################################################################
# ThreatFox IOCs: recent additions - CSV format                #
# Last updated: 2024-07-02 05:20:08 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2024-07-02 05:20:08", "1292302", "121.37.0.167:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-02 05:19:59", "1292301", "60.205.144.130:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-02 05:19:47", "1292300", "39.101.77.9:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-07-02 05:19:24", "1292299", "116.204.42.20:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-02 03:50:33", "1292267", "a2d17406ca0d23c20989e6fefe9e4739", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:31", "1292266", "39568e7f467112448f391cf9afd2989762a8c34bc7fc02657b428067f15f4652", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:28", "1292264", "5f86d94893b47e542cf857749dfcd185", "md5_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:28", "1292265", "294eadbc46cef5e01bcc3ae68d92cbc07bb239bc", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:27", "1292263", "697098bd0a7aed4fa228af96addb4e6635c6ff69c80f729f3f0e82db62fc95ab", "sha256_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:25", "1292262", "7816d9af40a9e9265708df00af8137db67d8c7aa", "sha1_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:24", "1292261", "2c2e04484f2c8317df24936703c2b146", "md5_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:22", "1292260", "884b586231504947e47b158b414747323442185162aa32d348f21ce61c9124ce", "sha256_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:19", "1292259", "551562978661e925c8b56489d0fa92635ef6e965", "sha1_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:13", "1292258", "9cfd62fc26438eeb8a50922265ad0ea7", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:12", "1292257", "7eaa347573db3f24316a9ab2d30256db4d35105c7d93f9dbf8d860ec99949280", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:07", "1292256", "6bf1e9ab8b0d0c486b85649cf3bc8c1db4b21b01", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:50:00", "1292255", "7cf002ea425739f1cae19423a4db5be1", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:59", "1292254", "887e65b17618997a40c4ef8eddc00692d5ca47edcc2dc866442e86f06464ca7c", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:57", "1292253", "b76881cdaefef894be189236519b7ef617cabb25", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:56", "1292251", "42dcacc7a076e1496d9650cf3fed897e3267577cf23fa47cf8591e508984cbbc", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:56", "1292252", "cabeb02d14a76418addc20a3943681c8", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:54", "1292250", "7a059897e5f686c9421c772e88d60ab5239b22d2", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:47", "1292249", "cb98320171d36e2b913c56a4cddfad44", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:46", "1292248", "533e2a477734c51c894f95335b5af00ddbc32af0b15d5173cb49f52df01a9f88", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:44", "1292247", "d9d8c535906d83f2de73759af8739d2985fdf7dd", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:43", "1292245", "edc0a83088582cf9cc1ed9d7414d387af4c626482d991585e028facc8da51e91", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:43", "1292246", "aa9d475bc02429a35578c7c7495391c0", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:41", "1292244", "aefabfe061db6b6013e842c1ff5afb09b5686a6a", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:17", "1292243", "64a5e155baded9185ecd1fa9946c13aa", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:16", "1292242", "148da9a63f027b2e7625f0b82b42bc795737b55c46d040af508fdcea2bccad98", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:14", "1292241", "4e7c62d7d5b1353bfc0e0220ae89e5409201bc70", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:13", "1292239", "78b41a34acced201c39b9b1c2c29f8a467ef806010a6ecbda9ebc6722fa5b468", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:13", "1292240", "13f185b9be00ec3608deed136ee006a6", "md5_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:49:11", "1292238", "6c5a39a96dc9542e70fc8e5482924dc085bb2c8b", "sha1_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:42", "1292236", "3eeac268527d9ec3216d79f718dc289d2188cbe026696b7e8025a9ed3aec2a05", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:42", "1292237", "258b043e478474b4278d8e1f785a2748", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:40", "1292235", "059741a640e723ec8efc6628e4cea4d0435c8cde", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:28", "1292234", "251fbed59bfea87dc028bec0355660f8", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:27", "1292233", "33f7683c768daecbad44d0b27d44ff13be3340d1cb81fb59dbfd7558cca21797", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:25", "1292232", "19c82620739cf35fffa335c61f810801b9296e10", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:24", "1292231", "f04b548bd822341fb5d4940dfc2c2498", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:23", "1292230", "5219948c5d159cb7e57a29df57b5cbf9eb4dbdac9c72b69a1db4e74d42a28896", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:22", "1292229", "db3cefb5af65cc5875119ac53e4b2d135e7e8c63", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:21", "1292228", "b9b6988c0a0bbc68f566bec556fce46e", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:20", "1292227", "3dc965026730b9f96f441014d8d0774766957f2bec593de505f1f123c25539a8", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:18", "1292226", "bd217bea4cc9d816d23fbcf82c0509882e49d6b9", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:17", "1292224", "e80d50169fc57630d4b0c5c53a321ccd86797779bababefff31268224f1a4163", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:17", "1292225", "119685d67c747bc9fe473e98d4f37f48", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:15", "1292223", "12523edc262cf3c0e37be13a2aa2e49db7043439", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:14", "1292222", "0551dcf55adc23a07d56580729730d50", "md5_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:13", "1292221", "1cc823962da2fa7a4d6fee8335ce8d92c6b44be627803cba85a1bdb8184da1d9", "sha256_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:11", "1292220", "5d09095bde071815b26624712352a9b0cc579d16", "sha1_hash", "payload", "win.rokrat", "DOGCALL", "RokRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:10", "1292218", "2f1c57bf099562c82d996857e287ec5a22fe4e8a5419e404efb6058656d5dd14", "sha256_hash", "payload", "win.barbie", "None", "Barb(ie) Downloader", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:10", "1292219", "272ee395c230d7b0a5a7e0f3a032e968", "md5_hash", "payload", "win.barbie", "None", "Barb(ie) Downloader", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:07", "1292216", "1b5b62e15509efce8bb5379b28a5210b", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:07", "1292217", "f63cc320253ef839fb55de1140b838a5a829793a", "sha1_hash", "payload", "win.barbie", "None", "Barb(ie) Downloader", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:06", "1292215", "f7a2183a529d01b8ddc02990103866057d1084444968e93862bf1f83d2467947", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:04", "1292214", "e647ff934fc92b65344cb115b35c32e3792d36cc", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:03", "1292213", "38aabd243e82893611c3499e0426f826", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:02", "1292212", "8eb1f6c882060ba5e89e67c511fff4cc5a3ba07c22b1606bedb5af2ebbdf12e3", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:00", "1292210", "3b1a4595328f7a92df02b7a116bc4f40", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:48:00", "1292211", "0d744b123468208b0664e5d2124068b89a5d98d6", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:59", "1292209", "76605d7a013bd7a9974299a201c92360faec54e4826e774ddca35fae33dab5bf", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:57", "1292208", "cbd3e5a4e18bca01678b6d844ada7764cbd4a209", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:56", "1292206", "efe14406b96e4df6c59b5b8a4eb6a179c6f5cf7d08df1d2492a6f71f08d1e17c", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:56", "1292207", "b6a667d8ba9928e083e1dc3be2e3db9e", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:54", "1292205", "fedcc7636bb1210d498155f45ce1203e31742f38", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:53", "1292204", "6e3b5be6595853f08ecab9fcb1650d2e", "md5_hash", "payload", "win.vadokrist", "None", "Vadokrist", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:52", "1292203", "b8541931fb76605ce2fe84e8c0adf4e0d5a4bf4138646491924f5dd2aa5107b7", "sha256_hash", "payload", "win.vadokrist", "None", "Vadokrist", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:50", "1292201", "f362e538a7ba343bc0b263549c105623", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:50", "1292202", "46ba0a745a2e0b832d7ede04cb6e89bf25ddf236", "sha1_hash", "payload", "win.vadokrist", "None", "Vadokrist", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:49", "1292200", "cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:47", "1292199", "b70b3aae17c704cb571a9e03c27651c792b18f3b", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:46", "1292197", "a2f6bbeb5c2756cfd0a71196e98f0b4f71e58101b3e39342015aad98d70d0f31", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:46", "1292198", "1bf19b9cf38e2316c53af9ecfdf2142b", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:44", "1292196", "1fcae3591288df36927b66fcb3422e14ba12b234", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:43", "1292195", "6a62e4ca839d3f2b01d7f088b4551166", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:42", "1292194", "7cd22766ba1e6c36af4b83f8c3e18a5125bd3b8de1ebf22d8002daf9e209bfc1", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:40", "1292193", "687c32373f32152fa8ad5ef4bc92205c8823d05c", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:39", "1292191", "a60e8f372f54d47394a2091f56649707f1a0fffadb0afc3600f8ec103ff53d6e", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:39", "1292192", "19c0bb3b7e9c41e5d47b78566e04d3de", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:36", "1292189", "6acb710d5827fee18ad8936b31f12e32", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:36", "1292190", "ee19431fbe432dc27074a776c8d3cd1ee3f5f708", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:35", "1292188", "1a61db925eab1ac6e12c0345cbc23089e253023b5f34723f62ae1b6777dabc88", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:33", "1292187", "abd5d872e4afbae7e4b73f5d733fad973502a32f", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:32", "1292186", "88932ab33c38072946abc06b426d33b8", "md5_hash", "payload", "win.stop", "KeyPass,Djvu", "STOP", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:31", "1292185", "d47e05b0ad27c651fb9cf73444e1f6a26514acb16998e92fca8be115ae6a2dee", "sha256_hash", "payload", "win.stop", "KeyPass,Djvu", "STOP", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:29", "1292183", "677b2d2d3a54e0c1d8e416b276093fb3", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:29", "1292184", "accc6e0ba8e1e7250e2634a1f0e7f06be7f4beb2", "sha1_hash", "payload", "win.stop", "KeyPass,Djvu", "STOP", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:28", "1292182", "c42f31c68ee4a14aec74ddce249314d00813289dc36740484b09ceadf72aa0f8", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:25", "1292180", "6dd4f871c7d18b3f1b45a7112c21ced3", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:25", "1292181", "22b6aa9e97cf16d55aa16dcc20fea67f9806d09c", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:24", "1292179", "6232ba2d8c8ca87c37818660014882d4d0536d7296e08f2c37ba1c692b901f66", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:22", "1292178", "e4f29ee54067cb1b18269e652f0b9deea63f437b", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:21", "1292177", "ea0d00b95a91c801893b5526347170bb", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:20", "1292176", "6b585caaf4299c406c45a3beb76a8624d159404e1aac48a292976119c6d9b72c", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:18", "1292175", "26d81494eb3c0fd67a6037dbd68e3bf8c7677d0d", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:17", "1292173", "db4ded7e203382cf90c69455577a23e0526a1b86b95675e59d7ede2362cce2c8", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:17", "1292174", "cfa3c233dbdff5cf57692484c4e50e6a", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:14", "1292171", "46cd19e483d8b15e982d343814b5fd3d", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:14", "1292172", "80b81f812a3378a4279c680e2ee6b307a9ce14d8", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:13", "1292170", "4b78b38b09059c2d958ce1e3a432265ad7e11fc23ac30f04200f996042aba2b6", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:11", "1292169", "0cc992439286ae15993d32e6d6a4979b29e93494", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:10", "1292168", "b2e56a7b3dd03c8000e78544f540677d", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:09", "1292167", "b193cf76307f762a9cdf61191cda685377b9a1ce2eba781647a134b5d9add7bd", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:07", "1292166", "2d47bcb12e3f27fea6f12f68aef16457260d36e7", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:06", "1292164", "63025373262924d8cf6755fc359fa04b19124e88dc8bd62b191ff8638be9f9fc", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:06", "1292165", "3b2129194c379040d94f02260925b029", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:04", "1292163", "405e5ad4a29e02ee4e4fc35dd5a5d87cff7102c3", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:03", "1292162", "3fab44c211a6c5519aa034184aca3fdb", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:02", "1292161", "afb3c2222365641951a91bb0a55a1cdd2774539475a79c0deb8fa6bbd3d56f53", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:00", "1292159", "7d50650cd2ba63482d4caf875ae65a8e", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:47:00", "1292160", "4d4618e371726bd5f7cca66659fd67ecb9b1d9cf", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:59", "1292158", "b54b494944a8b5268e3d3190c5a45af28afdada7eb0fc85fece3c22e2d31b3f1", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:57", "1292157", "037e5a7f82d5c436f744e5b7475f6264c32e6519", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:56", "1292156", "9cc535dd1c20ebb196f2638f694bd77a", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:55", "1292155", "9bd8be1ddf1c3847995b0659911a6d5dba351504a2f752c0f4a8ae7d4b17b9a7", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:53", "1292153", "6e57d9369ffc5204d19477954c5daa61", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:53", "1292154", "ba8e1e934420c67547a68052d29bb5766c4c0b2e", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:52", "1292152", "8370368e6591b9ed6ac037144d54a070b169057f5f761cc9ecb0d395712e7d39", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:50", "1292151", "1ba1790a2f5ff5f9838223dd1867c3787036fe62", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