################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2024-07-01 23:59:16 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2024-07-01 23:59:16", "1292075", "101.33.225.206:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 23:21:11", "1292072", "181.116.72.52:5802", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/181.116.72.52", "AMX Argentina S.A.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 23:20:17", "1292071", "195.174.240.3:25", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/195.174.240.3", "AsyncRAT,TTNET", "0", "drb_ra"
"2024-07-01 23:19:24", "1292070", "137.184.90.144:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/137.184.90.144", "DIGITALOCEAN-ASN,Evilginx EvilGoPhish", "0", "drb_ra"
"2024-07-01 23:18:15", "1292069", "5.163.244.86:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/5.163.244.86", "Qakbot,SAUDINETSTC-AS", "0", "drb_ra"
"2024-07-01 23:17:41", "1292068", "185.236.78.56:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://search.censys.io/hosts/185.236.78.56", "DELTAHOST-AS,Havoc", "0", "drb_ra"
"2024-07-01 23:17:20", "1292067", "57.128.166.214:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/57.128.166.214", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:19", "1292066", "57.128.166.214:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/57.128.166.214", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:15", "1292065", "65.108.49.36:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/65.108.49.36", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:14", "1292064", "65.108.49.36:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/65.108.49.36", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:11", "1292063", "37.59.205.5:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/37.59.205.5", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:10", "1292062", "37.59.205.5:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/37.59.205.5", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:06", "1292061", "78.47.60.67:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/78.47.60.67", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:05", "1292060", "78.47.60.67:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/78.47.60.67", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:59", "1292059", "5.161.252.127:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/5.161.252.127", "HETZNER-CLOUD2-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:58", "1292058", "5.161.252.127:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/5.161.252.127", "HETZNER-CLOUD2-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:54", "1292057", "216.74.123.41:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/216.74.123.41", "LATITUDE-SH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:53", "1292056", "216.74.123.41:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/216.74.123.41", "LATITUDE-SH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:49", "1292054", "185.216.144.51:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/185.216.144.51", "BANDWIDTH-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:49", "1292055", "185.216.144.51:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/185.216.144.51", "BANDWIDTH-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:45", "1292053", "159.100.6.103:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/159.100.6.103", "DE-FIRSTCOLO firstcolo.net,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:44", "1292052", "159.100.6.103:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/159.100.6.103", "DE-FIRSTCOLO firstcolo.net,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:39", "1292050", "85.239.53.94:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/85.239.53.94", "BV-EU-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:39", "1292051", "85.239.53.94:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/85.239.53.94", "BV-EU-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:35", "1292049", "51.89.137.8:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.89.137.8", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:34", "1292048", "51.89.137.8:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.89.137.8", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:30", "1292047", "51.68.216.13:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.68.216.13", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:29", "1292046", "51.68.216.13:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.68.216.13", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:25", "1292044", "139.64.133.194:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/139.64.133.194", "NOCIX,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:25", "1292045", "139.64.133.194:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/139.64.133.194", "NOCIX,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:20", "1292043", "173.46.80.206:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/173.46.80.206", "CDNEXT,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:19", "1292042", "173.46.80.206:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/173.46.80.206", "CDNEXT,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:15", "1292040", "109.176.207.22:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/109.176.207.22", "ASIMO-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:15", "1292041", "109.176.207.22:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/109.176.207.22", "ASIMO-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:15:00", "1292039", "139.59.86.97:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/139.59.86.97", "DIGITALOCEAN-ASN,Mythic", "0", "drb_ra"
"2024-07-01 23:14:50", "1292038", "13.112.130.229:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BruteRatel", "Brute Ratel C4", "", "50", "https://search.censys.io/hosts/13.112.130.229", "AMAZON-02,Brute Ratel C4", "0", "drb_ra"
"2024-07-01 22:15:22", "1292037", "147.185.221.20:54251", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 22:14:52", "1292036", "193.187.173.74:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "AS56971 AS56971 Cloud,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 18:51:53", "1292031", "62.119.81.101:58573", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/62.119.81.101", "NetSupportRAT,TELENOR-NEXTEL Telenor Norge AS", "0", "drb_ra"
