################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2025-07-12 12:20:54 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-07-12 12:20:54", "1556218", "118.107.244.36:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/118.107.244.36#10001", "c2,extreme,shodan", "0", "juroots"
"2025-07-12 12:20:39", "1556217", "77.105.161.10:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/77.105.161.10#1604", "c2,darkcomet,shodan", "0", "juroots"
"2025-07-12 12:20:24", "1556216", "8.218.30.185:443", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "50", "https://www.shodan.io/host/8.218.30.185#443", "c2,Rhadamanthys,shodan", "0", "juroots"
"2025-07-12 12:19:46", "1556213", "3.145.103.147:9993", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/3.145.103.147#9993", "c2,netbus,shodan", "0", "juroots"
"2025-07-12 12:19:46", "1556214", "51.250.8.230:21262", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/51.250.8.230#21262", "c2,netbus,shodan", "0", "juroots"
"2025-07-12 12:19:46", "1556215", "13.37.224.116:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/13.37.224.116#9999", "c2,netbus,shodan", "0", "juroots"
"2025-07-12 12:19:28", "1556211", "80.153.197.234:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/80.153.197.234#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-07-12 12:19:28", "1556212", "162.0.216.188:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/162.0.216.188#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-07-12 12:19:03", "1556209", "51.94.27.205:902", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/51.94.27.205#902", "c2,netsupport,shodan", "0", "juroots"
"2025-07-12 12:19:03", "1556210", "15.237.253.95:4321", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/15.237.253.95#4321", "c2,netsupport,shodan", "0", "juroots"
"2025-07-12 12:19:02", "1556207", "118.122.8.157:10393", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/118.122.8.157#10393", "c2,netsupport,shodan", "0", "juroots"
"2025-07-12 12:19:02", "1556208", "51.112.44.22:8649", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/51.112.44.22#8649", "c2,netsupport,shodan", "0", "juroots"
"2025-07-12 12:19:01", "1556206", "108.136.163.59:4444", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/108.136.163.59#4444", "c2,netsupport,shodan", "0", "juroots"
"2025-07-12 12:18:40", "1556201", "89.111.143.7:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/89.111.143.7#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:40", "1556202", "4.197.155.50:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/4.197.155.50#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:40", "1556203", "80.64.19.99:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/80.64.19.99#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:40", "1556204", "43.250.175.68:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/43.250.175.68#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:40", "1556205", "164.90.230.62:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/164.90.230.62#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:39", "1556198", "62.234.116.46:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/62.234.116.46#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:39", "1556199", "209.38.66.239:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/209.38.66.239#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:39", "1556200", "178.132.0.217:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/178.132.0.217#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-12 12:18:21", "1556196", "81.70.158.144:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/81.70.158.144#80", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-12 12:18:21", "1556197", "52.4.38.106:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/52.4.38.106#443", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-12 12:18:06", "1556195", "113.46.198.202:3333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 12:18:21", "50", "https://www.shodan.io/host/113.46.198.202#3333", "c2,cobaltstrike,cs-watermark-1359593325,shodan", "0", "juroots"
"2025-07-12 12:17:48", "1556194", "47.120.32.72:8069", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 12:18:22", "50", "https://www.shodan.io/host/47.120.32.72#8069", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-07-12 12:17:45", "1556191", "119.45.71.217:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 12:18:21", "50", "https://www.shodan.io/host/119.45.71.217#80", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-07-12 12:17:45", "1556192", "39.104.16.175:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 12:18:22", "50", "https://www.shodan.io/host/39.104.16.175#4444", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-07-12 12:17:45", "1556193", "148.135.102.82:8008", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 12:18:22", "50", "https://www.shodan.io/host/148.135.102.82#8008", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-07-12 12:02:33", "1556190", "104.143.46.155:8888", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250712-lv1hray1cv", "AS140227,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-12 12:02:32", "1556189", "104.143.46.155:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250712-lv1hray1cv", "AS140227,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-12 12:02:27", "1556187", "104.12.206.171:5552", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250712-nqdvas1jt9", "AS7018,C2,njrat,triage", "0", "DonPasci"
"2025-07-12 12:02:02", "1556185", "176.65.148.60:9999", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/176.65.148.60", "31mRemastered,AS51396,C2,censys,Gafgyt,PFCLOUD", "0", "DonPasci"
"2025-07-12 12:01:42", "1556184", "148.66.21.238:403", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/148.66.21.238", "AS45753,C2,censys,DcRAT,NETSEC-HK,RAT", "0", "DonPasci"
"2025-07-12 12:01:32", "1556183", "193.164.6.92:3002", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/193.164.6.92", "AS210538,AsyncRAT,C2,censys,KEYUBU,RAT", "0", "DonPasci"
"2025-07-12 12:01:18", "1556181", "216.250.252.62:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/216.250.252.62", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2025-07-12 12:01:18", "1556182", "77.90.153.167:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/77.90.153.167", "AS214943,C2,censys,RAILNET,RAT,Remcos", "0", "DonPasci"
"2025-07-12 12:01:07", "1556180", "196.251.113.11:2414", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250712-h1gfaafq9y", "AS401116,C2,rat,remcos,triage", "0", "DonPasci"
"2025-07-12 11:20:21", "1556178", "31.57.97.31:2020", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-12 08:49:08", "1556174", "212.64.201.67:41120", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://app.any.run/tasks/3dbaefc2-f463-4f0e-86de-5fa80aa9a220", "Stellar,StellarBot", "0", "NDA0E"
"2025-07-12 08:44:34", "1556173", "162.252.174.65:55555", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-07-12 11:44:37", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-07-12 08:02:01", "1556172", "167.160.161.111:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-12 08:02:00", "1556171", "103.150.215.39:80", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/103.150.215.39", "AS979,C2,censys,hacktool,Mimikatz,NETLAB-SDN,open-dir", "0", "DonPasci"
"2025-07-12 08:01:41", "1556170", "3.25.173.252:2053", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/3.25.173.252", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-12 08:01:35", "1556169", "13.127.6.17:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.127.6.17", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "DonPasci"
"2025-07-12 08:01:29", "1556168", "94.130.241.163:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:48:49", "100", "https://search.censys.io/hosts/94.130.241.163", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-07-12 08:01:08", "1556167", "185.128.227.157:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.128.227.157", "ADVIN-AS,Ailurophile,AS206216,C2,censys,panel,Stealer", "0", "DonPasci"