:49", "1292150", "76329ae46cc8e0f01ef274425f835369", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:48", "1292149", "2639ce69da59a31b16e2d969fc39946986f67ca2c0cbb7b712e20c1bcb2ba785", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:46", "1292148", "6ca774a4ba2e9c2da560df093e4adeb1ae1d30a4", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:45", "1292146", "5e556362ee75624656df4ee267070c4898bba49aa160abda0376ed39b6590479", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:45", "1292147", "935bf9717629fa17f24856e6f395e09f", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:42", "1292144", "bb1b8864e1d82735205d07d202c5d864", "md5_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:42", "1292145", "633b926deb8866dc3aaf558951e65770e2a82694", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:41", "1292143", "0464da926fb18f221087c3d88c51b18b81d5776e559fbf9b76d8e1301c95a8b9", "sha256_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:39", "1292142", "a80fa1fa6dfff8bf98216e47af0beacf125714ab", "sha1_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:38", "1292141", "e97620420d37596704d9f4fa70303453", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:37", "1292140", "a5a3067e6a3c4e957152655df5c68ce4db77f8308feff43c53e7535031033be5", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:35", "1292139", "533b98b289ba07c446f8350950fdbee2ab39dcf2", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:34", "1292137", "706f1b6ec843638107f441e0b2d266b997e26ca4d1a040d94bf085740ddcf16c", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:34", "1292138", "70921b4a6f2b97263e1a1f48efe7763b", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:32", "1292136", "dc48ad9c39209bb3e3e94f3b35518f3bba9066eb", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:31", "1292135", "00af1a53860550f8db3f1b250436b78a", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:30", "1292134", "86ccbff05056433ad05dcc8dfcf5b9b89bda2b2bbbe74a609e1d333f38cee3e4", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:28", "1292133", "67dce838cd0e8410ba30b243520dc06f31c1bae6", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:27", "1292131", "d60599eb61f2653e184831a7086cdaa3195fd6845f6b57acb4b319deb46c5af8", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:27", "1292132", "974e76d4b0ddb3706cf174819d200516", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:24", "1292130", "817b8c7fb6be6a2cff1d8ac17a24a0c2f257f97b", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:23", "1292128", "7386925178799b6b5a78e550ab756eedb61bb62adc8db66623f4a60dff30fe92", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:23", "1292129", "1b898df684811054d405e9c31fddd80a", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:20", "1292126", "d16418fbada8f2a6f41b58b0666c2bda", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:20", "1292127", "9a322fd8e07427ce716f0dd9210ff563091e32de", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:19", "1292125", "6d8fc5485484ff3a0efee3b5961dd07882f7ab55b472b5884a0a5199ca26f68e", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:16", "1292123", "5ad5e4f1f3126c5d6cfdbfbbe5597c84", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:16", "1292124", "918047757fafd633f111fc9c47b90e5611341aab", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:15", "1292122", "e5170b080959816e3a0911125d5de97bd4de77574b091646a681d65cb5bc04e0", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:12", "1292120", "e671a39ffdad8e262a45ef77d97a14f4", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:12", "1292121", "47b46cbe987e0e33c9d23f4c6cc304d116e5e80f", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:11", "1292119", "d01fe3dbc995e4b5b209631e5ae30b792d88a78676f695127f8a5db9bf59b48c", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:09", "1292118", "d451ad059bf52c22ff5de8ed7968991bbc169828", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:08", "1292117", "eaa443f37443cb7221d63e0891243384", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:07", "1292116", "bef6f82a9c4064f8639e804036f460bafdd01eec87a355e247775d315b76db13", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:05", "1292115", "d3242326b2ac1ae6e9817a49df33c3a79e209aee", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:04", "1292113", "8a254344702dc6560312a8028e08f844b16804b1fbf4c438c3ca5058d7b65ea1", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:04", "1292114", "9ab4de8b2f2b99f009d32aa790cd091b", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:00", "1292111", "48d87e281c7d316d72677c80ecd02e29", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:46:00", "1292112", "a86b16ee4676850bac14c50ee698a39454d0231e", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:59", "1292110", "e37072b84bc4474b48997ac346582ab4040659a31edacbb88fb59d56609ba2d9", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:56", "1292108", "148ec472df90b0fb274c3ce2ad2e811f", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:56", "1292109", "0a274418f78672b8515183a9241fff465e9e8591", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:55", "1292107", "a08b846be9052a2614ef6a6920260d465774f5da9926f6d08449a2e4eb27b787", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:53", "1292106", "378ba02b08494b36ff5a2674cf99eba6c7025d6a", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:52", "1292105", "e9a886374becfb0a5b1dc0ffcee1a04a", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:51", "1292104", "7e694dfc8060bbbaf8c4139f974696d5fc3be48bd9d9d46eb166f55f7c024fb2", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:49", "1292103", "c692a6e9437299878b43ea5fa8ee1be0e1f5c782", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:48", "1292101", "4e7c1a1fe4d6a92b37597aca22fd1701cb11071a225c9cd0673645b120fe77fe", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:48", "1292102", "e295671d8a71cd7a1ae699a2d47fa176", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:44", "1292100", "1066c6cb764d5c47e40e87f8511bd2410c0e787f", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:43", "1292098", "c6740ee5c8afdc2c7be42fb03ab5a346925efc6ac785fe7d68dec2d5f05d276b", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:43", "1292099", "65485b0475b6c8a3b4f35bba541938a6", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:40", "1292096", "eb48500860ece87bc7a169118c929fb3", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:40", "1292097", "28e6e6cd2ebf8a9fdffeb4aeba13b70ea7ea03a3", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:39", "1292095", "b96862087581adb9ecfb9615a46eedb29d13c606e708b7b532ce6ed3217925a4", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:36", "1292094", "bb20b2598d5ac31d36717f316fc733c4f8df9a9c", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:35", "1292092", "e4f2690fcb0f00257fd5352a90159144b02a1c6c669d96498b48611525f4a778", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:35", "1292093", "0390341ae8b5cfb1776b5ade742c5c9f", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:32", "1292091", "820691d1d5f28d39ed65861dd492efc1f6404f2c", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:31", "1292090", "9f259b3c899293bc12c9397e010f9e40", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:30", "1292089", "683b3c223e311088d28b4d7ee52e207d8593836887a359a9cdb3b5535f305aa3", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:26", "1292087", "58972b34ce77f8d7bbaa3f5b5344db20", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:26", "1292088", "af9c1736e4b3fdb69e3e22a70953872257335c89", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:25", "1292086", "048802231eccee2a6db341d1a4e92b2b1671eb287da215ad35fcf2bad70fa700", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:20", "1292085", "a3dc18dbe5abb0fffe62427366ff5f52e16a28a7", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:19", "1292083", "b96ead45662311cf0c80a5e328a09f7dbcb5eb0af898b522bd3ae3f1062804f4", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:19", "1292084", "3871bbbefaf123ebba9f9206f883b745", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:13", "1292082", "26d3061bdfef52df29f9217b2b14fdc8b8b64b4b", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:12", "1292081", "a8a7ded2a82dc5650d018a55944ed7f6", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:11", "1292080", "cdb27cbc1e485ca7b7c3f4f2eb90015befdf7991cb5742814ccf0c18bea2af11", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:45:03", "1292079", "78ea0f8f73c8533b21900e20242df96ec1c56ce0", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-02 03:30:21", "1292078", "http://a0995213.xsph.ru/4a2f3b5b.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 23:59:16", "1292075", "101.33.225.206:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 23:59:15", "1292074", "ci-wiki.cn", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 23:59:14", "1292073", "https://ci-wiki.cn:8080/js/jquery-3.4.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 23:21:11", "1292072", "181.116.72.52:5802", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/181.116.72.52", "AMX Argentina S.A.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 23:20:17", "1292071", "195.174.240.3:25", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/195.174.240.3", "AsyncRAT,TTNET", "0", "drb_ra"
"2024-07-01 23:19:24", "1292070", "137.184.90.144:4000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/137.184.90.144", "DIGITALOCEAN-ASN,Evilginx EvilGoPhish", "0", "drb_ra"
"2024-07-01 23:18:15", "1292069", "5.163.244.86:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/5.163.244.86", "Qakbot,SAUDINETSTC-AS", "0", "drb_ra"
"2024-07-01 23:17:41", "1292068", "185.236.78.56:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://search.censys.io/hosts/185.236.78.56", "DELTAHOST-AS,Havoc", "0", "drb_ra"
"2024-07-01 23:17:20", "1292067", "57.128.166.214:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/57.128.166.214", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:19", "1292066", "57.128.166.214:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/57.128.166.214", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:15", "1292065", "65.108.49.36:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/65.108.49.36", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:14", "1292064", "65.108.49.36:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/65.108.49.36", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:11", "1292063", "37.59.205.5:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/37.59.205.5", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:10", "1292062", "37.59.205.5:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/37.59.205.5", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:06", "1292061", "78.47.60.67:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/78.47.60.67", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:17:05", "1292060", "78.47.60.67:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/78.47.60.67", "HETZNER-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:59", "1292059", "5.161.252.127:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/5.161.252.127", "HETZNER-CLOUD2-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:58", "1292058", "5.161.252.127:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/5.161.252.127", "HETZNER-CLOUD2-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:54", "1292057", "216.74.123.41:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/216.74.123.41", "LATITUDE-SH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:53", "1292056", "216.74.123.41:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/216.74.123.41", "LATITUDE-SH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:49", "1292054", "185.216.144.51:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/185.216.144.51", "BANDWIDTH-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:49", "1292055", "185.216.144.51:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/185.216.144.51", "BANDWIDTH-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:45", "1292053", "159.100.6.103:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/159.100.6.103", "DE-FIRSTCOLO firstcolo.net,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:44", "1292052", "159.100.6.103:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/159.100.6.103", "DE-FIRSTCOLO firstcolo.net,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:39", "1292050", "85.239.53.94:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/85.239.53.94", "BV-EU-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:39", "1292051", "85.239.53.94:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/85.239.53.94", "BV-EU-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:35", "1292049", "51.89.137.8:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.89.137.8", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:34", "1292048", "51.89.137.8:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.89.137.8", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:30", "1292047", "51.68.216.13:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.68.216.13", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:29", "1292046", "51.68.216.13:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/51.68.216.13", "OVH,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:25", "1292044", "139.64.133.194:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/139.64.133.194", "NOCIX,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:25", "1292045", "139.64.133.194:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/139.64.133.194", "NOCIX,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:20", "1292043", "173.46.80.206:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/173.46.80.206", "CDNEXT,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:19", "1292042", "173.46.80.206:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/173.46.80.206", "CDNEXT,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:15", "1292040", "109.176.207.22:443", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/109.176.207.22", "ASIMO-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:16:15", "1292041", "109.176.207.22:80", "ip:port", "botnet_cc", "win.rhysida", "None", "Rhysida", "", "50", "https://search.censys.io/hosts/109.176.207.22", "ASIMO-AS,Rhysida Trojan", "0", "drb_ra"
"2024-07-01 23:15:00", "1292039", "139.59.86.97:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/139.59.86.97", "DIGITALOCEAN-ASN,Mythic", "0", "drb_ra"
"2024-07-01 23:14:50", "1292038", "13.112.130.229:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BruteRatel", "Brute Ratel C4", "", "50", "https://search.censys.io/hosts/13.112.130.229", "AMAZON-02,Brute Ratel C4", "0", "drb_ra"
