################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2025-11-09 19:43:36 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-11-09 19:43:36", "1637551", "http://urusurofhsorhfuuhl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:36", "1637552", "http://urusurofhsorhfuuho.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:36", "1637553", "http://urusurofhsorhfuuhp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637539", "http://geauhouefheuutiiip.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637540", "http://huaeokaefoaeguaehe.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637541", "http://huaeokaefoaeguaehk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637542", "http://huaeokaefoaeguaehl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637543", "http://huaeokaefoaeguaeho.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637544", "http://huaeokaefoaeguaehp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637545", "http://rzhsudhugugfugugse.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637546", "http://rzhsudhugugfugugsk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637547", "http://rzhsudhugugfugugsl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637548", "http://rzhsudhugugfugugso.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637549", "http://rzhsudhugugfugugsp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:35", "1637550", "http://urusurofhsorhfuuhk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637528", "http://gaohrhurhuhruhfsdo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637529", "http://gaohrhurhuhruhfsdp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637530", "http://gaouehaehfoaeajrse.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637531", "http://gaouehaehfoaeajrsk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637532", "http://gaouehaehfoaeajrsl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637533", "http://gaouehaehfoaeajrso.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637534", "http://gaouehaehfoaeajrsp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637535", "http://geauhouefheuutiiie.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637536", "http://geauhouefheuutiiik.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637537", "http://geauhouefheuutiiil.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:34", "1637538", "http://geauhouefheuutiiio.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637515", "http://gaoehuoaoefhuhfuge.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637516", "http://gaoehuoaoefhuhfugk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637517", "http://gaoehuoaoefhuhfugl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637518", "http://gaoehuoaoefhuhfugo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637519", "http://gaoehuoaoefhuhfugp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637520", "http://gaoheeuofhefefhute.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637521", "http://gaoheeuofhefefhutk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637522", "http://gaoheeuofhefefhutl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637523", "http://gaoheeuofhefefhuto.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637524", "http://gaoheeuofhefefhutp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637525", "http://gaohrhurhuhruhfsde.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637526", "http://gaohrhurhuhruhfsdk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:33", "1637527", "http://gaohrhurhuhruhfsdl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637503", "http://eaeuafhuaegfugeudo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637504", "http://eaeuafhuaegfugeudp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637505", "http://eguaheoghouughahse.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637506", "http://eguaheoghouughahsk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637507", "http://eguaheoghouughahsl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637508", "http://eguaheoghouughahso.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637509", "http://eguaheoghouughahsp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637510", "http://gaghpaheiafhjefije.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637511", "http://gaghpaheiafhjefijk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637512", "http://gaghpaheiafhjefijl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637513", "http://gaghpaheiafhjefijo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:32", "1637514", "http://gaghpaheiafhjefijp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637491", "http://bfagzzezgaegzgfaik.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637492", "http://bfagzzezgaegzgfail.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637493", "http://bfagzzezgaegzgfaio.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637494", "http://bfagzzezgaegzgfaip.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637495", "http://daedagheauehfuuhfe.