################################################################ # ThreatFox IOCs: recent domains - CSV format # # Last updated: 2025-09-03 05:19:04 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-09-03 05:19:04", "1581049", "tfy.hifeboi3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-03 05:18:04", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:17", "1581047", "oh.qecufey7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-03 04:21:45", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:14", "1580718", "rt.tygilyo.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 18:22:33", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:13", "1580722", "tp.sewumoa.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 18:53:47", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:13", "1580724", "hlc.sewumoa.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 19:22:00", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:12", "1580744", "tqx.sewedau.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 20:23:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:11", "1580756", "gicaway3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 21:14:39", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:10", "1580754", "wg.gevicii.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 20:52:39", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:09", "1580745", "loi.sewumoa.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 20:26:32", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:09", "1580746", "sc.tygilyo.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 20:30:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:08", "1580757", "erq.vuzojiu9.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 22:22:11", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:08", "1580759", "drg.kidizue6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 22:52:33", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:07", "1580760", "clq.hifeboi3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 23:23:34", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:07", "1580990", "ldl.fozomya6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-03 01:26:03", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:58:07", "1580991", "si.kidizue6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-03 01:56:08", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-03 04:00:07", "1580998", "app.xinzyun.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/45.207.193.76+app.xinzyun.cn", "AS401696,C2,censys,COGNETCLOUD", "0", "dyingbreeds_" "2025-09-03 02:49:18", "1580992", "www.fwefwefwe.xyz", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-09-03 04:49:41", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-09-03 00:01:37", "1580776", "r.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-09-03 04:01:07", "100", "https://search.censys.io/hosts/185.161.209.117+r.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-09-03 00:01:24", "1580774", "www.landownerdozenguard.com", "domain", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/185.208.158.155+www.landownerdozenguard.com", "AS42624,C2,censys,RAT,SWISSNETWORK02,Venom", "0", "DonPasci" "2025-09-02 20:30:14", "1580747", "loe.jujosuu4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-03 05:18:05", "100", "None", "clearfake", "1", "ttakvam" "2025-09-02 19:22:00", "1580725", "ewg.jujosuu4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 20:26:32", "100", "None", "clearfake", "1", "ttakvam" "2025-09-02 18:50:45", "1580721", "ns2.microoosoft.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-09-03 04:49:35", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-09-02 18:50:42", "1580720", "ns1.microoosoft.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-09-03 04:49:33", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-09-02 18:08:29", "1580717", "crisp.cucy.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "", "clearfake", "1", "ttakvam" "2025-09-02 18:01:13", "1580712", "manual-terminology.gl.at.ply.gg", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250902-q8yzaswycx", "C2,domain,quasar,rat,triage", "0", "DonPasci" "2025-09-02 18:00:47", "1580709", "click-constraints.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-sj38tssq19", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 18:00:47", "1580710", "fund-eyes.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-pc4z1aam6w", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 18:00:46", "1580707", "change-america.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-sqr45sxygz", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 18:00:46", "1580708", "brand-courses.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-sj38tssq19", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 17:37:49", "1580696", "dfm.qacacoe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 16:22:58", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 17:37:49", "1580697", "ashigaruwallet.rs", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "ClickFix", "0", "HuntYethHounds" "2025-09-02 17:37:49", "1580699", "kwk.burydyu0.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 16:53:16", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 17:37:48", "1580701", "load.granivit.hu", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-09-03 05:10:26", "100", "", "None", "0", "pitachu" "2025-09-02 17:37:47", "1580704", "zip.sewumoa.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 17:22:35", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 16:02:11", "1580693", "kws4.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-09-03 04:01:06", "100", "https://search.censys.io/hosts/185.161.209.117+kws4.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-09-02 16:01:42", "1580689", "ec2-63-178-148-142.eu-central-1.compute.amazonaws.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-09-03 04:00:37", "100", "https://search.censys.io/hosts/63.178.148.142+ec2-63-178-148-142.eu-central-1.compute.amazonaws.com", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-09-02 15:55:30", "1580684", "up.xonulee9.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 15:53:15", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 15:48:35", "1580682", "auf.nelypuu5.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 15:23:27", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 15:04:00", "1580672", "wb.kesogio6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 14:22:15", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 15:03:56", "1580680", "szh.saqehyo1.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 14:53:12", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 13:57:21", "1580579", "wv.safofoe5.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 11:23:04", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 13:57:20", "1580580", "mu.nelypuu5.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 11:52:10", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 13:57:19", "1580593", "vcsinfo.com", "domain", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2025-09-02 13:11:01", "100", "https://infosec.exchange/@monitorsg/115134623718155960", "KongTuke", "0", "monitorsg" "2025-09-02 13:57:19", "1580596", "info-2go.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/115134631148960678", "SmartApeSG", "0", "monitorsg" "2025-09-02 13:57:17", "1580598", "wood-simple.