"2024-07-01 18:50:52", "1292030", "94.156.64.188:6006", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.64.188", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-07-01 18:50:46", "1292029", "51.81.24.83:3333", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/51.81.24.83", "AsyncRAT,OVH", "0", "drb_ra"
"2024-07-01 18:50:32", "1292028", "54.255.147.4:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/54.255.147.4", "AMAZON-02,AsyncRAT", "0", "drb_ra"
"2024-07-01 18:50:19", "1292026", "147.124.209.128:7847", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-01 19:12:32", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 18:49:49", "1292025", "91.92.242.81:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/91.92.242.81", "Hookbot Pegasus,LIMENET", "0", "drb_ra"
"2024-07-01 18:48:32", "1292024", "78.166.52.150:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/78.166.52.150", "Qakbot,TTNET", "0", "drb_ra"
"2024-07-01 18:48:29", "1292023", "74.214.59.50:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/74.214.59.50", "ATLANTICBB-JOHNSTOWN,Qakbot", "0", "drb_ra"
"2024-07-01 18:48:24", "1292022", "189.140.37.137:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/189.140.37.137", "Qakbot,UNINET", "0", "drb_ra"
"2024-07-01 18:48:18", "1292021", "18.163.129.171:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "50", "https://search.censys.io/hosts/18.163.129.171", "AMAZON-02,Pupy RAT", "0", "drb_ra"
"2024-07-01 18:47:33", "1292020", "185.236.78.56:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://search.censys.io/hosts/185.236.78.56", "DELTAHOST-AS,Havoc", "0", "drb_ra"
"2024-07-01 18:47:15", "1292019", "128.14.237.188:8080", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2226cb1db25a7002a5c4f483bf4a8f0808a123be642039f3ab1342e0551b1909d5%22", "Bianlian Go Trojan,UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED", "0", "drb_ra"
"2024-07-01 18:07:10", "1292014", "103.144.139.160:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 20:37:11", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 17:49:24", "1292005", "94.156.79.13:47925", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "https://bazaar.abuse.ch/sample/9df16e009504f0524cd6b1d571094ecd269147e7f9c22210a5cafb93c0806260/", "MooBot", "0", "abuse_ch"
"2024-07-01 17:43:37", "1291786", "80.85.154.121:1980", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:35", "1291770", "107.173.4.18:2556", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:32", "1291771", "173.255.204.62:2556", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:28", "1291994", "193.161.193.99:39182", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 17:43:26", "1291995", "185.68.93.221:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "KeitaroTDS,SocGholish", "0", "threatcat_ch"
"2024-07-01 17:43:22", "1292003", "185.29.9.108:15135", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 17:00:21", "1292002", "196.65.173.92:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-01 17:07:56", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-01 16:25:18", "1292001", "172.232.164.13:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-01 17:09:09", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-01 13:00:19", "1291787", "77.221.153.197:80", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 12:32:15", "1291774", "186.2.171.54:443", "ip:port", "payload_delivery", "elf.poseidon", "None", "Poseidon", "", "75", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 11:50:16", "1291772", "57.129.38.73:41038", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 11:30:18", "1291768", "206.238.43.211:6666", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "None", "Gh0stRAT", "0", "abuse_ch"
"2024-07-01 10:39:08", "1291420", "195.50.242.110:8080", "ip:port", "botnet_cc", "win.hotcroissant", "None", "HOTCROISSANT", "", "49", "https://asec.ahnlab.com/en/67558/", "Rifdoor", "0", "johannes"
"2024-07-01 10:39:08", "1291421", "147.45.44.12:13830", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 10:05:48", "1291419", "93.188.122.139:4433", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/93.188.122.139", "MIFRIL-AS ImportExport changes,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:45", "1291418", "83.48.66.207:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/83.48.66.207", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:05:40", "1291417", "198.244.197.118:9443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/198.244.197.118", "NetSupportRAT,OVH", "0", "drb_ra"
"2024-07-01 10:05:36", "1291416", "2.139.253.110:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/2.139.253.110", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:05:33", "1291415", "186.225.10.251:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/186.225.10.251", "NetSupportRAT,UNIFIQUE TELECOMUNICACOES SA", "0", "drb_ra"
"2024-07-01 10:05:30", "1291414", "206.210.123.104:8888", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/206.210.123.104", "IASL,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:26", "1291413", "95.189.100.119:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/95.189.100.119", "NetSupportRAT,ROSTELECOM-AS", "0", "drb_ra"
"2024-07-01 10:05:23", "1291412", "179.159.167.251:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/179.159.167.251", "Claro NXT Telecomunicacoes Ltda,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:19", "1291411", "61.96.204.117:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/61.96.204.117", "DREAMX-AS DREAMLINE CO.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:15", "1291410", "185.23.192.33:444", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/185.23.192.33", "NetSupportRAT,WINET", "0", "drb_ra"
"2024-07-01 10:05:10", "1291409", "2.136.235.200:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/2.136.235.200", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:05:07", "1291408", "103.237.87.159:9462", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/daee067e46a83ec3c0e4f77bf53e126f076847b781bda39e3d13f0f6044be2f4/", "remcos", "0", "abuse_ch"
"2024-07-01 10:05:06", "1291407", "200.152.101.176:9090", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/200.152.101.176", "MLS Wireless SA,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:00", "1291406", "186.236.112.114:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/186.236.112.114", "NetSupportRAT,NETWORK TELECOMUNICACOES S.A.", "0", "drb_ra"
