################################################################
# ThreatFox IOCs: recent domains - CSV format                  #
# Last updated: 2024-07-02 05:26:47 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2024-07-02 05:26:47", "1292018", "fortnite.cryptoinvest.black", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-07-02 05:26:45", "1292016", "mistasktrin.space", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "80", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 23:59:15", "1292074", "ci-wiki.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 22:14:51", "1292035", "heart-direct.online", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "AS56971 AS56971 Cloud,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 18:02:41", "1292006", "brithcaymo.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:41", "1292007", "ernofilosta.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:41", "1292008", "lofirenqveg.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:40", "1292009", "manclinoste.website", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:40", "1292010", "prodetanoes.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:39", "1292011", "prufkespotr.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:39", "1292012", "shopboksret.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 18:02:44", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:38", "1292013", "trymeakafr.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 17:48:59", "1292004", "lmfaololxdlmfaolmfao.xyz", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://bazaar.abuse.ch/sample/9df16e009504f0524cd6b1d571094ecd269147e7f9c22210a5cafb93c0806260/", "MooBot", "0", "abuse_ch"
"2024-07-01 17:43:38", "1291992", "joeyrichl.top", "domain", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/hosts/91.245.253.10", "Bianlian Go Troja", "0", "Syndikalist"
"2024-07-01 17:43:35", "1291769", "vegetachcnc.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:31", "1291789", "propertyclosings.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112711409813746499", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:29", "1291794", "speedchaoptimise.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-01 17:43:29", "1291795", "frontendcodingtips.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-01 17:43:28", "1291991", "tppen-op.one", "domain", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/hosts/91.245.253.10", "Bianlian Go Troja", "0", "Syndikalist"
"2024-07-01 17:43:27", "1291993", "gard-ner-toyota.com", "domain", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/hosts/91.245.253.10", "Bianlian Go Troja", "0", "Syndikalist"
"2024-07-01 17:43:26", "1291996", "daslkjfhi2.shop", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2024-07-01 17:43:24", "1291998", "beetrootculture.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SmartApeSG", "0", "monitorsg"
"2024-07-01 12:32:40", "1291785", "zug-login.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291775", "agovaccess-ch.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291776", "b2cidp-mobilier.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291777", "eportal-be.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291778", "eportal-bs.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291779", "finanzportal-vermogenzsentrum.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291780", "finanzportal-vermogenzsentrum.net", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291781", "getgrammerly.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291782", "loginzug.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291783", "portals-swisslife.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291784", "sso-geneveid.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291381", "cx5519.com", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291382", "evilos.cc", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291383", "gebeus.ru", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291384", "office-techs.biz", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:16", "1291353", "asdaryder.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 09:39:13", "1291357", "anmon.name", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "AndrMonitor,AnMon", "0", "NDA0E"
"2024-07-01 09:39:13", "1291376", "indepahote.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 18:00:24", "50", "", "None", "1", "ian_kenefick"
"2024-07-01 09:39:12", "1291377", "movegomove.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 18:02:43", "50", "", "None", "1", "ian_kenefick"
"2024-07-01 07:43:44", "1291351", "pcvcf.xyz", "domain", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "", "ACR Stealer", "0", "crep1x"
"2024-07-01 07:43:44", "1291352", "padrf.xyz", "domain", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "", "ACR Stealer", "0", "crep1x"
"2024-07-01 06:45:54", "1291283", "googledocs.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:53", "1291285", "provided-existence.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:52", "1291287", "them-recommended.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-06-30 21:00:04", "1291297", "londopas.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:42:02", "75", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2024-06-30 21:00:03", "1291296", "berjimek.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:42:02", "75", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2024-06-30 19:56:02", "1291289", "tydyjtdfjhtf.con-ip.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 19:16:02", "1291277", "kaylen.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:02", "1291278", "ymuren.top", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:02", "1291279", "corysy.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:02", "1291280", "soterios.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291275", "kotawa.top", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291276", "aliszon.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 18:54:02", "1291253", "api.chinacec.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 16:25:47", "100", "None", "CobaltStrike,cs-watermark-100000,HostPapa", "0", "drb_ra"
