################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2025-12-04 06:09:51 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-12-04 06:09:51", "1667148", "4ac33e95d7d1bf205c8bd021886a8edc5d405d65389edb3b0c65d62c12ace47d", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "85", "https://analytics.dugganusa.com/api/v1/stix-feed", "dugganusa,github,password-protected,pattern-43,russian,upx-packed", "0", "duggusa"
"2025-12-04 06:09:50", "1667147", "23c909ea83cd7428a37189f228f4782693c1726381c886712135defca5924a68", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "https://analytics.dugganusa.com/api/v1/stix-feed", "dugganusa,github,pattern-38,stealc,supply-chain", "0", "duggusa"
"2025-12-04 06:09:49", "1667150", "a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a", "sha256_hash", "payload", "js.shai_hulud", "None", "Shai-Hulud", "", "95", "https://analytics.dugganusa.com/api/v1/stix-feed", "credential-theft,dugganusa,npm,shai-hulud-v2,supply-chain,worm", "0", "duggusa"
"2025-12-04 06:09:48", "1667151", "62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0", "sha256_hash", "payload", "js.shai_hulud", "None", "Shai-Hulud", "", "95", "https://analytics.dugganusa.com/api/v1/stix-feed", "dugganusa,github-actions,npm,shai-hulud-v2,worm", "0", "duggusa"
"2025-12-04 06:09:48", "1667152", "9d59fd0bcc14b671079824c704575f201b74276238dc07a9c12a93a84195648a", "sha256_hash", "payload", "js.shai_hulud", "None", "Shai-Hulud", "", "95", "https://analytics.dugganusa.com/api/v1/stix-feed", "credential-theft,dugganusa,npm,shai-hulud-v2,worm", "0", "duggusa"
"2025-12-04 00:59:40", "1667418", "37a351ea8df374c0be3ae20bd04f515cd6b0121db8c463c87dbe730d6abb08f4", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:39", "1667415", "e13eab84b5d51db02ab19e24a6c7732642ee815ab9df3f0708bbbede257d8ca8", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:38", "1667412", "fc8a64a067ec1cd0f8190da143758db31fd5021c402023304e1f76993d2b15b1", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:37", "1667409", "8bc07575854bba3474e1eb3451d050d4f1386097fcbd6343d0f4c53bf1efc780", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:36", "1667406", "1ebcfddad6ca2b49edfeacdfb3e9f074333729b965d637aa44ecb8df3626efe9", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:35", "1667403", "d4afec965d05ba32766a802f6611faa86405cb36b857b65de8d4c83b1f152806", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:34", "1667400", "065fafc5e3a52b618e7763df8a9269cc8e7ac397fe220a13dbe93ba0c18805a2", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:33", "1667397", "76ab981b7b93f61673b2b4a7c12f7ed2ceeeafde66e3c4fce88ce54b4d0c17e3", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:32", "1667394", "a40c0293d30ce6afdb9d825ca751e2d53592c55a86c2859c8e60849cb52c4d72", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:31", "1667391", "a858133c5c1865d12abd0b22b1bb77bed26b01da769737af1392add9f244b1e2", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:29", "1667388", "af3296ecfaa277da4c620ed311ef9ea485aa9ef2c0c55ef2c9789e8aacdcd0db", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:28", "1667385", "964f1a49f5204ea173a64cc729ba0d026555eef213d8a71eb3dd18c942512e7a", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:27", "1667382", "cc7d970b366fac85dffbfef76441a241827cad22ca0797f8c19d5b1bad4b8b89", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:26", "1667379", "23ae50d51a908d1ccdad1cb7750b6b63596cba85731883eb40c5cb9273ad61e4", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:25", "1667376", "6a60df67162c247c7b02056c1c72acc6556d3c01ee01681157a57fc291d0068b", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:24", "1667373", "5e719da07984247b6964dddba2926767e599d4dd45c1e4805b18937afcceeda3", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:23", "1667370", "91d7adf38c8940d72640098efb13cfee74bf5195737a093a4a3330af0fb63ed5", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:21", "1667367", "fb898bba58b74c8a8bdd06c176ab7a3acb525c8f2d6a1220a2e82c6f0c991ed7", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:20", "1667364", "a36fa05f630b3223180b84b908cd5a6f4a7453b860147bc5c42ecc4936d7ca13", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:19", "1667361", "f004a2047517380a7bad3e3817b98706eef99ead122d698f247bf5f6304fe475", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:18", "1667358", "999c04854a14a50e67c4efb840139402b256ae