"2025-07-12 08:01:04", "1556166", "120.24.241.109:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/120.24.241.109", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci"
"2025-07-12 08:01:01", "1556165", "154.82.68.142:12617", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.82.68.142", "AS399077,C2,censys,CobaltStrike,cs-watermark-666666666,TERAEXCH", "0", "DonPasci"
"2025-07-12 07:45:19", "1556164", "195.26.227.209:7705", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-07-12 06:21:02", "1556163", "45.144.214.51:7084", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/620a2b5ff17f78cc2aeeb9be6c3df19a085aee5db2f81c0ab7bbedac0d12f530/", "remcos", "0", "abuse_ch"
"2025-07-12 06:01:56", "1556160", "23.249.28.223:90", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250712-aqql7sal3v", "AS152156,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-12 06:01:56", "1556161", "38.45.122.106:4756", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250712-brmglsvwey", "AS9294,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-12 06:01:56", "1556162", "38.45.122.106:1188", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250712-brmglsvwey", "AS9294,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-12 06:01:35", "1556157", "160.202.133.53:59897", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://tria.ge/250712-djxzgsar7s", "AS60781,C2,RedLine,RedlineStealer,stealer,triage", "0", "DonPasci"
"2025-07-12 06:01:03", "1556156", "88.180.187.70:20000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250712-eghbpafp41", "AS12322,C2,triage,xworm", "0", "DonPasci"
"2025-07-12 05:40:37", "1556153", "45.90.97.91:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-12 05:40:37", "1556154", "103.38.81.125:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 08:01:02", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2025-07-12 05:40:36", "1556152", "192.210.174.155:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-07-12 05:40:04", "1556049", "62.233.53.75:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://app.any.run/tasks/bc6b5b21-e714-4261-9ee9-f1fa7d4da1c3", "None", "0", "pitachu"
"2025-07-12 05:39:59", "1556065", "185.177.239.63:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "None", "0", "tanner"
"2025-07-12 05:39:57", "1556089", "5.230.226.36:23004", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "https://www.virustotal.com/gui/file/ef262d345309f25040aa78b6317fee5f0ea408ed28f7800b94f068a289cf33fa/behavior", "c2,mirai,shell,trojan", "1", "bigbigfox"
"2025-07-12 04:10:05", "1556149", "51.89.204.11:53454", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-07-12 04:10:02", "1556148", "192.169.69.26:3395", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "NanoCore,RAT", "0", "abuse_ch"
"2025-07-12 04:05:13", "1556147", "202.95.22.109:443", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-12 04:02:08", "1556145", "159.69.228.247:1331", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/159.69.228.247", "AS24940,C2,censys,HETZNER-AS,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-12 04:02:08", "1556146", "45.153.34.4:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/45.153.34.4", "AS51396,C2,censys,PFCLOUD,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-12 04:02:06", "1556143", "114.67.112.246:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/114.67.112.246", "AS4811,C2,censys,CHINANET-SHANGHAI-MAN,RAT", "0", "DonPasci"
"2025-07-12 04:02:06", "1556144", "223.109.90.110:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/223.109.90.110", "AS56046,C2,censys,CMNET-JIANGSU-AP,RAT", "0", "DonPasci"
"2025-07-12 04:01:39", "1556140", "35.180.255.4:2456", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:46:58", "100", "https://search.censys.io/hosts/35.180.255.4", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-12 04:01:39", "1556141", "35.180.255.4:20256", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:46:58", "100", "https://search.censys.io/hosts/35.180.255.4", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-12 04:01:39", "1556142", "35.180.255.4:26306", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:46:58", "100", "https://search.censys.io/hosts/35.180.255.4", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-12 04:01:38", "1556137", "18.163.238.189:13325", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:45:12", "100", "https://search.censys.io/hosts/18.163.238.189", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-12 04:01:38", "1556138", "18.142.251.30:2628", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:45:11", "100", "https://search.censys.io/hosts/18.142.251.30", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-12 04:01:38", "1556139", "88.17.115.11:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:48:40", "100", "https://search.censys.io/hosts/88.17.115.11", "AS3352,C2,censys,Netsupport,RAT,TELEFONICA_DE_ESPANA", "0", "DonPasci"
"2025-07-12 04:01:30", "1556136", "178.236.254.136:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/178.236.254.136", "AS213887,C2,censys,RAT,Sectop,WAICORE-LTD", "0", "DonPasci"
"2025-07-12 04:01:14", "1556135", "205.209.99.87:5555", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:46:21", "100", "https://search.censys.io/hosts/205.209.99.87", "AS19318,C2,censys,IS-AS-1,RAT,Remcos", "0", "DonPasci"
"2025-07-12 04:01:07", "1556134", "176.65.148.60:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "90", "https://search.censys.io/hosts/176.65.148.60", "AS51396,C2,censys,DDOS,PFCLOUD", "0", "dyingbreeds_"
"2025-07-12 04:01:04", "1556132", "209.145.58.37:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/209.145.58.37", "AS40021,censys,GoPhish,NL-811-40021,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:04", "1556133", "18.102.7.167:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.102.7.167", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:03", "1556130", "104.199.21.106:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.199.21.106", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:03", "1556131", "47.117.71.220:8085", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.117.71.220", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:02", "1556128", "171.244.143.6:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/171.244.143.6", "AS7552,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:02", "1556129", "34.195.27.174:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.195.27.174", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:01", "1556125", "146.59.14.101:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/146.59.14.101", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:01", "1556126", "123.231.128.42:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/123.231.128.42", "AS4800,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:01", "1556127", "13.43.115.216:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.43.115.216", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:00", "1556123", "66.179.208.121:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/66.179.208.121", "AS8560,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:01:00", "1556124", "52.221.30.147:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.221.30.147", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:59", "1556119", "13.71.110.191:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.71.110.191", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:59", "1556120", "143.198.90.71:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/143.198.90.71", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:59", "1556121", "51.20.116.223:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.20.116.223", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:59", "1556122", "23.95.39.53:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/23.95.39.53", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:58", "1556118", "147.93.120.9:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/147.93.120.9", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:57", "1556116", "43.136.75.182:9090", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.136.75.182", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:57", "1556117", "18.218.34.196:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.218.34.196", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-12 04:00:51", "1556114", "47.122.62.142:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.122.62.142", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-07-12 04:00:51", "1556115", "115.175.70.57:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/115.175.70.57", "AS55990,censys,Viper", "0", "dyingbreeds_"
