################################################################
# ThreatFox IOCs: recent URLs - CSV format                     #
# Last updated: 2025-05-13 08:32:11 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-05-13 08:32:11", "1520991", "https://mmeteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/5d9616c5d390a9b2950122aca2ae19eb12d1454342bcca1a2c810a740652c09c/", "lumma", "0", "abuse_ch"
"2025-05-13 08:27:06", "1520990", "https://5flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/96472d254da1d57bc6c17a248f5c2341e02e5606f2425b62d478ef46f9e70d58/", "lumma", "0", "abuse_ch"
"2025-05-13 08:16:00", "1520989", "https://yposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b6b2c300ebeb0fd9a1a5901c5bcea7434f78276a57321dbeeae24f0191c6e0be/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:59", "1520988", "https://xaraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b7e2f5fcb13eb799e8958dc1fed9f1338a9997f59c48ccb66d9c0e6c0211aee8/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:58", "1520986", "https://uvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e3e5b7a32d43370dc2616ea5ea12d9d773e95be3f6c26d34ffb9bfa6e0d50d6e/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:58", "1520987", "https://veasterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b2687e7a79443d46b50f29a21e9edba49e51cf01520ac4ce61ba24b5490c5d4/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:57", "1520985", "https://t9flowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2acd39841c32d27205531315a5968f0360d5cf51beeae842ddd4a417264c6aa9/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:55", "1520984", "https://pmeteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2acd39841c32d27205531315a5968f0360d5cf51beeae842ddd4a417264c6aa9/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:54", "1520983", "https://peasterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/612e6b64395d33382d049a690792e492f83021b6755496323b42cd0816609051/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:49", "1520982", "https://fzmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2acd39841c32d27205531315a5968f0360d5cf51beeae842ddd4a417264c6aa9/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:38", "1520981", "https://bblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fee3618c436ea51300cabd2a974af85e308fad4e5eced044349a434a47142f7b/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:35", "1520979", "https://3ameteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/59d393640b88fbe18ee7b4b8ebc5353bc9face075b729a0ee3abe78703612001/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:35", "1520980", "https://6araucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b2687e7a79443d46b50f29a21e9edba49e51cf01520ac4ce61ba24b5490c5d4/", "lumma", "0", "abuse_ch"
"2025-05-13 08:15:34", "1520978", "https://0meteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/612e6b64395d33382d049a690792e492f83021b6755496323b42cd0816609051/", "lumma", "0", "abuse_ch"
"2025-05-13 07:55:03", "1520961", "https://downtownisland.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-13 07:53:48", "1520957", "http://boneyarn.xyz/lui.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-13 07:53:48", "1520958", "https://summervegetable.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-13 07:35:15", "1520956", "https://macjajm.digital/snn", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/87b22dc6e19d8ae5d0a41560d6db0b3d7ae69a6e6a147fb5114b30ddf7710ace/", "lumma", "0", "abuse_ch"
"2025-05-13 07:35:14", "1520955", "https://g2easterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/87b22dc6e19d8ae5d0a41560d6db0b3d7ae69a6e6a147fb5114b30ddf7710ace/", "lumma", "0", "abuse_ch"
"2025-05-13 07:35:13", "1520954", "https://czmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/87b22dc6e19d8ae5d0a41560d6db0b3d7ae69a6e6a147fb5114b30ddf7710ace/", "lumma", "0", "abuse_ch"
"2025-05-13 06:50:12", "1520643", "http://cs53692.tmweb.ru/imagepythonsecuredownloadsTemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-13 06:40:03", "1520642", "http://196.190.1.39:39284/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-13 06:19:48", "1520301", "https://assets-msn.org/siglost", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114496367038605364", "KongTuke", "0", "monitorsg"
"2025-05-13 06:19:44", "1520345", "https://recommendation-samoa-weights-guyana.trycloudflare.com/siglost", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114496910693663142", "KongTuke", "0", "monitorsg"
"2025-05-13 06:19:38", "1520297", "https://totalsolucao.com/wp-content/rsks.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg"
"2025-05-13 06:19:37", "1520296", "https://linhua97.top/jsen/ddd.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg"
"2025-05-13 06:19:36", "1520295", "https://linhua97.top/jsen/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg"
"2025-05-13 06:19:35", "1520293", "https://linhua97.top/jsen/core-compiled.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114496221307382834", "SmartApeSG", "0", "monitorsg"
"2025-05-13 04:35:41", "1520623", "http://49.113.73.193:8888/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196c7ed-534e-7788-882b-6a2f4a8f061a", "c2,supershell,urlscan", "0", "juroots"
"2025-05-13 04:35:39", "1520622", "http://112.126.77.39:8888/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-13 04:35:40", "50", "https://urlscan.io/result/0196c7ed-4ae1-709c-956c-264d620a48e0", "c2,supershell,urlscan", "0", "juroots"
"2025-05-13 04:15:24", "1520612", "https://zovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/72aea55baac4394d3b360137ced93aaaf8617f13f127c9a5066bb109a92fb62b/", "lumma", "0", "abuse_ch"