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637496", "http://daedagheauehfuuhfk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637497", "http://daedagheauehfuuhfl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637498", "http://daedagheauehfuuhfo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637499", "http://daedagheauehfuuhfp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637500", "http://eaeuafhuaegfugeude.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637501", "http://eaeuafhuaegfugeudk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:31", "1637502", "http://eaeuafhuaegfugeudl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637481", "http://afaigaeigieufuifik.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637482", "http://afaigaeigieufuifil.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637483", "http://afaigaeigieufuifio.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637484", "http://afaigaeigieufuifip.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637485", "http://befaheaiudeuhughge.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637486", "http://befaheaiudeuhughgk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637487", "http://befaheaiudeuhughgl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637488", "http://befaheaiudeuhughgo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637489", "http://befaheaiudeuhughgp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:30", "1637490", "http://bfagzzezgaegzgfaie.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637468", "http://aeoughaoheguaoehdo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637469", "http://aeoughaoheguaoehdp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637470", "http://aeufuaehfiuehfuhfe.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637471", "http://aeufuaehfiuehfuhfk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637472", "http://aeufuaehfiuehfuhfl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637473", "http://aeufuaehfiuehfuhfo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637474", "http://aeufuaehfiuehfuhfp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637475", "http://afaeigaifgsgrhhafe.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637476", "http://afaeigaifgsgrhhafk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637477", "http://afaeigaifgsgrhhafl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637478", "http://afaeigaifgsgrhhafo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637479", "http://afaeigaifgsgrhhafp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:29", "1637480", "http://afaigaeigieufuifie.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637457", "http://aegohaohuoruitiiel.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637458", "http://aegohaohuoruitiieo.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637459", "http://aegohaohuoruitiiep.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637460", "http://aeifaeifhutuhuhuse.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637461", "http://aeifaeifhutuhuhusk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637462", "http://aeifaeifhutuhuhusl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637463", "http://aeifaeifhutuhuhuso.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637464", "http://aeifaeifhutuhuhusp.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637465", "http://aeoughaoheguaoehde.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637466", "http://aeoughaoheguaoehdk.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:28", "1637467", "http://aeoughaoheguaoehdl.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:27", "1637455", "http://aegohaohuoruitiiee.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:43:27", "1637456", "http://aegohaohuoruitiiek.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-09 19:42:43", "1637453", "https://ns3177629.ip-51-195-60.eu/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/56a83cbb-1dde-4f86-84ad-70fbe91f6d16", "c2,nosviak4,urlquery", "0", "juroots" "2025-11-09 18:01:34", "1637420", "https://desmflp.live/taig", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/251109-tz4d7sxna1", "C2,lumma,stealer,triage", "0", "DonPasci" "2025-11-09 11:35:18", "1637309", "https://masazkielce.com", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/f3f4b4c2-b4da-4b1f-8de6-ae6d4d7ed2a4", "fakecaptcha,urlquery", "0", "juroots" "2025-11-09 11:35:08", "1637306", "https://acebirdrep.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/436023c9-2bed-4edf-988e-0db99ed6fccb", "fakecaptcha,urlquery", "0", "juroots" "2025-11-09 11:35:08", "1637307", "https://birdrankopt.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/bdbc6b38-2894-410e-9d53-aacd4926ac5b", "fakecaptcha,urlquery", "0", "juroots" "2025-11-09 11:35:08", "1637308", "https://tapbirdrank.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/ff0ab497-0cd1-42ca-b776-4c5ad6abff25", "fakecaptcha,urlquery", "0", "juroots" "2025-11-09 11:35:07", "1637305", "https://sysbirdrep.