################################################################
# ThreatFox IOCs: recent additions - CSV format                #
# Last updated: 2024-07-26 22:22:56 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2024-07-26 22:22:56", "1304115", "01fbcc6559c010e59be1dc7b66c12e4f", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:55", "1304114", "ee7dd9158f6175700aa6d58f346036f949889f8deebf8dbee83c40874bbc1f26", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:53", "1304113", "657f058d4032447658f71265803f7a6d52a64532", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:52", "1304112", "78343efcb6f731cd7668e648ed73e40f", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:51", "1304111", "f0cca8a13c6f8d768fb49efc17a0181cde1c28f9afb0be916b441bcdf75194ae", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:49", "1304110", "7d7d8ff1aa08a1e4bfc766ec8a59576de2e49e99", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:48", "1304108", "a3ac7a955dc3f036f392bdcb98b2929420a60f40799e3b21c6d435bd2775873b", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:48", "1304109", "7e7dd12e929d3d547cc88c21baecddc5", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:45", "1304107", "e93c3b3fdf2125d59978edd75a85fe3d5397fa0d", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:43", "1304105", "1c18346eccf2800753f37747b7d4c20d4e778849906186f1bf586244589bfda5", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:43", "1304106", "268974e398224e4c5f7d30f8221a5f93", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:40", "1304103", "1aa1f12d26d3a34265d0b99705bdf283", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:40", "1304104", "5d11a31a4012266bd5bda4f6debb80ca34a13a54", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:39", "1304102", "5810226922c8297d0023e41d2b19d743b73ab20ce087d55ee5897919d6487f58", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:36", "1304100", "7e4969ede634780ccab819a3de7c87bc", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:36", "1304101", "4fc9647059fbb2ceef6e248093e25a23ccbb4dc3", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:35", "1304099", "2c37f2a3fdc18b7da0ba9de124a54570abbbe106cfbb44ac6465c30478cfe141", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:32", "1304097", "fddcf49860999a5147f34179c07c4bc6", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:32", "1304098", "de23d6c67e455aa8f1dbec2fbad688b3e474bb41", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:31", "1304096", "0ec6f1e4ea70e94d4b6245ecb1ca8953515e41ad631af0fbdad75c2ab14c36e8", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:29", "1304095", "9272c4c84a44387ff0546c33f8816de12e993d3d", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:28", "1304094", "1f5c95d40c06c01300f0a6592945a72d", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:27", "1304093", "434ec59b680788bae7f2935200a77e681cecbb517d853c6e6cf31f4cf112e5cc", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:25", "1304092", "79a217ed19833efcf640ffd8bb04803e9f30d6f4", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:24", "1304091", "33a84ea233fe9fe1b4c85e533a228bbd", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:23", "1304090", "a777bbce91625e3261edebb334be8610372daaf0790763fc2fd085db35b8463d", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:20", "1304088", "3f69729a8f2b22e625bb984f28758ebc", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:20", "1304089", "413d73dd32bcce870cf5edd4b777051762882034", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:19", "1304087", "d1b50fc6ce79320a88defef33baf6a51e30845bd13ab2b52f7925ba0b8f527cd", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:16", "1304086", "ab8aab5952dfcf0d705daff76448920c67b6241d", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:15", "1304085", "fcc55ef512ccf37a07ec703b59cc7aad", "md5_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:14", "1304084", "38b26e2364bc081a90145838451341f14bda3cbd15bba54bf0114cab5d2f8667", "sha256_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:11", "1304082", "5aa3b4d694bc828650c63ade641f4581", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:11", "1304083", "9abef70ff67a2a7032ac1da4cd65424e7b2130b7", "sha1_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:10", "1304081", "d3983e52c48a6f9844b5ca10248ee51b8a1f2bd6637243ff0384a92288572f61", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:07", "1304080", "3f3e91f7b65be4e4b24fd29ea837206c00d55fc3", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:06", "1304078", "aabe8925ffd443357b00bb1eaad58d028090b95ab492fb942c39c12d9bb78abd", "sha256_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:06", "1304079", "9fde5445045e43d9507d20a2bba50696", "md5_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:03", "1304077", "b996c962d8cf7e073f4bf5bc738e21e3273db649", "sha1_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:02", "1304076", "47cabe63424ef65665ce7f0137f6fcf3", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:22:01", "1304075", "0b37afa009e708ad8afad3ba00f5d7cd04e4befc807981922f6170cf4705080a", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:58", "1304074", "cf85c975972f3e0959ab37575c171a0d194377d4", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:57", "1304073", "483e96684fcd22e9ae54520fbabce4ce", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:56", "1304072", "86c845b26ff1a36147c647ba50a1cf1ef62c829bcd432bb6ffb6d167532da7c6", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:53", "1304071", "d8da92f363bdad025496a55b4e195e239dee24fc", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:52", "1304069", "8249867be0345b8a6f352b87af61431511adef44df909d6089e83de45b842c0e", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:52", "1304070", "3836f3c404b6ebe3a5b063edff267524", "md5_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:49", "1304068", "f296c4b7a4a7087acb7ea0aa064e4f63e84592d0", "sha1_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:48", "1304067", "2ad0a14a883597c8707276c3002d85da", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:47", "1304066", "c7dc84187ebfc4521a3fe173e5b59850c753251a1a935b294c0a6fb63d6c9315", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:44", "1304064", "3a161a0ba343473cab6b53964a09b6c8", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:44", "1304065", "5840f94ca6dc35f3e48f7e0586e3a9724fb566d0", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:42", "1304063", "eddaf1005b1eaf4fd6dad9a067063b55ec1f04c7d5d47dcc6723601f6ac807bd", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:39", "1304062", "a575c4974f41f1446fd39da23b664e7515329b3a", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:38", "1304061", "68b43f31a73b4ceccb149056b6a7aafa", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:37", "1304060", "b07cd71f9882bdd5e28f47863b84634b985bebb1dab1e5cc84e246b94fe8c864", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:34", "1304058", "7bccbac8a232ff442b0840adcc1eb718", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:34", "1304059", "067ddfcf7a22a17e438a1c26cfa37c1427bdc0d1", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:33", "1304057", "2c4b0e1df5a390f1dd275ba8bcf16ed61c411c5d8a076094f7614384ca28d865", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:30", "1304056", "e2800e1cfb0beaddadcf275d0f07c8aab27259c5", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:29", "1304055", "3ad8cb387874a15488508bf269fd2520", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:28", "1304054", "1b97d7dd602a1a105948d1607a6c8bc2014eb752078e35f839b4a5c5095a4e90", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:24", "1304052", "2b985c758a227407855e1d8e14f8863d", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:24", "1304053", "e083d92b7f1668b105c18ce5772caccc8705b903", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:23", "1304051", "1b7645def29702c924a9cff0a5234b8a697f6d89be75593a725cf8f7da8c7288", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:19", "1304049", "1b03a5c84f80e3cecd83ab99118e1576", "md5_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:19", "1304050", "993301bbe17c097debb66c6dec278d4f74063b41", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:18", "1304048", "1c85338d737773209fe6485ef61102b3012f0b81d1cab1d7ccb29681fce8428d", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:15", "1304047", "1d1c3f7746734ddd7e9b53f82f38316d38f8005a", "sha1_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:14", "1304046", "5223a85ff161e8818f0e514048051e7d", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:13", "1304045", "7632e569071acc40bce87af592e4cc2476d9c088906a1e6651614860b4754bf8", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:10", "1304044", "9574d384a9f3b449f64cf14a022df3c8c383e279", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:09", "1304042", "e029649c27b530cde29120d4efbef76d537ead6617fa0c05f11211e5bd234562", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:09", "1304043", "ccba0064d8fb013b5ba0d8738afa7d77", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:06", "1304041", "4646e6739bd8d39e822f12e55b3c288623898fd4", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:05", "1304040", "d5783572b939c378553f42ed9c4ea6c4", "md5_hash", "payload", "win.remoteadmin", "None", "RemoteAdmin", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:04", "1304039", "3cdf495cf7d1eba5d1bb55ecb72ed5c18d2ff1bef0ced9569ed54f5bfa89b497", "sha256_hash", "payload", "win.remoteadmin", "None", "RemoteAdmin", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:01", "1304038", "9f543ab7ba9c7024d94a5aaa2f07556dc2270be7", "sha1_hash", "payload", "win.remoteadmin", "None", "RemoteAdmin", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:00", "1304036", "151247e9379a755e3bb260cca5c59977e4075d5404db4198f3cec82818412479", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:21:00", "1304037", "1b0fe9739ef19752cb12647b6a4ba97b", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:57", "1304035", "0672bbdf92feea7db8decb5934d921f8c47c3033", "sha1_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:56", "1304033", "a0d7bc2ccf07af7960c580fd43928b5fb02b901f9962eafb10f607e395759306", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:56", "1304034", "4e0235942a9cde99ee2ee0ee1a736e4f", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:53", "1304032", "d084d94df2502e68ee0443b335dd621cd45e2790", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:52", "1304030", "6322686d71a40e20eca9b41af872049e06aab4439a2d06e607e9620decfec41d", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:52", "1304031", "8e3c2682f9743107cb2b3a3d15b072f5", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:49", "1304029", "660a9b6ad3f5cd1bd37e04015b25a893de4c5f90", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:48", "1304027", "176f9e2c3645a8742f839b19a56b2db258c9516d77423a33126266d11ac235ea", "sha256_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:48", "1304028", "5c88da04ec807c26f6db500eeb8d983b", "md5_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:45", "1304026", "de7ce2ae49182e1c72cafca64826569568f3c667", "sha1_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:44", "1304025", "317b3672b23e381f9a37d7d6ec884bb0", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:43", "1304024", "34646a46c7823387ef84784c27a8ddbecd27172c2c0d7774142b6c3bb294105e", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:40", "1304022", "2d3ecaf3008e1d47782f668f713b35b1", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:40", "1304023", "b4292272efafaa59a33c221302106fa0975834a1", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:38", "1304021", "c2c3f4d25be2c10f834a4804172d58ee35adc35accd66227d7d89d9ae978e04d", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:36", "1304020", "35ea8d6a9836384c69829e1a87ddb08c1f647fc7", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:35", "1304019", "3472874efe2c665ab11817ce53216d21", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:34", "1304018", "a35e785bcf822d20a6bfb76d4dd3f78ecebaf8147f03ee2ffd8d492ac8cc657f", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:32", "1304017", "6a75e87df5e211ab55e4daa4f5db59552b480c6a", "sha1_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:31", "1304016", "9795b9f24e9a98ae78f7cad809ed1e2a", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:30", "1304015", "a36a4fce0902ebb99f0a8441b024a03c2f1cd66063c59391257f0f96ea9ee5fb", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:27", "1304014", "d92325ce71ae6bd9af9b74b1cc67f81dbb033020", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:26", "1304013", "5d9806d592202444f84ae3e14398975c", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:24", "1304012", "ebcdf0ea7146fac2e4d68409c125892102c8b65c97321d7a57e1386ce69d5e09", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:20", "1304011", "17347e5f8cde10bff0e30c7946e6d8c6958dbfd7", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:19", "1304010", "db2338f35c9617d85df49c33df856dbb", "md5_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:17", "1304009", "4a54ae992cdbec6cfe309567fb1bf1d6d2f73b5b73ff259f184f6e9230a352bf", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:09", "1304008", "08688195da256adaf01990a509e0ee7d4d730a4c", "sha1_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:08", "1304006", "0df79273aea792b72c2218a616b36324e31aaf7da59271969a23a0c392f58451", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:08", "1304007", "569720e2c07b1d34bac1366bf2b1c97a", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:01", "1304005", "d0c7109e04b413f735bf034ce2cb2f8ee9daa837", "sha1_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:20:00", "1304004", "45fd30020c12378c242dc90687edc24c", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:59", "1304003", "f4a7d43dc4cdf21cc7a58af7c66386cea1616658f15b996691fbb85a7cb06b9d", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:57", "1304002", "934cd43ff8bd35e77d7df2cbc3aa5d96b672e4bf", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:56", "1304001", "2de90be7036903b103dcaa9b3cf3e2e8", "md5_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:55", "1304000", "64ac805d6b90dd9585e787a6f3169757b5a610940b5a74fc0453094af727d251", "sha256_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:53", "1303999", "f5bbc22473ae0c4f7536bfd531465b518b58a5d6", "sha1_hash", "payload", "win.babadeda", "None", "Babadeda", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:52", "1303998", "2af5eb9fb318c9a454de54914e121031", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:51", "1303997", "589eb31a43d44fe275c70bfc3f592965b9236b59645a7ed633bbec66526d64ab", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:49", "1303996", "fcbaea817b8eb0d63ba7b31804be2353d564ba93", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:48", "1303995", "8ef54b7689af3a0fe5028bc42964bb26", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:46", "1303994", "78305c8b5e8ead6989a0af09fc6ed8f2ff1b246c0487dfa78fb5b155b554cae9", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:44", "1303993", "debcb0ea69e4330873f281b0d9b34d15fc513abc", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:43", "1303992", "2a846c38fb95e0103773296f7e7794eb", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:42", "1303991", "5f88cedcc10d3ed6d330e1223602452cb5fe1210e8d245a4c0a7ff1991a23373", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:40", "1303990", "57957dc05264a8580d1494d0152018be250d22a3", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:39", "1303988", "28f2e596810e44e99478b335a6f55c0f1f76654cee36416a28d79895ebcd101f", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:39", "1303989", "2f277449cb31514f740e5c3ade2ca366", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:36", "1303987", "3e7a66ac93ec5c1cb59c8b86714df87b2a67d3b2", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:35", "1303985", "ee170a14d676b69cab768f8a94e482ee9ad6dc1766038d6e26c24fe2cfbd7677", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:35", "1303986", "c6620fe2690605f20f5b9c970e8130c6", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:32", "1303983", "f6dca815eb37c8aa9ba54c603624227b", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:32", "1303984", "f5a500bab75cec90f2a004566cc61ef6484be12c", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:31", "1303982", "e294f1b0ec3cff802aaa8be3fc47aa0c1a56cbdc644467503e5b30122954964d", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:28", "1303980", "1c198a27c76f075b7901945f67ed0115", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:28", "1303981", "4a2215c9b3d8125d176014d528be0563aef1979e", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:27", "1303979", "724f6f07b8d94b11184884da8fcf987cf43ce7020adf24240e213b65d2f93b4f", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:24", "1303977", "37bdc150af529c0f560f1269dee8fa17", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:24", "1303978", "335479dd8185471a31c464ec4bf5a3b4c3430c67", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:23", "1303976", "be5bb7f05c4f8de4d393134b63af2e6bf8a05e3ad3fb31c0e34c7835baa828af", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:20", "1303974", "284bba6223d9215b7b1f9b99480ad2cd", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:20", "1303975", "d5c9e4dd36a99407c0824478c00d0f97fb26ab2f", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:19", "1303973", "f3ba41ba0b508b0965153c1688d6df6de6b3fdf59b01582d140d17d8131f658d", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:16", "1303971", "42661ea68d2293c67cb878d88257f7f2", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:16", "1303972", "5fd4f669024dce37ae01d3976d247d599c5e7f8e", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:15", "1303970", "8157fd69bd3a3259d7911729323d4fe91eb4745fdccf2b605787b956ffe8d1c2", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:12", "1303968", "0a158c236b490056d28c4ee4acb5db1b", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:12", "1303969", "a63f14b94257e93f483fba2dc9c9338a4d487d99", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:11", "1303967", "a14397c285bde028ede08eb648a2626ef3b8393a722828f1c280ef86577c014f", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:09", "1303966", "36d11ce8cd3f715e91b883ea3d3fbd8c946b4af4", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:08", "1303965", "ccdc7eb74161dec113cfc651731e3ed2", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:07", "1303964", "a133d4b98713e10ff269ced474727528256011109c3440bcfb5112a46b836c26", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:05", "1303963", "c299757e2eb69276ba604e114bda9800c22753fb", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:04", "1303962", "44d203e05b0d9ef3262d3f62eca36ce7", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:03", "1303961", "f16fa90e5255b1675b0cd1665c3b8fb80fe785a8d3db5fcad202394d9b5ab15f", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:01", "1303960", "5f01f10a83d82d0618e29566ed361e32d4925476", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:19:00", "1303959", "d332bcaa3c61494b774f49bf3e716c21", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:58", "1303958", "d61208c85ce83c279dd87495f0dfc1cf5c345d2bf3a6e739279dcf188e19b21d", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:55", "1303956", "57b81f3bfbd7e82065190ea6a2f59849", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:55", "1303957", "8cdfa60c6b3f25c7d48753e50c298b746c3386de", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:53", "1303955", "7adc48b32358c405fdb502f2b868288b3757940b2b54e0b6787b1a7a242b3579", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:50", "1303953", "671423091cbffb473016291d68a5b49b", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:50", "1303954", "2af119b418045b812b3b05f3d5385b11bfa89e91", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:49", "1303952", "31fdf75cd3cf71f770eb158141183b08ed0845b27ecd2e90ce20eb3c4e4642c0", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 22:18:46", "1303951", "07f1a0c895fa372f6043fbf013b78321a6939193", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-26 21:35:10", "1303950", "http://660256cm.nyashka.top/javascriptsecurelowWindows.