"2025-07-12 04:00:27", "1556113", "194.48.248.102:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 11:45:54", "100", "https://search.censys.io/hosts/194.48.248.102", "ALEXHOST,AS200019,C2,censys,Mythic", "0", "dyingbreeds_"
"2025-07-12 04:00:23", "1556112", "196.251.113.10:1000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:45:58", "100", "https://search.censys.io/hosts/196.251.113.10", "AS401116,C2,censys,NYBULA,RAT", "0", "dyingbreeds_"
"2025-07-12 04:00:17", "1556111", "36.137.179.7:20000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-12 11:47:01", "90", "https://search.censys.io/hosts/36.137.179.7", "AS9808,C2,censys", "0", "dyingbreeds_"
"2025-07-12 04:00:10", "1556110", "1.94.98.11:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:57", "100", "https://search.censys.io/hosts/1.94.98.11", "AS55990,C2,censys", "0", "dyingbreeds_"
"2025-07-12 03:30:15", "1556107", "206.238.196.239:8081", "ip:port", "botnet_cc", "win.fatal_rat", "Sainbox RAT", "FatalRat", "", "100", "None", "FatalRAT", "0", "abuse_ch"
"2025-07-12 02:10:10", "1556106", "183.90.187.173:52137", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-12 01:10:12", "1556103", "45.74.10.206:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-12 00:55:04", "1556102", "196.251.71.173:7788", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-07-12 00:02:07", "1556101", "67.220.72.161:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/67.220.72.161", "AS-GLOBALTELEHOST,AS63023,C2,censys,RAT", "0", "DonPasci"
"2025-07-12 00:01:58", "1556100", "209.151.150.4:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/209.151.150.4", "AS25697,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUDUSA", "0", "DonPasci"
"2025-07-12 00:01:36", "1556099", "51.81.171.234:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-12 11:47:49", "100", "https://search.censys.io/hosts/51.81.171.234", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci"
"2025-07-12 00:01:35", "1556098", "167.235.213.2:44783", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-12 04:00:29", "100", "https://search.censys.io/hosts/167.235.213.2", "AS24940,C2,censys,HETZNER-AS,Quasar,RAT", "0", "DonPasci"
"2025-07-12 00:01:29", "1556097", "128.90.113.220:2000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:43:47", "100", "https://search.censys.io/hosts/128.90.113.220", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci"
"2025-07-12 00:01:18", "1556096", "1.197.72.113:40000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-12 11:43:03", "100", "https://search.censys.io/hosts/1.197.72.113", "AS4134,C2,censys,CHINANET-BACKBONE,Sliver", "0", "DonPasci"
"2025-07-12 00:00:56", "1556095", "185.212.56.93:60000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:08", "100", "https://search.censys.io/hosts/185.212.56.93", "AS25820,C2,censys,CobaltStrike,cs-watermark-987654321,IT7NET", "0", "DonPasci"
"2025-07-11 22:49:16", "1556094", "115.175.40.126:50001", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-12 11:49:46", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-07-11 20:47:55", "1556088", "70.31.125.225:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-12 11:48:12", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-11 20:45:29", "1556087", "191.112.11.201:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-12 11:45:41", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-11 20:45:27", "1556086", "188.4.206.249:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-12 11:45:38", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-11 20:44:41", "1556085", "172.233.60.182:22222", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-12 11:44:51", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-11 20:43:03", "1556084", "101.201.247.89:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 11:43:05", "75", "None", "drb-ra,RAT", "0", "abuse_ch"
"2025-07-11 20:40:09", "1556083", "45.204.217.102:8081", "ip:port", "botnet_cc", "win.fatal_rat", "Sainbox RAT", "FatalRat", "", "100", "None", "FatalRAT", "0", "abuse_ch"
"2025-07-11 20:10:10", "1556082", "146.70.87.178:7031", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-11 20:02:10", "1556081", "45.137.99.158:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/45.137.99.158", "AS214209,C2,censys,INTERNET-MAGNATE,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-11 20:02:04", "1556079", "167.160.161.110:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-11 20:02:04", "1556080", "167.160.161.106:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-11 20:02:00", "1556078", "38.55.99.220:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/38.55.99.220", "AS42960,C2,censys,hacktool,Mimikatz,open-dir,VH-GLOBAL", "0", "DonPasci"
"2025-07-11 20:01:53", "1556077", "144.172.108.70:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-07-12 11:44:07", "100", "https://search.censys.io/hosts/144.172.108.70", "AS14956,censys,Chaos,panel,ROUTERHOSTING", "0", "DonPasci"
"2025-07-11 20:01:40", "1556076", "46.246.82.4:3000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-07-12 11:47:34", "100", "https://search.censys.io/hosts/46.246.82.4", "AS42708,C2,censys,DcRAT,GLESYS,RAT", "0", "DonPasci"
"2025-07-11 20:01:38", "1556075", "201.92.134.212:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-12 11:46:19", "100", "https://search.censys.io/hosts/201.92.134.212", "AS27699,C2,censys,Havoc,TELEFONICA", "0", "DonPasci"
"2025-07-11 20:01:30", "1556074", "45.141.233.202:6458", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:47:20", "100", "https://search.censys.io/hosts/45.141.233.202", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci"
"2025-07-11 20:01:28", "1556073", "47.98.216.119:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 04:00:19", "100", "https://search.censys.io/hosts/47.98.216.119", "ALIBABA-CN-NET,AS37963,C2,censys,Supershell", "0", "DonPasci"
"2025-07-11 20:01:18", "1556072", "107.189.20.160:1234", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-12 11:43:22", "100", "https://search.censys.io/hosts/107.189.20.160", "AS14956,C2,censys,ROUTERHOSTING,Sliver", "0", "DonPasci"
"2025-07-11 20:00:59", "1556071", "47.252.32.38:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:51:17", "100", "https://search.censys.io/hosts/47.252.32.38", "ALIBABA-CN-NET,AS45102,C2,censys,CobaltStrike,cs-watermark-1234567890", "0", "DonPasci"
"2025-07-11 20:00:58", "1556069", "39.99.227.179:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:09", "100", "https://search.censys.io/hosts/39.99.227.179", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-11 20:00:58", "1556070", "115.190.8.204:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:10", "100", "https://search.censys.io/hosts/115.190.8.204", "AS137718,C2,censys,CobaltStrike,cs-watermark-666666666,VOLCANO-ENGINE", "0", "DonPasci"