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-09-02 12:11:01", "100", "https://infosec.exchange/@monitorsg/115134631148960678", "SmartApeSG", "0", "monitorsg" "2025-09-02 13:57:16", "1580603", "yh.qacacoe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 12:52:36", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 13:57:15", "1580665", "uq.xexykuo2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 13:52:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 13:57:14", "1580624", "alv.lotegeo7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 13:22:28", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 13:57:13", "1580667", "samples.salondeguitaredemontreal.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "2025-09-02 14:13:10", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-09-02 13:57:12", "1580669", "updates.highendmark.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-09-02 13:35:12", "1580663", "remixripiolo.con-ip.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-02 12:52:05", "1580604", "the-xxxy.uk", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-09-03 04:49:38", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-09-02 12:01:25", "1580588", "www.libertydroid-metabu.top", "domain", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/135.181.171.38+www.libertydroid-metabu.top", "AS24940,C2,censys,Ermac,HETZNER-AS,panel", "0", "DonPasci" "2025-09-02 12:00:46", "1580584", "remcodit.top", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250902-kbeaqsfm3v", "C2,domain,rat,remcos,triage", "0", "DonPasci" "2025-09-02 12:00:40", "1580582", "posted-ethnic.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-npckvavtb1", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 10:42:47", "1580575", "jp.walowue2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 09:52:17", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 10:42:46", "1580577", "znz.xexykuo2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 10:22:29", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 09:48:40", "1580571", "tu.luxemyy2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 08:51:35", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 09:48:40", "1580574", "al.luxemyy2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 09:23:43", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 08:25:51", "1580556", "ask.xonulee9.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 07:53:06", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 08:25:51", "1580566", "pen.luxemyy2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 08:21:51", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 07:50:47", "1580547", "gm.velyzeu3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 06:36:12", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 07:50:47", "1580548", "ry.zelojue1.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 06:40:13", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 07:50:46", "1580554", "qr.nelypuu5.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 07:23:21", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 07:50:45", "1580550", "guq.mosatiy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 06:52:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 06:26:06", "1580545", "gyr.velyzeu3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 06:13:11", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 06:03:25", "1580540", "8scom.link", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250902-bfyeqsvkw8", "C2,domain,njrat,triage", "0", "DonPasci" "2025-09-02 06:00:50", "1580535", "BELL.mokveid.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250902-gj3rhsdr6v", "C2,domain,rat,remcos,triage", "0", "DonPasci" "2025-09-02 06:00:44", "1580534", "user0001.duckdns.org", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-akxhkatrx8", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 06:00:43", "1580531", "oahs8y352.com", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-gnyy5adr7s", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 06:00:43", "1580532", "if-compared.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250902-gjqf7axjy4", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-02 05:59:17", "1580529", "ebay-governance.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-09-02 05:58:21", "1580525", "advpdxapi.com", "domain", "botnet_cc", "win.xagent", "splm,chopstick", "X-Agent", "", "50", "", "c2,xagent", "0", "juroots" "2025-09-02 05:58:21", "1580526", "securesystemwin.com", "domain", "botnet_cc", "win.xagent", "splm,chopstick", "X-Agent", "", "50", "", "c2,xagent", "0", "juroots" "2025-09-02 05:57:44", "1580523", "www.salesmarking.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-02 05:56:40", "1580512", "www.sy897.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580513", "www.tudygym.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580514", "www.udness.art", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580515", "www.utihslote.cfd", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580516", "www.vahaca.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580517", "www.wn6do.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580518", "www.ye6cvdg.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580519", "www.ystems2beyond.tech", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:40", "1580520", "www.zborderfree.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580495", "www.ngimg.vip", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580496", "www.ockscrm.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580497", "www.ogw159.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580498", "www.oisturizee.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580499", "www.olikujyh990.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580500", "www.omeradar.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580501", "www.oofwaterproofing462.click", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580502", "www.orytharothis.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580503", "www.ososo.tech", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580504", "www.osteam.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580505", "www.oticiasdamanha.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580506", "www.ove678i.app", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580507", "www.oviesnn.pro", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580508", "www.povamu.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580509", "www.rownandcleatco.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580510", "www.s667788.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:39", "1580511", "www.sy644.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580478", "www.etchelpgovtw.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580479", "www.etnow.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580480", "www.etworkmodel.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580481", "www.excol.vip", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580482", "www.g-899b9.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580483", "www.ghhfy.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580484", "www.hysicians-to-women.cfd", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580485", "www.ian485.