################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2025-05-14 05:19:38 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-05-14 05:19:38", "1522150", "afa819c9427731d716d4516f2943555f24ef13207f75134986ae0b67a0471b84", "sha256_hash", "payload", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "chihuahua", "0", "juroots"
"2025-05-14 05:19:38", "1522151", "c9bc4fdc899e4d82da9dd1f7a08b57ac62fc104f93f2597615b626725e12cae8", "sha256_hash", "payload", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://www.gdatasoftware.com/blog/2025/05/38199-chihuahua-infostealer", "chihuahua", "0", "juroots"
"2025-05-14 01:11:21", "1522073", "19eae2f123de215358ddd7dc698c52de2a905a5f09e7336df35c8d276a96df6a", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:20", "1522070", "fc1bf10c936144f163a063c0a606182990494baa6a52dfbbf92ce0652f3c2dd4", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:18", "1522067", "09b8f5086105916ba4705a1b64c8e4d4e0e3a6146928eabdd355f6d595f2a97c", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:17", "1522064", "57b8242373a01247b681b6bf4ae2e581bbf1583f0dde371e2081846efae7ff7f", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:15", "1522061", "d9c88eddbf8b28dacce8fb4799131563b7921723dec4f5e3e61dfb0dd14f7fa3", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:14", "1522058", "cf1f146ffa6951e45c24eada8fcef9fae06e8c7613ea0a5438d7bb6b868cadc9", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:12", "1522055", "d0a1e8a02c2721bccd8019f6a43367caf20759117087e676c70140f564bfe5d7", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:10", "1522052", "fc51f7fa455614e41628301c8ca91008e183fe2a2b02c0c05daf912afe0d1ee2", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:09", "1522049", "d1965a6643ba775b05e4e5b6ab616d350973f418dbe02b2c61722af805d51034", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:07", "1522046", "26abea627fdf075469f1b9613bea3c71b84dec05a135a0f3f9d3296dbc35ceb3", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:06", "1522043", "ca081d2e9e512e1516edc180262c4309dda83ad714a281abd26fc1a658bced01", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:04", "1522040", "1ce4f36e1af6db1cd550d8e59edd093a86f9ec7a38535fab1b3b111f2bb7bd1e", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:02", "1522037", "e3716110ea1af3d3c25e6aca80b9e899236cf3c03ab3da4fa6271f9580d7cb61", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:11:01", "1522034", "d1ea7576611623c6a4ad1990ffed562e8981a3aa209717065eddc5be37a76132", "sha256_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:59", "1522031", "c3f39d499f8599e009697219a0c0f9b5fd91848b693fcaf4abdc0d15bdc67de0", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:57", "1522028", "0fd46aca09c54c256d22420d2ac3e947ff204a42a24158dfcb562de18a77f3f1", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:56", "1522025", "ef544f7901ed91aac0bcdaee79efe2b1ce0b4ccac2480d299ffb6ff73d219dfd", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:54", "1522022", "f69330c83662ef3dd691f730cc05d9c4439666ef363531417901a86e7c4d31c8", "sha256_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:53", "1522019", "251d313029b900f1060b5aef7914cc258f937b7b4de9aa6c83b1d6c02b36863e", "sha256_hash", "payload", "win.easystealer", "None", "Easy Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:51", "1522016", "c6c4432433d8b941918424991c48d57fef0d0dfedc26b8fec66422f58c2ec8c5", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:49", "1522013", "3decb568098f09397ec9c9766b0e5a62a48e044650077efd60ce1b9c9ff81b22", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:48", "1522010", "5d3abe1d8ca8911b52a3214094e08885cd8865f4b755eed859ed4a064d413686", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:46", "1522007", "da708865f674fbc18b17baeb8d6c8ceeb1b786fe5abdcd0d31027973d9bb6eeb", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:45", "1522004", "35ae90a081aa0fb9930d285e0215e006220cccc4f074ca231c19fb4422c836dd", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:43", "1522001", "a2c04f5816ac05a481acbd7b2b67b7c54419bec8362b779e68