"2025-05-13 04:15:16", "1520611", "https://flamingof.run/ogapds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/72aea55baac4394d3b360137ced93aaaf8617f13f127c9a5066bb109a92fb62b/", "lumma", "0", "abuse_ch"
"2025-05-13 02:30:09", "1520561", "http://188.93.211.136/pipepythonphpprotectLocal.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-13 00:40:08", "1520374", "http://117.255.183.56:36026/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-12 20:35:58", "1520337", "https://discord.com/api/webhooks/938420152268115979/GBld0EnqKDWRwc8vME5in_nQlYcYfZkN_Wq48f9RBqwAf9o_29tNubWGJG2BfQLlDn8S", "url", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "50", "", "shortloader", "0", "juroots"
"2025-05-12 20:35:58", "1520338", "https://cdn.discordapp.com/attachments/831225076187660348/902512908485935114/shost.exe", "url", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "50", "", "shortloader", "0", "juroots"
"2025-05-12 20:32:52", "1520330", "http://view.mexcs.shop", "url", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://urlquery.net/report/94938c9c-1c2b-4418-b582-880f56c60e93", "c2,kimsuky,urlquery", "0", "juroots"
"2025-05-12 20:31:53", "1520329", "http://112.126.77.39:8888/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/9ee6391f-9277-49eb-9054-7abe9a778864", "c2,supershell,urlquery", "0", "juroots"
"2025-05-12 18:17:01", "1520300", "https://captcha.suna.bet/5p5vtys3n4", "url", "payload_delivery", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "", "ClearFake", "1", "ttakvam"
"2025-05-12 18:15:09", "1520299", "http://atezzz.atwebpages.com/1bfb1f66.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-12 16:40:25", "1520283", "http://52.199.49.4:7284/jquery-3.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/de839d6c361c7527eeaa4979b301ac408352b5b7edeb354536bd50225f19cfa5/", "cobaltstrike", "0", "abuse_ch"
"2025-05-12 15:56:05", "1520271", "https://qdoovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bfbfdc1dfb31509d83831d9c2ec75a446203ba4691197ab1d60560b7b05fc6c5/", "lumma", "0", "abuse_ch"
"2025-05-12 15:56:00", "1520270", "https://plumbbujjh.live/twnt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bfbfdc1dfb31509d83831d9c2ec75a446203ba4691197ab1d60560b7b05fc6c5/", "lumma", "0", "abuse_ch"
"2025-05-12 15:55:36", "1520268", "https://dflowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bfbfdc1dfb31509d83831d9c2ec75a446203ba4691197ab1d60560b7b05fc6c5/", "lumma", "0", "abuse_ch"
"2025-05-12 15:46:05", "1520267", "https://nzmedtipp.live/mnvzx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8b72b274db8d5ec8a8e192876de28a5f21d393654b3b4abf67941c787dd071e9/", "lumma", "0", "abuse_ch"
"2025-05-12 15:45:58", "1520266", "https://hvoznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fafe229608a69f487c376eeaaacd6f9be57486d6d84b81829b6fd0ed0aeb1d36/", "lumma", "0", "abuse_ch"
"2025-05-12 15:45:39", "1520265", "https://covercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fafe229608a69f487c376eeaaacd6f9be57486d6d84b81829b6fd0ed0aeb1d36/", "lumma", "0", "abuse_ch"
"2025-05-12 15:05:42", "1520260", "https://ifeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/04334a33aeb98fd27780fb78f8bf05fee7ad003bc3751403064201e79b814a3a/", "lumma", "0", "abuse_ch"
"2025-05-12 15:05:26", "1520259", "https://8overcovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/04334a33aeb98fd27780fb78f8bf05fee7ad003bc3751403064201e79b814a3a/", "lumma", "0", "abuse_ch"
"2025-05-12 14:19:35", "1520247", "https://chinapark.top/fs/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114495031926136972", "SmartApeSG", "0", "monitorsg"
"2025-05-12 14:19:32", "1520249", "https://chinapark.top/fs/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114495031926136972", "SmartApeSG", "0", "monitorsg"
"2025-05-12 14:19:31", "1520250", "https://totalsolucao.com/fsco.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114495031926136972", "SmartApeSG", "0", "monitorsg"
"2025-05-12 14:19:26", "1520254", "https://www.roammco.com/profileLayout", "url", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-05-12 09:53:00", "1520087", "http://www.vatardesigns.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:53:00", "1520088", "http://www.vx1s297.top/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:53:00", "1520089", "http://www.y71751.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:53:00", "1520090", "http://www.yesite.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:53:00", "1520091", "http://www.zcc90.sbs/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520076", "http://www.romof.irish/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520077", "http://www.ronbloodtattoos.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520078", "http://www.ryt.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520079", "http://www.scritorioonline.store/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520080", "http://www.sghgs.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520081", "http://www.spainproxy129.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520082", "http://www.tfe2f.shop/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520083", "http://www.tp-jos178-a1.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520084", "http://www.ubliccnfdcbqae.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520085", "http://www.usclecarsales.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:59", "1520086", "http://www.ustraliafamilycare.store/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520066", "http://www.pcuappconnect-7x.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520067", "http://www.perturear.