "bgiphdk30zk35.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520708", "8n3rj69ohv8rv.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520709", "29e8eji42sktd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520710", "bqlbyaavprz19.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520711", "qj2suuu4ixgvf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520712", "b2ys2fltibnfu.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520713", "z0lg8lijtw3mh.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:10", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520714", "p3arx0taom00w.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520715", "gquyy1qf8ncn7.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:03", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520716", "ref18bh4aku24.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520717", "epqykfhm5zq6l.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520718", "zw96t31o1h768.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:10", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520719", "c45ze0b5hhvdg.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520720", "6kjpjs3v34hbf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:58", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520721", "qhyut7e0tjz2a.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520722", "5p9udlfi4yvg6.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:58", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:06", "1520723", "5ew1715l4z3ef.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:58", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520688", "zom3rkt078g1k.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:10", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520689", "n2cy5wx4nfs8n.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520690", "qnw1tsg4ogxa0.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520691", "84ntpl4mk4cwm.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520692", "m5f2awao92hp9.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520693", "nq0tsip71ecq5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520694", "ithg3ysseil61.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520695", "mvp5pt36h20vf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520696", "51415jvbttwu4.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520697", "l0ecv85wptocs.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520698", "nuq0isjlua30l.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520699", "wd7jo4d8zlxg0.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:09", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520700", "2885patz8ovcf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520701", "1zwze7b6jqovz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520702", "s23kd323qzj2l.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520703", "4me127ppi31at.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520704", "eifir9x2xpqsb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520705", "4hlnzokni29fh.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:05", "1520706", "ykv99faqy3ky4.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:10", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520671", "r4a4n001s7uhi.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520672", "r976ptnxbh52l.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520673", "tv9jc206cpnyd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:07", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520674", "xf30997j6tp8z.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:09", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520675", "nl2jkkuqs8efp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520676", "5395dg0j4h79n.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:57", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520677", "v30ty639krk3p.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:08", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520678", "oknzqkp6ph302.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520679", "rlq13ng659buz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520680", "ey9n44bwtmjaw.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520681", "trtiqjiry7k05.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:07", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520682", "9vgvnzk51j1sy.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520683", "wi88w99xo9zlt.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:09", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520684", "hoieva2gl9tzx.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:03", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520685", "7oo4hxt5haih5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520686", "ey8axyn00x8sf.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:04", "1520687", "kks80hyrpbmuz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520657", "apsgw881ol7rs.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520658", "rmqa3jodwcmgd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520659", "85ur7zivhczam.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520660", "evzftxl2qjfj4.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:01", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520661", "cp2br7osw928r.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520662", "lhunevjdxw5kz.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520663", "jbrprj8im7aia.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520664", "rdg0u5n7237r5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:06", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520665", "xwn7sukhzhbqv.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:09", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520666", "8vh7uizstjhnb.