################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2025-01-26 04:25:13 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-01-26 04:25:13", "1394250", "http://cp89183.tw1.ru/7205b5f0.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-26 01:50:13", "1394204", "http://a1067559.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-26 00:05:15", "1394201", "http://kreker.top/geoMultiWordpressUploads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-26 00:05:12", "1394200", "http://cz25672.tw1.ru/004ac43a.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-25 23:55:10", "1394166", "http://188.120.225.2/ApidbdleCdntemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-25 18:25:08", "1394081", "http://799615cm.nyashnyash.ru/linecpuProcessorLongpollProtectdbdatalifetempTemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-25 17:44:59", "1394074", "http://lginchimfgfckeb.top/t9s1nq4j3lhtr.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://bazaar.abuse.ch/sample/7ec5291a9ee4eb295562dd613bc2d5562072800a052c6791f301761a00fed65c/", "KongTuke", "0", "abuse_ch" "2025-01-25 17:34:26", "1393921", "https://api.telegram.org/bot7653235193:AAErxT3f2W-qzTimIvxT1DS_F7PBHDXW3fc/sendMessage", "url", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "25January2025,iocbottest", "0", "Gi7w0rm" "2025-01-25 17:34:10", "1393907", "https://solve.xgnv.org/awjsx.captcha", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "75", "", "clearfake,clickfix", "1", "ttakvam" "2025-01-25 17:33:43", "1393964", "http://147.45.44.190", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "None", "25January2025,iocbottest", "0", "Gi7w0rm" "2025-01-25 17:33:42", "1393979", "https://climepunneddus.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:41", "1393980", "https://flockefaccek.org/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:41", "1393981", "https://guardeduppe.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:40", "1393982", "https://babberstalek.org/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:40", "1393983", "https://classyhelped.net/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:39", "1393984", "https://carrystuppeder.net/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:39", "1393985", "https://rebuildhurrte.com/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://tria.ge/250125-qpxl5avjfv/", "None", "0", "aachum" "2025-01-25 17:33:26", "1393995", "http://8.210.146.82:18888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "Alibaba (US) Technology Co. Ltd.,AS45102,supershell", "0", "antiphishorg" "2025-01-25 16:50:06", "1394063", "http://pole4udes.ru/ExternalVideoTosecurePacketgeoApiServerWordpressdle.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-25 16:31:12", "1394052", "http://cutlej02.top/download.php?file=wapude.exe", "url", "payload_delivery", "win.cryptbot", "None", "CryptBot", "", "50", "", "cryptbot", "0", "juroots" "2025-01-25 16:30:50", "1394051", "http://faodrt28.top/index.php", "url", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "50", "", "c2,cryptbot", "0", "juroots" "2025-01-25 16:28:10", "1394048", "http://139.196.206.41:8080/", "url", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "", "50", "https://urlscan.io/result/c5c82047-0a7e-48ba-93f3-523f04671fa0", "c2,chaos,urlscan", "0", "juroots" "2025-01-25 16:27:06", "1394047", "http://85.28.47.70/c10a74a0c2f42c12/vcruntime140.dll", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/b6b3683d-0bef-4931-853e-63b4a8794e74", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 16:27:05", "1394046", "http://93.123.39.132/cdb52cf952e86d4b/sqlite3.dll", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/d855e5fb-533e-4161-a8ca-a2aed3394f7d", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 14:30:05", "1393994", "http://176.123.1.211/dbDatalifeprivatecdn.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-25 13:10:05", "1393978", "http://cf17360.tw1.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch" "2025-01-25 09:44:50", "1393825", "http://1.94.105.216:8000/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS55990,Huawei Cloud Service data center,supershell", "0", "antiphishorg" "2025-01-25 09:44:50", "1393886", "https://karaakcan242.xyz/NTFkNjVmNTMyODdh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-25 09:44:49", "1393887", "https://barcelonacokhojdur34.com/NTFkNjVmNTMyODdh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-25 09:44:49", "1393888", "https://pejo106gtialsana34.com/NTFkNjVmNTMyODdh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-25 09:44:48", "1393889", "https://reksonailemutluol434.com/NTFkNjVmNTMyODdh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-25 09:44:48", "1393890", "https://cocolaickeyflen34.com/NTFkNjVmNTMyODdh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-25 