"2024-07-01 22:15:22", "1292037", "147.185.221.20:54251", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 22:14:52", "1292036", "193.187.173.74:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "AS56971 AS56971 Cloud,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 22:14:51", "1292034", "https://heart-direct.online/jquery-3.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "AS56971 AS56971 Cloud,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 22:14:51", "1292035", "heart-direct.online", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "AS56971 AS56971 Cloud,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 20:11:17", "1292033", "http://79.124.40.106:82/ca", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Tamatiya EOOD", "0", "drb_ra"
"2024-07-01 19:15:05", "1292032", "http://dashboardproducts.info/bally/fre.php", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://bazaar.abuse.ch/sample/0464da926fb18f221087c3d88c51b18b81d5776e559fbf9b76d8e1301c95a8b9/", "lokibot", "0", "abuse_ch"
"2024-07-01 18:51:53", "1292031", "62.119.81.101:58573", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/62.119.81.101", "NetSupportRAT,TELENOR-NEXTEL Telenor Norge AS", "0", "drb_ra"
"2024-07-01 18:50:52", "1292030", "94.156.64.188:6006", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.64.188", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-07-01 18:50:46", "1292029", "51.81.24.83:3333", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/51.81.24.83", "AsyncRAT,OVH", "0", "drb_ra"
"2024-07-01 18:50:32", "1292028", "54.255.147.4:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/54.255.147.4", "AMAZON-02,AsyncRAT", "0", "drb_ra"
"2024-07-01 18:50:21", "1292027", "http://offsetupdater.top/Linepython_ProcessGamemultiwindowsgeneratordatalifedle.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 18:50:19", "1292026", "147.124.209.128:7847", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-01 19:12:32", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 18:49:49", "1292025", "91.92.242.81:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/91.92.242.81", "Hookbot Pegasus,LIMENET", "0", "drb_ra"
"2024-07-01 18:48:32", "1292024", "78.166.52.150:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/78.166.52.150", "Qakbot,TTNET", "0", "drb_ra"
"2024-07-01 18:48:29", "1292023", "74.214.59.50:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/74.214.59.50", "ATLANTICBB-JOHNSTOWN,Qakbot", "0", "drb_ra"
"2024-07-01 18:48:24", "1292022", "189.140.37.137:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/189.140.37.137", "Qakbot,UNINET", "0", "drb_ra"
"2024-07-01 18:48:18", "1292021", "18.163.129.171:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "", "50", "https://search.censys.io/hosts/18.163.129.171", "AMAZON-02,Pupy RAT", "0", "drb_ra"
"2024-07-01 18:47:33", "1292020", "185.236.78.56:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://search.censys.io/hosts/185.236.78.56", "DELTAHOST-AS,Havoc", "0", "drb_ra"
"2024-07-01 18:47:15", "1292019", "128.14.237.188:8080", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2226cb1db25a7002a5c4f483bf4a8f0808a123be642039f3ab1342e0551b1909d5%22", "Bianlian Go Trojan,UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED", "0", "drb_ra"
"2024-07-01 18:35:19", "1292015", "http://185.177.59.141/Private/asyncrequestprotect/ApiUniversal/Http1/Datalife/Linuxuploads/protect/datalifeupdatePhpLocal/Base0/linuxBigload/python/BaseSqlLine/update8/protectAsyncprivatetempTemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 18:07:10", "1292014", "103.144.139.160:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 20:37:11", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:41", "1292006", "brithcaymo.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:41", "1292007", "ernofilosta.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:41", "1292008", "lofirenqveg.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:40", "1292009", "manclinoste.website", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:40", "1292010", "prodetanoes.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:39", "1292011", "prufkespotr.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:39", "1292012", "shopboksret.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 18:02:44", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 18:02:38", "1292013", "trymeakafr.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "85", "None", "Latrodectus", "0", "teamcymru_S2"
"2024-07-01 17:49:24", "1292005", "94.156.79.13:47925", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "https://bazaar.abuse.ch/sample/9df16e009504f0524cd6b1d571094ecd269147e7f9c22210a5cafb93c0806260/", "MooBot", "0", "abuse_ch"
"2024-07-01 17:48:59", "1292004", "lmfaololxdlmfaolmfao.xyz", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://bazaar.abuse.ch/sample/9df16e009504f0524cd6b1d571094ecd269147e7f9c22210a5cafb93c0806260/", "MooBot", "0", "abuse_ch"
"2024-07-01 17:43:38", "1291992", "joeyrichl.top", "domain", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/hosts/91.245.253.10", "Bianlian Go Troja", "0", "Syndikalist"
"2024-07-01 17:43:38", "1291997", "https://beetrootculture.com/cdn-vs/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:37", "1291786", "80.85.154.121:1980", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:37", "1291790", "https://propertyclosings.com/cdn-vs/cache.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112711409813746499", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:36", "1291788", "https://propertyclosings.com/cdn-vs/original.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112711409813746499", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:35", "1291769", "vegetachcnc.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:35", "1291770", "107.173.4.18:2556", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:34", "1291751", "https://webman.w3school.cloudns.nz", "url", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "49", "https://www.zscaler.com/blogs/security-research/kimsuky-deploys-translatext-target-south-korean-academia", "None", "0", "johannes"
"2024-07-01 17:43:32", "1291771", "173.255.204.62:2556", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RemcosRAT", "0", "NDA0E"
"2024-07-01 17:43:31", "1291789", "propertyclosings.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112711409813746499", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:30", "1291791", "http://propertyclosings.com/cdn-vs/33per.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/112711409813746499", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:30", "1291793", "https://speedchaoptimise.com/VldqVWYSjm0BKVt1dmTTY9NE54urFdVG3S-H6mqD4XOX", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-01 17:43:29", "1291794", "speedchaoptimise.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-01 17:43:29", "1291795", "frontendcodingtips.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "", "KeitaroTDS,SocGholish", "0", "rmceoin"
"2024-07-01 17:43:28", "1291991", "tppen-op.one", "domain", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/hosts/91.245.253.10", "Bianlian Go Troja", "0", "Syndikalist"
"2024-07-01 17:43:28", "1291994", "193.161.193.99:39182", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 17:43:27", "1291993", "gard-ner-toyota.com", "domain", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/hosts/91.245.253.10", "Bianlian Go Troja", "0", "Syndikalist"
"2024-07-01 17:43:26", "1291995", "185.68.93.221:443", "ip:port", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "KeitaroTDS,SocGholish", "0", "threatcat_ch"
"2024-07-01 17:43:26", "1291996", "daslkjfhi2.shop", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2024-07-01 17:43:24", "1291998", "beetrootculture.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:23", "1291999", "https://beetrootculture.com/cdn-vs/cache.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:23", "1292000", "http://beetrootculture.com/cdn-vs/33per.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "SmartApeSG", "0", "monitorsg"
"2024-07-01 17:43:22", "1292003", "185.29.9.108:15135", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 17:00:21", "1292002", "196.65.173.92:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-01 17:07:56", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-01 16:25:18", "1292001", "172.232.164.13:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-01 17:09:09", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-07-01 14:36:08", "1291990", "3ce5798ab1e89a0b8fb1018e24f86e1d", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:36:02", "1291989", "8155b09e9644fbd69c30e5edbc1fa823d9b9cd224dc9dfe4af8b47ad3f1bb756", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:36:00", "1291988", "fae28bd4ac26594f7d8b8c319c71f4e944af53e1", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:58", "1291987", "314109f86e3618d81ba66e18e77afdd1", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:57", "1291986", "4d7d64616dd21810a0a128df33c3cc2f7332c67dc9569f1795d55fc4888177b9", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:55", "1291985", "0ba8f8e27963dcc5c4b01b528b9d15c3fd9baa1c", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:53", "1291984", "5d2dee9f4e6deadfa94566a5174cd4af", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:52", "1291983", "467803efbe8c9637962cd2141757f7cdd184cc57f46d75fa8b074bd81229a3f1", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:49", "1291981", "5b7d69cfb454d980807ff3621f93dc0e", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:49", "1291982", "5069f774ffa4e91b458b4f5f83fdc4882022d686", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:47", "1291980", "c9e1b0ef9cfac8e4e002a5609c366489564b246f633d0685fead77e46f7f7d61", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:45", "1291979", "8fc1935982de1d6322d91ffffdbdcb4daa45efd1", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:44", "1291978", "c317677f514414b3c82e5dd2015d92c7", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:43", "1291977", "6a38f9fba4979abf0676bfa91c7d4ee75c583a6e2ad1a4cf71a3e623b7aa8c37", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:40", "1291976", "c224bde31ac768058a97f62ac76cfa182f8b2605", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:38", "1291975", "4bfe7a656d28f578ca10aba4c225ff41", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:37", "1291974", "00bb7850e80e07facb1d30a0d41b271469905a2b856eb80d1d34bdff21130985", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:34", "1291973", "abbff97043065c3ad54d826b2999f84d4a013b1e", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:33", "1291972", "a6d026ed6d34720275d8d6fd98ad5113", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:31", "1291971", "a4e1544dee96f911479934ecd89b51ead1ee008026a2468f65167e0d76cb459c", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:29", "1291970", "fb398d1e20b29f5dc346a7b84309a0e5c55ce7d7", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:28", "1291969", "a273d142217177ab8013d6ebeafbc22f", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:26", "1291968", "3cb485a769f6e92536f586f2873bd6a4d8fb5b106773ac0a16a534ef351c0bf1", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:24", "1291967", "05f857128c9bfa1ca9f8a74366d5e890da7354c2", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:23", "1291966", "52f103ffbf6510895d831eddd2e57b84", "md5_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:19", "1291965", "7714c79be60d724c23c25e0bd75df50dc979d069955bf99fbf6f7bb1ae4f628e", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:15", "1291964", "5755829929351d81170f2f500e8404c0aef582a6", "sha1_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:13", "1291963", "246238533bb596d52737946aaf4b4d37", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:11", "1291962", "531e29b34f525987ef3210689b417ea3c1a0b4f5c8bcf180ef00148a3e6d0b1f", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:05", "1291961", "8c350aff45dbb05c1d61eb885a13b591544b70fa", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:03", "1291960", "53af3ee8086ade525f0e6de306732181", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:35:02", "1291959", "0511ee640666d7f8123ac62d6021e2d75d1dc817a99a98f8df41462b07abd22f", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:59", "1291958", "646650904a8d42289464822fbad364c425732c7f", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:58", "1291957", "5245e885034ad00adf09b4e8ad03c5f1", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:56", "1291956", "f2b71c1fca6dbeab202300225183575ba1445bbb1b6eccc2ea8eb601013b8da6", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:53", "1291954", "375a7c8575a28440c4e4f0b72df2f759", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:53", "1291955", "962fbb2cbe1dc3a85fd6efda3daab86794b35df0", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:48", "1291953", "cb4952b33305e97d86f398405b0bcd4bb59f61bfa16bf4f27be8a8dc2584208c", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:45", "1291952", "960eb458a3e68b9388bafe727e6365527e20d841", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:44", "1291951", "61892612c6e00ea0df4b49338aca144f", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:43", "1291950", "7d8a3cc2392ce50d2f75137711acb7358d30157108bfb221c509b0afbab197ec", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:39", "1291949", "1a4a08f7cc7b24b3d47baa91a7579c06ffd24d94", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:37", "1291948", "ca3eb964a153ee205b42a58827ed7121", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:36", "1291947", "3109297f390a7b155a8b99fc71ba270211899a2cfbed9290c7a475a6c549bbc6", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:34", "1291946", "a09386b0c516ec830e01887ffa5571056ee06c5e", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:33", "1291945", "d299f9454bbcd4f38b61cce01fd4c7ea", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:31", "1291944", "a68a4bc1f558e8297566af69b8258b2d6596a0f2762e95c963d71f5cd327eb02", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:29", "1291943", "e469c6c3e0e83a235ae5795e5d84f484bb82e0ca", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:28", "1291942", "ffd403a9e8f8342fc37865b623a25c15", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:27", "1291941", "9665879c5c26c6bce2c05c977f91dad5a19188059b4f380bec54a380f9f7c9c4", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:25", "1291940", "1bd6ec07290ad0f7e78c81d118d3286c6b2def91", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:24", "1291939", "158c5c0367c262694f3c44ae85b891b6", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:23", "1291938", "82215185860a139b407ad688a9a83a05ef78a9af58ee96f575e8dba25b965340", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:21", "1291937", "c8ae2619967b6fbf4962a57a34c614b7c6517b45", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:20", "1291936", "8c73ec89a8883397cf87b73f4e8a23e6", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:19", "1291935", "63c54ec22929fcc9f94619b4424942902bac2fc902febf05d7bdd95191ab5fc6", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:17", "1291934", "2d87c263f03c2297c864420c4e065d490a4fe96f", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:16", "1291932", "2facfa5bb80933431ce452627dd71c6c9b5711799dea72732e1617622ec