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580486", "www.itaslotk.cfd", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580487", "www.iveroad.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580488", "www.ivn.website", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580489", "www.jc169.app", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580490", "www.lhet.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580491", "www.livinski.pro", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580492", "www.lossbossclean.pro", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580493", "www.lphageek.app", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:38", "1580494", "www.mvv34z.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580460", "www.ablu.pro", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580461", "www.alloffameopen1.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580462", "www.anktl.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580463", "www.apital-a.group", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580464", "www.arewajan.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580465", "www.astplay.click", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580466", "www.atchbox.exchange", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580467", "www.attoosbymatt.studio", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580468", "www.c0824.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580469", "www.c1302.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580470", "www.c2751.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580471", "www.c4589.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580472", "www.dfsewq.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580473", "www.earches.dev", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580474", "www.eet-new-people-21453.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580475", "www.eetmoonbuggy.click", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580476", "www.ellgreensportseducation.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:37", "1580477", "www.eople-search-65430.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:36", "1580456", "www.0632.club", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:36", "1580457", "www.0llhs.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:36", "1580458", "www.1tnsf.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:56:36", "1580459", "www.77-matraca777.win", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots" "2025-09-02 05:41:47", "1580250", "serpentinelexicon.pro", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "", "DeerStealer", "0", "abuse_ch" "2025-09-02 05:41:47", "1580251", "loadinnnhr.today", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "", "DeerStealer", "0", "abuse_ch" "2025-09-02 05:41:47", "1580252", "telluricaphelion.com", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "100", "", "DeerStealer", "0", "abuse_ch" "2025-09-02 05:41:09", "1580249", "wmjlive.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-02 05:41:08", "1580248", "bfvfuausfo.me", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-02 05:25:58", "1579928", "sbv.gevicii.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 16:21:32", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:58", "1579930", "ung.sewumoa.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 16:52:57", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:57", "1579932", "teb.rilefoo8.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 17:49:30", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:56", "1579945", "cso.burydyu0.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 18:22:35", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:55", "1579947", "nuu.qacacoe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 18:53:21", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:55", "1579948", "re.qacacoe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 19:22:59", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:55", "1579950", "vc.rogosie4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 19:53:06", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:54", "1579960", "lm.rogosie4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 20:22:09", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:53", "1580154", "x-vape.ca", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "ClickFix,CoreSecThree", "0", "HuntYethHounds" "2025-09-02 05:25:53", "1580155", "kl.xoreniu7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 21:52:58", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:53", "1580161", "jsm.mosatiy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 22:52:18", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:53", "1580164", "brt.velyzeu3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 23:54:25", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:51", "1580178", "bu.xoreniu7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 00:04:49", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:51", "1580179", "hdn.qacacoe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 00:24:57", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:50", "1580180", "qo.subozaa7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 00:31:37", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:48", "1580240", "dv.kesogio6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 04:37:07", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:47", "1580245", "id.madicoo3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 05:13:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:25:47", "1580246", "rq.mufabui4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 05:23:27", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-02 05:23:54", "1580247", "doc.e-statement.estate", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-02 04:00:34", "1580198", "bold-chandrasekhar.134-199-166-195.plesk.page", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/134.199.166.195+bold-chandrasekhar.134-199-166-195.plesk.page", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "dyingbreeds_" "2025-09-02 04:00:13", "1580190", "sctms.tld56.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-09-03 04:49:39", "100", "https://search.censys.io/hosts/129.28.180.115+sctms.tld56.cn", "AS45090,C2,censys", "0", "dyingbreeds_" "2025-09-02 04:00:13", "1580191", "wxweb.tld56.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/129.28.180.115+wxweb.tld56.cn", "AS45090,C2,censys", "0", "dyingbreeds_" "2025-09-02 04:00:11", "1580189", "blog.xinzyun.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/45.207.193.76+blog.xinzyun.cn", "AS401696,C2,censys,COGNETCLOUD", "0", "dyingbreeds_" "2025-09-02 04:00:10", "1580188", "transapi.tld56.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/129.28.180.115+transapi.tld56.cn", "AS45090,C2,censys", "0", "dyingbreeds_" "2025-09-02 01:06:50", "1580182", "ph.safofoe5.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 01:08:08", "100", "None", "clearfake", "1", "ttakvam" "2025-09-02 00:01:38", "1580177", "bcm.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-09-02 04:01:10", "100", "https://search.censys.io/hosts/185.161.209.117+bcm.