8c84582b36f1f4ab3878fd2af1", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:17", "1667355", "1d2b96df0f0f1c65ddbc1bbc1fcb8f498d28caa97d2847e3163424c3a68c9f27", "sha256_hash", "payload", "win.dbatloader", "ModiLoader,NatsoLoader", "DBatLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:16", "1667352", "5f6e7232d0fd57d8b46e8fbd1f7c917b4bddb4c426b9ea7d73e1276a197ca84d", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:15", "1667349", "b62460b3255ec6bd66ff816318df1dfda5a51390427a8484b3dcd45a19484cd4", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:13", "1667346", "1715bffc46bace588a5015bcc089fcad4d9905d6c7ed8a51c4d2ff970f3fe692", "sha256_hash", "payload", "win.isr_stealer", "None", "ISR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:12", "1667343", "b9e747c4fe5dd06c116cf1e2d7d924b52807b12bd396238cee1e84187ea1b793", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:11", "1667340", "0d38177cbe3469d1e658d8b8bdf7785c2ef0c0021c7e08aa5ebbe1904d34d1c4", "sha256_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:10", "1667337", "13fa7d9111462ae97d2d41e6879b0d3ee2ed5f8ec939dec4e56bd209e1e85b1a", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:09", "1667334", "fae48fe6a0c7b167093f0f6481ff9f67bab9b023fb43a4c6265403d4e57b2bec", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:08", "1667331", "86d1ba178ae4f79243051c3b4e7a9beea2395e9ef0c8e2af930e32a51ec83b3f", "sha256_hash", "payload", "win.havoc", "Havokiz", "Havoc", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:07", "1667328", "c0edb33c4fb4b0e28d56f890e9428efd96b3d31b1bdb94e43136f44db7f6eb19", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:06", "1667325", "9dd1001e76c345b016c5727650d26cecbaed304ed0960eff4fcaaa60a8d3bc86", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:04", "1667322", "5764ca651cf197bab1b99109705d19d43644574b3a7946fc4e7464978a4701fd", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:03", "1667319", "64e714b6db5a170d195cf7f5ce40a50e0ecf4b59d591fbc4cf282ca37496c952", "sha256_hash", "payload", "win.masad_stealer", "None", "Masad Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:01", "1667316", "be3164cb1a4925491c0265f3c9a717c89218b7f47c2fb603c8f7f69309a39b66", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:59:00", "1667313", "8e94849692519ab0f0b33cda20cadee491dc50c07ed1aec60fd31e3119f30abb", "sha256_hash", "payload", "win.coffee_loader", "None", "CoffeeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:59", "1667310", "c5b2b190d18f40051c5697746b21252cf14894ba10ae6e3e007e6f5ed4b31dfe", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:58", "1667307", "50419b6ae38000b3d639e462f69bb35ff167650ca8eff6eb35dcfbd38b08c393", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:56", "1667304", "6cfb17162c83c92f0d81d1299c0abd2ac62c8983c022f03fd36e86a37a6704a1", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:55", "1667301", "bfd3cee0ef2eb54478550e422a2072d8d2125b0588f27930fa13e6f9de998aca", "sha256_hash", "payload", "win.crimsonias", "None", "CrimsonIAS", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:54", "1667298", "2b671627a98c335af15443e21271262131f7b431d4a43448dbe099d0e685fda1", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:53", "1667295", "4dbdb20f155314cc024c0dae1fa82e421516e5cb9075e7bdb12f6dfca2eaa2e5", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:50", "1667292", "e1b28c54dcd0bb61b29c986b2f893977060af99d1bb732fb1bd636ac90d3839f", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:48", "1667289", "20291af59067a9886fa2c749d711adc8c2ecf687a48611cbdfefe6b5ca0f583f", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:46", "1667286", "f88f894670594bf686d51dcb52d0fbc01590c0e4cf534c03a178c3e3f6c98c25", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:45", "1667283", "97e4072ab5d871c2c47a6d4ab482945243d05c069e79cfc41b8dce7bbbb810c9", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:43", "1667280", "4b034df185a00e490091a9c0c1bf4944c0e9177017cbcb1b0d61d937a87f8cad", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:42", "1667277", "83863006b4dda98ef3dfdf417d11b099fec994d1886ce7e91c4e708e23bb2ba6", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:40", "1667274", "bc203e057ab874aac7f8e033d3bca4325296757df055fd4ef81a6d5d72d2733d", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:39", "1667271", "00e86c3eb762787af1d986f28e2b154ff5ba3c0828bd7a5bf0df1a69db739026", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:38", "1667268", "96befa0fb8532afd7aeb21fc1b9cc5fd3c35dfeed09b783f5d70044cce30db97", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:37", "1667265", "acee1954a28c44d1353b5d05026d0de8bfc32e8b76c0a0ed1a057e9f6490e779", "sha256_hash", "payload", "win.vanillarat", "None", "vanillarat", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:35", "1667262", "94465293b5c291da3fb2cf0eb3c6d995a4735921d876736cf9abae624dc1f4be", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:34", "1667259", "f3875443e6c73a5f6d67ff49d2c03c67effcc9bc30baca62c3b46908d4dfaaa9", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:33", "1667256", "17f1708d36917a3095a76e3c6dc49d345fb0d95309894ca3ac54097f2e22d104", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:31", "1667253", "05f68525352971f08ec5b69ce138b63f0bbba0ea72e35cd34d8437e9d1669af6", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:30", "1667250", "13f221b634e9dd9c174c975dca5680fd4d856d93977152235e3f6a9fe0e059bb", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:29", "1667247", "15c319e00eb4a3007195d255861e25498e501ecc5e0c6638d2f48bc9c3ae2e73", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:27", "1667244", "2cbdf96c80d1e9167282ecb6f5f1033d4b747c5417ef5849d91b7a6104f99870", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:26", "1667241", "9bb808a0df59a1f9c5b73795505051ef32cc8abfb74dbef0fca21afc6b5ce4f8", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:25", "1667238", "5d8920257c318caee990816b951125fc8d641e3b7ec762b95fec4431e37a9386", "sha256_hash", "payload", "win.erbium_stealer", "None", "Erbium Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:24", "1667235", "34126d2af7207d31cee9fab5b0426508adc683b3077bc83356dfc89c6f832d65", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:23", "1667232", "0dd2f8d23e6dbf7bb458a675e0fc8fd7d9f8ef76c8ee1be07540392dba52d261", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:22", "1667229", "70428c1fd7f8879239050155e0a37ed65c6997855e8a8420e2d2f09598ba5cd6", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:21", "1667226", "fb46b4afecf906742432eca80cb926f2d31a20c4e0f1628d9c909e28bfaa02d3", "sha256_hash", "payload", "win.neshta", "None", "neshta", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:19", "1667223", "e4c6311e88083ab971d7d8d3c622221eadb86564654b8f20cc0e8159d61054d0", "sha256_hash", "payload", "win.neshta", "None", "neshta", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:18", "1667220", "a61dddb469f669b6cc0520593ac23c9f54761070cf700dbe5c694cf34215538a", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:17", "1667217", "d240f9c3f1abac605ada8cb3b811af7d92dc7017b503a5ef0202fdbf9425d100", "sha256_hash", "payload", "win.moker", "None", "Moker", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:16", "1667214", "ba8926f7954f7075ee7d4e8b27a94c5e4ad7ed1676e5b096bdbbc1f26ba79257", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:15", "1667211", "fe251bb1c14b74a0832b049be399bf72f9a3a638846d9e89c614942440e221e7", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:14", "1667208", "1a4279bf33cd9302c4aae6e05ff9d9ef2de1ddc83da1518a8a2f84d241873f9a", "sha256_hash", "payload", "win.coffee_loader", "None", "CoffeeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:13", "1667205", "c657d5a1069f9aacf50a01f859e4301761337d5e45601278597ec5f3cd1c8e3a", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:11", "1667202", "0293ec398b301d984f4e280e528ba7d6c530564edf9fce662dc44e45e8bb5c6d", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:10", "1667199", "aad0a60cb86e3a56bcd356c6559b92c4dc4a1a960f409fb499cf76c9b5409fdb", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:08", "1667195", "bae5d9c81d7142b9cf994402b2648d70cf90271a31435d92fdcb87c422b00a17", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-04 