45c54", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:16", "1291933", "7e3694a4d525aecb407e7dfee160afee", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:13", "1291930", "cb45d49e68b2c594f6c9bcf7edd6481a", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:13", "1291931", "9e515221e99af422d0e7c76b3b90e9a259f67562", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:12", "1291929", "771049ea28dc7d93076d1019ff573d8ad9a8c47ca8dec2a8c64be18aec259d03", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:10", "1291928", "fa05b81dc9b816e4e8dd51349271e8af273b799b", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:09", "1291927", "3fa2d76350df22a5286ecdc385a9d12c", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:08", "1291926", "679e3b146fe4ae9eb288b02f61958fedf2b454f843ed2ca61f620ad789dd32be", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:06", "1291925", "db07b72343c0767743ac021ff29896a571028fe3", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:05", "1291924", "e03cefcd99feaf7ca8fd37a4bec8280c", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:04", "1291923", "f86b5c769c4ae7db9a13fa32b90030bf8b700d8d0f5c30584044942602d2af30", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:02", "1291922", "1ef21abddff685aeb42767f9288d67bf22a9422d", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:01", "1291921", "2065a9f7f62658d08ff35f5ad4624261", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:34:00", "1291920", "6e3f83c2f76db1f32e9243e7899b98655b3e49658463560513d9a315e865add5", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:58", "1291919", "6f3d387c2f39131e7d435411b9b176d928d27af0", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:57", "1291917", "a01dcf8636b3ad56545d228cf3e38c3554ab5622516d1fd9e52b55249ab7fbea", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:57", "1291918", "a45de4191ab20f3a4c96cb77374a4be9", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:54", "1291915", "74306ff01db05a602a39c5da423b8d00", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:54", "1291916", "5fee92a85e47b8cac8391fda0374e1a44b00f966", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:53", "1291914", "9fa768cb5a871346c0831394150d09b4697c564536ae523b539aa12a17d015b6", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:51", "1291913", "f9326efd199cc26ebbc48109c3903e9be25f0b0c", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:50", "1291912", "2e7f73530b2e1838c10cce04b32a9efc", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:49", "1291911", "ac362f710940309c30437a4878f986dc3190e50a6955542856f37db2436ad083", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:47", "1291910", "d3fbf624c1c5e188ff8accd804b4674a0e523f7a", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:46", "1291908", "2b44c9721b8bb2b4ff211c079e010a9e6c0f612a62e6f6e6aa6437068f00a46f", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:46", "1291909", "7d46fab950aba821fb72c0cfa8b9020c", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:44", "1291907", "10e41f1edc2ee71a25e03d16efcd7daad3d4f702", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:43", "1291906", "7209b128b0d497a53b590440f4584365", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:42", "1291905", "911430e40e5dbf347ee11949043c19b2a3265bc94a71f279e00c4eb41862fe83", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:40", "1291903", "9e95a8760a865511ba43df2f5ed94758", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:40", "1291904", "e4e02c44764983f8e83c9c76b55049cd67431784", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:39", "1291902", "cb70e7f3525625abf9869520c01c5d65b8f034bf0dab83b09fa0a57d7b09bb2f", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:37", "1291901", "68bf57df04b0ddd11ac421af0da0dc28c9e41550", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:36", "1291899", "d21d0451a7a8b112776118d88154bf7eab2703b13bf6ae1dcaec2f959bf42305", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:36", "1291900", "b16699f8fd5e68de16d8904ec7cd3ed2", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:33", "1291897", "d1506fb79fe157864b5f1deb19d08505", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:33", "1291898", "45fac6b1832fad2fef90e1064ab4e78e0b164737", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:32", "1291896", "2199f5f684561a203b2c07a108586f98690f8a88240444090550bd51f028b7c4", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:30", "1291895", "289e16817e5f938342b56276626ea132240b7db3", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:29", "1291893", "64874958438945a29c66851bb23bcb9483955577e941e156d559885cca4a6910", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:29", "1291894", "66800cae69c4278c8a33921d624b7528", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:27", "1291892", "e3abc9476cde1dc7ca5a2baa546534d625c0d325", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:25", "1291890", "cca5bfb8558456e59e582218a48ff3ffef24a93b225f1121da9a1a491bd287d8", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:25", "1291891", "a7d19fbc517a5715df9b7f808c7dad0d", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:22", "1291889", "01a3d30cf5e94d8b9bab217c9df3f872bbd53563", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:21", "1291888", "6d16dcf1423b30677d2918ae11fe2bc3", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:20", "1291887", "b6f0586d835acff8c86c02904729023d95b10d879a066a9eeca973deaf582e07", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:18", "1291885", "d1a2cbab1475901a3cf28257b7a2e3a7", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:18", "1291886", "e1fc54fb00530ab8e07c11b4cc16785858f1917c", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:16", "1291884", "8647436d5b5e93de1fbaf9571e584ceaee4a620cd39b60472da87e694239c317", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:13", "1291883", "d12bb1f837c78cbb4c9d8a35e7b2186de1189dc7", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:12", "1291881", "22a01767b082d5ef80c5f191c653f73fc7d4f9d2742229580fd928a9a867a4df", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:12", "1291882", "e3ed377ab14e39f0c07d9b201622e861", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:10", "1291880", "3817dd0939b643af8744806f97f62284aeb54b83", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:09", "1291879", "5d611c1a4fac892152b22dddcc0d5633", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:08", "1291878", "abb3c87fd146eb4c46ea4d3a9ad05fac53ebb56afe34517bbccf49663c11fe98", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:06", "1291877", "75f0b6f2fe16cecc81441e5a9f9092ceca715554", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:05", "1291875", "7cd0f4968e27515f466f0a6e6967dbc9bca2c9b75a9592e38709a2ca884c6d71", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:05", "1291876", "37f3b2a7f84422ea9fce13bcc170461b", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:03", "1291874", "b2d8ac2774b12ffc4412435224398f3909bc8ceb", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:02", "1291873", "f44bc4e0027f0f44d75fed04b8416be2", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:33:01", "1291872", "c019951411af4b89614d39e15b69e1798f267c54aebfe7e61852e4626bf00cbe", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:59", "1291871", "70fffcae8382f82570ec5b8e0389e7378c5db522", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:58", "1291870", "cfe45abfe40b8061a44641d33d4d1f2c", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:57", "1291869", "735575a1c280e464e62aa8b20c0f5d97d31eb826e1c624fa34fcaad9617d9ca0", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:56", "1291868", "51bdf366fe022f6cd22e0a37711871523664f916", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:55", "1291867", "d25f3ee44bb814147d9dfcd6dc2edb24", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:54", "1291866", "3c3de54110bc665e6d31e2455372fc489ca5f3be4e0824ca7c0b58802663dbe3", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:52", "1291865", "24b2a56b602e2da8804256adc147b5bdfbf94971", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:51", "1291863", "a22c572f4579bfdefd9fbe21314a9e482a88844b4c1b40faf3d2f54530c5b3cb", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:51", "1291864", "654250ecc760dba28b9cfb21eb82f95e", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:49", "1291862", "f0ad21db573757e80e8d1abce08628d96892c625", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:48", "1291861", "8951c491b26675b308464af7a29567bd", "md5_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "2024-07-02 03:50:39", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:47", "1291860", "3fc5e4d002e04269f2f674e6a2e98935df133ffe0f1fd54c817662d864c2f1b8", "sha256_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "2024-07-02 03:50:39", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:45", "1291858", "99cb0eaed43875839b9198f5e0508ae6", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "2024-07-02 03:50:36", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:45", "1291859", "883bd6d014e3baf9141b304519fc34eef20eb41f", "sha1_hash", "payload", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "2024-07-02 03:50:36", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:44", "1291857", "2b38fc813c1b5458075ff117cfaed2650466e27a066e17e9991ce059e2df131f", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "2024-07-02 03:50:35", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:42", "1291856", "5cc950d94f50fdec4bdc761a4c902584c84bc066", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "2024-07-02 03:50:33", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:41", "1291855", "70b599f67e97cb878ca7be88e069a82d", "md5_hash", "payload", "win.lazarloader", "None", "LazarLoader", "2024-07-02 03:50:18", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:40", "1291854", "9b7bdb4cb71e84c5cff0923928bf7777a41cb5e0691810ae948304c151c0c1c5", "sha256_hash", "payload", "win.lazarloader", "None", "LazarLoader", "2024-07-02 03:50:17", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:38", "1291853", "768f8a179fee1f13505c7b772e543b19b29b14c8", "sha1_hash", "payload", "win.lazarloader", "None", "LazarLoader", "2024-07-02 03:50:14", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:37", "1291851", "f79a0e092e261977846be4ea9871a45b89e5716d38a61c753e68ca2315286bed", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2024-07-02 03:50:05", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:37", "1291852", "e7402bd65e8bff7c8776f808f48b4bee", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2024-07-02 03:50:06", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:34", "1291849", "41305a03ab13c04d20212eee8e4bc06a", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:53", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:34", "1291850", "c686004ad859893867ada0a212713c699cf16272", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2024-07-02 03:50:00", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:33", "1291848", "9f879acf40c02cdf5a1285819c7f621e2294ceab2ff32b7aa9aa4465968d16e3", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:52", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:31", "1291847", "f0394907af105d590d6f376c2875f2752d221087", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:51", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:30", "1291846", "5d42b6f5c9ba52b536aa485bd1f70b81", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "2024-07-02 03:49:50", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:29", "1291845", "e527c7577c16edf8cf120426324b4a37b726de3cf65e8642aa60340008148b08", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "2024-07-02 03:49:49", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:27", "1291843", "f5b72b219b9dc802075066951e0f5aad", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2024-07-02 03:49:40", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:27", "1291844", "90ec63fcad7ddcec013a9a318c7d025647286de9", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "2024-07-02 03:49:47", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:26", "1291842", "b1027ba8039c64d6887daa9ef2f97438ebfa2f6877e2158680c01b326bdc76c9", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2024-07-02 03:49:39", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:24", "1291841", "5d475b00153f3bd0d16010ebd5c5aba656455552", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2024-07-02 03:49:37", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:23", "1291840", "ce48ccb415f96a4d2e427cd800383067", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:37", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:22", "1291839", "40aedfd3626e8f0b645e351f0be7eeb117f7db47697a2c86450269058a865b75", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:36", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:20", "1291838", "9a662c0b42d0247b868ac34ea3356e558f615c5e", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:34", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:19", "1291836", "e3ffaae53b7127d22d6ca2fd83b126136437c63d422127cd309963e0c6f8e71a", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:33", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:19", "1291837", "944a0048e334fd1cf24f880bf0d17702", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:33", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:17", "1291835", "9f5f69ba1f5c449e073a83fa0d40ea79b23cb839", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:31", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:15", "1291834", "1e91dfed225f5056190e2217c5e59c1b", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:30", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:14", "1291833", "bd9454975ba91261ffde00a6be952e68daac90f0d7351c62a2589bb8912e727d", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:29", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:12", "1291832", "be2b01bebe925650df044d7009daeae2419e37ac", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:27", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:11", "1291830", "2f35d828d19942c2daf1989fabb8565c56f9c2d6f3b00e3470c7785ae4ddde50", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:26", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:11", "1291831", "6ce6e6804881ee247359904ac6500caf", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:27", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:08", "1291829", "e232b31c7d47547d164f1a879c684e6a188677c1", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:24", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:07", "1291828", "28f77c9af8cb3ea886714bbfc8326635", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2024-07-02 03:49:23", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:06", "1291827", "f251fe71103ef7bc4cbdbcfe9c1d7c4a595f831e51cf4064f2bfa595f47bda35", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2024-07-02 03:49:23", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:04", "1291825", "61b864cefd119277bdf87210e1624c2f", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:20", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:04", "1291826", "f6f02b22cd5a272c71a5afa66efd3b237fe4f24f", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2024-07-02 03:49:21", "95", "None", "None", "0", "Grim"