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-09-01 22:49:38", "1580157", "tld56.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-09-02 03:50:06", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-09-01 21:52:58", "1580156", "11.jujosuu4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-02 18:53:47", "100", "None", "clearfake", "1", "ttakvam" "2025-09-01 21:10:27", "1579964", "pr.es.grantech.hu", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-09-02 15:10:28", "75", "None", "gtt/9,Vidar", "0", "abuse_ch" "2025-09-01 20:10:38", "1579959", "pr.es.hombresg.net", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "75", "None", "gtt/9,Vidar", "0", "abuse_ch" "2025-09-01 18:22:37", "1579946", "ch.hekulei5.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 20:22:09", "100", "None", "clearfake", "1", "ttakvam" "2025-09-01 18:01:29", "1579943", "mhzlhhhh378-43006.portmap.host", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250901-tpw75stsdy", "C2,domain,njrat,triage", "0", "DonPasci" "2025-09-01 18:00:55", "1579941", "NigNig12344-54127.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250901-s7w5esyjv6", "C2,domain,quasar,rat,triage", "0", "DonPasci" "2025-09-01 18:00:49", "1579940", "mora1987.work.gd", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-09-01 18:00:49", "100", "https://tria.ge/250901-n6p79svnt7", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2025-09-01 18:00:48", "1579938", "startmenuexperiencehostw.ydns.eu", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250901-ttbr1abp21", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2025-09-01 18:00:48", "1579939", "hone32.work.gd", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-09-01 18:00:49", "100", "https://tria.ge/250901-n6p79svnt7", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2025-09-01 18:00:37", "1579937", "ring-bd.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250901-pbv1psvpt3", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-01 18:00:36", "1579934", "dabenchy.shop", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250901-vy6nlsyr16", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-01 18:00:36", "1579935", "benefits-bumper.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250901-txem3attfs", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-01 18:00:36", "1579936", "related-suspended.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250901-p9fzfaz1av", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-01 16:15:10", "1579925", "mellive.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-01 16:15:09", "1579920", "njqlive.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-01 16:15:09", "1579921", "web.qxfhelp.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-01 16:15:09", "1579922", "armb.cc", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-01 16:15:09", "1579923", "helphbc.top", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-01 16:15:09", "1579924", "roofvest.xyz", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch" "2025-09-01 15:53:51", "1579910", "ak.tygilyo.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 15:52:23", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 15:42:49", "1579909", "pzy.sewedau.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 15:34:41", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 15:28:01", "1579908", "ers.logyvai.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 15:21:54", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 15:16:53", "1579670", "ce.tygilyo.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 14:49:52", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 15:13:58", "1579893", "turzhzt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579894", "unfill.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579895", "unpaclpe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579896", "unworva.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579897", "vicejlr.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579898", "virwvtz.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579899", "visifxs.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579900", "viticpc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579901", "waryyip.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579902", "whipwdv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579903", "whitlcl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579904", "wildxba.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579905", "windmqg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:58", "1579906", "yammrfn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579873", "squabkq.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579874", "stimumu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579875", "strekyc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579876", "strinyj.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579877", "strypgo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579878", "supporbt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579879", "synadvn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579880", "tadjirl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579881", "taiffmzy.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579882", "tallubk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579883", "tankrg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579884", "tensqms.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579885", "threeql.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579886", "tillcuh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579887", "togoeww.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579888", "treabcf.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579889", "treavi.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579890", "troocea.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579891", "tumbikj.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:57", "1579892", "turtljbv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579858", "rutxnm.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579859", "sabiwgb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579860", "sarpabb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579861", "savoesf.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:26", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579862", "scordtw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579863", "scruxhb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579864", "sempqrz.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579865", "serrsvn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579866", "shocvxli.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:26", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579867", "shofxd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579868", "showcet.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579869", "skiddgw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:26", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579870", "sluggtq.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579871", "smoovns.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:56", "1579872", "sociiud.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579846", "pasyrbe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579847", "petesie.