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-26 20:41:43", "1303946", "185.158.248.143:80", "ip:port", "botnet_cc", "win.warmcookie", "Badspace,QUICKBIND", "WarmCookie", "", "50", "None", "warmcookie", "0", "Rony"
"2024-07-26 20:41:43", "1303947", "176.31.45.36:80", "ip:port", "botnet_cc", "win.warmcookie", "Badspace,QUICKBIND", "WarmCookie", "", "50", "None", "warmcookie", "0", "Rony"
"2024-07-26 20:41:42", "1303945", "45.155.249.102:80", "ip:port", "botnet_cc", "win.warmcookie", "Badspace,QUICKBIND", "WarmCookie", "", "50", "None", "warmcookie", "0", "Rony"
"2024-07-26 20:37:17", "1303944", "45.143.166.66:443", "ip:port", "botnet_cc", "win.lactrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "75", "None", "None", "0", "Rony"
"2024-07-26 19:50:33", "1303943", "157.90.30.125:3306", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-26 18:55:50", "1303942", "overstockads.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://x.com/Unit42_Intel/status/1684583246032506880", "mythic", "0", "Rony"
"2024-07-26 18:40:13", "1303941", "https://weaknessmznxo.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:12", "1303940", "https://stimultaionsppzv.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:11", "1303939", "https://shellfyyousdjz.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:10", "1303938", "https://parntorpkxzlp.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:09", "1303936", "https://horizonvxjis.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:09", "1303937", "https://kaminiasbbefow.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f9544eee0a9c3a07cd8b5a912cdbc5c75252cd951709e409b53027310b3a969e/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:08", "1303935", "https://grassytaisol.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:07", "1303934", "https://effectivedoxzj.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:06", "1303933", "https://broccoltisop.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 18:40:05", "1303932", "https://bravedreacisopm.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17aad4db38649728ef0e666755351794d4de41d82a36608226d8656ea54233cb/", "lumma", "0", "abuse_ch"
"2024-07-26 17:35:08", "1303931", "23.94.183.150:5058", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-26 18:16:28", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-26 17:25:07", "1303930", "196.206.78.106:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-26 18:08:44", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-26 16:00:12", "1303927", "185.215.113.9:9137", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-26 16:15:25", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-26 14:40:09", "1303926", "45.140.147.183:12245", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-26 14:38:00", "1303922", "https://canroura.com/cdn-vs/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852996552741075", "SmartApeSG", "0", "monitorsg"
"2024-07-26 14:38:00", "1303923", "canroura.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852996552741075", "SmartApeSG", "0", "monitorsg"
"2024-07-26 14:37:59", "1303924", "https://canroura.com/cdn-vs/main.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852996552741075", "SmartApeSG", "0", "monitorsg"
"2024-07-26 14:37:58", "1303925", "http://canroura.com/cdn-vs/22per.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852996552741075", "SmartApeSG", "0", "monitorsg"
"2024-07-26 12:40:05", "1303921", "http://27.217.175.226:42733/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2024-07-26 12:30:09", "1303920", "http://fqq121.beget.tech/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-26 12:25:07", "1303919", "http://a1008296.xsph.ru/2259cd8f.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-26 12:10:16", "1303914", "https://megasena777.top/cdn-vs/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852516884354593", "SmartApeSG", "0", "monitorsg"
"2024-07-26 12:10:15", "1303915", "megasena777.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852516884354593", "SmartApeSG", "0", "monitorsg"
"2024-07-26 12:10:15", "1303916", "https://megasena777.top/cdn-vs/main.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852516884354593", "SmartApeSG", "0", "monitorsg"
"2024-07-26 12:10:15", "1303917", "http://megasena777.top/cdn-vs/22per.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112852516884354593", "SmartApeSG", "0", "monitorsg"
"2024-07-26 11:30:06", "1303918", "http://47.243.165.127:8888/pixel.gif", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/2c37f2a3fdc18b7da0ba9de124a54570abbbe106cfbb44ac6465c30478cfe141/", "cobaltstrike", "0", "abuse_ch"
"2024-07-26 11:02:56", "1303913", "http://109.120.176.203/api/firecom.php", "url", "botnet_cc", "win.privateloader", "None", "PrivateLoader", "", "100", "None", "None", "0", "Bitsight"
"2024-07-26 09:26:33", "1303912", "147.185.221.20:55257", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 07:35:57", "1303908", "talk-saturn.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 07:35:55", "1303907", "147.185.221.21:35975", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 07:15:08", "1303911", "94.156.69.39:7744", "ip:port", "botnet_cc", "jar.strrat", "None", "STRRAT", "", "100", "None", "STRRAT", "0", "abuse_ch"
"2024-07-26 07:10:06", "1303910", "84.38.129.21:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-26 08:20:12", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-26 07:05:08", "1303909", "50.18.145.13:14445", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/be6c2a1f8bba3d691f2622d80836db706fbb747e38640cc326b797fc00e916c7/", "asyncrat", "0", "abuse_ch"
"2024-07-26 06:40:05", "1303906", "http://118.240.211.157:59638/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2024-07-26 06:36:03", "1303905", "185.215.113.16:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2024-07-27 01:00:08", "50", "https://tracker.viriback.com/index.php?q=185.215.113.16", "Amadey,ViriBack", "0", "abuse_ch"
"2024-07-26 06:36:02", "1303904", "185.215.113.19:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2024-07-27 01:00:06", "50", "https://tracker.viriback.com/index.php?q=185.215.113.19", "Amadey,ViriBack", "0", "abuse_ch"
"2024-07-26 05:47:52", "1303859", "subtitlez0.duckdns.org", "domain", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/d11d43f66a89e5c08ab3ddaec58ef74a73952c1dffa538b9349f387f8ef611fe/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:51", "1303857", "subtitle42.duckdns.org", "domain", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/8c073deb8f9ac1a8f5eee6e9e632d272dccd292f42b515fd4453f192dedbc6f8/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:50", "1303860", "168.76.20.194:7771", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/d11d43f66a89e5c08ab3ddaec58ef74a73952c1dffa538b9349f387f8ef611fe/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:49", "1303861", "18.229.146.63:26109", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/f4286863673358b6f7eb370d0a991475fd769bbe8b1bd789d8c07a574b57963d/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:48", "1303862", "167.71.14.135:1118", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 05:47:48", "1303863", "147.185.221.21:35433", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-26 05:47:48", "1303864", "thomas-partly.gl.at.ply.gg", "domain", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-26 05:47:47", "1303865", "http://185.215.113.16/Jo89Ku7d/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "2024-07-26 05:44:11", "100", "None", "None", "0", "Bitsight"
"2024-07-26 05:47:47", "1303867", "http://185.215.113.19/Vi9leo/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "2024-07-26 04:13:51", "100", "None", "None", "0", "Bitsight"
"2024-07-26 05:47:46", "1303868", "147.185.221.21:35584", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 05:47:46", "1303869", "id-diesel.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-26 05:47:46", "1303873", "http://109.120.176.203/api/firepro.php", "url", "botnet_cc", "win.privateloader", "None", "PrivateLoader", "2024-07-26 23:51:40", "100", "None", "None", "0", "Bitsight"