"2024-07-01 10:04:55", "1291405", "93.232.107.227:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/93.232.107.227", "DTAG Internet service provider operations,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:54", "1291404", "93.232.107.227:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/93.232.107.227", "DTAG Internet service provider operations,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:51", "1291403", "200.243.0.50:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/200.243.0.50", "CLARO S.A.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:48", "1291402", "62.156.170.137:1111", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/62.156.170.137", "DTAG Internet service provider operations,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:45", "1291401", "212.170.14.98:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/212.170.14.98", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:04:42", "1291400", "189.115.194.186:9990", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/189.115.194.186", "NetSupportRAT,TELEFONICA BRASIL S.A", "0", "drb_ra"
"2024-07-01 10:04:38", "1291399", "101.108.13.204:7443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/101.108.13.204", "NetSupportRAT,TOT-NET TOT Public Company Limited", "0", "drb_ra"
"2024-07-01 10:04:35", "1291398", "200.180.67.154:9444", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/200.180.67.154", "NetSupportRAT,V tal", "0", "drb_ra"
"2024-07-01 10:04:31", "1291397", "210.249.114.153:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/210.249.114.153", "KDDI KDDI CORPORATION,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:28", "1291396", "178.188.188.212:5500", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/178.188.188.212", "A1TELEKOM-AT A1 Telekom Austria AG,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:00:16", "1291395", "39.40.167.160:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/39.40.167.160", "PKTELECOM-AS-PK Pakistan Telecommunication Company Limited,Qakbot", "0", "drb_ra"
"2024-07-01 09:59:23", "1291394", "85.215.215.94:41057", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://search.censys.io/hosts/85.215.215.94", "Havoc", "0", "drb_ra"
"2024-07-01 09:58:28", "1291393", "75.2.71.143:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/75.2.71.143", "AMAZON-02,Deimos", "0", "drb_ra"
"2024-07-01 09:58:16", "1291392", "35.220.201.119:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/35.220.201.119", "Deimos,GOOGLE-CLOUD-PLATFORM", "0", "drb_ra"
"2024-07-01 09:57:53", "1291391", "82.153.138.128:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/82.153.138.128", "Mythic,THE-IHOSTART-PROJEKT", "0", "drb_ra"
"2024-07-01 09:57:11", "1291390", "94.237.59.129:30570", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://search.censys.io/hosts/94.237.59.129", "Sliver,UPCLOUD", "0", "drb_ra"
"2024-07-01 09:57:09", "1291389", "94.237.59.129:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://search.censys.io/hosts/94.237.59.129", "Sliver,UPCLOUD", "0", "drb_ra"
"2024-07-01 09:39:12", "1291378", "62.173.141.99:139", "ip:port", "payload_delivery", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "", "None", "0", "threatcat_ch"
"2024-07-01 09:39:11", "1291379", "62.173.141.99:445", "ip:port", "payload_delivery", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "", "None", "0", "threatcat_ch"
"2024-07-01 09:35:04", "1291380", "103.237.87.40:1993", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/7469a174199a6068c3534b0698c75ebf754e92408f0607eb00cf9d3ea86e2b11/", "remcos", "0", "abuse_ch"
"2024-07-01 08:52:45", "1291373", "116.205.233.25:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Huawei Cloud Service data center", "0", "drb_ra"
"2024-07-01 08:52:37", "1291372", "159.75.110.16:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 06:50:12", "1291345", "136.243.111.71:20001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/136.243.111.71", "AsyncRAT,HETZNER-AS", "0", "drb_ra"
"2024-07-01 06:49:55", "1291344", "157.20.182.5:9898", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/157.20.182.5", "AsyncRAT,HOSTER-AS-IN Hosterdaddy Private Limited", "0", "drb_ra"
"2024-07-01 06:49:45", "1291342", "94.156.64.188:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.64.188", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-07-01 06:49:45", "1291343", "94.156.64.188:8008", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.64.188", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-07-01 06:48:58", "1291341", "185.223.77.217:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/185.223.77.217", "Hookbot Pegasus,POYRAZ", "0", "drb_ra"
"2024-07-01 06:48:36", "1291340", "47.98.177.117:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/47.98.177.117", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,Supershell", "0", "drb_ra"
"2024-07-01 06:47:51", "1291339", "196.77.36.25:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/196.77.36.25", "MT-MPLS,Qakbot", "0", "drb_ra"
"2024-07-01 06:46:28", "1291338", "91.92.241.103:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:46:22", "1291337", "83.220.172.119:8843", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/83.220.172.119", "Deimos,RU-JSCIOT", "0", "drb_ra"
"2024-07-01 06:46:04", "1291336", "159.223.0.196:8081", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/159.223.0.196", "DIGITALOCEAN-ASN,Mythic", "0", "drb_ra"
"2024-07-01 06:46:01", "1291335", "107.172.78.188:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/107.172.78.188", "AS-COLOCROSSING,Mythic", "0", "drb_ra"
"2024-07-01 06:45:54", "1291281", "18.210.161.224:3436", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "nanocore,RAT", "0", "SarlackLab"
"2024-07-01 06:45:54", "1291282", "104.243.242.166:1620", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "nanocore,RAT", "0", "SarlackLab"
"2024-07-01 06:45:53", "1291284", "147.185.221.20:22517", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:53", "1291286", "147.185.221.20:37993", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:52", "1291288", "147.185.221.20:50199", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:51", "1291290", "4.185.56.82:42687", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 06:45:51", "1291291", "144.172.122.232:20131", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 06:45:50", "1291301", "195.189.227.105:48367", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "", "RedLineStealer", "0", "NDA0E"