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579848", "pilotpfp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579849", "pistdvd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579850", "plinwxl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579851", "preeybt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579852", "preobsl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579853", "proleau.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579854", "prolnwo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579855", "rebechh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:26", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579856", "reveham.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:55", "1579857", "ringlti.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579832", "lipsofu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579833", "malelaw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579834", "marceln.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579835", "mendjks.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579836", "monking.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579837", "morvoz01.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579838", "mothysb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579839", "newbvrp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579840", "niptfyz.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579841", "obblipc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579842", "obtuutc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579843", "onqukok.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579844", "oscaiwz.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:54", "1579845", "parajga.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579817", "huntlds.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579818", "hydczdp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579819", "hymnqx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579820", "hypohuw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:23", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579821", "incroqj.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579822", "inczujv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579823", "infids.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579824", "inwkpu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579825", "jaywzkd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579826", "ketnwdg.my", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579827", "komidbx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579828", "leftpvb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579829", "lenhpqy.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579830", "lepitzg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:53", "1579831", "lievozs.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579799", "geisqbb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579800", "gelatpy.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579801", "genecdg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579802", "genemgv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579803", "genulqz.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579804", "genupnt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:23", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579805", "genupui.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579806", "genusdfg.qpon", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579807", "genuwwk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579808", "graygqk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579809", "grenlel.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579810", "gripck.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579811", "guileml.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579812", "hdj63.icu", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579813", "hitiedy.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579814", "hittf.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579815", "hocuaox.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:52", "1579816", "homemdks.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579781", "encibmo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579782", "endaepd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579783", "eudrrfl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579784", "eugvshk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579785", "evermvn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579786", "exchdfh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579787", "excufoc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579788", "famivfm.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579789", "fasthqx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579790", "favncyg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579791", "fawnvjl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579792", "foojblh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579793", "forkdp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579794", "formkjk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579795", "forxba.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579796", "framoa.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579797", "franrzc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:51", "1579798", "galawgtl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579764", "darnued.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579765", "darrfbp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579766", "declpfp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579767", "defiloa.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579768", "demnjyx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579769", "depapom.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:26", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579770", "dermurt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579771", "disgxow.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579772", "disiiat.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579773", "disluqd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579774", "divamgo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579775", "docuhpu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579776", "doudnrr.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579777", "droacon.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579778", "duncian.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579779", "dysplld.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:50", "1579780", "echocej.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579750", "capexzo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579751", "carlozo.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579752", "carrkxh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579753", "carrokd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579754", "chlonch.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579755", "chryzju.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579756", "cinnmfl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579757", "claihbs.