"2024-07-26 05:47:45", "1303870", "185.195.26.95:8080", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "", "None", "0", "lontze7"
"2024-07-26 05:47:44", "1303858", "168.76.20.202:7771", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "https://bazaar.abuse.ch/sample/8c073deb8f9ac1a8f5eee6e9e632d272dccd292f42b515fd4453f192dedbc6f8/", "SpyNote", "0", "NDA0E"
"2024-07-26 05:47:43", "1303633", "http://109.120.176.203/api/flash.php", "url", "botnet_cc", "win.privateloader", "None", "PrivateLoader", "2024-07-27 00:07:20", "100", "None", "None", "0", "Bitsight"
"2024-07-26 05:47:43", "1303855", "51.195.145.80:14640", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-26 05:38:13", "1303903", "64.176.172.133:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:38:12", "1303902", "154.12.84.184:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-07-26 05:38:09", "1303901", "47.92.68.143:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:38:07", "1303900", "119.91.61.117:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-26 05:38:05", "1303899", "101.132.106.244:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:38:00", "1303898", "106.15.229.159:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:52", "1303897", "154.12.20.68:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:49", "1303895", "47.245.94.124:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:49", "1303896", "47.96.239.18:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-26 05:37:48", "1303894", "47.121.129.112:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-07-26 05:37:44", "1303893", "141.98.197.31:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-26 05:37:42", "1303892", "107.173.53.203:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:38", "1303891", "118.89.116.174:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-07-26 05:37:37", "1303890", "101.200.58.204:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-26 05:37:35", "1303889", "47.96.183.161:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-26 05:37:31", "1303888", "47.121.127.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-07-26 05:37:29", "1303887", "116.62.60.64:82", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-26 05:37:27", "1303886", "204.152.203.78:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:21", "1303884", "120.79.76.84:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-26 05:37:21", "1303885", "47.121.119.130:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:15", "1303883", "47.113.202.225:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:12", "1303882", "154.12.20.77:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:37:06", "1303881", "139.196.74.248:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:36:59", "1303880", "47.95.10.131:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-26 05:36:58", "1303878", "39.105.24.180:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:36:58", "1303879", "39.105.194.239:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:36:55", "1303877", "175.27.168.214:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:36:53", "1303876", "107.173.53.203:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 05:36:39", "1303875", "47.91.14.8:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-26 05:36:38", "1303874", "94.191.4.49:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-26 04:45:19", "1303872", "45.132.107.72:8090", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/def85febed594d32e94220514cda316ee17116032f1531a84fbe1c74311f2a0e/", "asyncrat", "0", "abuse_ch"
"2024-07-26 04:45:16", "1303871", "45.132.107.72:4449", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/def85febed594d32e94220514cda316ee17116032f1531a84fbe1c74311f2a0e/", "asyncrat", "0", "abuse_ch"
"2024-07-25 22:00:15", "1303866", "38.180.203.208:14238", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-25 22:15:33", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-25 18:40:05", "1303856", "http://221.15.198.201:33519/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2024-07-25 17:15:38", "1303853", "3588af722c9a76025bedf0cf8ea0da977652c57173cd9e360f1905c48a35f312", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:38", "1303854", "2e6d807e953cc0961f1bae27e34bc50d", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:36", "1303852", "6d31a3685f9d5aba311fcdd6d4d99e1f14a2075f", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:35", "1303850", "bcff63d88583f368ee5a06509f986645e8dff12951c8ff1afddefbfb2801d6a2", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:35", "1303851", "2bed31c30b095ba35b3adcf1e0c5d0c4", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:33", "1303849", "716108cc5a914f3d568c0e667db6804edd4fb9f3", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:32", "1303847", "c2064039cfb52da2b720da90b99a16a1cba06827b57ef1904a3e0919917f2560", "sha256_hash", "payload", "win.colony", "Bandios,GrayBird", "Colony", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:32", "1303848", "9cd1734aa5f825cded3c083c09c906c8", "md5_hash", "payload", "win.colony", "Bandios,GrayBird", "Colony", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:30", "1303846", "ce0436ff184cb6e7fb177c8e97eff310a902f912", "sha1_hash", "payload", "win.colony", "Bandios,GrayBird", "Colony", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:29", "1303845", "2d74baa1f8cf5e4c65d2c49f0149798e", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:28", "1303844", "07deca4ee05fb2463cacbf60235160c22bcbf922084f8ffc8cd935bb86e6319f", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:26", "1303842", "76a4d0d810f2007100c2619d184ef7de", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:26", "1303843", "54c221461e3e6d10e3f0a5506bb2e0d858c12d8f", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:25", "1303841", "d987e88da6ca8f62cea95a075325a66e645ea856364eea63ddbcbd5e5a72b7c8", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:23", "1303840", "a9465d52bd8bf71fd3d4d77b9c9c8382614e2ec2", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:22", "1303839", "c4b108f45b87751371fb6e78597772ae", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:21", "1303838", "ced3557310b98b8a1ede8c1c24c4997a2eb2e05e561dd0b6ca36627f0d987d14", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:19", "1303837", "e60ae2b84d36714099a929b5af304e9a40857ba6", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:18", "1303835", "d39efed4d9a1eaf3aaba7e150e98ff322197d1a7b047cd3b31444dd533c7c42f", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:18", "1303836", "328d93253000b4055bb99918488c158c", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:14", "1303834", "28d57541b0801e02d5ab993f2c070262faf898c8", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:13", "1303832", "1ebdbd7b94a764479be0363d620c6c6b2b41b5b55888c9546b22d050835b22ea", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:13", "1303833", "90a42d83c1b6d034e07d4df4f95e9dd0", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:07", "1303830", "c9ca67936e230c7dc2f41f19c7febb6d", "md5_hash", "payload", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:07", "1303831", "d4e24a72ffb034b98863b1914b314f6027523008", "sha1_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:06", "1303829", "c23c9580f06fdc862df3d80fb8dc398b666e01a523f06ffa8935a95dce4ff8f4", "sha256_hash", "payload", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:02", "1303828", "17bbb5024f39d2409fc908481ace2d2ece9670f9", "sha1_hash", "payload", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:01", "1303827", "696e11c482cb4ba1b0f4147224df3f73", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:15:00", "1303826", "bd13356837704bcfc4fba5204c6abcc0d8af980e49f03a4cca11b9d48c29928a", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:58", "1303824", "c2ca2d2c8f233e0c3ca45f0ccbc21f20", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:58", "1303825", "85445dcf3ce168836f1cb86cb428151ed2e5406c", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:57", "1303823", "b0b58007a4ec7918e21cf2f39070c94eedbc0120e730629defe2de3c5856b59c", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:55", "1303821", "fc3d55ce92a2f91e328396221afcaf2e", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:55", "1303822", "4b0cdf5a6a20028fa9cbf906b7b8e41e7104bd56", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:54", "1303820", "99803c845d71b28a20e9dc852379a1897a1523d40db9838c50bce0284f8640c3", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:52", "1303818", "4e1a225a575ac9028e5ec9a0a612c0b6", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:52", "1303819", "27549146b0f535d78bf6f931183cadbd09d30734", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:51", "1303817", "3d1d469d7b6706a500cf3089f5f5a0f7114a89562abe8f169ac28bf05b8993c2", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:49", "1303815", "5930336be10c3d30e95a485dc2b14dcb", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:49", "1303816", "c42eabfc2fe81710444101491b894a67cec8cb1f", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:48", "1303814", "b798eac9cee33dad789ae92c7d41d322258755e9727522e110ba05cb3732586f", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:46", "1303813", "043079d600cc18f9974ac