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/1add5744-2ad3-452c-92bf-1d6b776f00c4", "fakecaptcha,urlquery", "0", "juroots" "2025-11-09 07:53:54", "1637235", "https://salator.es/sa1at/Y/", "url", "botnet_cc", "win.salatstealer", "None", "SalatStealer", "2025-11-09 07:53:54", "50", "https://urlquery.net/report/888f4daf-ddee-4ce8-8e2f-78ade847b3e1", "c2,salatstealer,urlquery", "0", "juroots" "2025-11-09 07:53:54", "1637236", "https://salator.es/sa1at/l/", "url", "botnet_cc", "win.salatstealer", "None", "SalatStealer", "", "50", "https://urlquery.net/report/0cb0af4d-2ee5-4a02-9c50-0b0f94381ee1", "c2,salatstealer,urlquery", "0", "juroots" "2025-11-09 07:52:47", "1637234", "http://45.156.87.7/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/019a679a-7584-763f-9fa7-9ac205c0502a", "c2,hookbot,urlscan", "0", "juroots" "2025-11-08 16:45:40", "1637061", "http://80.66.72.229/webpanel/panel/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS215540,cyberstealer,GLOBAL CONNECTIVITY SOLUTIONS LLP", "0", "antiphishorg" "2025-11-08 15:38:33", "1636917", "https://api.telegram.org/bot8376905353:AAF2XIfF2TcUiAh2b88lAHXISrfwTOjZNrU/sendMessage?chat_id=74223", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "", "None", "0", "asyncthecatlol" "2025-11-08 15:38:31", "1636920", "https://api.telegram.org/bot8024716497:AAGMO2Pb30TtUfcQ8NiXD_2h7wmrM5eq1zo/sendMessage?chat_id=80535", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "None", "0", "asyncthecatlol" "2025-11-08 13:05:25", "1637001", "https://passkby.courses/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c4e1711c4029933d1a4ec238edf1de5b275e73d7422305447742e5b713a478a0/", "lumma", "0", "abuse_ch" "2025-11-08 12:18:14", "1636986", "https://api.telegram.org/bot7640954071:AAG4HIUwOCFIvd491LU7dS96qgelReFtRgQ/sendDocument", "url", "botnet_cc", "win.pxrecvoweiwoei", "None", "PXRECVOWEIWOEI", "", "100", "https://bazaar.abuse.ch/sample/b8fe102219ac498f855d823704eba0e2973547d2ce5abaf5b91eb0f84d57e21c/", "PXRECVOWEIWOEI", "0", "NDA0E" "2025-11-08 12:01:45", "1636975", "https://saddlbo.courses/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/251108-mgngpsxldj", "C2,lumma,stealer,triage", "0", "DonPasci" "2025-11-08 10:00:03", "1636914", "https://i9.hiringimmediatelyjobs.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "50", "", "c2,vidar", "0", "juroots" "2025-11-08 08:57:27", "1636899", "https://pastebin.com/raw/F7bAhdd9", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-11-08 08:55:36", "1636383", "http://urusurofhsorhfuuhz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636372", "http://rzhsudhugugfugugsl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636373", "http://rzhsudhugugfugugsm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636374", "http://rzhsudhugugfugugsr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636375", "http://rzhsudhugugfugugss.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636376", "http://rzhsudhugugfugugsu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636377", "http://rzhsudhugugfugugsz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636378", "http://thaus.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636379", "http://urusurofhsorhfuuhl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636380", "http://urusurofhsorhfuuhm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636381", "http://urusurofhsorhfuuhr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:35", "1636382", "http://urusurofhsorhfuuhu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636363", "http://geauhouefheuutiiis.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636364", "http://geauhouefheuutiiiu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636365", "http://geauhouefheuutiiiz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636366", "http://huaeokaefoaeguaehl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636367", "http://huaeokaefoaeguaehm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636368", "http://huaeokaefoaeguaehr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636369", "http://huaeokaefoaeguaehs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636370", "http://huaeokaefoaeguaehu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:34", "1636371", "http://huaeokaefoaeguaehz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636353", "http://gaohrhurhuhruhfsdz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636354", "http://gaouehaehfoaeajrsl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636355", "http://gaouehaehfoaeajrsm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636356", "http://gaouehaehfoaeajrsr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636357", "http://gaouehaehfoaeajrss.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636358", "http://gaouehaehfoaeajrsu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636359", "http://gaouehaehfoaeajrsz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636360", "http://geauhouefheuutiiil.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636361", "http://geauhouefheuutiiim.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:33", "1636362", "http://geauhouefheuutiiir.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636344", "http://gaoheeuofhefefhutr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636345", "http://gaoheeuofhefefhuts.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636346", "http://gaoheeuofhefefhutu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636347", "http://gaoheeuofhefefhutz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636348", "http://gaohrhurhuhruhfsdl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636349", "http://gaohrhurhuhruhfsdm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636350", "http://gaohrhurhuhruhfsdr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636351", "http://gaohrhurhuhruhfsds.