"2024-07-01 06:45:50", "1291305", "15.204.88.244:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "None", "Gafgyt", "0", "elfdigest"
"2024-07-01 06:45:47", "1291299", "3.125.102.39:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:47", "1291300", "18.158.249.75:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:46", "1291298", "103.162.20.166:3007", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "", "mirai", "0", "elfdigest"
"2024-07-01 06:45:46", "1291334", "39.99.34.125:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-01 06:45:39", "1291319", "37.156.29.141:4258", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:38", "1291321", "77.105.135.107:3445", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 06:45:23", "1291333", "5.161.190.139:8732", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-01 07:33:59", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 06:44:50", "1291332", "154.211.98.3:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:44:47", "1291331", "58.87.103.109:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-07-01 06:44:38", "1291330", "141.98.10.72:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-07-01 06:44:28", "1291329", "121.40.117.196:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:44:27", "1291328", "159.75.169.189:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:44:25", "1291327", "123.207.5.253:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-01 06:44:10", "1291326", "45.148.120.161:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-01 06:43:40", "1291325", "123.56.153.39:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-07-01 05:45:30", "1291323", "94.156.69.93:2973", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2024-07-01 04:10:17", "1291307", "110.41.14.58:7931", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-07-01 02:15:20", "1291304", "79.110.62.113:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-01 03:12:04", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 00:45:18", "1291303", "196.65.155.135:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 23:50:16", "1291302", "147.45.47.35:5607", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-06-30 20:20:23", "1291295", "3.125.223.134:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 20:20:22", "1291294", "3.125.209.94:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-02 02:09:13", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 20:20:21", "1291293", "3.124.142.205:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 20:20:19", "1291292", "18.192.31.165:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 19:16:01", "1291270", "128.140.53.5:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291271", "128.140.53.5:9000", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291272", "168.119.118.92:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291273", "168.119.118.92:9000", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291274", "77.221.158.54:80", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291267", "195.201.251.214:9000", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291268", "195.201.251.214:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291269", "65.109.243.105:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 18:49:55", "1291250", "94.156.69.27:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.69.27", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-06-30 18:49:55", "1291251", "94.156.69.27:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.69.27", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-06-30 18:49:52", "1291249", "136.243.111.71:20000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/136.243.111.71", "AsyncRAT,HETZNER-AS", "0", "drb_ra"
"2024-06-30 18:49:27", "1291248", "197.0.49.10:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/197.0.49.10", "AsyncRAT,TOPNET", "0", "drb_ra"
"2024-06-30 18:48:58", "1291247", "91.151.89.25:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/91.151.89.25", "Hookbot Pegasus,HOSTINGDUNYAM HOSTING DUNYAM", "0", "drb_ra"
"2024-06-30 18:48:34", "1291246", "152.32.172.190:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/152.32.172.190", "Supershell,UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED", "0", "drb_ra"
"2024-06-30 18:48:12", "1291245", "124.220.222.35:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/124.220.222.35", "Supershell,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-30 18:47:35", "1291244", "65.109.183.189:443", "ip:port", "botnet_cc", "py.responder", "SpiderLabs Responder", "Responder", "", "50", "https://search.censys.io/hosts/65.109.183.189", "HETZNER-AS,Responder", "0", "drb_ra"
"2024-06-30 18:46:12", "1291243", "36.131.128.111:4506", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/36.131.128.111", "CHINAMOBILE-CN China Mobile Communications Group Co. Ltd.,Deimos", "0", "drb_ra"
"2024-06-30 17:55:15", "1291241", "51.195.206.227:38719", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-06-30 19:58:45", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-06-30 16:44:01", "1291087", "94.103.83.129:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:01", "1291088", "77.238.242.152:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:00", "1291089", "78.153.139.18:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:00", "1291096", "176.57.212.127:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Fletchen,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:59", "1291097", "89.116.110.165:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Fletchen,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:59", "1291138", "94.158.244.72:666", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "None", "Gafgyt", "0", "elfdigest"
"2024-06-30 16:43:59", "1291240", "108.170.52.131:13587", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/search?q=services.tls.certificates.leaf_fp_sha_256%3D%22c11c40e1299df046e73784734d7b8de16f25fd9f56ec6dc0b3b8d7aba86696cd%22&resource=hosts", "Bianlian Go Trojan", "0", "Syndikalist"
"2024-06-30 16:43:54", "1291015", "198.7.114.191:33966", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-06-30 15:31:54", "1291101", "84.32.41.112:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "60", "None", "backconnect", "0", "Rony"