"2025-07-11 20:00:57", "1556068", "45.116.78.209:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:09", "100", "https://search.censys.io/hosts/45.116.78.209", "AS55933,C2,censys,CLOUDIE-AS-AP,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-11 20:00:55", "1556067", "47.93.5.95:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:07", "100", "https://search.censys.io/hosts/47.93.5.95", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-11 18:15:08", "1556062", "45.204.211.171:7891", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-07-11 18:01:42", "1556061", "45.204.211.223:7891", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250711-r5b6ssylt7", "AS62468,C2,HKCLOUDX,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-11 16:05:03", "1556044", "41.142.139.73:19811", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-07-11 16:02:02", "1556042", "172.201.216.147:443", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/172.201.216.147", "AS8075,C2,censys,hacktool,MICROSOFT-CORP-MSN-AS-BLOCK,Mimikatz,open-dir", "0", "DonPasci"
"2025-07-11 16:02:02", "1556043", "85.9.209.188:8080", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/85.9.209.188", "AS202053,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUD", "0", "DonPasci"
"2025-07-11 16:02:01", "1556041", "209.50.60.223:8888", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/209.50.60.223", "AS25697,C2,censys,hacktool,Mimikatz,open-dir,UPCLOUDUSA", "0", "DonPasci"
"2025-07-11 16:01:42", "1556040", "16.26.53.53:37892", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:44:32", "100", "https://search.censys.io/hosts/16.26.53.53", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 16:01:41", "1556039", "56.124.127.146:26090", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:48:01", "100", "https://search.censys.io/hosts/56.124.127.146", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 16:01:38", "1556038", "206.189.32.112:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-12 11:46:22", "100", "https://search.censys.io/hosts/206.189.32.112", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-07-11 16:01:30", "1556036", "185.174.101.81:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:45:26", "100", "https://search.censys.io/hosts/185.174.101.81", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-07-11 16:01:29", "1556035", "207.231.105.51:400", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:46:23", "100", "https://search.censys.io/hosts/207.231.105.51", "AS40676,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-07-11 16:01:15", "1556034", "172.111.244.105:37830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:44:50", "100", "https://search.censys.io/hosts/172.111.244.105", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-07-11 16:01:14", "1556033", "45.138.16.30:1024", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:47:19", "100", "https://search.censys.io/hosts/45.138.16.30", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-07-11 16:00:55", "1556031", "47.108.63.64:7787", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:08", "100", "https://search.censys.io/hosts/47.108.63.64", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-11 16:00:55", "1556032", "154.217.245.237:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 05:40:39", "100", "https://search.censys.io/hosts/154.217.245.237", "AS40065,C2,censys,CNSERVERS,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-11 16:00:54", "1556030", "1.94.98.11:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 04:00:11", "100", "https://search.censys.io/hosts/1.94.98.11", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci"
"2025-07-11 15:57:30", "1556018", "185.163.45.73:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "None", "0", "tanner"
"2025-07-11 15:57:29", "1556021", "176.46.157.50:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2025-07-12 12:36:02", "100", "https://app.any.run/tasks/315bc97f-69e0-4346-9f68-973f46961f9c", "None", "0", "pitachu"
"2025-07-11 15:57:29", "1556022", "66.63.187.164:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "https://app.any.run/tasks/315bc97f-69e0-4346-9f68-973f46961f9c", "None", "0", "pitachu"
"2025-07-11 15:57:27", "1556026", "45.74.16.175:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://app.any.run/tasks/a6fc58f1-9f02-4063-a129-af68d056943c", "None", "0", "pitachu"
"2025-07-11 15:56:29", "1556029", "155.94.172.165:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2025-07-11 15:55:50", "1556028", "47.79.16.215:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-07-11 15:55:44", "1556027", "121.40.86.70:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 05:40:39", "100", "None", "CobaltStrike,cs-watermark-1359593325", "0", "abuse_ch"
"2025-07-11 15:35:07", "1556019", "86.29.59.189:7877", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-11 13:30:05", "1555973", "198.46.173.22:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-07-11 13:22:00", "1555972", "23.146.184.92:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-07-11 12:53:20", "1555968", "175.178.77.207:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:50:26", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-11 12:05:09", "1555914", "38.207.178.172:8002", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-07-12 12:36:02", "100", "None", "AS139659,chaos,LUCIDACLOUD LIMITED", "0", "antiphishorg"
"2025-07-11 12:02:06", "1555966", "27.71.25.14:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/27.71.25.14", "AS7552,C2,censys,CobaltStrike,open-dir,VIETEL-AS-AP", "0", "DonPasci"
"2025-07-11 12:02:04", "1555965", "119.28.6.84:4444", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250711-h4bn7sgr4x", "AS132203,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-11 12:01:52", "1555964", "156.244.56.241:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-07-12 11:44:24", "100", "https://search.censys.io/hosts/156.244.56.241", "AS138915,censys,Chaos,KAOPU-HK,panel", "0", "DonPasci"
"2025-07-11 12:01:39", "1555959", "13.36.167.50:50308", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:43:52", "100", "https://search.censys.io/hosts/13.36.167.50", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 12:01:39", "1555960", "15.160.87.249:39116", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:44:16", "100", "https://search.censys.io/hosts/15.160.87.249", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 12:01:39", "1555961", "18.231.106.229:2701", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:45:15", "100", "https://search.censys.io/hosts/18.231.106.229", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 12:01:36", "1555958", "74.50.82.72:101", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-07-12 04:00:33", "100", "https://search.censys.io/hosts/74.50.82.72", "AS19318,C2,censys,IS-AS-1,RAT,Venom", "0", "DonPasci"
"2025-07-11 12:01:35", "1555957", "167.172.63.184:65533", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-07-12 11:44:45", "100", "https://search.censys.io/hosts/167.172.63.184", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-07-11 12:01:27", "1555956", "18.194.217.129:20001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:45:13", "100", "https://search.censys.io/hosts/18.194.217.129", "AMAZON-02,AS16509,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-07-11 12:01:22", "1555955", "124.198.132.196:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://tria.ge/250711-hsdz7aswgw", "AS210558,C2,quasar,rat,triage", "0", "DonPasci"
"2025-07-11 12:00:56", "1555950", "68.11.200.38:8081", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250711-g2w2pafl5y", "AS22773,C2,triage,xworm", "0", "DonPasci"
"2025-07-11 09:45:53", "1555937", "91.92.46.12:8089", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "50", "https://www.shodan.io/host/91.92.46.12#8089", "c2,ermac,shodan", "0", "juroots"
"2025-07-11 09:45:25", "1555936", "51.250.8.230:3057", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/51.250.8.230#3057", "c2,netbus,shodan", "0", "juroots"
"2025-07-11 09:45:09", "1555935", "185.219.84.239:81", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/185.219.84.239#81", "c2,shodan,unam", "0", "juroots"