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520068", "http://www.rade-your-teacher.store/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520069", "http://www.raft-opia.app/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520070", "http://www.rainontheterrain.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520071", "http://www.rca-nc-test-13.fyi/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520072", "http://www.reaatendimento.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520073", "http://www.reefiremaxapk.pro/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520074", "http://www.ridgingruralcommunities.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:58", "1520075", "http://www.rimeone.fun/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520056", "http://www.ntelligenceplatform.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520057", "http://www.ochafariasbusiness.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520058", "http://www.odeinfra.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520059", "http://www.omfortemporium.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520060", "http://www.ommodity-market-29.click/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520061", "http://www.oogleplay.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520062", "http://www.ordphanter.info/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520063", "http://www.ouasd.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520064", "http://www.oyle-lawgroup.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:57", "1520065", "http://www.pblanket.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520046", "http://www.lus-size-swimsuit.today/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520047", "http://www.mallelectricarsgb.bond/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520048", "http://www.msp672.top/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520049", "http://www.naughtbooks.info/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520050", "http://www.naycrystalsava.shop/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520051", "http://www.ncryptchat.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520052", "http://www.ndreas-marketing.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520053", "http://www.nipers.digital/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520054", "http://www.notherattributeecosystem.pro/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:56", "1520055", "http://www.nsitechsolatam.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520036", "http://www.itmap.group/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520037", "http://www.itness-center-id-5619388.world/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520038", "http://www.ivajjmahal.shop/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520039", "http://www.jhekite.shop/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520040", "http://www.lainfacedproductions.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520041", "http://www.laza.construction/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520042", "http://www.lexacons.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520043", "http://www.limpsepublishing.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520044", "http://www.ljorge.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:55", "1520045", "http://www.llabordage-team.tech/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520026", "http://www.hatchadoin.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520027", "http://www.hcar.asia/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520028", "http://www.hescxpoi.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520029", "http://www.iami-florida-county.cfd/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520030", "http://www.idas-development.info/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520031", "http://www.implyhome.info/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520032", "http://www.iomar.biz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520033", "http://www.iringpartnersinc.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520034", "http://www.ishlist.run/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:54", "1520035", "http://www.isneyai.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520016", "http://www.ercowboy.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520017", "http://www.erityhub.tech/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520018", "http://www.esignedbyclaire.info/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520019", "http://www.etrev.world/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520020", "http://www.etwaymkrwell.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520021", "http://www.eviewyourdata.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520022", "http://www.fghfghf.top/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520023", "http://www.gbdth.cfd/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520024", "http://www.gencewebinaire.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:53", "1520025", "http://www.gkdemy.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520005", "http://www.ealallergystudyhall.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520006", "http://www.eddingready.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520007", "http://www.eforcertx5090.shop/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520008", "http://www.egapay.shop/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520009", "http://www.egapersoneaals.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520010", "http://www.egapromodealsdirect.world/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520011", "http://www.eilaiquan.