"2024-06-30 13:51:59", "1291091", "124.222.91.4:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-30 12:24:02", "1291018", "77.91.77.82:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2024-07-02 05:00:06", "50", "https://tracker.viriback.com/index.php?q=77.91.77.82", "Amadey,ViriBack", "0", "abuse_ch"
"2024-06-30 10:13:31", "1291014", "107.148.146.30:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,PEG-LA", "0", "drb_ra"
"2024-06-30 10:13:20", "1291011", "162.251.94.192:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:40", "100", "None", "CobaltStrike,cs-watermark-666666666,HKLNIL Landui Cloud ComputingHK Limited", "0", "drb_ra"
"2024-06-30 08:11:25", "1290998", "47.109.51.223:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "", "c2,cobaltstrike", "0", "hunting_rabbits"
"2024-06-30 08:08:07", "1291001", "95.214.27.187:443", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 08:08:07", "1291002", "95.214.27.160:443", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 08:08:07", "1291003", "37.44.238.67:443", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 07:59:14", "1290996", "194.113.74.24:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2024-06-30 08:01:21", "50", "", "c2,sliver", "0", "hunting_rabbits"
"2024-06-30 07:50:08", "1290995", "4.213.168.254:35456", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "https://bazaar.abuse.ch/sample/77bac2b4723bdb6551cb2ed5d72075b68370b197ae59c321ae0ac0f6a02fb68b/", "MooBot", "0", "abuse_ch"
"2024-06-30 07:49:32", "1290994", "91.92.244.163:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:31", "1290993", "103.234.72.208:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:26", "1290992", "101.42.247.112:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:25", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:49:25", "1290991", "23.95.65.198:2222", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:21", "1290990", "159.75.169.189:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:11", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:19", "1290989", "47.109.186.179:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:31", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:48:59", "1290987", "47.95.31.143:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:55", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:56", "1290986", "47.238.48.116:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:16", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:18", "1290985", "172.245.110.33:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:52", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:48:17", "1290984", "45.61.138.167:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:13", "1290983", "39.106.83.74:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:12", "1290982", "46.183.27.41:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:41", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:48:09", "1290981", "43.207.204.175:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:30", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:00", "1290980", "46.183.27.41:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:47:55", "1290979", "134.122.75.115:87", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:47:24", "1290978", "106.14.69.133:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:23", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:47:22", "1290977", "176.109.109.84:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:49", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:47:12", "1290976", "134.122.75.115:86", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:47", "1290975", "18.183.19.253:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:25", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:46", "1290972", "114.55.250.233:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:37", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:46", "1290973", "34.132.104.7:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:46", "1290974", "39.100.182.56:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:30", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:39:45", "1290970", "112.126.85.180:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:11", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:45", "1290971", "49.232.199.246:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:24", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:44", "1290968", "110.40.138.5:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:42", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:44", "1290969", "114.55.57.77:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:36", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:42", "1290965", "49.232.227.129:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:29", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:39:42", "1290966", "150.158.113.86:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:27", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:39:42", "1290967", "199.195.252.200:2096", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:23", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:41", "1290963", "43.136.218.157:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:46", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:41", "1290964", "47.76.67.52:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:40", "1290961", "43.139.107.157:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:49", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:39:40", "1290962", "117.50.196.200:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:06", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:39:38", "1290959", "64.7.198.173:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:20", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:38", "1290960", "123.58.220.97:8087", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:31", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:37", "1290958", "47.121.123.96:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:47:35", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:36", "1290956", "139.9.205.12:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:51", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:36", "1290957", "43.153.222.28:433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:21", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:35", "1290955", "97.64.18.185:3333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:17", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:32", "1290953", "121.43.124.191:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:12", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:32", "1290954", "120.53.236.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:37", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:31", "1290952", "111.231.20.220:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:14", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:39:30", "1290951", "64.7.198.173:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:30", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:29", "1290950", "119.91.144.105:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:58", "100", "None", "CobaltStrike,cs-watermark-1359593325", "0", "abuse_ch"
