################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2025-03-13 23:10:38 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-03-13 23:10:38", "1447519", "https://cjowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/04c4a194a7236f8d9b52f0eb617fc7deb87069fe8e25ff2785588247633d1ed1/", "lumma", "0", "abuse_ch" "2025-03-13 22:05:19", "1447511", "https://6jowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21b722775a2d91b9d932b3dd3f665e0531dcda3a848939766521f079353cea38/", "lumma", "0", "abuse_ch" "2025-03-13 22:05:16", "1447510", "https://1latchclan.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21b722775a2d91b9d932b3dd3f665e0531dcda3a848939766521f079353cea38/", "lumma", "0", "abuse_ch" "2025-03-13 21:16:31", "1447509", "https://reslinsights.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9e6ce56a793d930a05fc51628f76bdb660ee61e3a4587ce33a2c4514b6ccc13f/", "lumma", "0", "abuse_ch" "2025-03-13 21:13:38", "1447508", "https://check.fetoq.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 21:10:21", "1447506", "http://a1100394.xsph.ru/9226106f.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 19:55:21", "1447464", "http://43.249.233.80/providerAuthserverDbGeneratortemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 18:40:07", "1447463", "http://172.35.12.183:37380/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-03-13 18:07:47", "1447462", "https://s.p.formaxprime.co.uk/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-13 18:05:13", "1447460", "http://112664cm.nyashk.ru/Asynctestdletemp.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 18:04:27", "1447459", "https://check.lixir.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 17:43:49", "1447457", "https://samaxwell.com/1q2w.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114156223894105457", "KongTuke", "0", "monitorsg" "2025-03-13 16:37:32", "1447455", "https://check.kakib.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 16:19:14", "1447405", "https://movtime76.shop/files/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114155750696934259", "SmartApeSG", "0", "monitorsg" "2025-03-13 16:19:14", "1447407", "https://movtime76.shop/files/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114155750696934259", "SmartApeSG", "0", "monitorsg" "2025-03-13 16:19:13", "1447408", "https://movtime76.shop/files/fis.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114155750696934259", "SmartApeSG", "0", "monitorsg" "2025-03-13 16:10:17", "1447443", "http://213.21.237.235/AuthDumpvoiddbGeo/DbPollCdn/windowsTrackExternalPublic/Update4/processorasyncPhp/ToServerdefault/RequestLinux/Testprocessorauth5/1Geo/5/DownloadsuniversalGame/RequestPublicJavascript/3linedatalifePython/ProcessorProcessorWordpress7/apiMariadbwordpresssecure/tohttpauthBasewindowsTrackwpprivateCentral.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 15:55:16", "1447423", "http://213.159.215.238/Datalife/Lineline8server/PythonGeoprocessgameProtectBaseCdn.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 15:35:23", "1447421", "https://adweaponrywo.digital/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17a3259df1b54d390acd9b338e0afd6a3ed926f294e494e07512efdb99bb99fb/", "lumma", "0", "abuse_ch" "2025-03-13 15:35:20", "1447420", "https://8cjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/17a3259df1b54d390acd9b338e0afd6a3ed926f294e494e07512efdb99bb99fb/", "lumma", "0", "abuse_ch" "2025-03-13 15:31:43", "1447419", "https://zfeatureccus.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d2282c9a1df9a8fe4d4afa98b4f69f1917febed85181a92762652c4832a6b5d7/", "lumma", "0", "abuse_ch" "2025-03-13 15:31:42", "1447418", "https://yhtardwarehu.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d2282c9a1df9a8fe4d4afa98b4f69f1917febed85181a92762652c4832a6b5d7/", "lumma", "0", "abuse_ch" "2025-03-13 15:31:37", "1447417", "https://umrodularmall.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8076fa4a81dc3069adfc7c9f902e6bded83edfc4131714d17f2528267789bc19/", "lumma", "0", "abuse_ch" "2025-03-13 15:31:33", "1447416", "https://qlegenassedk.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bdd85f2a3d581048e31ad13ba9119d9b5bf1b078df86afa92b43929df7e6b1e1/", "lumma", "0", "abuse_ch" "2025-03-13 15:31:08", "1447415", "https://ihtardwarehu.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/335c55c746b95bdd6133a52810630be11d0f1b0840a45856d9c5390833842026/", "lumma", "0", "abuse_ch" "2025-03-13 15:30:41", "1447414", "https://citywand.live/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bdd85f2a3d581048e31ad13ba9119d9b5bf1b078df86afa92b43929df7e6b1e1/", "lumma", "0", "abuse_ch" "2025-03-13 15:30:35", "1447413", "https://byjowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/335c55c746b95bdd6133a52810630be11d0f1b0840a45856d9c5390833842026/", "lumma", "0", "abuse_ch" "2025-03-13 15:30:22", "1447412", "https://9x.citydisco.