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520012", "http://www.eltatechnologies.info/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520013", "http://www.elzz.store/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520014", "http://www.emzone.asia/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:52", "1520015", "http://www.eomappa.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1519994", "http://www.asereward.cloud/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1519995", "http://www.asternky.university/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1519996", "http://www.ataleague.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1519997", "http://www.avada129.casino/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1519998", "http://www.avada566.casino/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1519999", "http://www.azerian.fun/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1520000", "http://www.b-us-stone-panels-27f.today/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1520001", "http://www.conomicaccelerationzones.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1520002", "http://www.devgirdi.cfd/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1520003", "http://www.dgx0i.top/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:51", "1520004", "http://www.eaconfactory.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519983", "http://www.alancedteam.info/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519984", "http://www.ameweb.cloud/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519985", "http://www.aminvip3210.sbs/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519986", "http://www.ammem.info/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519987", "http://www.andersbro.net/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519988", "http://www.ar6toprea.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519989", "http://www.ar79872479489.today/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519990", "http://www.ardedout.store/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519991", "http://www.arehouse-jobs-52853.bond/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519992", "http://www.arkettelligence.net/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:50", "1519993", "http://www.arveno.online/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519973", "http://www.4260380.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519974", "http://www.4260576.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519975", "http://www.4270911.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519976", "http://www.4loj.cyou/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519977", "http://www.6wvpeijflqtm.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519978", "http://www.8299.vip/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519979", "http://www.acauchocolateonline.shop/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519980", "http://www.ahamasskate.xyz/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519981", "http://www.aiasangels.online/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:49", "1519982", "http://www.ailis.cfd/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519962", "http://www.0189.vip/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519963", "http://www.06157.club/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519964", "http://www.0929.locker/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519965", "http://www.0psrx.sbs/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519966", "http://www.1500.sbs/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519967", "http://www.1kkee321.lat/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519968", "http://www.20840682.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519969", "http://www.2345bgnrty.lol/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519970", "http://www.3groupe.business/kp18/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519971", "http://www.4249984.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 09:52:48", "1519972", "http://www.4249987.xyz/o82h/", "url", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-05-12 07:47:52", "1519919", "http://45.194.17.148:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-12 20:30:43", "100", "None", "AS140224,Nebula Global LLC,supershell", "0", "antiphishorg"
"2025-05-12 07:43:33", "1519926", "https://32.aa.4t.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2025-05-12 07:43:32", "1519925", "https://5.75.210.140/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2025-05-12 06:45:48", "1519918", "https://taraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f049d17717ff192c1ceded3b17c38c340dad6311f697a1646f6d4defecec735a/", "lumma", "0", "abuse_ch"
"2025-05-12 06:45:33", "1519917", "https://gblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f049d17717ff192c1ceded3b17c38c340dad6311f697a1646f6d4defecec735a/", "lumma", "0", "abuse_ch"
"2025-05-12 06:45:26", "1519916", "https://eovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f049d17717ff192c1ceded3b17c38c340dad6311f697a1646f6d4defecec735a/", "lumma", "0", "abuse_ch"