"2024-06-30 16:44:45", "1291058", "poliyhedira.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:44", "1291056", "nightciows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:44", "1291057", "nightcirows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:43", "1291054", "modoe.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:42", "1291055", "network.polyhedrao.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:41", "1291051", "modeu.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:41", "1291052", "modew.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:41", "1291053", "modne.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:40", "1291050", "m.chainlirst.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:39", "1291047", "jitou.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:39", "1291048", "jitoz.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:39", "1291049", "kr.nightciows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:38", "1291045", "jitco.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:38", "1291046", "jitot.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:37", "1291043", "finance.aerodirome.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:37", "1291044", "io.dedusit.io", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:36", "1291030", "chainlirst.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:35", "1291029", "chaimlstr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:35", "1291031", "chainlirstr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:34", "1291032", "chainlistr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:33", "1291033", "chairnlirst.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:33", "1291034", "chairnlist.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:33", "1291035", "co.kr.nightciows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:32", "1291036", "dediust.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:32", "1291037", "dedlust.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:31", "1291038", "dedrust.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:31", "1291039", "dedusit.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:30", "1291040", "dedusit.io", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:30", "1291041", "dedust.io.dedusit.io", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:29", "1291042", "ere.yesis-store.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:28", "1291026", "aerodrome.finance.aerodirome.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:28", "1291027", "aerodromr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:28", "1291028", "chaimlistr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:27", "1291024", "aerodomc.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:27", "1291025", "aerodomr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:26", "1291022", "aerodirome.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:26", "1291023", "aerodiromr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:25", "1291021", "aerodiomc.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:17", "1291077", "seeditfyu.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:16", "1291076", "seeditfyr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:16", "1291078", "seeditfyv.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:15", "1291075", "seeditfyn.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:14", "1291072", "seeditfyc.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:14", "1291073", "seeditfyi.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:14", "1291074", "seeditfym.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:13", "1291069", "raydiuv.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:13", "1291070", "raydiux.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:13", "1291071", "raydiuz.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:12", "1291067", "raydiur.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:12", "1291068", "raydiuu.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:11", "1291064", "raydiue.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:11", "1291065", "raydiui.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:11", "1291066", "raydiul.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:10", "1291063", "raydima.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291059", "polyhedra.network.polyhedrao.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291060", "polyhedrao.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291061", "polyhedrao.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291062", "polyhiadira.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:07", "1291081", "stream.pascalsoftware.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:06", "1291079", "sitemaps.chainlistr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:06", "1291080", "specialdrilling38.ru", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:05", "1291082", "synflntues.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:05", "1291083", "synfntueis.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:05", "1291085", "nsafabole.store", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:03", "1291084", "synfntuies.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:01", "1291086", "sanchezandmore.shop", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:00", "1291095", "77-220-212-71.netherlands-2.vps.ac", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Fletchen,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:55", "1291020", "82-147-85-159.networktube.net", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:54", "1291016", "boats.cloudboats.vip", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-06-30 10:13:30", "1291013", "c2.yuyake.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 16:19:34", "100", "None", "CobaltStrike,cs-watermark-987654321,PEG-LA", "0", "drb_ra"
"2024-06-30 10:13:19", "1291010", "www.qianxinnbplus.xyz", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 16:20:00", "100", "None", "CobaltStrike,cs-watermark-666666666,HKLNIL Landui Cloud ComputingHK Limited", "0", "drb_ra"
"2024-06-30 08:06:59", "1291000", "conn.masjesu.zip", "domain", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 07:49:14", "1290988", "connect.bolo-botnet.net", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://bazaar.abuse.ch/sample/77bac2b4723bdb6551cb2ed5d72075b68370b197ae59c321ae0ac0f6a02fb68b/", "MooBot", "0", "abuse_ch"
"2024-06-30 07:33:47", "1290809", "ellaboratepwsz.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:44", "1290800", "contintnetksows.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:44", "1290801", "reinforcedirectorywd.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:43", "1290798", "potterryisiw.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:43", "1290799", "foodypannyjsud.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:42", "1290797", "piedsiggnycliquieaw.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:39", "1290511", "botnet.4gnekoland.top", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest"
"2024-06-30 07:33:35", "1290810", "pedestriankodwu.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:35", "1290811", "penetratedpoopp.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:34", "1290812", "swellfrrgwwos.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:34", "1290813", "towerxxuytwi.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
# Number of entries: 140