"2025-07-11 09:44:59", "1555934", "175.27.168.31:2222", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/175.27.168.31#2222", "c2,redguard,shodan", "0", "juroots"
"2025-07-11 09:44:25", "1555933", "83.48.230.194:6000", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/83.48.230.194#6000", "c2,netsupport,shodan", "0", "juroots"
"2025-07-11 09:43:57", "1555931", "157.20.182.24:1337", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/157.20.182.24#1337", "asyncrat,c2,shodan", "0", "juroots"
"2025-07-11 09:43:57", "1555932", "196.251.116.62:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://www.shodan.io/host/196.251.116.62#4444", "asyncrat,c2,shodan", "0", "juroots"
"2025-07-11 09:43:24", "1555930", "51.48.73.168:1023", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/51.48.73.168#1023", "blackshades,c2,shodan", "0", "juroots"
"2025-07-11 09:43:23", "1555928", "15.161.185.195:9306", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/15.161.185.195#9306", "blackshades,c2,shodan", "0", "juroots"
"2025-07-11 09:43:23", "1555929", "51.48.73.168:873", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/51.48.73.168#873", "blackshades,c2,shodan", "0", "juroots"
"2025-07-11 09:42:58", "1555927", "43.153.207.12:9205", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/43.153.207.12#9205", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-07-11 09:42:32", "1555924", "178.128.228.79:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/178.128.228.79#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:32", "1555925", "172.232.124.4:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/172.232.124.4#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:32", "1555926", "146.190.11.128:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/146.190.11.128#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:31", "1555920", "51.38.140.83:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/51.38.140.83#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:31", "1555921", "91.221.190.28:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/91.221.190.28#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:31", "1555922", "195.58.34.114:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/195.58.34.114#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:31", "1555923", "92.112.53.88:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/92.112.53.88#31337", "c2,shodan,sliver", "0", "juroots"
"2025-07-11 09:42:14", "1555918", "35.222.201.2:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/35.222.201.2#443", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-11 09:42:14", "1555919", "47.120.32.72:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/47.120.32.72#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-11 09:42:13", "1555917", "122.51.235.217:8066", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/122.51.235.217#8066", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-07-11 09:42:00", "1555916", "196.251.87.191:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-11 09:42:13", "50", "https://www.shodan.io/host/196.251.87.191#4433", "c2,cobaltstrike,cs-watermark-678358251,shodan", "0", "juroots"
"2025-07-11 09:41:53", "1555915", "8.137.151.96:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:51:29", "50", "https://www.shodan.io/host/8.137.151.96#8011", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-07-11 08:47:58", "1555913", "62.171.148.172:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-12 11:48:05", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-07-11 08:47:50", "1555912", "54.210.124.204:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-12 11:47:57", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-11 08:47:26", "1555911", "46.21.153.146:55555", "ip:port", "botnet_cc", "win.eye_pyramid", "None", "Eye Pyramid", "2025-07-12 11:47:33", "75", "None", "drb-ra,EyePyramid", "0", "abuse_ch"
"2025-07-11 08:37:16", "1555908", "147.124.219.109:7171", "ip:port", "botnet_cc", "win.hijackloader", "DOILoader,GHOSTPULSE,IDAT Loader,SHADOWLADDER", "HijackLoader", "", "75", "https://bazaar.abuse.ch/sample/eec9b4769ab34844f5f6caa304bad459780fe72e337eb8d686f01fcfd3833ac0/", "ClickFix,HijackLoader", "0", "abuse_ch"
"2025-07-11 08:02:05", "1555907", "47.245.120.176:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/47.245.120.176", "ALIBABA-CN-NET,AS45102,C2,censys,RAT", "0", "DonPasci"
"2025-07-11 08:01:51", "1555906", "176.65.148.40:888", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/176.65.148.40", "AS51396,C2,censys,Gafgyt,PFCLOUD", "0", "DonPasci"
"2025-07-11 08:01:36", "1555905", "40.192.38.8:48796", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:47:10", "100", "https://search.censys.io/hosts/40.192.38.8", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 08:01:25", "1555903", "24.152.38.198:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:46:41", "100", "https://search.censys.io/hosts/24.152.38.198", "AS270564,AsyncRAT,C2,censys,MASTER,RAT", "0", "DonPasci"
"2025-07-11 08:01:25", "1555904", "104.1.253.104:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:43:13", "100", "https://search.censys.io/hosts/104.1.253.104", "AS7018,AsyncRAT,ATT-INTERNET4,C2,censys,RAT", "0", "DonPasci"
"2025-07-11 08:01:10", "1555902", "80.64.19.165:6001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:48:29", "100", "https://search.censys.io/hosts/80.64.19.165", "AS216341,C2,censys,OPTIMA-AS,RAT,Remcos", "0", "DonPasci"
"2025-07-11 06:50:04", "1555900", "15.235.173.226:4781", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-07-11 06:33:42", "1555859", "38.12.25.18:8877", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 12:20:02", "100", "None", "AROSSCLOUD INC.,AS400619,supershell", "0", "antiphishorg"
"2025-07-11 06:33:29", "1555740", "23.27.134.202:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,GhoLoader,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-07-11 06:03:01", "1555899", "103.215.77.197:2233", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250711-fl1t9saq7y", "AS400619,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-11 06:02:20", "1555898", "178.250.188.181:4226", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "https://tria.ge/250711-fn2vcasr19", "AS56322,C2,RedLine,RedlineStealer,stealer,triage", "0", "DonPasci"
"2025-07-11 04:13:10", "1555893", "167.160.161.76:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-07-11 04:02:01", "1555892", "5.22.159.192:19000", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://search.censys.io/hosts/5.22.159.192", "AS34259,C2,censys,HIGHLOADSYSTEMS,rhadamanthys,stealer", "0", "DonPasci"
"2025-07-11 04:01:59", "1555891", "8.134.14.71:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/8.134.14.71", "ALIBABA-CN-NET,AS37963,C2,censys,RAT", "0", "DonPasci"
"2025-07-11 04:01:33", "1555888", "40.192.38.8:18246", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:47:10", "100", "https://search.censys.io/hosts/40.192.38.8", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 04:01:33", "1555889", "3.29.67.233:37805", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:46:48", "100", "https://search.censys.io/hosts/3.29.67.233", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 04:01:33", "1555890", "51.92.218.68:995", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:47:50", "100", "https://search.censys.io/hosts/51.92.218.68", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 04:01:25", "1555886", "45.94.47.125:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/45.94.47.125", "AS57043,C2,censys,HOSTKEY-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-11 04:01:25", "1555887", "194.165.16.5:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/194.165.16.5", "AS48721,C2,censys,FLYSERVERS-ENDCLIENTS,RAT,Sectop", "0", "DonPasci"