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/335c55c746b95bdd6133a52810630be11d0f1b0840a45856d9c5390833842026/", "lumma", "0", "abuse_ch" "2025-03-13 15:30:19", "1447411", "https://7crosshairc.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bdd85f2a3d581048e31ad13ba9119d9b5bf1b078df86afa92b43929df7e6b1e1/", "lumma", "0", "abuse_ch" "2025-03-13 15:30:15", "1447410", "https://2weaponrywo.digital/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11577483217ab72ade0d8355c165fa033e3c0f3455b0380c3f763b82b042b88f/", "lumma", "0", "abuse_ch" "2025-03-13 14:55:16", "1447403", "https://check.newyf.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 14:40:13", "1447357", "https://citychron.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:12", "1447358", "https://vibrantlo.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:12", "1447359", "https://skylinejo.world/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:12", "1447361", "https://sightsa.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:11", "1447360", "https://snipersecrets.world/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:11", "1447362", "https://urbanexpe.world/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:10", "1447363", "https://urbanjour.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:09", "1447364", "https://airsoftadv.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:09", "1447365", "https://hiddenstr.world/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:09", "1447366", "https://armamentg.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:08", "1447367", "https://rangefinde.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:08", "1447368", "https://pathsofur.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:07", "1447369", "https://guntac.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:07", "1447370", "https://localfl.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:06", "1447371", "https://townsands.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:06", "1447372", "https://citypulsez.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:06", "1447373", "https://localjour.run/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:05", "1447374", "https://townadven.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:05", "1447375", "https://gunsandg.run/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:04", "1447376", "https://cityvib.run/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:04", "1447377", "https://industryin.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:40:03", "1447378", "https://cityscapea.run/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Lumma,Lumma Stealer,Stealer,Url", "0", "RacWatchin8872" "2025-03-13 14:34:48", "1447401", "https://check.gulov.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 14:14:19", "1447356", "https://check.gimyh.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 13:53:51", "1447354", "https://check.lapib.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 13:45:48", "1447352", "https://gcjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a921e16cb0d410bf38d46fd36bcd80875bfa805a1165172f843c61d3754b9cee/", "lumma", "0", "abuse_ch" "2025-03-13 13:45:41", "1447351", "https://dcjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4a1ec80d6a3a9c63458730e025b12a050f7d73fb60eaaa39df3ac858e54280ff/", "lumma", "0", "abuse_ch" "2025-03-13 13:45:19", "1447350", "https://8latchclan.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fdba4cab6bb651c5ffecf92d1bfd3de70ef5433a6aea4976db9753742799b7a3/", "lumma", "0", "abuse_ch" "2025-03-13 13:40:14", "1447348", "http://nlbmfsyplohyaicmxhum.com/post.php", "url", "botnet_cc", "win.zloader", "DELoader,SILENTNIGHT,Terdot", "Zloader", "", "75", "https://bazaar.abuse.ch/sample/aa8fc19f16e4e185f6464d2e18ec7731c235d2b0d364f76965cf5967d5eef613/", "zloader", "0", "abuse_ch" "2025-03-13 13:40:14", "1447349", "http://snnmnkxdhflwgthqismb.com/post.php", "url", "botnet_cc", "win.zloader", "DELoader,SILENTNIGHT,Terdot", "Zloader", "", "75", "https://bazaar.abuse.ch/sample/aa8fc19f16e4e185f6464d2e18ec7731c235d2b0d364f76965cf5967d5eef613/", "zloader", "0", "abuse_ch" "2025-03-13 13:38:11", "1447340", "http://94.159.113.84/sysfixsync/kernel-patches/", "url", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "", "100", "None", "AS216234,Komskov Vadim Aleksandrovich,matanbuchus", "0", "antiphishorg" "2025-03-13 13:38:10", "1447341", "https://94.159.113.33/fixuplink/application-patch/", "url", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "", "100", "None", "AS216234,Komskov Vadim Aleksandrovich,matanbuchus", "0", "antiphishorg" "2025-03-13 13:02:43", "1447344", "https://check.tozuj.