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520667", "u8karkeeu2qtj.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:07", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520668", "j34duklow92k3.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:04", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520669", "8sg769rvpe1lp.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:03", "1520670", "inkja7hekgcuv.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:03", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:02", "1520652", "19ak90ckxyjxc.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:56", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:02", "1520653", "o2u1xbm9xoq4p.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:05", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:02", "1520654", "9b10t4vyvx6b5.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:32:59", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:02", "1520655", "9nl2a1qma4swd.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:00", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:29:02", "1520656", "gc9fctjq62t2e.life", "domain", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 07:33:02", "100", "https://bazaar.abuse.ch/sample/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/", "7941704092191845612,BumbleBee,grp0001", "0", "abuse_ch" "2025-05-13 07:24:40", "1520651", "94.26.90.81:2404", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "https://bazaar.abuse.ch/sample/8b72b274db8d5ec8a8e192876de28a5f21d393654b3b4abf67941c787dd071e9/", "XWorm", "0", "abuse_ch" "2025-05-13 07:18:10", "1520650", "37.120.206.165:63513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-15 02:50:34", "75", "https://bazaar.abuse.ch/sample/e903f8c19bc7a0b14e1d7715ed842ca019f73cd7cfecc2103c6a54328f24eb0f/", "RAT,RemcosRAT", "0", "abuse_ch" "2025-05-13 07:10:11", "1520649", "192.169.69.25:3940", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "NanoCore,RAT", "0", "abuse_ch" "2025-05-13 06:55:28", "1520644", "213.139.205.136:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "2025-05-13 06:55:29", "75", "", "BumbleBee", "0", "abuse_ch" "2025-05-13 06:55:28", "1520645", "84.200.205.246:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2025-05-13 06:55:28", "1520646", "192.121.17.241:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2025-05-13 06:55:28", "1520647", "194.61.120.106:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2025-05-13 06:55:28", "1520648", "89.36.231.38:443", "ip:port", "botnet_cc", "win.bumblebee", "COLDTRAIN,SHELLSTING,Shindig", "BumbleBee", "", "75", "", "BumbleBee", "0", "abuse_ch" "2025-05-13 06:50:12", "1520643", "http://cs53692.tmweb.ru/imagepythonsecuredownloadsTemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-13 06:40:03", "1520642", "http://196.190.1.39:39284/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-05-13 06:31:34", "1520577", "joyjaxforme.shop", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/196.251.71.99+joyjaxforme.shop", "AS401120,C2,censys,CHEAPY-HOST", "0", "dyingbreeds_" "2025-05-13 06:31:34", "1520578", "54.183.101.23:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:12", "100", "https://search.censys.io/hosts/54.183.101.23", "AMAZON-02,AS16509,C2,censys", "0", "dyingbreeds_" "2025-05-13 06:31:32", "1520579", "8.140.28.177:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:57:24", "100", "https://search.censys.io/hosts/8.140.28.177", "AS37963,C2,censys", "0", "dyingbreeds_" "2025-05-13 06:31:31", "1520580", "110.40.142.234:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:36", "100", "https://search.censys.io/hosts/110.40.142.234", "AS45090,C2,censys", "0", "dyingbreeds_" "2025-05-13 06:31:31", "1520581", "45.125.33.150:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:40", "100", "https://search.censys.io/hosts/45.125.33.150", "AS55933,C2,censys", "0", "dyingbreeds_" "2025-05-13 06:31:31", "1520582", "222.186.38.10:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:13", "100", "https://search.censys.io/hosts/222.186.38.10", "AS4134,C2,censys", "0", "dyingbreeds_" "2025-05-13 06:31:30", "1520583", "webdisk.tempoestil.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.132.51.146+webdisk.tempoestil.com", "AS3132,C2,censys,Mythic", "0", "dyingbreeds_" "2025-05-13 06:31:30", "1520584", "command.outliertech.dev", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/204.48.27.82+command.outliertech.dev", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "dyingbreeds_" "2025-05-13 06:31:29", "1520585", "cpcontacts.tempoestil.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.132.51.146+cpcontacts.tempoestil.com", "AS3132,C2,censys,Mythic", "0", "dyingbreeds_" "2025-05-13 06:31:29", "1520586", "4.232.128.157:5000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/4.232.128.157", "AS8075,Botnet,byob,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "dyingbreeds_" "2025-05-13 06:31:28", "1520587", "103.112.96.40:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.112.96.40", "AROSS-AS,AS400619,censys,Viper", "0", "dyingbreeds_" "2025-05-13 06:31:27", "1520588", "banking.banking-postbankde.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:56", "100", "https://search.censys.io/hosts/81.0.247.170+banking.banking-postbankde.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:27", "1520589", "b.stats.postfinancelogin.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:56", "100", "https://search.censys.io/hosts/81.0.247.170+b.stats.postfinancelogin.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:26", "1520590", "t.paypal.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:57", "100", "https://search.censys.io/hosts/81.0.247.170+t.paypal.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:26", "1520591", "accounts.google.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:57", "100", "https://search.censys.io/hosts/81.0.247.170+accounts.google.