09:32:17", "1393896", "http://154.61.74.64/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/fb400a7d-b9e2-40a3-bdd6-42c6e003074e", "c2,hookbot,urlscan", "0", "juroots" "2025-01-25 06:51:28", "1393823", "http://175.178.123.40:8888/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/09b6c71b-04b4-486a-a221-b202caaaa761", "c2,supershell,urlscan", "0", "juroots" "2025-01-25 06:50:36", "1393822", "https://trumpclaim.org/file.mp3", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/2aa1bdea-958f-4968-82ef-bd8565889c0d", "fakecaptcha,urlscan", "0", "juroots" "2025-01-25 06:50:35", "1393821", "https://trumpclaim.org/5-58324124/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/e898ec4e-10f3-48e6-98c1-48be21f1d1f9", "fakecaptcha,urlscan", "0", "juroots" "2025-01-25 06:43:26", "1393820", "http://64.95.13.166/c262c2557c712ca5/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/12bc0823-31a1-4b15-ac4e-84d557e45ee5", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 06:43:25", "1393819", "http://64.95.13.166/c262c2557c712ca5/mozglue.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/cedfccf9-38bd-4721-845e-2e26825ee3b9", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 06:43:24", "1393817", "http://193.233.134.93/2bbda8fbc3a204ca/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/06ba95bc-8342-4969-bd79-8fb770096124", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 06:43:24", "1393818", "http://45.152.113.10/15a25e53742510fe/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/ad1e9673-fb90-4673-9e5d-7bf8cfe38110", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 06:43:23", "1393816", "https://116.203.125.44/55f8f885bc7c41c8/sqlite3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/f5f28fdb-3f87-4af9-bf28-c9b09a11283a", "dll,stealc,urlscan", "0", "juroots" "2025-01-25 06:00:47", "1393751", "https://gacisosh75.xyz/Y2VkNDY3OTIxNjc0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-01-25 06:00:44", "1393745", "https://comtekinc.com/51w3.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113885840569440370", "KongTuke", "0", "monitorsg" "2025-01-25 06:00:44", "1393746", "https://comtekinc.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113885840569440370", "KongTuke", "0", "monitorsg" "2025-01-24 19:45:24", "1393695", "https://teamfuels.com/modules/inc/get.php", "url", "botnet_cc", "win.konni", "None", "Konni", "", "100", "https://x.com/JangPr0/status/1882391784631976014", "APT,Konni", "0", "abuse_ch" "2025-01-24 19:45:24", "1393696", "http://forum.flasholr-app.com/wp-admin/src/upload.php", "url", "botnet_cc", "win.konni", "None", "Konni", "", "100", "https://x.com/JangPr0/status/1882391784631976014", "APT,Konni", "0", "abuse_ch" "2025-01-24 19:25:53", "1393595", "https://asdkjshdakjshdkajs.hk/MTBiYTAyMTk0NzJj/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:53", "1393596", "https://askjhksajhkajhskajhsa.hk/MTBiYTAyMTk0NzJj/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:53", "1393597", "https://kokmokmokokmokmok.hk/MTBiYTAyMTk0NzJj/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:52", "1393598", "https://iuhiuhiuhiuhuihiuiuh.hk/MTBiYTAyMTk0NzJj/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:52", "1393599", "https://jtfersion.com/YWFiM2VkMmFmNWFh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:52", "1393600", "https://kineomager.net/YWFiM2VkMmFmNWFh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:51", "1393601", "https://aberinogerd.com/YWFiM2VkMmFmNWFh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:51", "1393602", "https://nolevibanget.net/YWFiM2VkMmFmNWFh/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-01-24 19:25:50", "1393603", "https://sinobz.com/6g5f.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113884671294976713", "KongTuke", "0", "monitorsg" "2025-01-24 19:19:55", "1393446", "https://sinobz.com/2l9j.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883977253939723", "KongTuke", "0", "monitorsg" "2025-01-24 19:19:55", "1393447", "https://sinobz.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883977253939723", "KongTuke", "0", "monitorsg" "2025-01-24 19:08:55", "1393692", "http://kendallsuccess.com/front.php", "url", "botnet_cc", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "https://bazaar.abuse.ch/sample/8d8babad52f2ec520ca4d1d4eb1c7a7a8ca85b919d4d52dd519f7b1f67c42001/", "LegionLoader,Satacom", "0", "abuse_ch" "2025-01-24 19:08:13", "1393690", "http://stealthidea.monster/front.php", "url", "botnet_cc", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "https://bazaar.abuse.ch/sample/c3bb3957d62c6c6fb3e067b90d92427aa70d14f95f4a82f93eef061c2ae1a922/", "LegionLoader,Satacom", "0", "abuse_ch" "2025-01-24 18:43:58", "1393613", "https://pastebin.com/raw/erNS5DCf", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-24 18:43:57", "1393611", "https://pastebin.com/raw/MdNNLDrU", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-24 18:43:57", "1393612", "https://pastebin.com/raw/aVpjakPZ", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-01-24 18:41:48", "1393610", "https://jupuary.claims/", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/aa5abd58-f19c-4c63-a00f-48919652743e", "fakecaptcha,lumma,urlscan", "0", "juroots" "2025-01-24 18:40:52", "1393609", "http://45.88.76.205/c7e63ca2acee2937/mozglue.