"2024-06-30 07:39:27", "1290949", "134.175.229.118:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:24", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:26", "1290948", "47.108.106.118:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:55", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:25", "1290947", "8.219.146.174:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:16", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:24", "1290945", "206.237.24.135:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:18", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:39:24", "1290946", "43.139.107.157:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:26", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:39:23", "1290944", "154.221.24.44:8098", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:48:42", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:18", "1290943", "8.217.137.245:50000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:07", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:15", "1290942", "8.219.146.174:1337", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:20", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:14", "1290941", "8.141.13.130:8098", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:39:07", "1290940", "47.121.112.235:4567", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:55", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:05", "1290939", "47.236.74.146:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:54", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:04", "1290938", "47.113.107.52:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:51", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:57", "1290937", "43.138.132.137:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:56", "1290936", "39.108.220.93:3333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:45", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:53", "1290935", "185.117.0.43:8887", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:52", "1290934", "185.201.226.192:4001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:49", "1290933", "154.221.24.44:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:43", "1290932", "123.58.220.97:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:48:38", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:35", "1290931", "119.45.21.247:9000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:20", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:38:33", "1290930", "115.159.50.50:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:13", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:32", "1290929", "112.124.6.100:6789", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:06", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:29", "1290928", "106.54.236.42:3306", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:59", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:28", "1290927", "106.75.249.81:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:47", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:24", "1290926", "101.200.120.13:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:54", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:23", "1290925", "124.222.37.211:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:28", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:22", "1290924", "211.149.252.96:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:19", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:21", "1290923", "124.222.72.51:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:21", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:38:20", "1290922", "91.92.248.235:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:19", "1290920", "120.26.139.208:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:26", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:19", "1290921", "103.146.159.3:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:20", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:17", "1290918", "54.237.218.187:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:17", "1290919", "120.79.8.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:24", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:16", "1290917", "18.138.122.192:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:49:30", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:38:15", "1290916", "185.77.226.142:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:07", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:14", "1290915", "47.109.77.9:9001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:22", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:11", "1290913", "103.225.9.174:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:17", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:38:11", "1290914", "39.100.91.89:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:39", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:10", "1290912", "106.53.22.217:1080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:26", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:38:08", "1290911", "220.249.191.101:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:44", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:04", "1290910", "116.204.75.247:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:38:03", "1290909", "43.138.150.207:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:38:02", "1290908", "154.44.10.182:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:01", "1290907", "47.97.100.26:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:03", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:59", "1290906", "121.37.226.97:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:37:58", "1290905", "35.238.182.197:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:36", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:37:57", "1290903", "124.223.101.175:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:13", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:37:57", "1290904", "95.214.234.74:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:55", "1290901", "111.231.74.72:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:15", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:37:55", "1290902", "43.138.0.7:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:54", "1290900", "124.221.22.144:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:37:53", "1290899", "62.234.34.114:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:43", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:52", "1290897", "43.138.0.7:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:52", "1290898", "129.211.214.71:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:51", "1290895", "103.225.196.210:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:42", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:51", "1290896", "47.92.70.19:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:15", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:50", "1290894", "85.209.153.114:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:49", "1290892", "106.54.197.233:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:29", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:49", "1290893", "8.134.163.72:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:50", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:48", "1290890", "107.172.34.126:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:49", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:37:48", "1290891", "47.97.96.79:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:57", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:37:46", "1290888", "8.137.87.159:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:42", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:46", "1290889", "47.108.164.45:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:26", "100", "None", "CobaltStrike,cs-watermark-1873433027", "0", "abuse_ch"
"2024-06-30 07:37:45", "1290887", "47.97.22.116:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:52", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:43", "1290886", "8.134.139.130:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:54", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:37:40", "1290885", "47.92.30.116:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:34", "100", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch"
"2024-06-30 07:37:39", "1290884", "120.26.139.208:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:12", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:37:38", "1290883", "155.94.204.114:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:14", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:31", "1290881", "155.94.204.114:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:19", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:31", "1290882", "106.75.15.3:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:30", "1290880", "91.149.236.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:15", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:37:29", "1290878", "107.189.13.28:800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:18", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:29", "1290879", "154.9.253.110:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:48:43", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:28", "1290877", "112.124.33.134:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:47:26", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:37:27", "1290876", "8.134.137.100:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:45", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:33:40", "1290541", "103.139.1.202:3434", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://bazaar.abuse.ch/sample/7a4238fc6f5d3c7731c2eb33911298eaa36986040858af56e76628c5dc83e265/", "Ermac", "0", "NDA0E"
"2024-06-30 07:33:38", "1290510", "15.235.209.194:19990", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest"
"2024-06-30 07:33:36", "1290802", "5.59.248.220:38241", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-06-30 06:50:43", "1290874", "213.195.117.131:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/213.195.117.131", "AsyncRAT,XTRA Telecom", "0", "drb_ra"
"2024-06-30 06:49:51", "1290873", "185.241.208.181:9090", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/185.241.208.181", "AsyncRAT,SERVICES-1337-GMBH 1337-SERVICES-GMBH-NETWORK", "0", "drb_ra"
"2024-06-30 06:49:46", "1290872", "46.246.6.14:2000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/46.246.6.14", "AsyncRAT,PORTLANE www.portlane.com", "0", "drb_ra"
"2024-06-30 06:49:18", "1290871", "91.92.240.70:50555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/91.92.240.70", "Hookbot Pegasus,LIMENET", "0", "drb_ra"
"2024-06-30 06:48:54", "1290870", "176.32.38.11:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/176.32.38.11", "ASBAXETN,Supershell", "0", "drb_ra"
"2024-06-30 06:48:17", "1290869", "46.246.4.17:9000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "https://search.censys.io/hosts/46.246.4.17", "DcRat,PORTLANE www.portlane.com", "0", "drb_ra"
"2024-06-30 06:48:06", "1290868", "79.107.142.212:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/79.107.142.212", "Qakbot,WIND-AS", "0", "drb_ra"
"2024-06-30 06:46:34", "1290867", "37.111.183.34:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/37.111.183.34", "Deimos,TPP-AS-PK Telenor Pakistan", "0", "drb_ra"
"2024-06-30 06:46:10", "1290866", "52.183.57.173:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/52.183.57.173", "MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "drb_ra"
"2024-06-30 06:45:54", "1290865", "178.18.254.10:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/178.18.254.10", "CONTABO,Covenant", "0", "drb_ra"
"2024-06-30 06:45:28", "1290864", "52.196.181.68:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://search.censys.io/hosts/52.196.181.68", "AMAZON-02,Sliver", "0", "drb_ra"
# Number of entries: 315