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:32", "1636352", "http://gaohrhurhuhruhfsdu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636334", "http://gaghpaheiafhjefiju.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636335", "http://gaghpaheiafhjefijz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636336", "http://gaoehuoaoefhuhfugl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636337", "http://gaoehuoaoefhuhfugm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636338", "http://gaoehuoaoefhuhfugr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636339", "http://gaoehuoaoefhuhfugs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636340", "http://gaoehuoaoefhuhfugu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636341", "http://gaoehuoaoefhuhfugz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636342", "http://gaoheeuofhefefhutl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:31", "1636343", "http://gaoheeuofhefefhutm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636324", "http://eguaheoghouughahsl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636325", "http://eguaheoghouughahsm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636326", "http://eguaheoghouughahsr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636327", "http://eguaheoghouughahss.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636328", "http://eguaheoghouughahsu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636329", "http://eguaheoghouughahsz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636330", "http://gaghpaheiafhjefijl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636331", "http://gaghpaheiafhjefijm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636332", "http://gaghpaheiafhjefijr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:30", "1636333", "http://gaghpaheiafhjefijs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636315", "http://daedagheauehfuuhfs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636316", "http://daedagheauehfuuhfu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636317", "http://daedagheauehfuuhfz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636318", "http://eaeuafhuaegfugeudl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636319", "http://eaeuafhuaegfugeudm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636320", "http://eaeuafhuaegfugeudr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636321", "http://eaeuafhuaegfugeuds.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636322", "http://eaeuafhuaegfugeudu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:29", "1636323", "http://eaeuafhuaegfugeudz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636305", "http://befaheaiudeuhughgz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636306", "http://bfagzzezgaegzgfail.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636307", "http://bfagzzezgaegzgfaim.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636308", "http://bfagzzezgaegzgfair.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636309", "http://bfagzzezgaegzgfais.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636310", "http://bfagzzezgaegzgfaiu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636311", "http://bfagzzezgaegzgfaiz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636312", "http://daedagheauehfuuhfl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636313", "http://daedagheauehfuuhfm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:28", "1636314", "http://daedagheauehfuuhfr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636295", "http://afaigaeigieufuifim.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636296", "http://afaigaeigieufuifir.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636297", "http://afaigaeigieufuifis.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636298", "http://afaigaeigieufuifiu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636299", "http://afaigaeigieufuifiz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636300", "http://befaheaiudeuhughgl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636301", "http://befaheaiudeuhughgm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636302", "http://befaheaiudeuhughgr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636303", "http://befaheaiudeuhughgs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:27", "1636304", "http://befaheaiudeuhughgu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636285", "http://aeufuaehfiuehfuhfs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636286", "http://aeufuaehfiuehfuhfu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636287", "http://aeufuaehfiuehfuhfz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636288", "http://afaeigaifgsgrhhafl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636289", "http://afaeigaifgsgrhhafm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636290", "http://afaeigaifgsgrhhafr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636291", "http://afaeigaifgsgrhhafs.