07789453b294c094c03", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:45", "1303811", "f68d5e33f7db0a81054e39848b5c3a5dbe3c38ca3b97582b0c5e8c54ccde5983", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:45", "1303812", "bf92e92a6e16b6357e05bcc7d6bab52a", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:42", "1303809", "b4323bbac7380601b5a1ccb9eff49d33", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:42", "1303810", "86d677547d4e2eb33262abeae50bd829c814409f", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:41", "1303808", "710b0caae2103bbd849eea68d04bcfe4524042a03029ef6e19e67f2f96ab4c87", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:39", "1303807", "57e0bdd0c09741a7e08f9cf83cb8054f06172f96", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:38", "1303805", "22087deb8a6e7de42d07bb2a81488da74401726243a32df627fa3b3806294cdf", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:38", "1303806", "bb49ee34d0bced249575606f12fb9dd0", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:36", "1303804", "61653661e4ee92c1dc5d723e836313c90292229d", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:35", "1303802", "9e329853343139ed4f581427573f36b854c56dab27d17a76578068f2a0839342", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:35", "1303803", "4675074b92850424529537483b411b60", "md5_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:32", "1303800", "26d93f785c74da34d7b6d7445dd28ac5", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:32", "1303801", "f3072f374f6d50295ab65700bcc8eb4860756c1d", "sha1_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:31", "1303799", "7bfc2a2b68cfc17bd29b8df4da1c99c97987804cfcbb46640e9e2ca2bb56863b", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:29", "1303798", "f8b30069b21bec53594857e9867b2bd968732e6f", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:28", "1303796", "6bb46e7e04ede28d7c194a20a0cd784ab6aad82ad8fbf3b474c9b5cbd2c4a08c", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:28", "1303797", "9b2e3c0633506210ae0457ee2e732d2d", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:26", "1303795", "e1b278d1987abfe574977b2f4403dfe88f06d388", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:25", "1303794", "c12ecdd132d5eca02af4577b34ccdff7", "md5_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:24", "1303793", "99baa76a03ebac4c506ead1d4215ed8f3b36828a7981a57d9fe8241640b4a1b6", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:22", "1303791", "2190eb0d3ecdf4577891717af8b1bd46", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:22", "1303792", "522f73e9b3ed633318d2d5093feef99c413f50a2", "sha1_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:21", "1303790", "6360eb139ffb8b74aa6fc6a26674d4b2bfc4e0865fa8659a7fa4f7be06a24407", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:19", "1303789", "c66e9d0382d6ed22a494b7b6bd93bbc499cb32f0", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:18", "1303788", "756c133923012bc4f4635423e066c6b5", "md5_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:17", "1303787", "938a86d2c3328a78cb3c9387e9618b97c1d1f42ab6eefc1ef017cad5fe58990e", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:15", "1303785", "101d89bad85d7a2cee47414f3ca875a4", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:15", "1303786", "59664696f80fafe3b225fd080d35dd90f18ffc87", "sha1_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:14", "1303784", "600b2be3d1429ba2716b05ed76d109815eb60426a2d3687c6735aece9dc9c5a3", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:12", "1303783", "e4fbc5f86ccf69b70c02d63ab6b6d025f0106542", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:11", "1303782", "c9849a6295f2527f02fd7b9a0664d401", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:10", "1303781", "52a6184f61de86b9bfe6abf00bbcf297a308bd91effb754d3bf16fd132384071", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:07", "1303780", "9db9709ad5446150bff3c3a4d193979753904866", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:06", "1303778", "09319f07c4b99a145ac12b7339445f6c6493db1c28a592acb32ae464a6d32c13", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:06", "1303779", "04796f12ce53740c4c23b68d2ad1918e", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:04", "1303777", "b9756f279781b5c2ccf0ecf9cca6f260b63d7f51", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:03", "1303776", "ecc4ff0ee7d123f0e90587ea3a7b9ae3", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:02", "1303775", "1e0a46fd7b7b0706d4d5918ba666abdcccc67be4be89874b5cb2ca9ea8b12a83", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:14:00", "1303774", "70e6f747f9bae57619817beb11f836fa8a873726", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:59", "1303772", "6988dc81c0fb10da50630e348e3c73ff80ecaadd25acfb669b0c4df2e3d73461", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:59", "1303773", "46f3c05fb8ef1d1d4c54ab255825f886", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:57", "1303771", "4a958b1945c76c858381bf61e929ba9befb511bc", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:56", "1303770", "45e1f17158de78fe84e61450678236c1", "md5_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:55", "1303769", "4508478f72d7aadcdaa5a076cee956fcf96eff8987bc77063bee1c7a8d0f8390", "sha256_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:53", "1303767", "1ae0d736c5d08b40f0fb650d3f843d12", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:53", "1303768", "81a8064a79805cdb9e47658cc5944ad04f7de100", "sha1_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:52", "1303766", "ec6d41cb09b83cde3855825ca3a2d16518a6826ad49f26a566bb40d4c48f3abe", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:50", "1303765", "3ace2fdca564569720c3ba2bae89f25ffda936cb", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:49", "1303764", "516a26f5978b8c97c755dd1d4292ffb6", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:48", "1303763", "49f9ac550d9df149caa708bd58d9886e6322a176b8ad723b8032ad5bc3ba9c84", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:46", "1303761", "7b146a945502e8ced03f8bfe4e4ba704", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:46", "1303762", "6cf511da5aa396b7ff854a68869536aa6b2c55b5", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:45", "1303760", "7d8abd1890a7177d48a19300928a115bad65dcc7925a43f28f9bd8c4bba342c6", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:43", "1303759", "156878aa64920205e85de634e95da22ea44de54b", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:42", "1303757", "e67c6018e32d7e2f598cf535fb6977c012cfa4fba14a21b4884adf405d3faeb0", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:42", "1303758", "0347f8c12b5bb537bdbeca759b4c67f4", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:39", "1303755", "dcb729b74ddeb44a85e87a79ef151f26", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:39", "1303756", "db7617a367383cde0ae94564f5b2484692554a88", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:38", "1303754", "4be5b3bbfc270a95708a0a89512127ead6417844f4c6baf497f277d139e28c76", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:36", "1303753", "8b02ca3ae4183a3d9bdc98f40d94b55f0dfc912a", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:35", "1303752", "0be9332786cd2b5d41edf5746bd4d351", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:34", "1303751", "65645a7b022d73d26cf94f50e0c9eaa224911bf8443b0366bcc671be27dbb9bc", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:32", "1303749", "801b729c693ea54cbaffa5ad03f84346", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:32", "1303750", "44443541dd2e4a40820f23d9057a92a27dfdc823", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:31", "1303748", "26c4b29aecab745ea5c53cbc27c913397839601eeeea8a5bce6f667ebc029f24", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:29", "1303747", "6f2fbb7a0d66b84dea8f86d45536897d2aa3f0ef", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:28", "1303745", "938b42f084ea40da98cbb0d6cab7f424f1c7e9d6580f67634995a01facb4d98b", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:28", "1303746", "4f7f20d7e243b1dd4f3ce28e7367f76f", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:25", "1303743", "012a8c2d8d89f5a899644738b1dbeddf", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:25", "1303744", "426479e19a29e17607f0c159021fd965dbb42302", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:24", "1303742", "81645015b100a9f7759fa73ef49879ff9be5795c3b073516c3e1a040af057c7f", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:22", "1303741", "0b2c6fdc0a100726884d239429fef4bba6208071", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:21", "1303739", "cdffec56ad2f2148ae8450ac9f77f54998bb1337d119e547e47dc16a0a08911d", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:21", "1303740", "8356497825cf8b4f76753862b5e98567", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:19", "1303738", "d0611d06ff5e9ea8325777ab4cdab0bc77f3b278", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:18", "1303737", "9e40837aaacfeed4906aa0570ec315ec", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:17", "1303736", "81994a7037323a0af3b6a703cd888791c43067c0ca15764c9bbf900522079ee7", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:15", "1303735", "0bd44e5a499972bb3c6d7067d8078c3e62f96239", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:14", "1303733", "37f65665252e8b5cc41b3a3a8e2c539141f24f347a