"2024-07-01 14:32:02", "1291824", "96c5089380f7452f4695bc517e83cf49f38f5de59e82d8c1142c770545941285", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:19", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:59", "1291822", "27af175b8006ce6c2376748b21748412", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "2024-07-02 03:49:10", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:59", "1291823", "0ffa3b85aff7ad2f7a30679b849895fff1463f62", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:17", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:58", "1291821", "ce8d8f5b2708fb0a26ac9ce32c303779179ff58297279c834fd8220b77154680", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "2024-07-02 03:49:10", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:56", "1291820", "ec6b0f34dbe9294a82dcc379b3de2b744f5d65ea", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "2024-07-02 03:49:08", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:55", "1291818", "4b23416ddb5edceb2bcfd5c8b16fc0b739e2d470e69a7c85a033fbbedcac520f", "sha256_hash", "payload", "win.sigloader", "None", "SigLoader", "2024-07-02 03:49:06", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:55", "1291819", "bc864bf3e7bf03bf665eb4e782989471", "md5_hash", "payload", "win.sigloader", "None", "SigLoader", "2024-07-02 03:49:07", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:52", "1291816", "583010534e14bdb977607c366a280120", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:04", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:52", "1291817", "4598044bb8a3a25bac91e2a069062dce89fb7dfd", "sha1_hash", "payload", "win.sigloader", "None", "SigLoader", "2024-07-02 03:49:04", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:51", "1291815", "f211a840befa45cad5c369f64b91ff53d0dba7e98835dec3886ded59746e7333", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:03", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:49", "1291814", "8b26c39a9f1699a570821bf75ffd11d6a29df746", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:49:01", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:48", "1291812", "81e2f395b44d7f644e47b5d3fbf8618d1cac877566997ff85e8b70b6c5b24aa5", "sha256_hash", "payload", "win.sombrat", "None", "SombRAT", "2024-07-02 03:49:00", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:48", "1291813", "9e16214ee163b3f8bed83fd25b5d793b", "md5_hash", "payload", "win.sombrat", "None", "SombRAT", "2024-07-02 03:49:00", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:45", "1291810", "1ef35ac48ac0a224d1a3fb301054bc1c", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:48:56", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:45", "1291811", "c8349a3b4b44e33a5d0cd15e29207e9f7452ff4d", "sha1_hash", "payload", "win.sombrat", "None", "SombRAT", "2024-07-02 03:48:57", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:44", "1291809", "444fb4871f9ee687f90ecf33223c91bbf263a7d66f1c665d653ce71559c557bf", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:48:55", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:42", "1291808", "85526b95f4f86bc2a63c0f641efa710b05d15c31", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:48:53", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:41", "1291806", "8d15bcc5eca4dbafc31d1ea92c4d34b86e5d30e6b4cb0da378570bdccd7242c1", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:51", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:41", "1291807", "05b4a13a3d126cdd799e10c41b4b5af0", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:52", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:39", "1291805", "243c8b9f0200db1d70a83a62a0fb082a720c1a29", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:48", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:38", "1291804", "e78d43a26913cf101b98d1d04839eee2", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:47", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:37", "1291803", "8f9dbdd77e130b7238761966a9c9aa8712baf2100ddebc3d9d206ee17f8f119c", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:46", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:35", "1291801", "2fdfaca974428d2f6b1d88ee7d66409c", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:48:39", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:35", "1291802", "911c8c10f7c8bc9fd3c6bd16e9f5da11e3c3eb5d", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:44", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:34", "1291800", "e4fff3834d79cfac3f2b81048b42db80d1aac3c80d060ff9d2c3186f131b8775", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:48:37", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:32", "1291799", "9589b5ca3bd0d75bdedc5b7e1635af3bca11d826", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "2024-07-02 03:48:35", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:31", "1291798", "657278fd67cfa173ce3bcf668b4a86d0", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:34", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:30", "1291797", "fb4df4937ba91dc7e928297ac5f9423f197600599bf72890890225342e6b9f58", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:33", "95", "None", "None", "0", "Grim"
"2024-07-01 14:31:28", "1291796", "b859e907f9a1707dbe3a2da1235393e5a5069825", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "2024-07-02 03:48:29", "95", "None", "None", "0", "Grim"
"2024-07-01 13:35:15", "1291792", "http://054717cm.n9shteam3.top/TojavascriptPollCpuPublicPrivate.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 13:00:19", "1291787", "77.221.153.197:80", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 12:32:40", "1291785", "zug-login.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291775", "agovaccess-ch.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291776", "b2cidp-mobilier.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291777", "eportal-be.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291778", "eportal-bs.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291779", "finanzportal-vermogenzsentrum.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291780", "finanzportal-vermogenzsentrum.net", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291781", "getgrammerly.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291782", "loginzug.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291783", "portals-swisslife.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:39", "1291784", "sso-geneveid.com", "domain", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:32:15", "1291774", "186.2.171.54:443", "ip:port", "payload_delivery", "elf.poseidon", "None", "Poseidon", "", "75", "", "agov,CHE,geo,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 12:00:23", "1291773", "http://a1000048.xsph.ru/d4065b26.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 11:50:16", "1291772", "57.129.38.73:41038", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 11:30:18", "1291768", "206.238.43.211:6666", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "100", "None", "Gh0stRAT", "0", "abuse_ch"
"2024-07-01 10:49:56", "1291766", "http://pipp.seo7sry.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:56", "1291767", "http://pipp.showroomilgiornodopo.it/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:55", "1291765", "http://pipp.retromad1.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:54", "1291763", "http://pipp.laofix.com.tr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:54", "1291764", "http://pipp.nsaservices.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:53", "1291761", "http://pipp.eshaqlaw.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:53", "1291762", "http://pipp.japanbangladeshhospital.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:52", "1291760", "http://pipp.dipankardey.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:51", "1291758", "http://pipp.diasecampos.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:51", "1291759", "http://pipp.dilagosburguer.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:50", "1291756", "http://pipp.agauto.co.ke/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:50", "1291757", "http://pipp.debellis.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:49", "1291754", "http://panda.superdreadi.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:49", "1291755", "http://panda.tafca.cl/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:48", "1291752", "http://panda.lojaniq.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:48", "1291753", "http://panda.sixfibras.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:47", "1291750", "http://panda.laofix.com.tr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:46", "1291748", "http://panda.dilagosburguer.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:46", "1291749", "http://panda.japanbangladeshhospital.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:45", "1291746", "http://newscp.xpresscard.info/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:45", "1291747", "http://panda.creativeeventsbd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:44", "1291744", "http://newscp.top2stay.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:44", "1291745", "http://newscp.tracymasonmedia.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:43", "1291743", "http://newscp.thirtyline.com.my/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:42", "1291741", "http://newscp.srprof.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:42", "1291742", "http://newscp.superanimalpet.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:41", "1291739", "http://newscp.sc3bhgr7781.universe.wf/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:41", "1291740", "http://newscp.slagveld.co.za/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:40", "1291737", "http://newscp.sc1dsnb7288.universe.wf/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:40", "1291738", "http://newscp.sc1tmtd4794.universe.wf/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:39", "1291736", "http://newscp.savannah.sd/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:38", "1291734", "http://newscp.sacs.ec/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:38", "1291735", "http://newscp.sagarsprings.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:37", "1291732", "http://newscp.roborave.mx/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:37", "1291733", "http://newscp.romalogistics.com.pe/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:36", "1291730", "http://newscp.posdata-si.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:36", "1291731", "http://newscp.ranasariagroup.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:35", "1291729", "http://newscp.officialrtv.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:34", "1291727", "http://newscp.myindiamall.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:34", "1291728", "http://newscp.nextsol.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:33", "1291725", "http://newscp.laboratoriomacruzfarma.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:33", "1291726", "http://newscp.machaquila.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:32", "1291723", "http://newscp.junoindia.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:32", "1291724", "http://newscp.kashier365.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:31", "1291721", "http://newscp.inncomex.com.mx/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:31", "1291722", "http://newscp.janeladedramaturgia.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:30", "1291720", "http://newscp.hotelultimafrontiera.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:29", "1291718", "http://newscp.hchemical.sd/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:29", "1291719", "http://newscp.hospitaldesanluis.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:28", "1291716", "http://newscp.geliankft.hu/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:28", "1291717", "http://newscp.grupomv.com.py/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:27", "1291714", "http://newscp.entreprisesdavenir.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:27", "1291715", "http://newscp.geber.com.mx/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:26", "1291712", "http://newscp.dolphinmanagement.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:26", "1291713", "http://newscp.ebitan.com.bd/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:25", "1291711", "http://newscp.debambu.es/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:24", "1291709", "http://newscp.colbiomor.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:24", "1291710", "http://newscp.contechprojects.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:23", "1291707", "http://newscp.bariel.co.id/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:23", "1291708", "http://newscp.cgsbim.cl/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:22", "1291705", "http://newscp.area14st.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:22", "1291706", "http://newscp.atiliomarola.com.ar/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:21", "1291704", "http://newscp.arabic.du.ac.bd/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:20", "1291702", "http://newscp.academicindia.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:20", "1291703", "http://newscp.allkemie.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:19", "1291700", "http://newcp.urunstand.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:19", "1291701", "http://newscp.aaptiroots.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:18", "1291698", "http://newcp.termomecconsultoria.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:18", "1291699", "http://newcp.thebestbodrumtemizlik.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:17", "1291696", "http://newcp.sosgestion.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:17", "1291697", "http://newcp.techcube.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:16", "1291695", "http://newcp.smartlabor.it/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:15", "1291693", "http://newcp.recubplast.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:15", "1291694", "http://newcp.seo7sry.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:14", "1291691", "http://newcpp.wychelmconnect.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:14", "1291692", "http://newcp.qadricaterers.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:13", "1291689", "http://newcpp.wecarefamilydentistry.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:13", "1291690", "http://newcpp.wpsuperlink.online/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:12", "1291688", "http://newcpp.vanguardaamazonense.