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 12:47:27", "1447280", "https://citydisco.bet/gdJIS", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637030/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:27", "1447286", "http://84.200.24.181", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "fake-captcha", "0", "SecurityFYI_" "2025-03-13 12:47:27", "1447287", "http://84.200.154.155", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "fake-captcha,lumma", "0", "SecurityFYI_" "2025-03-13 12:47:26", "1447288", "http://79.133.46.59", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "fake-captcha,lumma", "0", "SecurityFYI_" "2025-03-13 12:47:26", "1447289", "http://47.236.31.67", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "fake-captcha,lumma", "0", "SecurityFYI_" "2025-03-13 12:47:26", "1447290", "http://139.162.177.235", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "fake-captcha,lumma", "0", "SecurityFYI_" "2025-03-13 12:47:12", "1447248", "https://cyberetc.com/4e7y.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114154330959768876", "KongTuke", "0", "monitorsg" "2025-03-13 12:47:11", "1447251", "https://menuedgarli.shop/AUIqn", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:11", "1447252", "https://featureccus.shop/bdMAn", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:10", "1447254", "https://jowinjoinery.icu/bdWUa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:09", "1447255", "https://legenassedk.top/bdpWO", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:09", "1447256", "https://htardwarehu.icu/Sbdsa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:09", "1447257", "https://cjlaspcorne.icu/DbIps", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:08", "1447258", "https://bugildbett.top/bAuz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:06", "1447250", "https://cyberetc.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114154330959768876", "KongTuke", "0", "monitorsg" "2025-03-13 12:47:06", "1447253", "https://mrodularmall.top/aNzS", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.joesandbox.com/analysis/1637040/0/html", "None", "0", "tmechen_" "2025-03-13 12:47:05", "1447247", "http://111.229.19.220:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS45090,Shenzhen Tencent Computer Systems Company Limited,supershell", "0", "antiphishorg" "2025-03-13 12:47:04", "1447246", "http://49.113.79.218:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS4134,CHINANET-BACKBONE,supershell", "0", "antiphishorg" "2025-03-13 12:41:07", "1447338", "https://tfeatureccus.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e882d7327d79d9aff5d4c30c0c3b102faeabdb825fa004593518984b16d1ae4d/", "lumma", "0", "abuse_ch" "2025-03-13 12:41:06", "1447337", "https://smrodularmall.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/24fb33ac2e21129c190da102e9d5d8ac9079ccb429711cc3dcbbdda44ca073ab/", "lumma", "0", "abuse_ch" "2025-03-13 12:41:05", "1447335", "https://reloadrevol.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/699c4fb429bc1751228bc9d115b65fb23b9ce2f4bf99f54bcb4e1da298616a86/", "lumma", "0", "abuse_ch" "2025-03-13 12:41:05", "1447336", "https://rjowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bf1afeb9f9662c5811556d7e3157d9225657e10573d44fee67c332acfbfc326c/", "lumma", "0", "abuse_ch" "2025-03-13 12:41:01", "1447334", "https://ojowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/699c4fb429bc1751228bc9d115b65fb23b9ce2f4bf99f54bcb4e1da298616a86/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:48", "1447333", "https://icjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/62a29296217254a2236699307ebf64d245aeb14c38f85fc714e161d4f2961bf6/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:47", "1447332", "https://ibugildbett.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bf1afeb9f9662c5811556d7e3157d9225657e10573d44fee67c332acfbfc326c/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:41", "1447331", "https://g-cjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ba4bd6d7a2644c76ce30c905804302afdb1d0f5c6110bdedb7d4ea400f5c74bf/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:39", "1447330", "https://flatchclan.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/15a205b9631aba7dd2396ad9fa7ee0ee06c3c8f76e256e0fefb97bbd92d8ffd1/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:36", "1447329", "https://decorathnome.