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579758", "climjuw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579759", "comqpru.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579760", "condyal.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579761", "conmgyr.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579762", "contnni.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:49", "1579763", "craajvg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579738", "apoqosp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579739", "ardhpeb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579740", "atriurx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579741", "auspjwr.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579742", "bandmetw.qpon", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579743", "bearvi.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579744", "beatvwe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579745", "befswj38.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579746", "blassu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579747", "blatfdg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579748", "blisurn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:48", "1579749", "bordehx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579731", "accoapf.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579732", "achoqqe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579733", "aciujpr.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579734", "adelxks.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579735", "airtbvi.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579736", "aleyywv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:13:47", "1579737", "anguklp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579719", "sonst.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579720", "sortxkm.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579721", "sugaaox.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:57", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579722", "swampcs.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:57", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579723", "talkxaxs.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:57", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579724", "testimc.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:57", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579725", "toobedg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:57", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579726", "unpvmqn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:58", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579727", "wirelft.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:58", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579728", "wrigwtt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:58", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579729", "xerorov.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:58", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:23", "1579730", "yearsfa.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:58", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579685", "enljbe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579686", "ensuibv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579687", "exfopgg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579688", "faltlsj.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579689", "famidvw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579690", "feasero.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579691", "flfzpt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:51", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579692", "gentlsu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:52", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579693", "genubsl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:52", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579694", "glutbfw.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:52", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579695", "hairyzd.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:52", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579696", "indpret.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579697", "insczel.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579698", "kingduy.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579699", "laevuun.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579700", "lanmew.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579701", "lanwkv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579702", "medizafx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:54", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579703", "minoxih.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:54", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579704", "moutoxj.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:54", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579705", "overwwx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:54", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579706", "peppegn.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579707", "pezwsv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579708", "poniaym.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579709", "presexe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579710", "pterobm.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579711", "racecem.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579712", "recomdpk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579713", "reeprka.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579714", "runnrxl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579715", "scruejk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579716", "sensiqy.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579717", "servopi.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:22", "1579718", "sidivhe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579672", "acisbpp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:47", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579673", "anionqh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:47", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579674", "beralvk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:48", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579675", "brusfnk.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:48", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579676", "canzuiq.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:48", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579677", "carteop.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:49", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579678", "comramm.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:49", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579679", "condetv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:49", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579680", "cupclek.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:49", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579681", "cusisbz.