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:25", "1520592", "sbbe.loginpaxful.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:57", "100", "https://search.censys.io/hosts/81.0.247.170+sbbe.loginpaxful.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:25", "1520593", "account.microsoft.live.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:57", "100", "https://search.censys.io/hosts/81.0.247.170+account.microsoft.live.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:24", "1520597", "168.231.118.20:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/168.231.118.20", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:23", "1520594", "dealerhub.ebanking.posteid-a365.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:01:57", "100", "https://search.censys.io/hosts/81.0.247.170+dealerhub.ebanking.posteid-a365.com", "AS51167,censys,CONTABO,EvilGinx,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:22", "1520595", "100.20.170.29:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/100.20.170.29", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:22", "1520596", "212.147.68.188:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/212.147.68.188", "AS12350,censys,GoPhish,Phishing,VTX-NETWORK", "0", "dyingbreeds_" "2025-05-13 06:31:21", "1520598", "3.215.71.161:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.215.71.161", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:21", "1520599", "3.109.121.218:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.109.121.218", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:20", "1520600", "3.109.121.218:8000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.109.121.218", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:19", "1520601", "18.191.26.159:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.191.26.159", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:19", "1520602", "137.220.205.223:9090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/137.220.205.223", "AS152194,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:31:18", "1520603", "149.202.133.94:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/149.202.133.94", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-05-13 06:20:01", "1520606", "170.64.242.210:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/170.64.242.210", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:20:00", "1520605", "54.80.76.15:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.80.76.15", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:19:59", "1520604", "178.128.254.173:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/178.128.254.173", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:19:57", "1520607", "164.92.147.36:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/164.92.147.36", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:19:56", "1520608", "172.174.34.90:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.174.34.90", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-05-13 06:19:56", "1520609", "157.173.219.82:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/157.173.219.82", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-13 06:19:55", "1520613", "144.172.73.33:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-05-13 06:19:55", "1520631", "d69ebd183b2e0072c396e55503d5ede7", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "", "J,JLocker,ransomware", "0", "TheRavenFile" "2025-05-13 06:19:54", "1520632", "aa63680c9b15034463d46847e7534975", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "", "J,JLocker,ransomware", "0", "TheRavenFile" "2025-05-13 06:19:54", "1520633", "f0f300206af1eed81b7b74357df437da", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "", "J,JLocker,ransomware", "0", "TheRavenFile" "2025-05-13 06:19:53", "1520634", "538f8b4fbe62595021ffa36682bf518f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "", "J,JLocker,ransomware", "0", "TheRavenFile" "2025-05-13 06:19:53", "1520636", "2238997aec239bb5ebd7589f754bf606", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "", "J,JLocker,ransomware", "0", "TheRavenFile" "2025-05-13 06:19:52", "1520635", "aeb06e5cdd5da2bc5259516fb738ac78", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "", "J,JLocker,ransomware", "0", "TheRavenFile" "2025-05-13 06:19:48", "1520301", "https://assets-msn.org/siglost", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114496367038605364", "KongTuke", "0", "monitorsg" "2025-05-13 06:19:48", "1520302", "assets-msn.org", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-12 19:35:31", "100", "https://infosec.exchange/@monitorsg/114496367038605364", "KongTuke", "0", "monitorsg" "2025-05-13 06:19:47", "1520304", "47.117.113.230:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:47", "1520305", "148.66.2.195:21", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:46", "1520306", "139.180.141.50:8748", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:46", "1520307", "1.15.93.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:14", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:46", "1520308", "194.135.16.61:47231", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:45", "1520309", "122.51.30.157:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-13 04:00:11", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:45", "1520310", "101.33.198.246:7443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:44", "1520345", "https://recommendation-samoa-weights-guyana.trycloudflare.com/siglost", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114496910693663142", "KongTuke", "0", "monitorsg" "2025-05-13 06:19:43", "1520573", "45.195.197.3:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:43", "1520574", "82.156.132.252:7000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:42", "1520575", "45.76.27.167:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-13 13:16:03", "100", "None", "FAKEUPDATES,SocGholish", "0", "pancak3lullz" "2025-05-13 06:19:41", "1520346", "recommendation-samoa-weights-guyana.trycloudflare.com", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-13 10:07:22", "100", "https://infosec.exchange/@monitorsg/114496910693663142", "KongTuke", "0", "monitorsg" "2025-05-13 06:19:38", "1520297", "https://totalsolucao.com/wp-content/rsks.