"2025-05-12 06:30:57", "1519914", "https://povercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c1c042539d2ced89c1d9f6d5e59aa107074e4dec28326caff4ef105515850cfa/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:45", "1519912", "https://uaraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ed8dd9ffa8d03a4ac804600448676425caa10331af95b32dec7e31ddf5417190/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:44", "1519910", "https://qovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ed8dd9ffa8d03a4ac804600448676425caa10331af95b32dec7e31ddf5417190/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:44", "1519911", "https://qposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d079d49ce3f1b91ff69ac6a9499fcaa5aa901f50f2c46b3ee20236678d6d6018/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:43", "1519909", "https://qeasterxeen.run/zavc", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7a9dffbbf917a4645a525d10a9de269c415a62f25301a1667b4d436edab42be9/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:39", "1519908", "https://ometeorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7a9dffbbf917a4645a525d10a9de269c415a62f25301a1667b4d436edab42be9/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:38", "1519907", "https://oblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7a9dffbbf917a4645a525d10a9de269c415a62f25301a1667b4d436edab42be9/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:37", "1519906", "https://ngposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/1b4972076b3097f178478a83de0b80e2f85740a02fd4c6c89ee47969543cc134/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:35", "1519905", "https://iflowerexju.bet/lanz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d079d49ce3f1b91ff69ac6a9499fcaa5aa901f50f2c46b3ee20236678d6d6018/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:30", "1519904", "https://fblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9905365a5a27296efeaac110626c79ebdca188077ec7f90b0a46bd8f6c8ef993/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:29", "1519903", "https://eblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/527214f65d4c7aaaa21db80291a9d37b9625583f5ba60b3de2226c03713660b4/", "lumma", "0", "abuse_ch"
"2025-05-12 06:25:21", "1519902", "https://1meteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d079d49ce3f1b91ff69ac6a9499fcaa5aa901f50f2c46b3ee20236678d6d6018/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:29", "1519900", "https://xfeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d74e49dd237c22caf3dd5700bdca67bcc7d636e7f57ee32860c99b283b3a7ecb/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:28", "1519899", "https://wblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b92e4cd6cb723b3105eb050b04f98b67a6ee0be36403a7c94b0419754d30599/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:27", "1519898", "https://tfeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/329a4f1dabb598a94ce8d29514b8d34cb42e370ced737a92ac5cfd82e07ef307/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:24", "1519896", "https://gsaraucahkbm.live/baneb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0c5c47f4f5021eb3504717975bc7e02c826ad8ceae902751a1f323ec4a15df86/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:24", "1519897", "https://lblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/329a4f1dabb598a94ce8d29514b8d34cb42e370ced737a92ac5cfd82e07ef307/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:23", "1519895", "https://govercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d74e49dd237c22caf3dd5700bdca67bcc7d636e7f57ee32860c99b283b3a7ecb/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:20", "1519894", "https://dinterpwthc.digital/juab", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c8df4796cab00094d7a905820adb9c7abaed6cfad3266d26d0fa9da76c195ad9/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:18", "1519893", "https://barmgek.digital/bmx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/329a4f1dabb598a94ce8d29514b8d34cb42e370ced737a92ac5cfd82e07ef307/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:17", "1519892", "https://9featurlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0c5c47f4f5021eb3504717975bc7e02c826ad8ceae902751a1f323ec4a15df86/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:16", "1519890", "https://5-4meteorplyp.live/lekp", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c8df4796cab00094d7a905820adb9c7abaed6cfad3266d26d0fa9da76c195ad9/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:16", "1519891", "https://6posseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0c5c47f4f5021eb3504717975bc7e02c826ad8ceae902751a1f323ec4a15df86/", "lumma", "0", "abuse_ch"
"2025-05-12 06:10:15", "1519889", "https://0wninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c8df4796cab00094d7a905820adb9c7abaed6cfad3266d26d0fa9da76c195ad9/", "lumma", "0", "abuse_ch"
"2025-05-12 05:54:13", "1519885", "http://crowsalt.icu/tri.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-12 05:49:09", "1519846", "http://textbin.net/raw/ohar02rduo", "url", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-12 05:46:34", "1519844", "http://disciply.nl/tmp/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2025-05-12 05:44:53", "1519839", "https://roomplot.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-12 05:34:58", "1519832", "http://traveljournal-techinsights.com/api/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "", "Amadey", "0", "abuse_ch"
"2025-05-11 19:15:04", "1519581", "http://212194cm.nyashware.ru/PhppacketmultiBaseuniversalTrackUploadsdownloads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-11 15:13:12", "1519536", "https://login.mexc-signin.kro.kr", "url", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "", "c2,kimsuky", "0", "juroots"
"2025-05-11 12:40:04", "1519524", "http://61.3.26.117:55159/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-11 08:36:01", "1519498", "http://odyssey-st.com/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196be7c-a13e-714c-9cbe-5f1874214638", "c2,odyssey,urlscan", "0", "juroots"
# Number of entries: 222