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:49", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579682", "cutdodl.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-02 16:57:14", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579683", "eclmezm.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:50", "100", "", "None", "0", "500mk500" "2025-09-01 15:09:21", "1579684", "effiug.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:50", "100", "", "None", "0", "500mk500" "2025-09-01 14:49:34", "1579639", "xqi.rilefoo8.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 14:06:29", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 14:49:34", "1579641", "ny.tygilyo.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 14:20:45", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 13:53:03", "1579638", "kt.rilefoo8.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 13:53:18", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 13:51:42", "1579634", "ug.rilefoo8.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 13:21:47", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 13:10:26", "1579633", "dpd.voltexpressdelivery.com", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "2025-09-01 19:10:25", "75", "None", "gtt/9,Vidar", "0", "abuse_ch" "2025-09-01 12:47:52", "1579575", "ven.rilefoo8.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 12:22:01", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 12:28:53", "1579620", "teaspdj.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "", "c2,lumma", "0", "juroots" "2025-09-01 12:28:38", "1579619", "devel.asurans.com", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "2025-09-02 13:56:11", "50", "", "c2,gholoader", "0", "juroots" "2025-09-01 12:27:55", "1579617", "almiighty-47767.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-09-01 12:27:54", "1579616", "visual-cp.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-09-01 12:26:47", "1579606", "dfdfhdhdrgethftrj.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-01 12:26:47", "1579607", "hbws.cc", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-01 12:26:47", "1579608", "honeyportsecurityresearchteam.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-01 12:26:47", "1579609", "kbs-frb.cc", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-01 12:26:47", "1579610", "rmdns.servesarcasm.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-01 12:26:47", "1579611", "www.saleskunshan.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-09-01 12:26:30", "1579605", "sswad-48767.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "", "c2,quasar", "0", "juroots" "2025-09-01 12:26:29", "1579603", "bebe228855.hopto.org", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "", "c2,quasar", "0", "juroots" "2025-09-01 12:26:29", "1579604", "dv2.bbanddd.com", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "", "c2,quasar", "0", "juroots" "2025-09-01 12:25:31", "1579600", "drooby.ddns.net", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots" "2025-09-01 12:25:30", "1579599", "cnc.48101.online", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots" "2025-09-01 12:24:44", "1579596", "feepro1.ddns.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "", "c2,darkcomet", "0", "juroots" "2025-09-01 12:24:44", "1579597", "k24cwchgd.localto.net", "domain", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "", "c2,darkcomet", "0", "juroots" "2025-09-01 12:24:28", "1579595", "fan-rui.xyz", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "", "c2,cobaltstrike", "0", "juroots" "2025-09-01 12:24:10", "1579593", "i.stasismyfuture.com", "domain", "botnet_cc", "win.bunitu", "None", "Bunitu", "", "50", "", "bunitu,c2", "0", "juroots" "2025-09-01 12:24:10", "1579594", "x.stasismyfuture.com", "domain", "botnet_cc", "win.bunitu", "None", "Bunitu", "", "50", "", "bunitu,c2", "0", "juroots" "2025-09-01 12:23:42", "1579590", "daddadasd-29521.portmap.host", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-09-01 12:23:42", "1579591", "dns.njalla.pl", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-09-01 12:23:42", "1579592", "dns.njalla.si", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots" "2025-09-01 12:01:35", "1579054", "account.messager.my", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-09-02 04:01:11", "100", "https://search.censys.io/hosts/185.161.209.117+account.messager.my", "AS42159,censys,DELTAHOST-AS,EvilGinx,panel,Phishing", "0", "DonPasci" "2025-09-01 12:01:25", "1579053", "800flower.cyou", "domain", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://search.censys.io/hosts/104.21.16.1+800flower.cyou", "AS13335,C2,censys,CLOUDFLARENET,Ermac,panel", "0", "DonPasci" "2025-09-01 12:00:44", "1579045", "amarrepago25.dynuddns.net", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250901-l4rxzael21", "C2,domain,rat,remcos,triage", "0", "DonPasci" "2025-09-01 12:00:44", "1579046", "fteamez7iurs01.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250901-h434fssnw3", "C2,domain,rat,remcos,triage", "0", "DonPasci" "2025-09-01 12:00:36", "1579044", "hirox81444-21878.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250901-j664kasr16", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-01 12:00:35", "1579043", "saftycar.com.br", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250901-l15dwsek5t", "C2,domain,triage,xworm", "0", "DonPasci" "2025-09-01 11:51:06", "1579021", "up.qenogia7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 10:09:39", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 11:51:04", "1579023", "poertywindow.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/115128496943673248", "SmartApeSG", "0", "monitorsg" "2025-09-01 11:51:04", "1579025", "futurenaturallistic.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-09-01 10:11:05", "100", "https://infosec.exchange/@monitorsg/115128496943673248", "SmartApeSG", "0", "monitorsg" "2025-09-01 11:51:03", "1579029", "tr.qenogia7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 11:24:51", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 11:51:02", "1579030", "nx.qenogia7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 11:10:32", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 10:13:09", "1579028", "savoref.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:57:04", "1579003", "rur.qenogia7.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 09:40:46", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 09:41:58", "1579013", "dirtdsbv.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:50", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:41:58", "1579014", "pivzyhjq.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:41:58", "1579015", "ordczzp.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:41:58", "1579016", "ancirbf.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:41:58", "1579017", "eleormb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:47:27", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:41:58", "1579018", "actcuavh.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:47", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579004", "caltpps.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579005", "bastxtu.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:48:24", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579006", "appedfx.