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/cfcf4fec48112057c235868a2561693719656dd179862b895de3908bd8f4956c/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:19", "1447328", "https://8mrodularmall.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/cfcf4fec48112057c235868a2561693719656dd179862b895de3908bd8f4956c/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:16", "1447326", "https://2ohtardwarehu.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/79188b44c38f4fabdb8868d0fad3ba1b297b627e8a7d2438fcf7edbaf4c2a6c8/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:16", "1447327", "https://5jowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/24fb33ac2e21129c190da102e9d5d8ac9079ccb429711cc3dcbbdda44ca073ab/", "lumma", "0", "abuse_ch" "2025-03-13 12:40:15", "1447325", "https://0citydisco.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d88aa5595bef3c5e49ab6a408d9a15114496936e1231aced7d55a4f2052d083d/", "lumma", "0", "abuse_ch" "2025-03-13 12:38:16", "1447322", "https://togoltrove.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,url", "0", "DonPasci" "2025-03-13 12:38:16", "1447323", "https://urbanexp.digital/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,url", "0", "DonPasci" "2025-03-13 12:38:16", "1447324", "https://electryuonicpulse.world/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,url", "0", "DonPasci" "2025-03-13 12:38:15", "1447320", "https://athnome.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,url", "0", "DonPasci" "2025-03-13 12:38:15", "1447321", "https://wirybringero.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,url", "0", "DonPasci" "2025-03-13 12:36:14", "1447319", "https://exploreth.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.vmray.com/analyses/_vt/d5f75bc72e8d/report/ioc.html", "c2,lumma,stealer,url", "0", "DonPasci" "2025-03-13 09:57:31", "1447283", "https://d.p.formaxprime.co.uk/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-13 07:45:16", "1447212", "http://331545cm.nyashru.ru/nyashsupport.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 07:25:20", "1447211", "https://check.pajyg.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 07:15:58", "1447209", "https://zcitydisco.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 07:15:54", "1447208", "https://rcjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 07:15:53", "1447207", "https://qcitydisco.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 07:15:38", "1447206", "https://hlegenassedk.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 07:15:35", "1447205", "https://fkmrodularmall.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 07:15:19", "1447204", "https://6cjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 07:15:18", "1447203", "https://6bugildbett.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/11195c6b0d9981a94bdab08b52d714a2298e4e0bf98a613d62179bef8a701d00/", "lumma", "0", "abuse_ch" "2025-03-13 06:59:46", "1447202", "https://check.cudol.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 06:50:30", "1447199", "https://omrodularmall.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/36398113dbc31cc9ee99735f134cb246669c7f1f3932dba36628e24f12660246/", "lumma", "0", "abuse_ch" "2025-03-13 06:50:19", "1447198", "https://crosshairc.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/36398113dbc31cc9ee99735f134cb246669c7f1f3932dba36628e24f12660246/", "lumma", "0", "abuse_ch" "2025-03-13 06:45:20", "1447071", "http://80.66.81.11/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs", "url", "botnet_cc", "win.smartloader", "None", "SmartLoader", "", "75", "", "SmartLoader", "0", "tcains1" "2025-03-13 06:45:20", "1447072", "https://lunargocoloecho.xyz/MzVlMGQ1ZjgxZTc5/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-03-13 04:50:28", "1447164", "https://yfeatureccus.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/59f38b0c6535a71432a891ff97dd309d19e5ed3c068b3fed91045d1293a72c29/", "lumma", "0", "abuse_ch" "2025-03-13 03:45:30", "1447137", "https://vlmrodularmall.top/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d8c6ce345bed283d96525fb018307169f5a7fb91138a4882781db8dd07878c25/", "lumma", "0", "abuse_ch" "2025-03-13 03:45:19", "1447136", "https://gcrosshairc.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d8c6ce345bed283d96525fb018307169f5a7fb91138a4882781db8dd07878c25/", "lumma", "0", "abuse_ch" "2025-03-13 03:45:11", "1447135", "https://bcjlaspcorne.