"2025-07-11 04:01:14", "1555883", "104.199.21.106:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.199.21.106", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:14", "1555884", "104.199.21.106:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.199.21.106", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:14", "1555885", "51.21.196.210:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/51.21.196.210", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:13", "1555882", "74.48.168.169:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/74.48.168.169", "AS35916,censys,GoPhish,MULTA-ASN1,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:12", "1555879", "139.59.44.192:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/139.59.44.192", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:12", "1555880", "103.74.5.233:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.74.5.233", "AS135444,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:12", "1555881", "34.122.107.208:10443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.122.107.208", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:11", "1555878", "31.192.237.86:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.192.237.86", "AS44493,censys,CHELYABINSK-SIGNAL-AS,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:10", "1555876", "52.72.160.166:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.72.160.166", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:10", "1555877", "31.192.237.109:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.192.237.109", "AS44493,censys,CHELYABINSK-SIGNAL-AS,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:09", "1555872", "83.147.39.243:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/83.147.39.243", "AS32097,censys,GoPhish,Phishing,WII", "0", "dyingbreeds_"
"2025-07-11 04:01:09", "1555873", "181.206.158.190:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:45:18", "100", "https://search.censys.io/hosts/181.206.158.190", "AS27831,C2,censys,Colombia,RAT,Remcos", "0", "DonPasci"
"2025-07-11 04:01:09", "1555874", "149.104.27.216:3000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/149.104.27.216", "AS139659,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:09", "1555875", "172.245.242.116:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.245.242.116", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:08", "1555870", "172.237.65.7:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.237.65.7", "AS63949,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:08", "1555871", "34.44.166.252:10443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.44.166.252", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:07", "1555869", "162.43.7.119:4343", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/162.43.7.119", "AS131965,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-07-11 04:01:02", "1555868", "114.215.194.31:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/114.215.194.31", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-07-11 04:01:01", "1555867", "38.47.105.135:6000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.47.105.135", "AS400464,censys,Viper,VMISS", "0", "dyingbreeds_"
"2025-07-11 04:00:57", "1555866", "185.49.126.146:443", "ip:port", "botnet_cc", "win.blacknet_rat", "None", "BlackNET RAT", "", "100", "https://search.censys.io/hosts/185.49.126.146", "AS199654,C2,censys,RAT", "0", "dyingbreeds_"
"2025-07-11 04:00:32", "1555865", "78.162.57.179:888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:48:20", "100", "https://search.censys.io/hosts/78.162.57.179", "AS9121,C2,censys,RAT,TTNET", "0", "dyingbreeds_"
"2025-07-11 04:00:31", "1555864", "128.90.113.253:4000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:43:48", "100", "https://search.censys.io/hosts/128.90.113.253", "AS40861,C2,censys,PARAD-40-ASN,RAT", "0", "dyingbreeds_"
"2025-07-11 04:00:17", "1555863", "172.98.23.40:80", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-07-11 04:01:06", "75", "https://search.censys.io/hosts/172.98.23.40", "AS152705,C2,censys,RAT", "0", "dyingbreeds_"
"2025-07-11 04:00:14", "1555862", "106.53.170.127:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:33", "100", "https://search.censys.io/hosts/106.53.170.127", "AS45090,C2,censys", "0", "dyingbreeds_"
"2025-07-11 04:00:12", "1555861", "81.70.221.86:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-11 04:00:55", "100", "https://search.censys.io/hosts/81.70.221.86", "AS45090,C2,censys", "0", "dyingbreeds_"
"2025-07-11 04:00:11", "1555860", "121.41.130.127:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 05:40:35", "100", "https://search.censys.io/hosts/121.41.130.127", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-07-11 02:49:32", "1555857", "106.53.147.223:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:33", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-11 02:49:18", "1555856", "1.15.25.138:3443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:19", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-11 01:45:06", "1555852", "196.251.116.107:1986", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-07-11 00:01:51", "1555851", "45.79.217.119:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-07-12 11:47:28", "100", "https://search.censys.io/hosts/45.79.217.119", "AKAMAI-LINODE-AP,AS63949,censys,Chaos,panel", "0", "DonPasci"
"2025-07-11 00:01:49", "1555850", "185.92.74.43:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-11 04:00:56", "100", "https://search.censys.io/hosts/185.92.74.43", "AS200904,C2,censys,FOXCLOUD,panel,Unam", "0", "DonPasci"
"2025-07-11 00:01:38", "1555848", "3.29.67.233:2455", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:46:48", "100", "https://search.censys.io/hosts/3.29.67.233", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 00:01:38", "1555849", "13.246.221.95:17778", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:43:52", "100", "https://search.censys.io/hosts/13.246.221.95", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-11 00:01:33", "1555847", "196.251.81.62:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-07-12 11:46:06", "100", "https://search.censys.io/hosts/196.251.81.62", "AS401120,C2,censys,CHEAPY-HOST,Hookbot", "0", "DonPasci"
"2025-07-11 00:01:32", "1555846", "104.248.170.98:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 11:43:16", "100", "https://search.censys.io/hosts/104.248.170.98", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-11 00:01:29", "1555845", "217.12.206.21:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/217.12.206.21", "AS204957,C2,censys,GREENFLOID-AS,RAT,Sectop", "0", "DonPasci"
"2025-07-11 00:01:27", "1555844", "185.196.10.251:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:45:27", "100", "https://search.censys.io/hosts/185.196.10.251", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-07-11 00:01:25", "1555843", "143.92.62.30:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-11 04:00:27", "100", "https://search.censys.io/hosts/143.92.62.30", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Supershell", "0", "DonPasci"
"2025-07-11 00:01:12", "1555841", "80.64.19.165:6002", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:48:29", "100", "https://search.censys.io/hosts/80.64.19.165", "AS216341,C2,censys,OPTIMA-AS,RAT,Remcos", "0", "DonPasci"
"2025-07-11 00:01:12", "1555842", "167.160.161.83:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:44:45", "100", "https://search.censys.io/hosts/167.160.161.83", "AS214943,C2,censys,RAILNET,RAT,Remcos", "0", "DonPasci"
"2025-07-11 00:01:11", "1555840", "104.243.254.103:4862", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:43:15", "100", "https://search.censys.io/hosts/104.243.254.103", "AS7040,C2,censys,NETMINDERS,RAT,Remcos", "0", "DonPasci"
"2025-07-11 00:01:09", "1555839", "47.96.179.95:5556", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2025-07-11 04:00:17", "100", "https://search.censys.io/hosts/47.96.179.95", "ALIBABA-CN-NET,AS37963,C2,censys,Gh0st,RAT", "0", "DonPasci"