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/c50e2ca8-9fcb-4f7e-884b-9a514f3358b5", "dll,stealc,urlscan", "0", "juroots" "2025-01-24 18:40:51", "1393608", "http://64.95.13.166/c262c2557c712ca5/sqlite3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/00ebe3a5-7f52-40c8-8156-b353c28b2d2e", "dll,stealc,urlscan", "0", "juroots" "2025-01-24 18:40:50", "1393607", "http://94.142.138.240/5bb6c0fcffd2a07e/sqlite3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/8a7ad557-bbee-47a4-b478-fa3a9773b6c8", "dll,stealc,urlscan", "0", "juroots" "2025-01-24 15:02:11", "1393442", "https://scrayshutt.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:11", "1393443", "https://coalliste.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:10", "1393437", "https://fashiontrendsfe.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:10", "1393438", "https://numbercloudez.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:10", "1393439", "https://endangeburen.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:10", "1393440", "https://cn.klipkunefia.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:10", "1393441", "https://learballe.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:09", "1393435", "https://paleboreei.biz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 15:02:09", "1393436", "https://desertedivi.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "c2,lumma,stealer,virustotal", "0", "DonPasci" "2025-01-24 14:55:04", "1393410", "http://30ht.com.w.kunlunpi.com:80/mall_100_100.html", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/ad8fc70a35f36dc2648a7d3b2ea67b70bca79e498f7375577d1f7d77e24d9fc3/", "cobaltstrike", "0", "abuse_ch" "2025-01-24 14:53:13", "1393400", "http://ecmkkjcfdbjfbkf.top/1.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883726542717379", "KongTuke", "0", "monitorsg" "2025-01-24 14:53:13", "1393401", "https://cialispanettet.top/work/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883731562232680", "SmartApeSG", "0", "monitorsg" "2025-01-24 14:53:12", "1393405", "https://terrenalia.com/Trust.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883731562232680", "SmartApeSG", "0", "monitorsg" "2025-01-24 14:53:11", "1393403", "https://cialispanettet.top/work/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883731562232680", "SmartApeSG", "0", "monitorsg" "2025-01-24 14:53:11", "1393404", "https://cialispanettet.top/work/files.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/113883731562232680", "SmartApeSG", "0", "monitorsg" "2025-01-24 14:53:10", "1393407", "https://tradersneez.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "24January2025,iocbottest", "0", "Gi7w0rm" "2025-01-24 14:53:10", "1393408", "https://sheayingero.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "24January2025,iocbottest", "0", "Gi7w0rm" "2025-01-24 14:20:11", "1393406", "https://recessiowirs.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ffcba56c943bd2e56ccc64c5c7b2b8d30d6068ef97a2c7245b54a3281bd75d48/", "lumma", "0", "abuse_ch" "2025-01-24 14:01:45", "1393399", "https://thefashioniststop.top/api", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "", "clearfake,clickfix", "1", "ttakvam" "2025-01-24 13:15:55", "1393397", "https://solve.gyke.org/awjsx.captcha", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "", "clearfake,clickfix", "1", "ttakvam" "2025-01-24 11:45:26", "1393371", "https://indybike.shop/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-01-24 09:43:15", "1393359", "https://bunifuframework.com/checkout?edd_action=add_to_cart&download_id=25428", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "shortloader", "0", "juroots" "2025-01-24 08:20:52", "1393265", "https://sharethewebs.click/must-clear-this-check.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:52", "1393266", "https://sos-ch-dk-2.exo.io/last/page/complete-and/must-complete-to-continue-re6.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:52", "1393267", "https://ghazaano.shop/Need-to-Pass-this-Stepv2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:52", "1393268", "https://oliveroh.shop/pass-this-step-to-continue-s7.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:52", "1393269", "https://espiano.shop/proceed-to-next-page-riii1.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:52", "1393270", "https://sos-ch-gva-2.exo.io/instance-of/verification/path-to-next-7.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:51", "1393259", "https://diamondrushed.com/play.