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d8c6ce345bed283d96525fb018307169f5a7fb91138a4882781db8dd07878c25/", "lumma", "0", "abuse_ch" "2025-03-13 03:35:27", "1447134", "https://weaponrywo.digital/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4b8c8a5014c50cc7aec2bf38e474caf10c7c2ef652aec253e67e4a5c1e7b59d1/", "lumma", "0", "abuse_ch" "2025-03-13 03:35:13", "1447132", "https://4crosshairc.life/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4b8c8a5014c50cc7aec2bf38e474caf10c7c2ef652aec253e67e4a5c1e7b59d1/", "lumma", "0", "abuse_ch" "2025-03-13 03:35:13", "1447133", "https://6htardwarehu.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4b8c8a5014c50cc7aec2bf38e474caf10c7c2ef652aec253e67e4a5c1e7b59d1/", "lumma", "0", "abuse_ch" "2025-03-13 03:25:15", "1447131", "http://280023cm.n9shteam1.top/ExternalLineLocaltemp.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 03:00:17", "1447129", "http://nurpukan.x10.bz/8f2b3b14.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-13 01:17:13", "1447113", "https://check.hehoi.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-13 00:15:18", "1447103", "http://dotorebki.pl/default.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "100", "None", "Pony", "0", "abuse_ch" "2025-03-13 00:15:15", "1447102", "http://ovalpix.co.uk/default.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "100", "None", "Pony", "0", "abuse_ch" "2025-03-12 21:30:32", "1447069", "https://vrfeatureccus.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fb40f69277a23782012063b307d2224dc527f2edbdb891583f61825d16ffcd1f/", "lumma", "0", "abuse_ch" "2025-03-12 21:30:16", "1447068", "https://citydisco.bet/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fb40f69277a23782012063b307d2224dc527f2edbdb891583f61825d16ffcd1f/", "lumma", "0", "abuse_ch" "2025-03-12 20:45:14", "1447059", "https://7menuedgarli.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0f0d6730745730414481cf9af3826a72776ed8b4daacd8a924b716f632652317/", "lumma", "0", "abuse_ch" "2025-03-12 20:25:48", "1447049", "https://check.fesuy.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 20:20:15", "1447044", "http://aldierifs.com/Woxo/panel/gate.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "100", "None", "Pony", "0", "abuse_ch" "2025-03-12 19:07:55", "1447012", "http://150.241.105.82/api/OWUsODEsN2QsYTAsYTMsOGEsOGMsOTUsNmIsODIs", "url", "botnet_cc", "win.smartloader", "None", "SmartLoader", "", "75", "", "SmartLoader", "0", "tcains1" "2025-03-12 19:07:54", "1447013", "http://77.105.164.40/api/OWUsODEsN2QsYTAsYTMsOGEsOGMsOTUsNmIsODIs", "url", "botnet_cc", "win.smartloader", "None", "SmartLoader", "", "75", "", "SmartLoader", "0", "tcains1" "2025-03-12 19:07:54", "1447014", "http://94.156.114.56/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs", "url", "botnet_cc", "win.smartloader", "None", "SmartLoader", "", "75", "", "SmartLoader", "0", "tcains1" "2025-03-12 19:07:54", "1447015", "http://213.176.73.80/api/YTAsODYsODIsOWQsYTEsODgsOTAsOTUsNjUsN2Qs", "url", "botnet_cc", "win.smartloader", "None", "SmartLoader", "", "75", "", "SmartLoader", "0", "tcains1" "2025-03-12 18:45:29", "1447017", "https://sjowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/35da9296565b83fce58c9c3968121dd5e525aa7fd95a6a0081e815e3c14f000d/", "lumma", "0", "abuse_ch" "2025-03-12 18:00:19", "1447011", "http://109.163.229.3/rm/gate.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "100", "None", "Pony", "0", "abuse_ch" "2025-03-12 17:25:11", "1447010", "https://webinspisrve.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "abuse_ch" "2025-03-12 17:18:19", "1447007", "http://snailsflesh.xyz/lod.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-03-12 17:18:19", "1447008", "http://snailsflesh.xyz/dol.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-03-12 17:18:19", "1447009", "http://massminister.icu/she.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-03-12 17:00:18", "1447006", "http://45.93.20.224/pNdj30Vs11/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "None", "Amadey", "0", "abuse_ch" "2025-03-12 16:40:16", "1447005", "http://justmonster.com/forum/viewtopic.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "100", "None", "Pony", "0", "abuse_ch" "2025-03-12 16:40:14", "1447004", "http://justcreature.com/forum/viewtopic.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "100", "None", "Pony", "0", "abuse_ch" "2025-03-12 14:27:56", "1446980", "https://check.tefee.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 13:43:59", "1446975", "https://doodstream.shop/files/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114149620412046120", "SmartApeSG", "0", "monitorsg" "2025-03-12 13:43:58", "1446976", "https://doodstream.shop/files/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114149620412046120", "SmartApeSG", "0", "monitorsg" "2025-03-12 13:43:58", "1446977", "https://doodstream.shop/files/fis.