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:11", "1291686", "http://newcpp.uns-kikaku.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:11", "1291687", "http://newcpp.upvs.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:10", "1291684", "http://newcpp.themavvel.co.ke/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:10", "1291685", "http://newcpp.tracymasonmedia.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:09", "1291682", "http://newcpp.techtrust.pt/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:09", "1291683", "http://newcpp.tecsoluciones.com.pe/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:08", "1291681", "http://newcpp.tabledemassagepliante.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:07", "1291679", "http://newcpp.stayeasyplus.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:07", "1291680", "http://newcpp.streakk.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:06", "1291677", "http://newcpp.smartzone.sa/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:06", "1291678", "http://newcpp.spiegelenergy.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:05", "1291675", "http://newcpp.scotiaperu.pe/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:05", "1291676", "http://newcpp.seguroautoagora.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:04", "1291673", "http://newcpp.saamtrek.co.za/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:04", "1291674", "http://newcpp.sbtabriz.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:03", "1291672", "http://newcpp.recettecuisinegastronomie.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:02", "1291670", "http://newcpp.quantum-ev.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:02", "1291671", "http://newcpp.quasar.sa/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:01", "1291669", "http://newcpp.princekushwaha.com.np/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:00", "1291667", "http://newcpp.payall.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:49:00", "1291668", "http://newcpp.powerunits.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:59", "1291665", "http://newcpp.ontrace.id/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:59", "1291666", "http://newcpp.park-systems.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:58", "1291663", "http://newcpp.nonisec.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:58", "1291664", "http://newcpp.nonisec.com.ar/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:57", "1291662", "http://newcp.pnmls.cd/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:56", "1291660", "http://newcpp.natroglobal.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:56", "1291661", "http://newcpp.news.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:55", "1291658", "http://newcpp.musamwaky.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:55", "1291659", "http://newcpp.nationaltemps.co.uk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:54", "1291656", "http://newcpp.moralesalducin.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:54", "1291657", "http://newcpp.movie.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:53", "1291655", "http://newcpp.moimoveis.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:52", "1291653", "http://newcpp.meadvilleorthodontics.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:52", "1291654", "http://newcpp.medicalmedia.com.mx/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:51", "1291652", "http://newcpp.mahtokitchencare.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:50", "1291650", "http://newcpp.levinesolutions.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:50", "1291651", "http://newcpp.ludotenis.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:49", "1291649", "http://newcpp.lacitavilla.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:48", "1291647", "http://newcpp.kgcdiary.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:48", "1291648", "http://newcpp.ktktech.my.id/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:47", "1291645", "http://newcpp.inversionesllort.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:47", "1291646", "http://newcpp.isabelaayrosa.adv.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:46", "1291644", "http://newcpp.imcbgten4.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:45", "1291642", "http://newcpp.hotel.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:45", "1291643", "http://newcpp.ilutex.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:44", "1291640", "http://newcpp.gridedgenews.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:44", "1291641", "http://newcpp.harmonyvillage.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:43", "1291638", "http://newcpp.fridaybd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:43", "1291639", "http://newcpp.gridedge.com.au/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:42", "1291637", "http://newcpp.faybd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:41", "1291635", "http://newcpp.faforon.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:41", "1291636", "http://newcpp.fatp.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:40", "1291633", "http://newcpp.faforlife.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:40", "1291634", "http://newcpp.faforon.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:39", "1291631", "http://newcpp.dungnguyenarchi.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:39", "1291632", "http://newcpp.embassydevelopments.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:38", "1291629", "http://newcpp.dktravel.com.ec/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:38", "1291630", "http://newcpp.dsts-immigration.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:37", "1291628", "http://newcpp.dilagosburguer.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:36", "1291626", "http://newcpp.damaskin.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:36", "1291627", "http://newcpp.danmartin.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:35", "1291624", "http://newcpp.confidable.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:35", "1291625", "http://newcpp.credencewatches.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:34", "1291622", "http://newcpp.casamagdalenapublicidad.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:34", "1291623", "http://newcpp.cncmorelos.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:33", "1291620", "http://newcpp.billionairesestate.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:33", "1291621", "http://newcpp.bocadosdeamor.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:32", "1291619", "http://newcpp.banjarkode.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:31", "1291617", "http://newcpp.aurespa.ca/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:31", "1291618", "http://newcpp.balebuku.my.id/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:30", "1291615", "http://newcpp.altaymediaalbania.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:30", "1291616", "http://newcpp.apa.ba/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:29", "1291614", "http://newcpp.almoajel.sa/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:28", "1291612", "http://newcpp.afrokulchagroup.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:28", "1291613", "http://newcpp.afrokulchatravel.co.za/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:27", "1291610", "http://newcpp.activelifemd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:27", "1291611", "http://newcpp.afrokulcha.co.za/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:26", "1291608", "http://newcpp.3dsurf.ir/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:26", "1291609", "http://newcpp.abrakadabra.com.pe/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:25", "1291606", "http://newcp.olivrodapatria.online/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:25", "1291607", "http://newcpp.1ihost.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:24", "1291605", "http://newcp.oiltanker.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:23", "1291603", "http://newcp.liderford.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:23", "1291604", "http://newcp.lourencoviajante.pt/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:22", "1291601", "http://newcp.japeto.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:22", "1291602", "http://newcp.jcgama.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:21", "1291599", "http://newcp.icredes.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:21", "1291600", "http://newcp.iluminate.com.mx/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:20", "1291598", "http://newcp.hypercctv.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:19", "1291596", "http://newcp.grid-edge.com.au/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:19", "1291597", "http://newcp.gridedgenews.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:18", "1291594", "http://newcp.gaziemircicekciler.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:18", "1291595", "http://newcp.ghdemo.com.tr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:17", "1291593", "http://newcp.frederic-monereau.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:16", "1291591", "http://newcp.dominantlegaltrans.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:16", "1291592", "http://newcp.essentemizlik.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:15", "1291589", "http://newcp.coliturcusco.com.pe/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:15", "1291590", "http://newcp.departamentosenpueblolibre.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:14", "1291588", "http://newcp.bitezeventwedding.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:13", "1291586", "http://newcp.atlasfizyoterapi.com.tr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:13", "1291587", "http://newcp.aurejewelry.ca/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:12", "1291585", "http://newcp.ankarasevkattesisat.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:11", "1291583", "http://newcp.americansports.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:11", "1291584", "http://newcp.ankaracilingirci.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:10", "1291581", "http://dibbadu.sulmov.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:10", "1291582", "http://dibbadu.trujilloserrano.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:09", "1291580", "http://dibbadu.sscmcc.cl/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:08", "1291578", "http://dibbadu.promoveazaonline.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:08", "1291579", "http://dibbadu.smartfuture.co.za/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:07", "1291577", "http://dibbadu.proexcon.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:06", "1291575", "http://dibbadu.nextsol.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:06", "1291576", "http://dibbadu.planamoveis.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:05", "1291574", "http://dibbadu.myportfolio.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:04", "1291572", "http://dibbadu.institutointei.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:04", "1291573", "http://dibbadu.millennialstourandtravel.co.ke/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:03", "1291571", "http://dibbadu.geofieldp.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:02", "1291569", "http://dibbadu.dolphinmanagement.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:02", "1291570", "http://dibbadu.evergraphics.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:01", "1291568", "http://dibbadu.ciptransfer.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:00", "1291566", "http://dibbadu.caelectrons.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:48:00", "1291567", "http://dibbadu.carboneralabanda.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:59", "1291565", "http://dibbadu.arkaconstructores.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:58", "1291563", "http://bp.worldcup.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:58", "1291564", "http://dibbadu.absoluteitbd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:57", "1291562", "http://bp.wocrimestoppers.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:56", "1291560", "http://bp.wheelsofwilliamsport.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:56", "1291561", "http://bp.wheelsofwilliamsport.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:55", "1291559", "http://bp.wegolions.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:54", "1291558", "http://bp.watertownctlions.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:53", "1291556", "http://bp.trueearthchanges.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:53", "1291557", "http://bp.video.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:52", "1291554", "http://bp.sygenpharma.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:52", "1291555", "http://bp.tdsorsta.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:51", "1291553", "http://bp.stasy-union.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:50", "1291551", "http://bp.seo7sry.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:50", "1291552", "http://bp.shivaagorealty.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:49", "1291550", "http://bp.segurobligatorio.pro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:48", "1291548", "http://bp.saleseconomic.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:48", "1291549", "http://bp.sc1jtfu9765.universe.wf/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:47", "1291547", "http://bp.riscasvicosas.pt/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:46", "1291545", "http://bp.rafikidodomahotel.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:46", "1291546", "http://bp.richardobenton.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:45", "1291544", "http://bp.petersparre.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:44", "1291542", "http://bp.niceguyrebrands.xyz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:44", "1291543", "http://bp.paltouchsystems.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:43", "1291541", "http://bp.news.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:42", "1291539", "http://bp.natenrjs.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:42", "1291540", "http://bp.nationalbeatpoetryfoundation.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:41", "1291538", "http://bp.myindiamall.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:40", "1291536", "http://bp.moimoveis.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:40", "1291537", "http://bp.movie.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:39", "1291535", "http://bp.mibenditoadolescente.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:38", "1291533", "http://bp.marthareingold.