cd1ccae3011639", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:42", "1521998", "3990e4a6f16492f77e0e7990cfcd58992049de5ba0102e41a79bf1db99263f13", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:40", "1521995", "1c61fb7f2ada5e253447b191849e3a36822e9999b61dd29822fcf58ba0e7ed70", "sha256_hash", "payload", "win.mydoom", "Novarg,Mimail", "MyDoom", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:38", "1521992", "1a3782043885a87014863b98fc9f26a5be064c2ac800e0c00e2591ad1cbd152a", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:37", "1521989", "81bd6ea18c2d8064b8ea858311ec0949d7e8181d6877fb9e339b83af976c86f1", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:35", "1521986", "626264a78556f96610652533d7c99b1cb354561abe5042360fbca5e332b3f3ce", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:34", "1521983", "6f4245e6fc909528580e36c0ac716d6e8b19df8f6ce43bd93f526f282f3e86ec", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:32", "1521980", "35b794d4747a303debb144fe67fa9c110ad260194380bd436cab7bb22347f5ee", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:31", "1521977", "a88391b49d0976012147ca697e2fcf77ebf6461025d24ca7653738821f6bc314", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:29", "1521974", "cf9e29c9c2315237b9230d3f01e55c60f5e7c89b980ce78912258b1bee2f4124", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:27", "1521971", "503a91087f5b3b18723dfc3c742fcc06bebf2e63d1820430f2d57788c5f620c3", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:26", "1521968", "2c0263fa35e989ef8f1e55c760a886d24ece9af3755a0a38c81e4c6cbad04106", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:25", "1521965", "b96bdf8fdd17d4bdd46cd5ab489237e7411dfbf4acb7dcd7ff5e4dd578a6e38d", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:23", "1521962", "316de33842f7975bd6933f32a69cf09018f2f197b14bb2f8d768bf5bd4c121ba", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:22", "1521959", "05443c3fb13a31403332286049f85a59b0f1ad8de930b70a0adf270844a37cab", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:20", "1521956", "69d001a51ef6c45bb3434214b0b52ceff0973c0949e8bb9bd327a3ffd89f8273", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:18", "1521953", "f110a97f62555e728429d0ae8763f21a80af26b8262178a9da5b585c95dcf43b", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:17", "1521950", "2673f98efbc942d0aba67697b4d92746c6f3675c14c28ec06fb5249bdb98f3bb", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:15", "1521947", "ebde51ef655b4f9e118c003ed1f7ff99b270f6e5be71d89110e2de657dce0de4", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:14", "1521944", "55d05771086c5acc0c6275be9e1366819b5bb941a1bfb85ea4a1721ce6486a85", "sha256_hash", "payload", "win.revenge_rat", "Revetrat", "Revenge RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:12", "1521941", "01ff3660d3e6035e8594ad7e044fbeb2d163c674fada45ab6b7ef6eb4e3cb04f", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:11", "1521938", "6306e4d202e4a5cab6912937dc64733f8644a9342b836051bdf9215eefb0b7ad", "sha256_hash", "payload", "win.darkstrat", "None", "DarkStRat", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:08", "1521935", "2a46cb0bcaddf532d54171c0466e6fe92d4fb3ecd7cd9e1bc70160dbb1952d53", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:07", "1521932", "116c096a488f53b298d3bac99942770afd3d791ae376534f050e6e4642c2fbb4", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:05", "1521929", "a2de2cb77a0743306df3819dc370fbc760bc4f702c6fdc65a5fe28e4d1ae262e", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:03", "1521926", "7f23f4eca324810dbc7d0c5b9b4eed63be3b835bed774424f142f615dc141740", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:10:00", "1521923", "689f73ebf7a35fc72b080171c1c6dd03935179a2781caced9f689c4ff5bad07e", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:59", "1521920", "5ca9bb8bb1e9e1daa9ede12a40586807dde9483576e381da42214a7b2ee9960b", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:57", "1521917", "29bb96a896e470b9378a4ec20cfac0f868106a1291f05b0f8e6a19efe43347b7", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:55", "1521914", "263bea60cb02db85af694ff258f9249f17ae23ccdb9e9ce32d6582611b3f2174", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:53", "1521911", "1fbd69a781f6b2704496419eb9d082fa673915698fcf921badaffbe4479ef09e", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:52", "1521908", "0b940e55c9eb2244ac13eeabf3cf87e3c5244817ad8e18c9b7a53ef602dbd2ad", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:50", "1521905", "074be35efc9958bbd58024030c73fabf38d98619ad7cb52e21594723d558382f", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:49", "1521902", "1700826104f536f6b6894f1081a20118e1adf5c9848af4fd9e79364c604b0033", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:47", "1521899", "16ec2deb206d609106e140a0160a8de30d4c456a06717d1bca37590036e32641", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:46", "1521896", "cae5d3825916ada5b36025d9f0030a769a8444abebfe35cae0a2cf18673bce49", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:44", "1521893", "d2c9e0ae874d1ef5395110d03325ab3415f74ec6ee6405776ad6e89d5e467b4a", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:42", "1521890", "46549b5ece9eb382452749c43ec2e39268733e7c99f45bf6cb1eaa2537eeaaaa", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:41", "1521887", "cc28e89b7347d421d6d3432a240473de1bf1348e1a5b8913d53d7f8b9113ec2c", "sha256_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:39", "1521884", "a592787cb0e7514aa255ba6a84ae079340563acf496d4b19f24730ce699b88f7", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:37", "1521881", "c26f2213b177de9e1d20a9d44646e97041c01321bbbb0602759706996043c425", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:35", "1521878", "cbf5514df284884dcef002cd1f83501bd72fe47df3b091c15386d203040ea2ae", "sha256_hash", "payload", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:32", "1521875", "350ea0a5caf7e7eef53a845593e9eae15bc11e62ed1ba27e709a20a357bacada", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:30", "1521872", "cf594d0970d6a71c802e5a261b41c2e2fa68f2ff7958d6f48872bc4954efd34d", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:28", "1521869", "61e85a87e75a6d595a4502111f5514cb9672af129cd171a5b505e37df3293f27", "sha256_hash", "payload", "win.loda", "LodaRAT,Nymeria", "Loda", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:26", "1521866", "0c28eb7a5971ae39142885fb30f006faca49e481c93c91fed37ea82faa0e07a8", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:24", "1521863", "17394e487c879264d746b98bccacc2ccd93b05eaa47d6140d7fa44d644d0ebd1", "sha256_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2025-05-14 01:09:22", "1521860", "b2b35b54af3651e73420009255ab5fe52f9c5450f4ad5ea7c85ecaa8c3618e08", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:57", "1520559", "d371d9409cca4b22d1e90df46524f7112e06bf74a90f65f236957b63fdad2c1b", "sha256_hash", "payload", "win.ave_maria", "AVE_MARIA,AveMariaRAT,Warzone RAT,WarzoneRAT,avemaria", "Ave Maria", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:55", "1520556", "f36b2b2e8bd4ac28381f1f7d6c878841e031da2a0cb473cd3fc82d7dcbec260b", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:54", "1520553", "f4417ff0e4d35ee794b7c62e134513c482848d369723c7a455f59d2de454e38f", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:52", "1520550", "44047a1ba78d1d3d3f16a77373508f472759ed92a87954480d66bb20ae68a7e6", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:51", "1520547", "05c5131badc3708c1f0806a3be1f71820db829b660a1e04ec061bb41d9f3bff6", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:49", "1520544", "9e48c5f52678f9af954610a38d85972393f2e9aba1298522b0514a703e341e27", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:48", "1520541", "58a663f38cdfa0518ed83b688fb59f45def78b3125424736e89573b931a6c6ed", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:46", "1520538", "08bfb7eba293779a83387f35eddd88d9544ca089ca98ab54b369f4ebc399fe9f", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:45", "1520535", "ea9d343798f889f97c3fed44a16ed0eadcfeb02cc55882427eeb204b527125b5", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:43", "1520532", "c91ebfa88c99064ea16e9d7577104c3df7ce47f0fffb61f97376d843c1aaa6b7", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:42", "1520529", "927d98db2dbf0dd6fda072213e1d638af21726cb3424711c7e6996ad70e1cb35", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:40", "1520526", "d8655cb920dff79d3fc2006247925cf66c198595ed3e496218a5b24c2bb1080f", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:38", "1520523", "1e2a4152efe0d82eb31f95097d77e60f60458f87e01d6abdf99bbc83ff71b19d", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:37", "1520520", "b9af67d7123d30401ffdcb7c7c2b60a180806523dfed0501611728504d9bf4a7", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:35", "1520517", "bd7ceecba5a495ef058f57cb2d8c06faadf6adf4e9751feb7b1987b917bb2a50", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:34", "1520514", "b8af0c741224f1b88f0ce141c967d0212ed41686a32ac3cc461c7f624735c646", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:32", "1520511", "285bd22ba49a3de603e9fff856a0bd3111e43629ad29e24bb41178afd93ece23", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:30", "1520508", "7850f54467f5d3de3030cfe2362fab85d84861658f760c9481bb269ea4e6017d", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:29", "1520505", "bafbf84f740baa0a511a85ced8d2cbf498d40aa796e41c42c3c767e7566eca85", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:28", "1520502", "0f113c5ca5338e176dcf7be698f05968a071ffa1763b405ee70407eee7037c39", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:26", "1520499", "2f5ddc948bb23c9c0798e16b92bc8434922800a11b503643fd7f490a9f16da06", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:24", "1520496", "4b2f7b4605c6c357a779a5979256b432b601d06773b816cf66724f01797845c4", "sha256_hash", "payload", "win.htprat", "None", "htpRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:23", "1520493", "33c97b5d281dc3d5a5d31cbe9f0394fb4b1ae44b8e492e17e0e5c1f5f2c817d5", "sha256_hash", "payload", "win.htprat", "None", "htpRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:21", "1520490", "76426c55471f1b9240e9ecf41a5a537f1a0143d2d84b92c491ad0355261cde99", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:19", "1520487", "401b618ac212f7dcb723c05edd017073cad9736968b7728fb14e5bf481152a1b", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:18", "1520484", "4a048f0949f7ae26ad209f1fbf3105deb02c7533c8ba88fd0f7f396982df131d", "sha256_hash", "payload", "win.darkstrat", "None", "DarkStRat", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:16", "1520481", "c64e2f1cce0e7eb8fbadb10a60844c69bab75dc8260faa5aa3939c1c905bd279", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:15", "1520478", "88f70255b375b99ff3a02d942c83f520e509d2e949646d99585a406de15e2293", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:13", "1520475", "5052cd35e18ba9bd9012fe903a227a88a21978cdb1f90982c6bc3e525a1ddf47", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:11", "1520472", "1a9290d06cd32085269b665d9b0095246fd5efa6c19a9f3a58567fbe6acb0145", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:10", "1520469", "8ee7c43df8788680a27f8ecbffe12a28b62b0bae14adf1ba00b1c915f0d82455", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:08", "1520466", "f882670a4487e920977a0381d970eaace94994d4b53281ed93c54762b839266a", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:05", "1520461", "fd25068332f39ffc705835ccbc2f6d46f5dfc94b54b31029f46ecb5b57004bfe", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:04", "1520458", "29000f325fd7c588f6a80f4b91dda56c86282cf110a1551b61331ab65e29206b", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:02", "1520455", "44962a8eda97303566f160f6eb1ca8864b8cacd29ead1e0a3bc5a1ca82e9d580", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:32:00", "1520452", "a33c0ffb1a4ff6c80695b6f068d8c9fd434086f091554d75a6d99205c26e805f", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:59", "1520449", "74142a16663b8e31737676dcfe1d4216b74e4cd0d176215b1067fb5694481c3f", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:57", "1520446", "3f358937a974384