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:51", "1393260", "https://googlsearchings.cfd/you-have-to-pass-this-step-2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:51", "1393261", "https://sharethewebs.click/you-have-to-pass-this-step-2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:51", "1393262", "https://sos-ch-dk-2.exo.io/last-instance/to-verify/pass-this-step-to-continue-s6.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:51", "1393263", "https://iconcart.shop/must-clear-this-check-rii.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:51", "1393264", "https://googlsearchings.online/you-have-to-pass-this-step-2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393252", "https://kizmond.shop/myforwarding-path-gotov01.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393253", "https://speedmastere.com/play.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393254", "https://rezomof.shop/pass-this-step-to-continue-s7.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393255", "https://luxeorbit.shop/you-have-to-pass-this-step-2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393256", "https://bazaar.abuse.ch/download/34f8309b94241f6e5b24/", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393257", "https://dokedok.shop/pass-this-step-to-go-next-riii1n.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:50", "1393258", "https://sharethewebs.cfd/must-clear-this-check.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393245", "https://sos-at-vie-1.exo.io/sotbuck/next/step/to/have-to-pass-this-step-web5.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393246", "https://celebrationshub.shop/continue-to-browse.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393247", "https://royaltyfree.pics/have-to-pass-this-step.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393248", "https://cubesmatch.com/play.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393249", "https://sos-ch-dk-2.exo.io/onr/play.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393250", "https://sos-bg-sof-1.exo.io/kierendisk/strangled/path/final/keep-browsing-to-continue-web-s5.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:49", "1393251", "https://sos-ch-gva-2.exo.io/instance-of/verification/pass-to-continue-s7.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393237", "https://sos-de-muc-1.exo.io/after/clear/then/continue-ri-1.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393238", "https://retrosome.shop/proceed-to-next-page-riii2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393239", "https://jazmina.shop/pass-this-step-to-go-next-riii2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393240", "https://norpor.shop/surfing-toward-next-pagev2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393241", "https://bestinthemarket.com/courses.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393242", "https://edidos.shop/pass-this-step-to-go-further-riii1.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393243", "https://joopshoop.shop/speedy-check-waitv111.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:48", "1393244", "https://sos-at-vie-2.exo.io/simulation/continue/ruweb/keep-browsing-to-continue-web-55.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:20:47", "1393236", "https://gustavu.shop/path0forwarding-stepv2.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://github.com/netskopeoss/NetskopeThreatLabsIOCs/tree/main/Malware/LummaStealer/IOCs", "fakecaptcha,lumma", "0", "juroots" "2025-01-24 08:14:28", "1392726", "http://64.95.13.166/4c0eeee3a4b86b26.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://tria.ge/250124-hs7x9swkhx", "None", "0", "lontze7" "2025-01-24 06:41:45", "1392438", "https://resso-security.com/1-723628312/23748237478234-nightly.zip", "url", "payload_delivery", "win.hijackloader", "DOILoader,GHOSTPULSE,IDAT Loader,SHADOWLADDER", "HijackLoader", "", "100", "", "HijackLoader,LummaC2", "0", "CyberRaiju" "2025-01-24 06:41:44", "1392441", "https://hamdickaros24.xyz/Y2VkNDY3OTIxNjc0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-01-24 06:41:43", "1392442", "https://momocanlivekello.xyz/ZDBhYWRlZWY0ZjU3/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "None", "None", "0", "agesipolis1" "2025-01-24 06:41:43", "1392480", "http://royalsailtravel.ru/Sacc/PvqDq929BSx_A_D_M1n_a.php", "url", "botnet_cc", "apk.lokibot", "None", "LokiBot", "", "100", "None", "AS401116,lokibot,Nybula LLC,REGTIME-RU", "0", "antiphishorg" "2025-01-24 06:41:42", "1392481", "http://37.114.55.137:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS44486,Oliver Horscht is trading as "SYNLINQ",supershell", "0", "antiphishorg" "2025-01-24 06:41:40", "1392439", "https://resso-security.com/as.txt", "url", "payload_delivery", "win.hijackloader", "DOILoader,GHOSTPULSE,IDAT Loader,SHADOWLADDER", "HijackLoader", "", "100", "", "HijackLoader,LummaC2", "0", "CyberRaiju" "2025-01-24 06:40:44", "1392578", "http://stair585.com/779fb289f76f2873.