00:58:07", "1667192", "a0833c96c647a67c9ea6cb2545e3c157f2ef6a062d2e9e8e05871845dbd40c1a", "sha256_hash", "payload", "win.owlproxy", "None", "Owlproxy", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:52", "1666702", "39c294390009834552aae2fbcae03fe3cf9f4fe5eda668c224448a0f4679c0c0", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:51", "1666699", "859ffef0278c9c9835db23202f3aa67b69ad1e00a3f326350f613ab701a45ee3", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:50", "1666696", "92478c525daf58642a221dfda3782d6414d2040976fea242effffbdc854e813c", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:49", "1666693", "124928ecf66ab052a457eaa66af8a81530013177692bc056c19886e8a48a1cf5", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:48", "1666690", "caf7254ae621cba9189e65295b25a272fe122e1ab2f3d05ec65dd0709b23d52e", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:47", "1666687", "4f39b41a46a710e710b78d05f59833710755422df613fa4570d2636b222b2168", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:46", "1666681", "6e57966b5fd6c676b5be0e7ff8d713053722fbc27723768ab7b5e96f1157ae91", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:46", "1666684", "4a7f71479e004b53c391b7899d720c9a8c6c18a9c0bfbcb40f521ad2a6345c3f", "sha256_hash", "payload", "win.mimikatz", "None", "MimiKatz", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:45", "1666678", "1fbeb5c772b2e1c7ee65ac50c323f23ee912abd323f5883a148a5f1d28f282b5", "sha256_hash", "payload", "win.privateloader", "None", "PrivateLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:44", "1666675", "cfb9c7cf496ca45f0ea7f80ea3d06e19614227d346a05feb7abe00701e23a4b6", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:43", "1666672", "323514126c9e88ab371457383812723a5bd25aae47c113c990c9561afa0cf3c5", "sha256_hash", "payload", "win.privateloader", "None", "PrivateLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:42", "1666669", "9b7ebcd4b27ace0f237f2ccab58503340be62a43112f9c537d16f42d40abb715", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:41", "1666666", "79b120acdb37fd5b5fa927a6ffb370d5a7cbc8039f2e9b31831029d0f16bc38b", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:40", "1666663", "a515fd4ef2d7b5c1d60af04da2e2138036f493ce5d02d1491354560b718f80ce", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:39", "1666657", "3b504d803733fab4f75705dff7b109b2732e68d53fd4e510a9b863329452f4a8", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:39", "1666660", "949a1a94161e7ef47d64f71f7ed3ee0cf7db1622ecfad7b81f7ffa6f9f42e264", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:38", "1666654", "102efcd647e8331f4c9a8d980f3322640c1fd24d6dfc4173153094ca640ba0b3", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:37", "1666651", "2de4671af96bac2cbb7added8ee3a54239aac63a56d4bcc5ca22bfa88b30eb48", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:36", "1666648", "b4e1932f23a54390bc8743dfa8a7eea4c3e446eae0c97625d780988688274bf3", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:35", "1666645", "e9d589ffd09733b63151369d4e55a9516288ead2b11036016f7f8b02c5c8a6c4", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:34", "1666642", "a2e39401f7e09438f35e9a4ca0ce24dafbfef8c0b6250170f67fb9a4dfc0b63e", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:33", "1666636", "1f9e7ccdbb6aecb1c353461b5bc162a24c3df9acb5493d76aa0e8f1c6ec1190d", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:33", "1666639", "2c1c1e5c6028ca269261ec084975bb58a0a4f6b3e72bd377f6cce0b961b2e5f2", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:32", "1666633", "7152fc2a8c08211d57c454dac030af4acf0222e8564463cb60b036d0cbd424c2", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:31", "1666630", "8ab637e2cb18c2cd0e1a8e8458916f356f42a0579aa9f1fc522a52056402f6c4", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:30", "1666627", "3b54db03bae9ce2753459bb8e6951f9aff5c87a0a505c08b288f30e8cc9bf97e", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:29", "1666624", "60203c6af96861965a089eb2c9aa70ffca1a5dfee35a369e77ad3f17896a8ce3", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:28", "1666621", "f8aa02fae887ea80156c2e8be3940405bfc612434d7efae60320a802a9d15a93", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:27", "1666615", "fbe7554867d49dbfa125b8d9355f345319536cbc4016948d4fff8ff0c4fa0b9f", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:27", "1666618", "ff30d24b652e2bd46709c8b3c0fb8c293172235a02540d7496cf1f4984fe62ab", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:26", "1666612", "9cc00b1af48acb7af7f3c53d0a1adbe928d4bda26273dd955120ca138bdf2eca", "sha256_hash", "payload", "win.darktortilla", "None", "DarkTortilla", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:25", "1666609", "e07e7df88008f8d1ba3b459a3e8907c78c7a22cadfcb2ab439ffda155d3e2fc0", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:24", "1666606", "30fc332152721b4e56182d35541f656ea8f9b2b281dce56bbd867c05d9ac5a70", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:23", "1666603", "91adba40b3c7691251047fb81b35d0efad25c3d1e2947db6f7d151eba1f34a21", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:22", "1666600", "112699f3eed96b2dfb176b880f3be86ea083431600aeb889cd3ef46607caf4f2", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:21", "1666597", "6ac566e9a69e4bd338cfa6665c04a954c891fc5c09698ae85a40d9565796f481", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:20", "1666591", "95f214d4e4b557548f2077ed9ab2f260471326b442a45824db16ec7c58fe0900", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:20", "1666594", "d148029876d188723e36c78c56da70af1dff11ebd406fa742c33a33d7a4b77bf", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:19", "1666588", "58a50b3ed5f133f29b1004ab5495a6f651d5186310d80572e89d9e58940a1381", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:18", "1666585", "2fc8ebc45314f2d1c8d20b5fc37ae564d04f066fc09cc46c7cf8a41ce87c781d", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:17", "1666582", "2867ea503ae13d8e9613904864da2ffdd3a9f11676c38ece8e0dcffded08e500", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:16", "1666579", "9b408419a6d88f9bf77d0a32d260ced5789afaf3a0ee5374528c142d7c368f90", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:15", "1666576", "0fa64636b0b9f82665759aedc9a553e0a9b1c377823a350775fc8fb1a82df995", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:14", "1666570", "ecd80dc690eee6d7f89ad7f036aed2000c548440fabd8df91ab539307eb317aa", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:14", "1666573", "1aabe00bc635571ebc9b9c41dcba119a9d49f80c70b9f9e8d26f9fb9743a6304", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:13", "1666567", "57613c05c430ca628506d91721abd51b0af0cee49e2d94c0fafda3b5c0d9e4c4", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:11", "1666564", "c3db0f035cf37feecce89bbad6c84be4e6c8385b7799b464651681dbd2a0db85", "sha256_hash", "payload", "win.coffee_loader", "None", "CoffeeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:10", "1666558", "5b55a5d95f541d3d1c214926893f3187f0a90d4984e673c81c28edb23576c286", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:10", "1666561", "5a451b70abb22a517b0c09f61de89b31c92366aa93fe1fd43ca51ff9a3324768", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:09", "1666555", "762e9798ed3bf81bc36974e801755d4a493f0d61afa9604b380e4d0646ffcbd2", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:08", "1666552", "2184ef764cc36e8cc8eeb6b9eba1556853817c83fafe32f9ced5d20458d1110d", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:07", "1666549", "943574eb8ea3dc8a2ef56db331a6b828d529e858465a0cc79f9426bb016cc517", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:06", "1666546", "e48fb8537dae0ddc883d3b19f13211bdcc4f506ce002b99a02241d9febc8f5d0", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:05", "1666543", "b525c5c44f0a256af3630e14643dc53dfc14086e38c1f903d29c435776e9c2a3", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:04", "1666540", "d335a352595cd376587cc3e071b6fdaa58b1e8f5e193f090d679e36cda054b66", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:03", "1666537", "fd3d092f9536c467253cc98fb68ce5447862c44c940041aa9734485ffd8088e4", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:02", "1666534", "01ae9da99db03e2e97c0a99c4147fa01d0838064d056b68accba84d16d36fea5", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:01", "1666531", "bb217671489213dfb4eefff0d0af47621615d9a0c85415c0e31f2cb08786d359", "sha256_hash", "payload", "win.cybergate", "Rebhip", "CyberGate", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:28:00", "1666528", "0b1191308b4959156fd6bb25fb0ed91b22d9591b14f8307b85b1c11b2ed4bdf9", "sha256_hash", "payload", "win.coffee_loader", "None", "CoffeeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:27:59", "1666525", "c430256840a5795787ab14b715a12c2ae98276425d418040c178d85c988de1f3", "sha256_hash", "payload", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:27:58", "1666522", "f58c14370ca887ef557112732534fa842b8e443719285a962f1a4d66400a7123", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:27:57", "1666519", "67dcb03549ffff37f461654efb7ade244bcd032d9f68a598771d3d0cacf1de2c", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-03 04:27:56", "1666516", "a7148acaabcee8323ea08dc1c3547c79cd0cab58a7b30a6bff16e721c194c9cf", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
# Number of entries: 144