f66ac6a4643243baf6690d5e9292e5bcc23e4b27aa74c722e", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:55", "1520443", "15919a58528476cc7bd02a5f4174b82e76ccfbd2291d1be4f7926add063355a0", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:54", "1520440", "7f5f79fcf71329877c23752694295d9a50b848eb56c5736c622672fe7d493a40", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:52", "1520437", "95b8c9613c3e09443e3e846aa1886bf071db4f23f2ef928ae8cf21ba422007ce", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:51", "1520434", "f53e46cac0b0abca8116122d2420240cc89d4a76bafa9dcdccd831a263bf715a", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:49", "1520431", "be928f178a4ec59729f02200c6bd9bc6cb9d9eaba1752c8e438cdf1ea7ca35e2", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:47", "1520428", "2f8caaee0056f565ff196509cec7c15e804b5a3349e0f8da20e93e889939e5cf", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:46", "1520425", "e98182d44dc7ec4a154021757da3132769db318cf9d78f15fc06c92682f8a253", "sha256_hash", "payload", "win.xorist", "None", "Xorist", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:44", "1520422", "dce12d2cddd74211765e67da2ac41066558aad3e5de8463ab8ff71ae0126c10f", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:43", "1520419", "f89470a8ac72a1be400be28aaf8170a129b776bd9182fbd43548d40ac9ca3251", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:41", "1520416", "a13cf041f9c95cb5fbec7d3a15e0b3fcb51e00fcf24d525565ef5b3d55c69e2c", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:40", "1520413", "c108ed5f7e19854e877c0a187ff6fac4a20a877f71a130e46c1b57c688e3b426", "sha256_hash", "payload", "win.zloader", "DELoader,SILENTNIGHT,Terdot", "Zloader", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:38", "1520410", "2a9f4177142321523ea30409a2f1324fec93b5858162a7a3460a1d73cab2ce33", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:36", "1520407", "c20a9505d9edf28920f44ab438bb18372580eb255f6d4d9175677591b2691b20", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:35", "1520404", "b0c99497023fb2ef5bb56a4ffdba02128b6d816cafd9168f4b5bb2ced8cd484c", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:33", "1520401", "fd63605203b3f8b713b1dd6528a350f92bf6a9f9e41b91375b58c631946c7d0a", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:31", "1520398", "437a88b4164d31589ed8d583858b08de5aa904789e68d02679042006d023fce4", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:29", "1520395", "d2b4792bf114e7cb82cbc25cc6ccfe61c082127eb14312d8a282012501e4fd2d", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:28", "1520392", "b9e32c4b93acdfea0d9a020e5438ad0ab51ab66636bcdd7b7e566f9f6a9f864b", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:26", "1520389", "c6ba2343ab466881caee51b923cde1048d1c7f979fc7815e53e33bf2eec4ba25", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:24", "1520386", "df4133d7b5a94049f9c8b544107a75213ce7e7975949292c64edd4561672948c", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:23", "1520383", "b826517859a1ed53e34c2668e06868bd8680d52c9af63f8e1c976d13f7d8315b", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:21", "1520380", "d93e9cdb39070416672eb1023236835da0cece32aad8b94dd1a805bf1bcfbd0b", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-13 01:31:19", "1520377", "b462b5986b5bb5e0a5a06fef67810b4a665e7a4b6c45a612140e478aee1a8d70", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-12 14:19:25", "1520255", "dadb12e40e8901c626da98888faf3808571aa2c0c4ef4aa51538b419f5fb8692", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "50", "", "base64,c2,jpg,js,obfuscated,wsh,xworm", "1", "zuum"
"2025-05-12 14:19:23", "1520256", "466e6a46ae231f4642d2b7637c48ad97dc8ff998ea7bc7ecd42a2a4d0dc756f5", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "50", "", "base64,c2,jpg,js,obfuscated,wsh,xworm", "1", "zuum"
"2025-05-12 14:19:22", "1520257", "5f40c7dc1ada65ce3ccef268ae6740e9adedb14e7f2fb4722b74c8a710c04948", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "50", "", "base64,c2,jpg,js,obfuscated,wsh,xworm", "1", "zuum"
# Number of entries: 138