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114149620412046120", "SmartApeSG", "0", "monitorsg" "2025-03-12 13:43:58", "1446978", "https://pro.fivepathways.com/KBDTAM99.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114149620412046120", "SmartApeSG", "0", "monitorsg" "2025-03-12 12:53:14", "1446974", "https://kbracketba.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/kbracketba.shop", "c2,lumma,stealer,url,virustotal", "0", "DonPasci" "2025-03-12 12:49:28", "1446971", "https://sweetmdreampillow.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/sweetmdreampillow.today", "c2,lumma,stealer,url,virustotal", "0", "DonPasci" "2025-03-12 11:54:30", "1446933", "https://check.pekyy.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 11:35:19", "1446931", "https://mjowinjoinery.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f8b6fd7c50cc41888f1a6fddf2f0637d299c56ac3650c387ecd8e61962f647ef/", "lumma", "0", "abuse_ch" "2025-03-12 11:35:14", "1446930", "https://9hfeatureccus.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f8b6fd7c50cc41888f1a6fddf2f0637d299c56ac3650c387ecd8e61962f647ef/", "lumma", "0", "abuse_ch" "2025-03-12 11:20:20", "1446929", "https://menuedgarli.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/6998706fecaec08e2a40d0300557f0a80a96e754800fee721fe6e92d009b911a/", "lumma", "0", "abuse_ch" "2025-03-12 10:10:21", "1446924", "https://159.69.103.88/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-12 10:10:21", "1446925", "https://95.217.31.199/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-12 10:10:20", "1446922", "https://p.p.formaxprime.co.uk/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-12 10:10:20", "1446923", "https://t.formaxprime.co.uk/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-12 10:10:19", "1446920", "https://steamcommunity.com/profiles/76561199832267488", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-12 10:10:19", "1446921", "https://t.me/g_etcontent", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-03-12 09:00:18", "1446910", "http://a1099965.xsph.ru/b9d82bda.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-12 08:55:33", "1446909", "https://check.baruy.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 08:04:23", "1446886", "https://check.hixya.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 07:43:54", "1446859", "https://check.zeboa.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 07:33:40", "1446856", "https://check.didey.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-03-12 07:10:15", "1446853", "http://f1099947.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-03-12 06:54:12", "1446842", "http://ploaiedueaigzefre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:12", "1446843", "http://ploaiedueaigzefz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:12", "1446844", "http://tldrbox.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:12", "1446845", "http://tldrbox.ws/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446833", "http://nbmbnmbembfaeuree.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446834", "http://nbmbnmbembfaeurme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446835", "http://nbmbnmbembfaeurre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446836", "http://nbmbnmbembfaeurz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446837", "http://ploaiedueaigzefa.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446838", "http://ploaiedueaigzefae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446839", "http://ploaiedueaigzefe.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446840", "http://ploaiedueaigzefee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:11", "1446841", "http://ploaiedueaigzefme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446825", "http://fauibdbebdbburue.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446826", "http://fauibdbebdbburuee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446827", "http://fauibdbebdbburume.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446828", "http://fauibdbebdbburure.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446829", "http://fauibdbebdbburuz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446830", "http://nbmbnmbembfaeura.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446831", "http://nbmbnmbembfaeurae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:10", "1446832", "http://nbmbnmbembfaeure.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446816", "http://euuauudduufuugua.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446817", "http://euuauudduufuuguae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446818", "http://euuauudduufuugue.