86332415a4e1af69d5bc0c", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:14", "1303734", "3755ce1468a267b6e1084c8069b54a8c", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:11", "1303731", "1284b898470f13f5f615c4d562b92666", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:11", "1303732", "5473fb79e1d8d4089a62a8e5fd120068aac6be59", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:10", "1303730", "a48cdc0d3eba13833042481401cd178b9a7cd2f06f874784a3a98027a9329f66", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:08", "1303729", "3fa527bdc6286149ed113a43fdb6f41600b0c9a5", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:07", "1303728", "c490995f2d27a541929e54ea100d9bc5", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:06", "1303727", "77121e5fd4ffe36a022ac8fc630c8d1fa287252b92176163618fe31dec215929", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:04", "1303725", "5e1fb9afc29c8dfb357b46be649ab88f", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:04", "1303726", "9da2fd03dab938abc98ca1e0e88b67001cee0734", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:03", "1303724", "cd39bffc74d996c25ba6b6edde8601677b6d248fc9adf77376a56e9283b653b5", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:01", "1303723", "aa539b2ad8551f23b1d6adc9b967a62edd2be41d", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:00", "1303721", "53cf1c4a06b8846e9abf3d97f46fa3cd6c50bdf1fe7c46aa64b65960eb456484", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:13:00", "1303722", "0e198c53ce387336130be0c8ad27b7af", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:58", "1303720", "ae1762434fbafe22f064eba92398f4c118969efd", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:57", "1303719", "44f1a2173d4f9866eb6145ed4f26ef4d", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:56", "1303718", "a7fa58d587d848dbe815c010942394561c2d04cf85cec4a5279ce85fec4d9704", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:55", "1303717", "a603b04d2cca159de16b5626e0c6520d16bac115", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:54", "1303716", "30e8226799191364668d07118407ee54", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:53", "1303715", "ae735173f0a78323b3992fe227f4062009900c7b8ad282a8c6bb8fbc3623a896", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:52", "1303714", "a50a4341664d5c4f9b1d7f7afba33ab9fcd44d31", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:51", "1303713", "0824428fdccf3c63fc1ca19a1dd7ef74", "md5_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:50", "1303712", "90a82defe606e51d2826265a43737130682b738241700782d7e41188475b7fb7", "sha256_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:48", "1303710", "db9b31da65d0ef913176d54ceb4cf5f4", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:48", "1303711", "1ad8480cc56e94153a22d46a5a6020dc27052ae2", "sha1_hash", "payload", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:47", "1303709", "893b893178434a4273089c619b1acaefab661c6d647d832a6375fb53e2753669", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:45", "1303707", "14729cf354a2bcd9a764ea35732b2ebc", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:45", "1303708", "5878f8c4e6b82ef6c9d32c020bb9d5898e973e96", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:44", "1303706", "1bfbe3e1ad1988b74e65a9675a05c796d71fa728440afbcccc7afd12c92104ef", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:42", "1303704", "3da0670c583abb45648e3f0c6ab5089e", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:42", "1303705", "de5ab85e0531ffc7dcbde2dfa37111e90e212396", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:41", "1303703", "68021ca2722cb5eadaed2cd5b9c46903d01077dad0ebafdcef2de6d9e0664d67", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:39", "1303701", "076d40b4c480dbd3a0e84260aab18cff", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:39", "1303702", "5ac7e03ff02e77a5dcb094165759ad8fcec72b88", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:38", "1303700", "6ef3b7843981b66e6d7099c61920925c3d260a3bebf20fcda5711e824acc526a", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:36", "1303699", "96fdb7283defa520e95d03b15c942b8bdbef8f2d", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:35", "1303697", "47c4ed11dd0f2ff4d2a65b428a96e14ac5549b43f2d67b2298f5a18b17161a39", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:35", "1303698", "80eb2da51425056e77a8bf9da3b916ac", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:33", "1303696", "4e62e1cafe05ffef3d7ad0d34822066b34962bbf", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:32", "1303694", "e57cec2b7f54b405b1618129b9328fb7b6ec4dfd4a62c9dc90f8eb3c7d83b898", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:32", "1303695", "21ff4cd902c6695abca7f6bfaa605ce3", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:30", "1303693", "f82fc492fee45356d0ccf32d6b3e262e20ef54c3", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:29", "1303691", "eb89a7b195591d21c6f902d02560d4b2d1d1837fd94d404c3211e9f4ae12444d", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:29", "1303692", "526951b8056a2710c76cf0a533525dac", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:27", "1303690", "65293f6a7d9e556403fdf1404913c0c57bb363e1", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:26", "1303689", "6ca89843cc5ffa1af85636dea4019a1a", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:25", "1303688", "7568695926acc0184a6d8364e55c2fec814fc7800641ae30e8a69a4f2c39e5b5", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:23", "1303687", "0484e30112d6e1ddde7f31b22ade9004d96551be", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:22", "1303686", "74d3d69866f5d34978483cfad49565fb", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:21", "1303685", "b38fd8d26050f94aaea2b8fe49518d9b18453da9e83ca029524c1c8380625060", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:20", "1303684", "0bafc6a8ac7e752a56d1bb7819a8871573e566c5", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:19", "1303683", "4f2a6801f35145cbf8475b6d9dccb2c1", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:18", "1303682", "f4c7323aeb31d8ed4d65ef5cbccb6a113069e500df45cbf60b31795e106b8e07", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:16", "1303680", "4852c0ff7e02f8841e3a6af146d69556", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:16", "1303681", "5ec77767e14d5018b8d673d32d43a22e16a7a973", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:15", "1303679", "d24b622ee7dc6ec0e89d9d561ce161a4336322b4d22614284810116434e66c1c", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:13", "1303677", "35a4093aa84921340790cd2cca6828d0", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:13", "1303678", "74d71736de8cb9df31cb59589895656990046813", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:12", "1303676", "1652f43525a84c6f33fd69ba45433bdf24bd90deb283dfcf326077fdaa8b8154", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:10", "1303674", "70eac30776d13a02e4b6a5e6963c52b9", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:10", "1303675", "ffab58b5e16e2bbfe75287b14f329c9bbd4fa790", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:09", "1303673", "b563a0d625aa148c992413947b2d3ceae678c27fd6d1eadf8e9eb3e10d5206f5", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:07", "1303671", "1c8e4a042ca236786b20ec1f0498c5a5", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:07", "1303672", "b7deafce3ff7d7252ed29d6f508a49a6d1b63504", "sha1_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:06", "1303670", "67370db3fe16cdf66095443b4e08df054d30f2c97d0767eba9c73afc562153ee", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:04", "1303669", "7ee68140c5a26af5579ac2a75fd33a08d68322d6", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:03", "1303667", "9c3042d68209e7b4411a2585a31366321c7d4f0466502f32295b8413c9351cf8", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:03", "1303668", "d18127f4bb0627f6d965171abd8cb956", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:00", "1303665", "d3593f7e5a555a84fea5d70412463a0a", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:12:00", "1303666", "7d980ae4048f3d94fba3149577e612db826b067c", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:59", "1303664", "53805ebc2b9eb59587ee7baeb45de6df203dbba25913de393026f4c14f0f5487", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:57", "1303662", "c58a7c4baffa401c71a1a333ecd0f956", "md5_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:57", "1303663", "1614572890ef26f28f3b7c9f04ba7e6eb06587d9", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:55", "1303661", "6795dac9944b17ba82d40cf18ad5c57b8c4363bc5634d525bdbff3dfa18762d8", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:53", "1303660", "47d9f52dd9ebadb7741dc2f84d7c1cc4212d4276", "sha1_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:52", "1303658", "5a06da89d65a9ee2823551d73c4fe1fd59c0eb8109089d3c6d9c355dd2d64127", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:52", "1303659", "d92bfa7fbd7f110fcd34314fd08f05a7", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:50", "1303657", "278c5aac15e57f2ab0a6809d1952dc32a277fc0d", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:49", "1303655", "6a56cbb193f28d62f0fa7f1ecbd0835e95e1aec40e2c08d9b2f839a0c4d76fab", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:49", "1303656", "7a591f965d4de7439413d7630026d9be", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:47", "1303654", "de97ba629873de027142e506f3862d1d6debc30d", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:46", "1303653", "e5834e14777d7df91dc61f75c796e07a", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:45", "1303652", "acf03676e5dd002d0dc94a2b50e83dda78d287ee9b07ad2c9659688310015820", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:43", "1303650", "a0f74c405b615828045a96d6eb464f77", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:43", "1303651", "1307720fcf7f9df9dc5d3f7393229b92f56b2480", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:42", "1303649", "cc9372baeb26eb7513415fd8da130f514a1add9d50f8f8e02f893b23c6a1a1f3", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:40", "1303647", "2d655119c0aa977debf88758f2009729", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:40", "1303648", "f2acdcf38ad5293435576cd3b5827d53cd5baeed", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:38", "1303646", "e831a72bf963f6c0791f0592fe5015efb6898c6c07c35db5383b1f334c3814f9", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:36", "1303645", "40c98ca63e9f78284cddbefddc03b6c6ad070462", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:35", "1303643", "31c28bce87bf83996ccbd1e7bea5de7a75b5f840df1e108f6792d5b17185da66", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:35", "1303644", "6610a5896fe0895ed5ca90f938906372", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:33", "1303642", "b31f809206ea7352a8e2707bece1b087ded10ab1", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:32", "1303641", "e771e64ba5d2368abadfa290fed8673a", "md5_hash", "payload", "win.darktortilla", "None", "DarkTortilla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:31", "1303640", "78d75785b308bf3e64bc6a05a07d54b786200ecc033df417915f0223a19c2533", "sha256_hash", "payload", "win.darktortilla", "None", "DarkTortilla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:29", "1303638", "52677d68d5ec7e10d2090af48517f981", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:29", "1303639", "72a9bbfcc88b8bd36594492efd327683875122cd", "sha1_hash", "payload", "win.darktortilla", "None", "DarkTortilla", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:28", "1303637", "e1cc60c0b6a0586a186cc1928b826e69809bb05afe585c2d7e2cb429b7d00c4a", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:11:26", "1303636", "73f64f2d6db5c69f367f01f8dba1a2399d677aa3", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-25 17:10:16", "1303635", "103.198.26.25:96", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/a8e25a2520c09dd71e17afbde126f58514921c6d967a786bde096fafda08701a/", "remcos", "0", "abuse_ch"
"2024-07-25 16:50:18", "1303634", "http://45.61.136.20/index.php/jlbcyg0q595vs4hef0", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "100", "None", "Loki", "0", "abuse_ch"
"2024-07-25 16:29:03", "1303632", "https://packedbrick.com/vfRg2L1ej33bleY00JdN9pxuSvOX2mNI-nTw9UpUoPg", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-25 16:29:02", "1303629", "http://109.120.176.203/api/twofish.php", "url", "botnet_cc", "win.privateloader", "None", "PrivateLoader", "2024-07-27 00:00:26", "100", "None", "None", "0", "Bitsight"
"2024-07-25 16:29:02", "1303630", "soft-download123file.xyz", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2024-07-25 16:29:02", "1303631", "packedbrick.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-25 14:26:12", "1303620", "https://imc1.top/cdn-vs/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847330018291986", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:11", "1303621", "imc1.top", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847330018291986", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:11", "1303622", "https://imc1.top/cdn-vs/main.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847330018291986", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:10", "1303623", "http://imc1.top/cdn-vs/22per.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847330018291986", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:09", "1303624", "http://hhic.top/data.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847330018291986", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:08", "1303625", "https://novidadesfresquinhas.online/cdn-vs/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847584114238337", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:08", "1303626", "novidadesfresquinhas.online", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847584114238337", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:07", "1303627", "https://novidadesfresquinhas.online/cdn-vs/main.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847584114238337", "SmartApeSG", "0", "monitorsg"
"2024-07-25 14:26:06", "1303628", "http://novidadesfresquinhas.online/cdn-vs/22per.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112847584114238337", "SmartApeSG", "0", "monitorsg"
"2024-07-25 08:45:09", "1303619", "http://104.131.159.100:80/load", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/47c4ed11dd0f2ff4d2a65b428a96e14ac5549b43f2d67b2298f5a18b17161a39/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 07:27:03", "1303618", "office-adr.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "https://x.com/Unit42_Intel/status/1684583246032506880", "mythic", "0", "Rony"
"2024-07-25 07:15:56", "1303617", "5.253.86.233:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/1bfbe3e1ad1988b74e65a9675a05c796d71fa728440afbcccc7afd12c92104ef/", "remcos", "0", "abuse_ch"
"2024-07-25 06:53:36", "1303582", "troia23.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-25 06:53:35", "1303502", "41.249.55.89:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-25 06:53:34", "1303479", "103.144.139.144:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-26 20:37:17", "70", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-25 06:53:33", "1303478", "103.117.141.98:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-24 17:53:45", "70", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-25 06:53:32", "1303477", "91.242.163.155:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-24 17:53:46", "70", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-25 06:14:23", "1303616", "60.205.226.146:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:58", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-07-25 06:14:08", "1303615", "74.48.84.44:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:18", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-25 06:14:00", "1303614", "106.15.199.56:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:56", "100", "None", "CobaltStrike,cs-watermark-1359593325", "0", "abuse_ch"
"2024-07-25 06:13:58", "1303613", "106.15.229.159:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:07", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:54", "1303612", "36.133.13.63:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-25 06:13:51", "1303611", "47.116.176.97:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:44", "1303610", "122.152.232.22:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:36:54", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-25 06:13:37", "1303609", "91.92.244.163:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:32", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:36", "1303608", "20.117.173.23:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:34", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:34", "1303607", "60.205.226.146:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:36:51", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-07-25 06:13:29", "1303606", "106.14.211.58:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:08", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-25 06:13:23", "1303605", "47.103.135.162:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:55", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:12", "1303604", "139.224.199.55:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:09", "1303603", "47.108.77.135:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:03", "1303601", "47.99.195.123:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:38:02", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:03", "1303602", "1.92.92.7:90", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:13:01", "1303600", "47.108.27.61:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:42", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-07-25 06:13:00", "1303599", "117.50.180.189:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-07-25 06:12:48", "1303598", "106.14.96.25:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:38", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-25 06:12:46", "1303597", "81.70.246.230:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:12:39", "1303596", "39.101.72.235:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:37:56", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:12:26", "1303595", "106.52.196.33:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:36:50", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-25 06:12:24", "1303594", "39.105.161.32:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-26 05:36:46", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-25 06:12:16", "1303593", "49.232.137.101:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-07-25 05:20:18", "1303592", "http://cz41806.tw1.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-25 04:42:13", "1303591", "43.143.123.22:443", "ip:port", "botnet_cc", "win.squidloader", "None", "SquidLoader", "2024-07-25 07:18:13", "50", "None", "squidloader", "1", "Rony"