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:38", "1291534", "http://bp.mgcsw.gov.ss/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:37", "1291531", "http://bp.littleleafstudio.co.uk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:37", "1291532", "http://bp.lyctechnologies.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:36", "1291530", "http://bp.linenessentials.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:35", "1291528", "http://bp.kidsightusa.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:35", "1291529", "http://bp.killerworkdev.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:34", "1291527", "http://bp.kgcdiary.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:33", "1291525", "http://bp.isap-union.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:33", "1291526", "http://bp.jpxhelmet.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:32", "1291524", "http://bp.innovatalks.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:31", "1291522", "http://bp.fursforus.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:31", "1291523", "http://bp.hotelultimafrontiera.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:30", "1291521", "http://bp.fortclean.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:29", "1291519", "http://bp.fatp.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:29", "1291520", "http://bp.flyingdonvstg.franciaim.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:28", "1291518", "http://bp.emporioecuador.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:27", "1291516", "http://bp.easthartfordinterfaith.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:27", "1291517", "http://bp.edgenetworks.rs/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:26", "1291515", "http://bp.dumbeg.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:25", "1291513", "http://bp.davidliving.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:25", "1291514", "http://bp.dieterforjudge.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:24", "1291512", "http://bp.ctvidamelhor.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:23", "1291510", "http://bp.celebratebloomfield.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:23", "1291511", "http://bp.celloxwatches.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:22", "1291509", "http://bp.car.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:21", "1291507", "http://bp.brankenattorneys.co.tz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:21", "1291508", "http://bp.cairnhillwatches.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:20", "1291506", "http://bp.blogcanadiense.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:19", "1291504", "http://bp.appoemn.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:19", "1291505", "http://bp.bernard-bourcy.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:18", "1291503", "http://bp.aminadabelago.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:17", "1291501", "http://bp.afrokulchagroup.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:17", "1291502", "http://bp.americansports.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:16", "1291500", "http://bp.absolutairarcondicionado.com.br/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:15", "1291498", "http://bitp.weltpropiedades.cl/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:15", "1291499", "http://bp.4dpayme.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:14", "1291497", "http://bitp.tilakhighfiji.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:13", "1291495", "http://bitp.tami8849.odns.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:13", "1291496", "http://bitp.tiedyeromania.ro/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:12", "1291494", "http://bitp.sviat21.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:11", "1291492", "http://bitp.siupk.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:11", "1291493", "http://bitp.smslogin.xyz/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:10", "1291491", "http://bitp.raagifts.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:09", "1291489", "http://bitp.quasar.sa/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:09", "1291490", "http://bitp.quick-eg.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:08", "1291488", "http://bitp.pouradhwani.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:07", "1291486", "http://bitp.phrapitta.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:07", "1291487", "http://bitp.pisuka.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:06", "1291485", "http://bitp.ontech.co.zm/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:05", "1291483", "http://bitp.nwg.com.pk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:05", "1291484", "http://bitp.olivrodapatria.online/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:04", "1291482", "http://bitp.navihost.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:03", "1291480", "http://bitp.idealindustryltd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:03", "1291481", "http://bitp.kkenterprises.pk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:02", "1291479", "http://bitp.htechs.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:01", "1291477", "http://bitp.heavenconstruction.pk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:01", "1291478", "http://bitp.heavenmarketing.pk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:47:00", "1291476", "http://bitp.hapa5387.odns.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:59", "1291474", "http://bitp.fromagetambourin.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:59", "1291475", "http://bitp.grantindonesia.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:58", "1291473", "http://bitp.ebibote.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:57", "1291471", "http://bitp.clementinasketchbook.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:57", "1291472", "http://bitp.dicoar.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:56", "1291470", "http://bitp.blueroselb.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:55", "1291468", "http://bitpa.vendotuttonline.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:55", "1291469", "http://bitpa.vissnatech.ir/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:54", "1291466", "http://bitpa.toel4298.odns.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:54", "1291467", "http://bitp.avansisgroup.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:53", "1291465", "http://bitpa.tigercampcorbett.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:52", "1291463", "http://bitpa.soltita.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:52", "1291464", "http://bitpa.tatlibuketi.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:51", "1291462", "http://bitpa.socialobserver.in/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:50", "1291460", "http://bitpa.sarshipping.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:50", "1291461", "http://bitpa.smsfi.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:49", "1291459", "http://bitpa.remoteprints.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:48", "1291457", "http://bitpa.professoranagida.online/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:48", "1291458", "http://bitpa.pta-greece.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:47", "1291456", "http://bitpa.planethair.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:46", "1291454", "http://bitpa.owanbefood.com.ng/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:46", "1291455", "http://bitpa.palms77hotel.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:45", "1291453", "http://bitpa.newestrealty.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:44", "1291451", "http://bitpa.nationaltemps.co.uk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:44", "1291452", "http://bitpa.neebs.edu.np/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:43", "1291450", "http://bitpa.mydreamsltd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:42", "1291448", "http://bitpa.miogatto.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:42", "1291449", "http://bitpa.moralesalducin.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:41", "1291447", "http://bitpa.mejoresconsejosvida.online/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:40", "1291445", "http://bitp.alkareemimport.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:40", "1291446", "http://bitpa.mathinmaps.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:39", "1291444", "http://bitp.alan.my/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:38", "1291443", "http://bitp.alamri-ip.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:37", "1291441", "http://bitpa.innovatalks.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:37", "1291442", "http://bitpa.jcaisse-dev.org/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:36", "1291440", "http://bitpa.hostpinas.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:35", "1291438", "http://bitpa.elshamel.online/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:35", "1291439", "http://bitpa.guptavedika.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:34", "1291437", "http://bitpa.eamarseba.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:33", "1291435", "http://bitpa.dogfestival.gr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:33", "1291436", "http://bitpa.drcaraccessories.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:32", "1291433", "http://bitpa.dctcbd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:32", "1291434", "http://bitpa.desipolska.pl/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:31", "1291432", "http://bitpa.combienemetmonargent.info/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:30", "1291430", "http://bitpa.bicoman.net/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:30", "1291431", "http://bitpa.casamagdalenapublicidad.com.co/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:29", "1291429", "http://bitpa.bghbd.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:28", "1291428", "http://bitpa.beautifulbooze.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:27", "1291427", "http://bitpa.bariel.co.id/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:26", "1291425", "http://bitpa.athleticshub.co.uk/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:26", "1291426", "http://bitpa.babajani.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:25", "1291424", "http://bitpa.artemilenario.fr/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:46:24", "1291423", "http://bitpa.ananyajain.com/agov/", "url", "payload_delivery", "osx.poseidon", "None", "Poseidon", "", "100", "", "agov,PoseidonStealer", "0", "abuse_ch"
"2024-07-01 10:39:08", "1291420", "195.50.242.110:8080", "ip:port", "botnet_cc", "win.hotcroissant", "None", "HOTCROISSANT", "", "49", "https://asec.ahnlab.com/en/67558/", "Rifdoor", "0", "johannes"
"2024-07-01 10:39:08", "1291421", "147.45.44.12:13830", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 10:35:18", "1291422", "http://147.45.78.162/a17861b9cb6f1a53.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "100", "None", "Stealc", "0", "abuse_ch"
"2024-07-01 10:05:48", "1291419", "93.188.122.139:4433", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/93.188.122.139", "MIFRIL-AS ImportExport changes,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:45", "1291418", "83.48.66.207:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/83.48.66.207", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:05:40", "1291417", "198.244.197.118:9443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/198.244.197.118", "NetSupportRAT,OVH", "0", "drb_ra"
"2024-07-01 10:05:36", "1291416", "2.139.253.110:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/2.139.253.110", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:05:33", "1291415", "186.225.10.251:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/186.225.10.251", "NetSupportRAT,UNIFIQUE TELECOMUNICACOES SA", "0", "drb_ra"
"2024-07-01 10:05:30", "1291414", "206.210.123.104:8888", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/206.210.123.104", "IASL,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:26", "1291413", "95.189.100.119:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/95.189.100.119", "NetSupportRAT,ROSTELECOM-AS", "0", "drb_ra"
"2024-07-01 10:05:23", "1291412", "179.159.167.251:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/179.159.167.251", "Claro NXT Telecomunicacoes Ltda,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:19", "1291411", "61.96.204.117:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/61.96.204.117", "DREAMX-AS DREAMLINE CO.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:15", "1291410", "185.23.192.33:444", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/185.23.192.33", "NetSupportRAT,WINET", "0", "drb_ra"
"2024-07-01 10:05:10", "1291409", "2.136.235.200:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/2.136.235.200", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:05:07", "1291408", "103.237.87.159:9462", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/daee067e46a83ec3c0e4f77bf53e126f076847b781bda39e3d13f0f6044be2f4/", "remcos", "0", "abuse_ch"
"2024-07-01 10:05:06", "1291407", "200.152.101.176:9090", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/200.152.101.176", "MLS Wireless SA,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:05:00", "1291406", "186.236.112.114:3085", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/186.236.112.114", "NetSupportRAT,NETWORK TELECOMUNICACOES S.A.", "0", "drb_ra"
"2024-07-01 10:04:55", "1291405", "93.232.107.227:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/93.232.107.227", "DTAG Internet service provider operations,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:54", "1291404", "93.232.107.227:81", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/93.232.107.227", "DTAG Internet service provider operations,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:51", "1291403", "200.243.0.50:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/200.243.0.50", "CLARO S.A.,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:48", "1291402", "62.156.170.137:1111", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/62.156.170.137", "DTAG Internet service provider operations,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:45", "1291401", "212.170.14.98:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/212.170.14.98", "NetSupportRAT,TELEFONICA_DE_ESPANA", "0", "drb_ra"
"2024-07-01 10:04:42", "1291400", "189.115.194.186:9990", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/189.115.194.186", "NetSupportRAT,TELEFONICA BRASIL S.A", "0", "drb_ra"
"2024-07-01 10:04:38", "1291399", "101.108.13.204:7443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/101.108.13.204", "NetSupportRAT,TOT-NET TOT Public Company Limited", "0", "drb_ra"