"2025-07-11 00:00:54", "1555838", "107.149.154.103:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-11 04:00:12", "100", "https://search.censys.io/hosts/107.149.154.103", "AS398823,C2,censys,CobaltStrike,cs-watermark-0,PEG-LA", "0", "DonPasci"
"2025-07-11 00:00:50", "1555837", "103.214.70.214:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:30", "100", "https://search.censys.io/hosts/103.214.70.214", "ANTBOX1-AS-AP,AS138995,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-07-10 23:30:46", "1555836", "167.160.161.3:4404", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://www.virustotal.com/gui/file/e087ac77d838c60b4dda9546e0f36d109db20d64e409d882e76de7d484bf7595", "AS214943,c2,RAILNET,virustotal,xworm", "0", "DonPasci"
"2025-07-10 23:27:35", "1555835", "185.125.50.64:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "https://tria.ge/250710-xn2b9axxgy", "AS215730,c2,H2NEXUS-AS,stealc,stealer,triage", "0", "DonPasci"
"2025-07-10 23:18:17", "1555831", "154.222.24.47:866", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250710-ygjz3ax1ew", "AS137899,C2,ILAYERLIMITED-AS-AP,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-10 23:18:16", "1555829", "121.54.191.52:3110", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250710-2phzhsbl9z", "AS62468,C2,HKCLOUDX,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-10 23:18:16", "1555830", "154.222.24.47:668", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/250710-ygjz3ax1ew", "AS137899,C2,ILAYERLIMITED-AS-AP,rat,triage,valleyrat", "0", "DonPasci"
"2025-07-10 23:18:09", "1555828", "147.185.221.30:5583", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "https://tria.ge/250710-wv61msxwdw", "AS400519,C2,njrat,PLAYIT-GG,triage", "0", "DonPasci"
"2025-07-10 23:17:40", "1555822", "193.5.65.154:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:45:51", "100", "https://tria.ge/250710-xt5a4awj13", "AS395839,asyncrat,C2,HOSTKEY-USA,rat,triage", "0", "DonPasci"
"2025-07-10 23:17:39", "1555820", "193.5.65.154:5505", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250710-xt5a4awj13", "AS395839,asyncrat,C2,HOSTKEY-USA,rat,triage", "0", "DonPasci"
"2025-07-10 23:17:39", "1555821", "193.5.65.154:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://tria.ge/250710-xt5a4awj13", "AS395839,asyncrat,C2,HOSTKEY-USA,rat,triage", "0", "DonPasci"
"2025-07-10 23:17:33", "1555818", "38.180.49.49:5921", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/250710-2r6hla1lv9", "AS9009,C2,M247,rat,remcos,triage", "0", "DonPasci"
"2025-07-10 23:17:29", "1555817", "2.56.246.52:7001", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/250710-z19khawrz2", "AS203446,C2,triage,xworm", "0", "DonPasci"
"2025-07-10 22:51:06", "1555815", "64.137.9.118:8443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-07-12 11:51:26", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-07-10 22:50:25", "1555814", "34.203.227.204:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:50:45", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-10 20:48:57", "1555804", "71.187.162.200:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-07-12 11:48:13", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-07-10 20:48:35", "1555803", "52.61.32.132:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-12 11:47:53", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-10 20:47:22", "1555802", "3.31.153.113:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-07-12 11:46:48", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-07-10 20:02:18", "1555801", "18.144.17.191:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-07-12 11:45:11", "100", "https://search.censys.io/hosts/18.144.17.191", "AMAZON-02,AS16509,BianLian,C2,censys", "0", "DonPasci"
"2025-07-10 20:02:17", "1555800", "223.109.206.177:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/223.109.206.177", "AS56046,C2,censys,CMNET-JIANGSU-AP,RAT", "0", "DonPasci"
"2025-07-10 20:02:16", "1555799", "47.236.244.219:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/47.236.244.219", "ALIBABA-CN-NET,AS45102,C2,censys,RAT", "0", "DonPasci"
"2025-07-10 20:01:48", "1555796", "13.51.167.29:104", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:43:54", "100", "https://search.censys.io/hosts/13.51.167.29", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-10 20:01:48", "1555797", "16.78.22.100:2761", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-07-12 11:44:34", "100", "https://search.censys.io/hosts/16.78.22.100", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-10 20:01:48", "1555798", "3.144.16.222:19779", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/3.144.16.222", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-07-10 20:01:43", "1555793", "102.219.208.80:8090", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-11 04:00:40", "100", "https://search.censys.io/hosts/102.219.208.80", "AS328856,C2,censys,Quasar,RAT,VIJIJI-CONNECT-LIMITED", "0", "DonPasci"
"2025-07-10 20:01:43", "1555794", "102.219.210.201:8090", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-11 04:00:39", "100", "https://search.censys.io/hosts/102.219.210.201", "AS328856,C2,censys,Quasar,RAT,VIJIJI-CONNECT-LIMITED", "0", "DonPasci"
"2025-07-10 20:01:43", "1555795", "102.219.210.197:8090", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-11 04:00:39", "100", "https://search.censys.io/hosts/102.219.210.197", "AS328856,C2,censys,Quasar,RAT,VIJIJI-CONNECT-LIMITED", "0", "DonPasci"
"2025-07-10 20:01:42", "1555792", "102.219.208.82:8090", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-11 04:00:39", "100", "https://search.censys.io/hosts/102.219.208.82", "AS328856,C2,censys,Quasar,RAT,VIJIJI-CONNECT-LIMITED", "0", "DonPasci"
"2025-07-10 20:01:40", "1555791", "147.93.152.86:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 11:44:14", "100", "https://search.censys.io/hosts/147.93.152.86", "AS141995,C2,CAPL-AS-AP,censys,Mythic", "0", "DonPasci"
"2025-07-10 20:01:37", "1555790", "83.222.191.90:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/83.222.191.90", "AS204428,C2,censys,RAT,Sectop,SS-NET", "0", "DonPasci"
"2025-07-10 20:01:35", "1555789", "128.90.113.253:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:43:48", "100", "https://search.censys.io/hosts/128.90.113.253", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci"
"2025-07-10 20:01:34", "1555788", "154.216.157.83:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-11 04:00:27", "100", "https://search.censys.io/hosts/154.216.157.83", "AS54801,C2,censys,Supershell,ZILLION-NETWORK", "0", "DonPasci"
"2025-07-10 20:01:29", "1555787", "82.221.141.137:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/82.221.141.137", "AS50613,C2,censys,payload,Sliver,THORDC-AS", "0", "DonPasci"
"2025-07-10 20:01:21", "1555786", "3.148.173.111:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-12 11:46:46", "100", "https://search.censys.io/hosts/3.148.173.111", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci"
"2025-07-10 20:01:20", "1555785", "45.144.137.60:20000", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-07-12 11:47:21", "100", "https://search.censys.io/hosts/45.144.137.60", "AS139659,C2,censys,LUCID-AS-AP,Sliver", "0", "DonPasci"
"2025-07-10 20:01:17", "1555783", "100.42.176.116:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:43:04", "100", "https://search.censys.io/hosts/100.42.176.116", "AS51167,C2,censys,CONTABO,RAT,Remcos", "0", "DonPasci"
"2025-07-10 20:01:17", "1555784", "146.103.41.79:25565", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:44:10", "100", "https://search.censys.io/hosts/146.103.41.79", "AS215311,C2,censys,RAT,REGXA-CLOUD,Remcos", "0", "DonPasci"
"2025-07-10 20:01:15", "1555782", "206.123.152.38:33862", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:46:22", "100", "https://search.censys.io/hosts/206.123.152.38", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-07-10 20:01:01", "1555781", "47.96.232.45:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:51:21", "100", "https://search.censys.io/hosts/47.96.232.45", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike", "0", "DonPasci"