"2024-07-25 04:20:17", "1303590", "193.29.13.46:5850", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2024-07-25 04:10:15", "1303589", "45.83.207.67:6652", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-25 04:55:52", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-25 04:05:14", "1303588", "http://722659cl.nyashtop.top/VmhttpTempdownloads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-25 03:10:14", "1303587", "46.183.223.47:7777", "ip:port", "botnet_cc", "jar.adwind", "AlienSpy,JSocket,Frutas,UNRECOM,JBifrost,Sockrat", "AdWind", "", "100", "None", "Adwind", "0", "abuse_ch"
"2024-07-25 02:05:13", "1303586", "http://a1008315.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-25 02:00:20", "1303585", "http://192.168.0.131:80/MtXD", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/47336e3f06eb8cae1d4d9e5b93e36587c6a6434583b69e8f04ecb37335783054/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 02:00:17", "1303584", "147.185.221.21:11656", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-25 04:56:52", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-25 01:55:48", "1303583", "83.144.109.70:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/584d18ef44af9d254d115ab93d5bb516dab54cc354119c817190aef79fd25119/", "emotet", "0", "abuse_ch"
"2024-07-25 01:55:44", "1303581", "5.12.233.12:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/584d18ef44af9d254d115ab93d5bb516dab54cc354119c817190aef79fd25119/", "emotet", "0", "abuse_ch"
"2024-07-25 01:55:05", "1303580", "http://10.211.55.8:23462/g.pixel", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/c1cc2912bf692be2fbe5255231a1e44e1b1b833b944d45e3937b3191a00fb570/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:50:36", "1303579", "147.185.221.18:52136", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/d3b62483fbf63ecc9b1813d77f80591d6cf00892eb030486475b6634c6c2ab0b/", "remcos", "0", "abuse_ch"
"2024-07-25 01:50:28", "1303578", "http://service-1kx1l5oj-1305976706.bj.tencentapigw.com.cn:80/bootstrap-2.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/c97119be1f838f352f9fe25ded24b3c2fc0dd99496d508f45d1e540b3be6131c/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:50:21", "1303577", "http://5.34.205.152:80/SlDZ", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/d0ea156b9079bcc3598f5ec8dfec6d579c9a625606154e1be4a1b1ce570bfbf6/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:50:20", "1303576", "http://38.12.0.151:8888/dhNC", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/87a54f63e0318610126ec4df990c7aef55caca7a2547d45dd842fea30c31b1d6/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:50:18", "1303575", "http://192.168.50.141:8088/jw2J", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/2d1ebdca169932f877c5e88c794eb97e220002c8bb531e7587ac06dff129fc32/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:50:15", "1303574", "http://172.18.0.1:80/4qJn", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/ae4dcd24be60dbdaa920b2e11a78a01b38ee59f4500030f8156e2d1ffac8cf38/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:50:12", "1303573", "http://120.48.5.80:7421/rN4i", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/276c5328f1cbf6e24c50cc3ddac299b4ea8b569d8e91c3ae4c6f61362236d46b/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:45:41", "1303572", "http://www.orcasvip.com:8443/jquery-3.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/7b3b5343f46cec4dcec1588fa5e182988fd922d5adfa613d9e763ea78d33dfc3/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:45:37", "1303571", "http://ns2.icbc-com-cn.com:53/jquery-3.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/4ae113138120fbf090ef2fe8f7e54e51969b2cf2f0a4f4aa6ca0da2441402299/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:45:36", "1303570", "http://ns1.icbc-com-cn.com:53/jquery-3.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/4ae113138120fbf090ef2fe8f7e54e51969b2cf2f0a4f4aa6ca0da2441402299/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:40:03", "1303569", "http://103.47.82.210:80/1fZl", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/f179be6e851172ca981ce2e7054ba1927f9e5a0a5fbf860acb0a83066a54f5e9/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:35:37", "1303568", "147.185.221.19:2035", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/7a976388b064594086b73e3e08a3b95b97a9eea7610bf9c4ac53a2d10304e12b/", "asyncrat", "0", "abuse_ch"
"2024-07-25 01:35:36", "1303567", "147.185.221.16:2035", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "https://bazaar.abuse.ch/sample/7a976388b064594086b73e3e08a3b95b97a9eea7610bf9c4ac53a2d10304e12b/", "asyncrat", "0", "abuse_ch"
"2024-07-25 01:35:21", "1303566", "http://8.130.52.13:12233/en_US/all.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/1d0080700478bb69018f12521cb202745b4fc027a6baf07d55067dcbd54a3d2e/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:35:16", "1303565", "http://192.168.203.131:80/fBqD", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/e076f738415148efe2e4b00cde1669089f0a28273e91e6e51b3f5c46494039a8/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:30:19", "1303564", "http://192.168.3.140:4431/introduction/edr", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-25 02:30:22", "75", "https://bazaar.abuse.ch/sample/445827bffb54056ed88eabc109a5006ec25b2a1fb39c6dd0c771da305a7f7b39/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:30:15", "1303563", "18.229.140.246:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-25 01:55:44", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-25 01:25:15", "1303562", "http://207.148.99.69:443/LKSs", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/aecf22cc2900d911ae05b2fff10255f8d723964e7486f78a88ce547e23045461/", "cobaltstrike", "0", "abuse_ch"
"2024-07-25 01:21:01", "1303561", "98.156.206.153:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:21:00", "1303560", "98.15.140.226:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:59", "1303559", "87.127.197.7:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:58", "1303557", "82.223.70.24:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:58", "1303558", "85.152.174.56:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:57", "1303555", "78.186.5.109:443", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:57", "1303556", "78.189.165.52:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:56", "1303554", "68.44.137.144:443", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:55", "1303553", "67.235.68.222:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:54", "1303551", "60.130.173.117:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:54", "1303552", "60.250.78.22:443", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:53", "1303550", "59.20.65.102:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:52", "1303548", "58.171.38.26:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:52", "1303549", "58.177.172.160:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:51", "1303547", "46.105.131.69:443", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:49", "1303545", "23.92.16.164:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:49", "1303546", "24.94.237.248:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:48", "1303544", "212.174.19.87:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:47", "1303542", "209.151.248.242:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:47", "1303543", "210.56.10.58:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:46", "1303541", "196.179.249.218:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:45", "1303539", "195.244.215.206:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:45", "1303540", "195.76.232.114:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:44", "1303537", "186.208.123.210:443", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:44", "1303538", "193.80.169.64:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:43", "1303536", "185.155.20.82:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:42", "1303535", "178.20.74.212:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:41", "1303533", "176.9.43.37:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:41", "1303534", "177.230.81.0:22", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:40", "1303532", "160.16.215.66:8080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:39", "1303531", "136.243.205.112:7080", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:38", "1303530", "120.151.135.224:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:37", "1303528", "113.61.66.94:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:37", "1303529", "114.145.241.208:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:35", "1303527", "101.187.97.173:80", "ip:port", "botnet_cc", "win.emotet", "Geodo,Heodo", "Emotet", "", "75", "https://bazaar.abuse.ch/sample/6f6bac4133e06b5a0bb3a8dad3874f7c33b51319396896c60d2bdf9e9f77def9/", "emotet", "0", "abuse_ch"
"2024-07-25 01:20:13", "1303526", "41.142.43.242:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-25 01:29:50", "100", "None", "NjRAT", "0", "abuse_ch"
# Number of entries: 590