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446819", "http://euuauudduufuuguee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446820", "http://euuauudduufuugume.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446821", "http://euuauudduufuugure.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446822", "http://euuauudduufuuguz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446823", "http://fauibdbebdbburua.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:09", "1446824", "http://fauibdbebdbburuae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446808", "http://euauueuueuruudgz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446809", "http://eueuqundnndnsuda.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446810", "http://eueuqundnndnsudae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446811", "http://eueuqundnndnsude.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446812", "http://eueuqundnndnsudee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446813", "http://eueuqundnndnsudme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446814", "http://eueuqundnndnsudre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:08", "1446815", "http://eueuqundnndnsudz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446800", "http://eooeoeoririusfrre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446801", "http://eooeoeoririusfrz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446802", "http://euauueuueuruudga.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446803", "http://euauueuueuruudgae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446804", "http://euauueuueuruudge.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446805", "http://euauueuueuruudgee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446806", "http://euauueuueuruudgme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:07", "1446807", "http://euauueuueuruudgre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446791", "http://badaeduahedhhuaee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446792", "http://badaeduahedhhuame.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446793", "http://badaeduahedhhuare.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446794", "http://badaeduahedhhuaz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446795", "http://eooeoeoririusfra.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446796", "http://eooeoeoririusfrae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446797", "http://eooeoeoririusfre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446798", "http://eooeoeoririusfree.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:06", "1446799", "http://eooeoeoririusfrme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446783", "http://azezezbdndnnnsne.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446784", "http://azezezbdndnnnsnee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446785", "http://azezezbdndnnnsnme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446786", "http://azezezbdndnnnsnre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446787", "http://azezezbdndnnnsnz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446788", "http://badaeduahedhhuaa.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446789", "http://badaeduahedhhuaae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:05", "1446790", "http://badaeduahedhhuae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446774", "http://awduhawduhuhhaga.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446775", "http://awduhawduhuhhagae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446776", "http://awduhawduhuhhage.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446777", "http://awduhawduhuhhagee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446778", "http://awduhawduhuhhagme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446779", "http://awduhawduhuhhagre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446780", "http://awduhawduhuhhagz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446781", "http://azezezbdndnnnsna.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:04", "1446782", "http://azezezbdndnnnsnae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446766", "http://afieifaieudhhudz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446767", "http://awbnmnmammmamnra.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446768", "http://awbnmnmammmamnrae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446769", "http://awbnmnmammmamnre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446770", "http://awbnmnmammmamnree.