"2025-07-10 20:01:00", "1555778", "120.79.162.99:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:56", "100", "https://search.censys.io/hosts/120.79.162.99", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike", "0", "DonPasci"
"2025-07-10 20:01:00", "1555779", "120.79.162.99:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:56", "100", "https://search.censys.io/hosts/120.79.162.99", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike", "0", "DonPasci"
"2025-07-10 20:01:00", "1555780", "47.96.232.45:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:51:21", "100", "https://search.censys.io/hosts/47.96.232.45", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike", "0", "DonPasci"
"2025-07-10 20:00:55", "1555776", "103.195.188.44:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:30", "100", "https://search.censys.io/hosts/103.195.188.44", "AS134677,C2,censys,CobaltStrike,cs-watermark-666666666,IDC-AS-AP", "0", "DonPasci"
"2025-07-10 20:00:55", "1555777", "139.196.248.134:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:50:13", "100", "https://search.censys.io/hosts/139.196.248.134", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-07-10 20:00:53", "1555775", "107.173.19.136:57080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:36", "100", "https://search.censys.io/hosts/107.173.19.136", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci"
"2025-07-10 20:00:51", "1555774", "124.71.171.206:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-11 04:00:10", "100", "https://search.censys.io/hosts/124.71.171.206", "AS55990,C2,censys,CobaltStrike,cs-watermark-391144938,HWCSNET", "0", "DonPasci"
"2025-07-10 16:02:07", "1555759", "151.236.16.111:556", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-07-12 11:44:18", "100", "https://search.censys.io/hosts/151.236.16.111", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci"
"2025-07-10 16:02:06", "1555758", "173.234.28.82:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "100", "https://search.censys.io/hosts/173.234.28.82", "AS63018,C2,censys,DEDICATED,RAT", "0", "DonPasci"
"2025-07-10 16:01:48", "1555757", "68.69.186.182:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-07-11 04:00:55", "100", "https://search.censys.io/hosts/68.69.186.182", "AS399045,C2,censys,DEDIOUTLET-NETWORKS,moobot", "0", "DonPasci"
"2025-07-10 16:01:38", "1555756", "104.164.55.75:4443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-07-12 11:43:14", "100", "https://search.censys.io/hosts/104.164.55.75", "AS212477,BRC4,C2,censys,ROYALE-AS", "0", "DonPasci"
"2025-07-10 16:01:36", "1555755", "37.114.63.27:4444", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-07-11 04:00:45", "100", "https://search.censys.io/hosts/37.114.63.27", "AS58087,C2,censys,DcRAT,FLORIANKOLB,RAT", "0", "DonPasci"
"2025-07-10 16:01:32", "1555754", "31.57.219.20:5938", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-07-11 04:00:40", "100", "https://search.censys.io/hosts/31.57.219.20", "AS399486,C2,censys,Quasar,RAT,VIRTUO", "0", "DonPasci"
"2025-07-10 16:01:30", "1555753", "144.126.229.140:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-07-12 11:44:06", "100", "https://search.censys.io/hosts/144.126.229.140", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-07-10 16:01:25", "1555752", "78.162.57.179:3000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-07-12 11:48:20", "100", "https://search.censys.io/hosts/78.162.57.179", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci"
"2025-07-10 16:01:10", "1555750", "185.158.113.101:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:45:24", "100", "https://search.censys.io/hosts/185.158.113.101", "AS44812,C2,censys,IPSERVER-RU-NET,RAT,Remcos", "0", "DonPasci"
"2025-07-10 16:01:10", "1555751", "196.251.66.228:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:46:03", "100", "https://search.censys.io/hosts/196.251.66.228", "AS401116,C2,censys,NYBULA,RAT,Remcos", "0", "DonPasci"
"2025-07-10 16:01:09", "1555748", "206.123.145.192:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:46:21", "100", "https://search.censys.io/hosts/206.123.145.192", "AS207184,C2,censys,RAT,Remcos,TELCHAK-AS", "0", "DonPasci"
"2025-07-10 16:01:09", "1555749", "181.131.217.135:5060", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-07-12 11:45:17", "100", "https://search.censys.io/hosts/181.131.217.135", "AS13489,C2,censys,RAT,Remcos,UNE", "0", "DonPasci"
"2025-07-10 16:00:54", "1555747", "34.221.83.3:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:50:45", "100", "https://search.censys.io/hosts/34.221.83.3", "AMAZON-02,AS16509,C2,censys,CobaltStrike,cs-watermark-0", "0", "DonPasci"
"2025-07-10 16:00:52", "1555746", "8.148.208.249:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:51:33", "100", "https://search.censys.io/hosts/8.148.208.249", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666", "0", "DonPasci"
"2025-07-10 16:00:50", "1555745", "114.132.71.22:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-11 04:00:16", "100", "https://search.censys.io/hosts/114.132.71.22", "AS45090,C2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci"
"2025-07-10 16:00:49", "1555744", "101.36.116.222:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:26", "100", "https://search.censys.io/hosts/101.36.116.222", "AS135377,C2,censys,CobaltStrike,cs-watermark-987654321,UCLOUD-HK-AS-AP", "0", "DonPasci"
"2025-07-10 15:38:13", "1555743", "65.38.121.31:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "None", "backconnect,latrodectus", "0", "Rony"
"2025-07-10 15:20:17", "1555742", "147.185.221.29:62389", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-07-10 13:50:05", "1555741", "192.169.69.26:49905", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "NanoCore,RAT", "0", "abuse_ch"
"2025-07-10 12:55:07", "1555737", "194.59.31.23:2500", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-07-10 12:53:30", "1555736", "47.245.61.75:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:51:17", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-10 12:52:02", "1555735", "120.48.25.39:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-07-12 11:49:56", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-07-10 12:51:09", "1555702", "213.111.34.154:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:08", "1555699", "86.106.221.93:1488", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:08", "1555700", "193.34.77.154:9935", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:08", "1555701", "86.106.221.93:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:06", "1555679", "38.34.15.2:21451", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:06", "1555680", "103.119.112.191:13814", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:06", "1555681", "179.61.251.188:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:51:06", "1555682", "109.230.199.246:606", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:55", "1555670", "26.126.244.181:942", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:54", "1555668", "147.185.221.29:6969", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:54", "1555669", "147.185.221.29:54417", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:52", "1555663", "147.185.221.29:55619", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:47", "1555648", "193.161.193.99:47221", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:47", "1555649", "193.161.193.99:60594", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:47", "1555650", "94.156.114.219:55575", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:47", "1555651", "170.205.30.120:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:47", "1555652", "147.185.221.27:57377", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
"2025-07-10 12:50:47", "1555653", "5.252.153.200:57480", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "10July2025,iocbottest", "0", "Gi7w0rm"
# Number of entries: 348