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg" "2025-05-13 06:19:38", "1520298", "94.158.245.115:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg" "2025-05-13 06:19:37", "1520296", "https://linhua97.top/jsen/ddd.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg" "2025-05-13 06:19:36", "1520294", "linhua97.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-12 18:14:58", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg" "2025-05-13 06:19:36", "1520295", "https://linhua97.top/jsen/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg" "2025-05-13 06:19:35", "1520293", "https://linhua97.top/jsen/core-compiled.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg" "2025-05-13 06:19:33", "1520263", "38.165.21.186:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:18", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:33", "1520264", "103.205.6.134:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:54:28", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz" "2025-05-13 06:19:32", "1520290", "45.135.194.43:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-12 22:00:10", "75", "None", "Mirai", "0", "elfdigest" "2025-05-13 06:19:31", "1520291", "cv.jyla.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-12 18:47:37", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-05-13 06:17:42", "1520640", "47.120.57.192:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 06:04:07", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch" "2025-05-13 06:17:42", "1520641", "43.143.216.185:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-15 02:56:33", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-13 06:17:41", "1520638", "106.75.251.248:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-13 06:17:41", "1520639", "106.75.251.248:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-13 06:17:22", "1520637", "196.251.71.99:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-14 06:04:31", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-05-13 06:10:10", "1520630", "213.209.150.210:7773", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-13 05:13:42", "1520629", "hgjbp.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-13 04:38:05", "1520626", "animatcxju.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "", "c2,lumma", "0", "juroots" "2025-05-13 04:38:05", "1520627", "enumermbzz.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "", "c2,lumma", "0", "juroots" "2025-05-13 04:38:05", "1520628", "albizzcdlv.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "", "c2,lumma", "0", "juroots" "2025-05-13 04:37:41", "1520625", "radiocity.serveminecraft.net", "domain", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "", "c2,nanocore", "0", "juroots" "2025-05-13 04:36:17", "1520624", "213.252.246.65:2666", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-05-13 04:35:41", "1520623", "http://49.113.73.193:8888/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196c7ed-534e-7788-882b-6a2f4a8f061a", "c2,supershell,urlscan", "0", "juroots" "2025-05-13 04:35:39", "1520622", "http://112.126.77.39:8888/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:35:40", "50", "https://urlscan.io/result/0196c7ed-4ae1-709c-956c-264d620a48e0", "c2,supershell,urlscan", "0", "juroots" "2025-05-13 04:35:03", "1520621", "27.206.220.180:55080", "ip:port", "botnet_cc", "elf.mozi", "None", "Mozi", "", "50", "https://www.shodan.io/host/27.206.220.180#55080", "c2,mozi,shodan", "0", "juroots" "2025-05-13 04:34:47", "1520620", "18.175.136.240:1604", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/18.175.136.240#1604", "blackshades,c2,shodan", "0", "juroots" "2025-05-13 04:34:29", "1520619", "67.213.108.79:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/67.213.108.79#4443", "c2,shodan,villain", "0", "juroots" "2025-05-13 04:34:16", "1520618", "204.48.27.82:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-15 02:49:25", "50", "https://www.shodan.io/host/204.48.27.82#7443", "c2,mythic,shodan", "0", "juroots" "2025-05-13 04:33:56", "1520617", "43.246.208.241:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-15 02:50:55", "50", "https://www.shodan.io/host/43.246.208.241#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-13 04:33:11", "1520616", "46.142.145.12:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "50", "https://www.shodan.io/host/46.142.145.12#80", "c2,shodan,sliver", "0", "juroots" "2025-05-13 04:33:08", "1520615", "183.63.173.29:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/183.63.173.29#8011", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-13 04:22:34", "1520614", "rwdfn.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-13 04:15:24", "1520612", "https://zovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/72aea55baac4394d3b360137ced93aaaf8617f13f127c9a5066bb109a92fb62b/", "lumma", "0", "abuse_ch" "2025-05-13 04:15:16", "1520611", "https://flamingof.run/ogapds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/72aea55baac4394d3b360137ced93aaaf8617f13f127c9a5066bb109a92fb62b/", "lumma", "0", "abuse_ch" "2025-05-13 04:01:44", "1520610", "54.218.2.134:1553", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-15 02:52:00", "100", "https://search.censys.io/hosts/54.218.2.134", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-13 03:46:47", "1520576", "rhbqx.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-05-13 03:15:10", "1520572", "23.249.29.117:8888", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" # Number of entries: 1829