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:48", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579007", "libahqg.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:53", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579008", "chrynks.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:49", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579009", "pubceva.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:55", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579010", "somefed.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:56", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579011", "hotpsyb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 15:13:52", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:40:09", "1579012", "despofe.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-09-01 20:01:22", "100", "", "c2,domain,lumma,stealer", "0", "DonPasci" "2025-09-01 09:09:39", "1579000", "nvk.toqyboe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 09:09:16", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 08:57:28", "1578984", "zf.toqyboe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 07:40:46", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 08:57:27", "1578993", "zfp.toqyboe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 08:08:49", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 08:57:27", "1578994", "hu.toqyboe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 08:40:42", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 08:57:26", "1578995", "tmello.com", "domain", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "", "100", "", "KongTuke,LandUpdate808", "0", "HuntYethHounds" "2025-09-01 07:19:48", "1578981", "zk.toqyboe3.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 07:02:42", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 06:47:34", "1578978", "yco.nufypiy1.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 06:41:06", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 06:10:05", "1578977", "mgc.nufypiy1.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 06:09:54", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 06:03:09", "1578976", "zbj22.zbj888uul.com", "domain", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250901-fq9yqsar8y", "C2,domain,rat,triage,valleyrat", "0", "DonPasci" "2025-09-01 06:00:59", "1578974", "root123454321-24953.portmap.host", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250901-c9xkzahm7y", "C2,domain,quasar,rat,triage", "0", "DonPasci" "2025-09-01 06:00:48", "1578971", "lookup2-42134.portmap.host", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-09-01 06:00:49", "100", "https://tria.ge/250901-e7fwjsan2v", "asyncrat,C2,domain,rat,triage", "0", "DonPasci" "2025-09-01 05:56:04", "1578598", "vl.goxuxuy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 15:10:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:56:03", "1578599", "ebn.goxuxuy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 15:39:02", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:56:03", "1578609", "chromus.icu", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "fakeupdate", "0", "HuntYethHounds" "2025-09-01 05:56:03", "1578610", "panelswp.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "fakeupdate", "0", "HuntYethHounds" "2025-09-01 05:56:02", "1578611", "allworldnewses.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "fakeupdate", "0", "HuntYethHounds" "2025-09-01 05:56:02", "1578816", "iua.goxuxuy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 16:52:37", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:56:01", "1578819", "gl.goxuxuy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 17:03:32", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:56:01", "1578821", "mudanzasfacilghh.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "ClickFix,CoreSecThree", "0", "HuntYethHounds" "2025-09-01 05:56:00", "1578822", "ga.gyjyvyy6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 17:19:29", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:59", "1578823", "tgj.gyjyvyy6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 17:49:36", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:59", "1578838", "yze.gyjyvyy6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 18:30:29", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:55", "1578847", "chromusimus.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "fakeupdate", "0", "HuntYethHounds" "2025-09-01 05:55:55", "1578856", "third-placing.gl.at.ply.gg", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "https://app.any.run/tasks/a7aa7f70-09b9-40a8-a3a9-9c79889e6d7a", "SheetRAT", "0", "burger" "2025-09-01 05:55:55", "1578857", "ztu.gyjyvyy6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 20:08:44", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:54", "1578895", "pmu.gyjyvyy6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 20:31:32", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:52", "1578902", "te.migyvya2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 21:09:42", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:50", "1578908", "ogg.migyvya2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 22:09:30", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:48", "1578909", "hsd.migyvya2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 22:39:46", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:47", "1578910", "nr.migyvya2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 22:43:49", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:47", "1578911", "fvz.lulugiy2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 23:10:15", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:47", "1578926", "sekegyu6.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 00:39:24", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:46", "1578930", "cq.lulugiy2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 02:10:14", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:45", "1578937", "ve.lulugiy2.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 03:11:16", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:45", "1578938", "www.apprank.one", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-09-01 23:31:23", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz" "2025-09-01 05:55:44", "1578939", "tfc.nufypiy1.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 03:39:31", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:40", "1578969", "dc.nufypiy1.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-09-01 05:10:33", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:28", "1578499", "computers-favorite.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250831-p8jnyasvfs", "None", "0", "burger" "2025-09-01 05:55:27", "1578500", "pkq.toludye0.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 13:08:54", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:27", "1578503", "miq.toludye0.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 13:41:15", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:27", "1578505", "iz.toludye0.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 14:09:02", "100", "None", "ClearFake", "0", "threatcat_ch" "2025-09-01 05:55:26", "1578512", "cfb.goxuxuy4.ru", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-08-31 14:40:06", "100", "None", "ClearFake", "0", "threatcat_ch" # Number of entries: 529