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636292", "http://afaeigaifgsgrhhafu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636293", "http://afaeigaifgsgrhhafz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:26", "1636294", "http://afaigaeigieufuifil.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636275", "http://aeifaeifhutuhuhusz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636276", "http://aeoughaoheguaoehdl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636277", "http://aeoughaoheguaoehdm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636278", "http://aeoughaoheguaoehdr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636279", "http://aeoughaoheguaoehds.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636280", "http://aeoughaoheguaoehdu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636281", "http://aeoughaoheguaoehdz.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636282", "http://aeufuaehfiuehfuhfl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636283", "http://aeufuaehfiuehfuhfm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:25", "1636284", "http://aeufuaehfiuehfuhfr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636265", "http://aegohaohuoruitiiem.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636266", "http://aegohaohuoruitiier.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636267", "http://aegohaohuoruitiies.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636268", "http://aegohaohuoruitiieu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636269", "http://aegohaohuoruitiiez.io/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636270", "http://aeifaeifhutuhuhusl.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636271", "http://aeifaeifhutuhuhusm.to/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636272", "http://aeifaeifhutuhuhusr.su/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636273", "http://aeifaeifhutuhuhuss.top/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:24", "1636274", "http://aeifaeifhutuhuhusu.cc/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:55:23", "1636264", "http://aegohaohuoruitiiel.co/", "url", "botnet_cc", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "50", "", "c2,phorpiex", "0", "juroots" "2025-11-08 08:54:26", "1636259", "https://api.telegram.org/bot5477996112:AAHFnfZff6lPd1lkgcmu64s9nGrtYzvBCSA/", "url", "botnet_cc", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2025-11-08 10:23:07", "50", "", "agenttesla,c2", "0", "juroots" "2025-11-08 08:54:26", "1636260", "https://api.telegram.org/bot8297071814:AAHqYVKuE0VgFLdi5G3etJdzFfbp0S7n0Wc/", "url", "botnet_cc", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2025-11-08 10:23:06", "50", "", "agenttesla,c2", "0", "juroots" "2025-11-08 08:53:37", "1636257", "https://standard-analytics-endpoint-54.s3.ca-central-1.amazonaws.com/hni5tbx?ID=HKm5pSzDhO", "url", "payload_delivery", "win.xworm", "None", "XWorm", "", "50", "https://urlquery.net/report/9ed6a48c-24b5-4066-9ca4-f9efe72b53ea", "c2,urlquery,xworm", "0", "juroots" "2025-11-08 08:53:37", "1636258", "https://standard-analytics-endpoint-54.s3.ca-central-1.amazonaws.com/hni5tbx?ID=4uZIGzgg", "url", "payload_delivery", "win.xworm", "None", "XWorm", "", "50", "https://urlquery.net/report/f661d328-87fa-473d-b279-4d51ad4835f6", "c2,urlquery,xworm", "0", "juroots" "2025-11-08 08:53:36", "1636256", "https://standard-analytics-endpoint-54.s3.ca-central-1.amazonaws.com/hni5tbx?ID=i5WJkZX7U", "url", "payload_delivery", "win.xworm", "None", "XWorm", "", "50", "https://urlquery.net/report/b23932e7-4f93-4812-82bb-230d076f10aa", "c2,urlquery,xworm", "0", "juroots" "2025-11-08 08:52:46", "1636255", "https://178.236.252.126/d1efdd996aae4f49.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/019a62ab-0288-7220-a40e-cd0fcdce9a3d", "c2,stealc,urlscan", "0", "juroots" "2025-11-08 08:50:45", "1636253", "https://123123123.asia/", "url", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "50", "https://urlscan.io/result/019a62a9-2c4d-75d9-92d0-1e6184ba1e2e", "c2,spynote,urlscan", "0", "juroots" "2025-11-08 07:38:44", "1636117", "https://solomand.pro/xss/buf.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2025-11-08 07:38:43", "1636118", "https://solomand.pro/xss/index.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2025-11-08 07:38:42", "1636123", "https://pixelnoased.com/xss/index.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2025-11-08 07:38:40", "1636121", "https://pixelnoased.com/xss/buf.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2025-11-08 07:38:36", "1636125", "https://journeywekk.com/xss/buf.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2025-11-08 07:38:36", "1636126", "https://journeywekk.com/xss/index.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "SmartApeSG", "0", "HuntYethHounds" "2025-11-08 06:04:58", "1636184", "http://maskofmistery.icu/index.php", "url", "botnet_cc", "win.azorult", "PuffStealer,Rultazo", "Azorult", "", "100", "https://tria.ge/251108-a9cvfszmhk", "azorult,C2,rat,triage", "0", "DonPasci" "2025-11-08 06:02:21", "1636183", "http://anfesq.com", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "https://tria.ge/251108-bk29gszqaq", "amadey,C2,loader,triage", "0", "DonPasci" # Number of entries: 252