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446771", "http://awbnmnmammmamnrme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446772", "http://awbnmnmammmamnrre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:03", "1446773", "http://awbnmnmammmamnrz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:02", "1446763", "http://afieifaieudhhudee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:02", "1446764", "http://afieifaieudhhudme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:02", "1446765", "http://afieifaieudhhudre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:01", "1446760", "http://afieifaieudhhuda.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:01", "1446761", "http://afieifaieudhhudae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:01", "1446762", "http://afieifaieudhhude.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446752", "http://aegieuueueuuruiz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446753", "http://aeufoeahfouefhga.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446754", "http://aeufoeahfouefhgae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446755", "http://aeufoeahfouefhge.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446756", "http://aeufoeahfouefhgee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446757", "http://aeufoeahfouefhgme.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446758", "http://aeufoeahfouefhgre.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:54:00", "1446759", "http://aeufoeahfouefhgz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446743", "http://aefuaeufhueuufume.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446744", "http://aefuaeufhueuufure.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446745", "http://aefuaeufhueuufuz.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446746", "http://aegieuueueuuruia.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446747", "http://aegieuueueuuruiae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446748", "http://aegieuueueuuruie.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446749", "http://aegieuueueuuruiee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446750", "http://aegieuueueuuruime.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:59", "1446751", "http://aegieuueueuuruire.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:58", "1446739", "http://aefuaeufhueuufua.ru/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:58", "1446740", "http://aefuaeufhueuufuae.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:58", "1446741", "http://aefuaeufhueuufue.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:53:58", "1446742", "http://aefuaeufhueuufuee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-03-12 06:52:05", "1446633", "http://51.222.110.148/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0195891f-eb14-7001-a19f-d7728a66eba0", "c2,hookbot,urlscan", "0", "juroots" "2025-03-12 06:51:47", "1446632", "http://45.93.20.28/85a1cacf11314eb8.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/0195891f-a217-7000-bd5d-0f51ab9d7725", "c2,stealc,urlscan", "0", "juroots" "2025-03-12 06:51:18", "1446631", "https://spacevoyag.live/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/0195891f-341e-7001-9c18-f16a59f56e62", "c2,lumma,urlscan", "0", "juroots" "2025-03-12 06:50:54", "1446630", "https://www.solana-trending.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195891e-d4ad-7001-a7f7-068c059eeccc", "fakecaptcha,urlscan", "0", "juroots" "2025-03-12 01:15:47", "1446551", "https://vbegindecafer.world/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/74c87f00f6a4752be3b17a9799d0e3df4187ff317e9735757c5d446f27d12a7d/", "lumma", "0", "abuse_ch" "2025-03-12 01:15:47", "1446552", "https://vfostinjec.today/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/74c87f00f6a4752be3b17a9799d0e3df4187ff317e9735757c5d446f27d12a7d/", "lumma", "0", "abuse_ch" "2025-03-12 01:15:47", "1446553", "https://ymodelshiverd.icu/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/74c87f00f6a4752be3b17a9799d0e3df4187ff317e9735757c5d446f27d12a7d/", "lumma", "0", "abuse_ch" "2025-03-12 01:15:26", "1446550", "https://corangemyther.live/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/74c87f00f6a4752be3b17a9799d0e3df4187ff317e9735757c5d446f27d12a7d/", "lumma", "0", "abuse_ch" "2025-03-12 01:15:19", "1446549", "https://barisechairedd.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/74c87f00f6a4752be3b17a9799d0e3df4187ff317e9735757c5d446f27d12a7d/", "lumma", "0", "abuse_ch" "2025-03-12 00:24:13", "1446548", "https://check.vevou.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" # Number of entries: 287