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "50", "", "c2,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392568", "http://stair585.com/eaaed93d3234132f/softokn3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392569", "http://stair585.com/eaaed93d3234132f/sqlite3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392570", "http://stair585.com/eaaed93d3234132f/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392571", "http://unlikeget.top/f059ec3d7eb90876/freebl3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392572", "http://unlikeget.top/f059ec3d7eb90876/mozglue.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392573", "http://unlikeget.top/f059ec3d7eb90876/msvcp140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392574", "http://unlikeget.top/f059ec3d7eb90876/nss3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392575", "http://unlikeget.top/f059ec3d7eb90876/softokn3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392576", "http://unlikeget.top/f059ec3d7eb90876/sqlite3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:22", "1392577", "http://unlikeget.top/f059ec3d7eb90876/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:21", "1392564", "http://stair585.com/eaaed93d3234132f/freebl3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:21", "1392565", "http://stair585.com/eaaed93d3234132f/mozglue.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:21", "1392566", "http://stair585.com/eaaed93d3234132f/msvcp140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:21", "1392567", "http://stair585.com/eaaed93d3234132f/nss3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "", "dll,stealc", "0", "juroots" "2025-01-24 06:40:04", "1392561", "http://182.117.2.241:44571/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-01-24 06:39:08", "1392560", "https://dl.dropbox.com/s/p84aaz28t0hepul/Pass.exe?dl=0", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "exe,shortloader", "0", "juroots" "2025-01-24 06:38:43", "1392556", "https://bunifuframework.com", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "", "c2,shortloader", "0", "juroots" "2025-01-24 06:38:43", "1392557", "https://bunifuframework.com/checkout?edd_action=add_to_cart&download_id=25428", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "", "c2,shortloader", "0", "juroots" "2025-01-24 06:38:43", "1392558", "https://bunifuframework.com/pricing", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "", "c2,shortloader", "0", "juroots" "2025-01-24 06:38:43", "1392559", "https://bunifuframework.com/support", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "", "c2,shortloader", "0", "juroots" "2025-01-24 06:38:42", "1392555", "https://api.bfl.bunifu.io/api/license/key/device", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "", "c2,shortloader", "0", "juroots" "2025-01-24 06:30:08", "1392538", "https://royalsailtravel.ru/Sacc/PvqDq929BSx_A_D_M1n_a.php", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "50", "https://urlscan.io/result/7274af91-065e-468c-b344-754069557395", "c2,lokibot,urlscan", "0", "juroots" "2025-01-24 06:29:06", "1392537", "http://185.208.159.36/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/e43dd606-e661-4ad8-9d47-55a8da5200e2", "c2,hookbot,urlscan", "0", "juroots" "2025-01-24 06:28:11", "1392536", "https://wetransfer.game-net.site/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/874190f0-cf21-4f03-8f85-23706f2e4f76", "clickfix,fakecaptcha,urlscan", "0", "juroots" "2025-01-24 06:28:10", "1392535", "https://rhsantander.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0f1c255b-d6dc-4ee9-9e35-fe6c06d528e6", "clickfix,fakecaptcha,urlscan", "0", "juroots" "2025-01-24 06:26:59", "1392534", "http://45.91.201.142/ef0d63d53ef3bb6c/vcruntime140.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/80fb6649-dc05-4226-ab11-e2256840f5ab", "dll,stealc,urlscan", "0", "juroots" "2025-01-24 06:26:57", "1392533", "http://45.88.76.205/c7e63ca2acee2937/sqlite3.dll", "url", "payload_delivery", "win.stealc", "None", "Stealc", "", "50", "https://urlscan.io/result/d666b2f1-e0af-40fe-896c-6c401f5cd45c", "dll,stealc,urlscan", "0", "juroots" "2025-01-24 06:26:21", "1392531", "https://tuttlecombe.click/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/4ea8fee7-685a-45af-a44f-4760b0bc96cf", "c2,lumma,urlscan", "0", "juroots" "2025-01-24 06:26:21", "1392532", "https://latechilderni.cyou/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/8b619367-3155-45bd-ba19-0589eca70866", "c2,lumma,urlscan", "0", "juroots" "2025-01-24 06:10:07", "1392507", "http://www.6xh2cwlp.sched.v1lego.tdnsvod1.cn:443/compute/cd/K7BA6V385V", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/ef4b25b1d3d115e2c8997e8dee2a94643e02eb8323f0b1f208b06e5eeea488dd/", "cobaltstrike", "0", "abuse_ch" # Number of entries: 161