"2024-07-01 10:04:35", "1291398", "200.180.67.154:9444", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/200.180.67.154", "NetSupportRAT,V tal", "0", "drb_ra"
"2024-07-01 10:04:31", "1291397", "210.249.114.153:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/210.249.114.153", "KDDI KDDI CORPORATION,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:04:28", "1291396", "178.188.188.212:5500", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://search.censys.io/hosts/178.188.188.212", "A1TELEKOM-AT A1 Telekom Austria AG,NetSupportRAT", "0", "drb_ra"
"2024-07-01 10:00:16", "1291395", "39.40.167.160:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/39.40.167.160", "PKTELECOM-AS-PK Pakistan Telecommunication Company Limited,Qakbot", "0", "drb_ra"
"2024-07-01 09:59:23", "1291394", "85.215.215.94:41057", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://search.censys.io/hosts/85.215.215.94", "Havoc", "0", "drb_ra"
"2024-07-01 09:58:28", "1291393", "75.2.71.143:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/75.2.71.143", "AMAZON-02,Deimos", "0", "drb_ra"
"2024-07-01 09:58:16", "1291392", "35.220.201.119:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/35.220.201.119", "Deimos,GOOGLE-CLOUD-PLATFORM", "0", "drb_ra"
"2024-07-01 09:57:53", "1291391", "82.153.138.128:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/82.153.138.128", "Mythic,THE-IHOSTART-PROJEKT", "0", "drb_ra"
"2024-07-01 09:57:11", "1291390", "94.237.59.129:30570", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://search.censys.io/hosts/94.237.59.129", "Sliver,UPCLOUD", "0", "drb_ra"
"2024-07-01 09:57:09", "1291389", "94.237.59.129:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://search.censys.io/hosts/94.237.59.129", "Sliver,UPCLOUD", "0", "drb_ra"
"2024-07-01 09:40:13", "1291388", "http://cx5519.com/tmp/index.php", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:40:10", "1291387", "http://office-techs.biz/tmp/index.php", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:40:07", "1291386", "http://gebeus.ru/tmp/index.php", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:40:01", "1291385", "http://evilos.cc/tmp/index.php", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291381", "cx5519.com", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291382", "evilos.cc", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291383", "gebeus.ru", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:59", "1291384", "office-techs.biz", "domain", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "100", "https://bazaar.abuse.ch/sample/1e7fb39c52ba502920d98374e0cdf8a2447c737bd0b88c06839e81be3a751688/", "Dofoil,Smoke Loader", "0", "abuse_ch"
"2024-07-01 09:39:17", "1291350", "https://www.clinicachirurgie3.ro/article.php", "url", "payload_delivery", "js.gootloader", "None", "GootLoader", "", "100", "None", "Stage 2", "0", "ArtifactRunner"
"2024-07-01 09:39:16", "1291353", "asdaryder.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 09:39:15", "1291355", "https://www.colourful-decor.be/article.php", "url", "payload_delivery", "js.gootloader", "None", "GootLoader", "", "100", "None", "Stage 2", "0", "ArtifactRunner"
"2024-07-01 09:39:13", "1291356", "https://anmon.name/mch.html", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://bazaar.abuse.ch/sample/ae4e024bce0ae2f7577d6eea4b616c585dfdc48daff98ecf24a1e36c60690772/", "AndrMonitor,AnMon", "0", "NDA0E"
"2024-07-01 09:39:13", "1291357", "anmon.name", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "AndrMonitor,AnMon", "0", "NDA0E"
"2024-07-01 09:39:13", "1291376", "indepahote.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 18:00:24", "50", "", "None", "1", "ian_kenefick"
"2024-07-01 09:39:12", "1291377", "movegomove.com", "domain", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2024-07-01 18:02:43", "50", "", "None", "1", "ian_kenefick"
"2024-07-01 09:39:12", "1291378", "62.173.141.99:139", "ip:port", "payload_delivery", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "", "None", "0", "threatcat_ch"
"2024-07-01 09:39:11", "1291379", "62.173.141.99:445", "ip:port", "payload_delivery", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "", "None", "0", "threatcat_ch"
"2024-07-01 09:35:04", "1291380", "103.237.87.40:1993", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/7469a174199a6068c3534b0698c75ebf754e92408f0607eb00cf9d3ea86e2b11/", "remcos", "0", "abuse_ch"
"2024-07-01 08:54:21", "1291375", "http://49.235.118.195/activity", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 08:54:02", "1291374", "https://43.153.222.28:4545/activity", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,TENCENT-NET-AP-CN Tencent Building Kejizhongyi Avenue", "0", "drb_ra"
"2024-07-01 08:52:45", "1291373", "116.205.233.25:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Huawei Cloud Service data center", "0", "drb_ra"
"2024-07-01 08:52:37", "1291372", "159.75.110.16:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 08:52:36", "1291371", "https://service-d27o3nmv-1324720265.sh.tencentapigw.com/pixel", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 08:52:31", "1291370", "http://185.22.152.167:9876/match", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,LLC Baxet", "0", "drb_ra"
"2024-07-01 08:52:17", "1291369", "http://64.7.198.173/match", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "BL Networks,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 08:52:10", "1291368", "http://192.252.182.98:808/push", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,CTGSERVERLIMITED-AS-AP CTG Server Limited", "0", "drb_ra"
"2024-07-01 08:51:49", "1291367", "http://43.140.200.250:20000/fwlink", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1359593325,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 08:51:44", "1291366", "https://39.100.91.89/ptj", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-07-01 08:51:35", "1291365", "http://54.237.218.187/j.ad", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "Amazon.com Inc.,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 08:51:10", "1291364", "http://112.126.85.180/g.pixel", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-1234567890,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-07-01 08:50:34", "1291363", "https://81.71.18.114:50002/IE9CompatViewList.xml", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 08:48:47", "1291362", "http://60.204.217.11:9998/g.pixel", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Huawei Cloud Service data center", "0", "drb_ra"
"2024-07-01 08:48:38", "1291361", "http://43.153.222.28:433/en_US/all.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,TENCENT-NET-AP-CN Tencent Building Kejizhongyi Avenue", "0", "drb_ra"
"2024-07-01 08:47:46", "1291360", "http://81.71.18.114:50001/cx", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 08:46:38", "1291359", "https://23.95.65.198/pixel.gif", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "AS-COLOCROSSING,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 08:46:28", "1291358", "http://116.198.247.52/match", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CHINATELECOM-JIANGSU-SUQIAN-IDC CHINATELECOM Jiangsu Suqian IDC network,CobaltStrike,cs-watermark-987654321", "0", "drb_ra"
"2024-07-01 07:43:44", "1291351", "pcvcf.xyz", "domain", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "", "ACR Stealer", "0", "crep1x"
"2024-07-01 07:43:44", "1291352", "padrf.xyz", "domain", "botnet_cc", "win.acr_stealer", "None", "ACR Stealer", "", "100", "", "ACR Stealer", "0", "crep1x"
"2024-07-01 07:03:15", "1291346", "http://213.238.177.108/kdmapper.exe", "url", "payload_delivery", "win.neshta", "None", "neshta", "", "75", "", "neshta", "0", "lontze7"
"2024-07-01 07:03:12", "1291347", "http://213.238.177.108/log1.exe", "url", "payload_delivery", "win.neshta", "None", "neshta", "", "75", "", "neshta", "0", "lontze7"
"2024-07-01 07:03:12", "1291348", "http://213.238.177.108/log2.exe", "url", "payload_delivery", "win.neshta", "None", "neshta", "", "75", "", "neshta", "0", "lontze7"
"2024-07-01 07:03:11", "1291349", "http://213.238.177.108/spoofer.sys", "url", "payload_delivery", "win.neshta", "None", "neshta", "", "75", "", "neshta", "0", "lontze7"
"2024-07-01 06:50:12", "1291345", "136.243.111.71:20001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/136.243.111.71", "AsyncRAT,HETZNER-AS", "0", "drb_ra"
"2024-07-01 06:49:55", "1291344", "157.20.182.5:9898", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/157.20.182.5", "AsyncRAT,HOSTER-AS-IN Hosterdaddy Private Limited", "0", "drb_ra"
"2024-07-01 06:49:45", "1291342", "94.156.64.188:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.64.188", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-07-01 06:49:45", "1291343", "94.156.64.188:8008", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.64.188", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-07-01 06:48:58", "1291341", "185.223.77.217:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/185.223.77.217", "Hookbot Pegasus,POYRAZ", "0", "drb_ra"
"2024-07-01 06:48:36", "1291340", "47.98.177.117:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/47.98.177.117", "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.Ltd.,Supershell", "0", "drb_ra"
"2024-07-01 06:47:51", "1291339", "196.77.36.25:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/196.77.36.25", "MT-MPLS,Qakbot", "0", "drb_ra"
"2024-07-01 06:46:28", "1291338", "91.92.241.103:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:18", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:46:22", "1291337", "83.220.172.119:8843", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/83.220.172.119", "Deimos,RU-JSCIOT", "0", "drb_ra"
"2024-07-01 06:46:04", "1291336", "159.223.0.196:8081", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/159.223.0.196", "DIGITALOCEAN-ASN,Mythic", "0", "drb_ra"
"2024-07-01 06:46:01", "1291335", "107.172.78.188:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/107.172.78.188", "AS-COLOCROSSING,Mythic", "0", "drb_ra"
"2024-07-01 06:45:54", "1291281", "18.210.161.224:3436", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "nanocore,RAT", "0", "SarlackLab"
"2024-07-01 06:45:54", "1291282", "104.243.242.166:1620", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "None", "nanocore,RAT", "0", "SarlackLab"
"2024-07-01 06:45:54", "1291283", "googledocs.duckdns.org", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:53", "1291284", "147.185.221.20:22517", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:53", "1291285", "provided-existence.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:53", "1291286", "147.185.221.20:37993", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:52", "1291287", "them-recommended.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:52", "1291288", "147.185.221.20:50199", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:51", "1291290", "4.185.56.82:42687", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 06:45:51", "1291291", "144.172.122.232:20131", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 06:45:50", "1291301", "195.189.227.105:48367", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "", "RedLineStealer", "0", "NDA0E"
"2024-07-01 06:45:50", "1291305", "15.204.88.244:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "None", "Gafgyt", "0", "elfdigest"
"2024-07-01 06:45:49", "1291310", "http://37.156.29.141/hidakibest.arm4", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:49", "1291311", "http://37.156.29.141/hidakibest.arm5", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:47", "1291299", "3.125.102.39:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:47", "1291300", "18.158.249.75:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "75", "None", "njrat,RAT", "0", "SarlackLab"
"2024-07-01 06:45:46", "1291298", "103.162.20.166:3007", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "", "mirai", "0", "elfdigest"
"2024-07-01 06:45:46", "1291334", "39.99.34.125:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-01 06:45:44", "1291312", "http://37.156.29.141/hidakibest.arm6", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:42", "1291313", "http://37.156.29.141/hidakibest.mips", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:42", "1291314", "http://37.156.29.141/hidakibest.mpsl", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:41", "1291315", "http://37.156.29.141/hidakibest.ppc", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:41", "1291316", "http://37.156.29.141/hidakibest.sh", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:40", "1291317", "http://37.156.29.141/hidakibest.sparc", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:40", "1291318", "http://37.156.29.141/hidakibest.x86", "url", "payload_delivery", "elf.mirai", "Katana", "Mirai", "", "100", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:39", "1291319", "37.156.29.141:4258", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "gafgyt,mirai", "0", "lontze7"
"2024-07-01 06:45:38", "1291321", "77.105.135.107:3445", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "infostealer,redline,stealer", "0", "SarlackLab"
"2024-07-01 06:45:37", "1291324", "https://api.telegram.org/bot7095863454:AAFGhBQqJXY7rFzi0CT99qZPVRwQpKI6R1A/sendMessage?chat_id=7257613869", "url", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "", "AsyncRAT", "0", "NDA0E"
"2024-07-01 06:45:23", "1291333", "5.161.190.139:8732", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-01 07:33:59", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 06:44:50", "1291332", "154.211.98.3:1234", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:44:47", "1291331", "58.87.103.109:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-07-01 06:44:38", "1291330", "141.98.10.72:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:01", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-07-01 06:44:28", "1291329", "121.40.117.196:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:07", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:44:27", "1291328", "159.75.169.189:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-07-01 06:44:25", "1291327", "123.207.5.253:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-07-01 06:44:10", "1291326", "45.148.120.161:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-07-01 06:43:40", "1291325", "123.56.153.39:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-07-01 05:45:30", "1291323", "94.156.69.93:2973", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2024-07-01 05:15:24", "1291322", "http://cd40479.tw1.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 05:10:19", "1291320", "http://62.109.22.14/linux03/8/externaleternalToPhpJsrequestserverTrafficUniversaldatalife.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 04:25:19", "1291309", "http://000366cm.nyashka.top/phpflowergenerator.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-07-01 04:15:03", "1291308", "http://110.41.14.58:7931/cskaocncansodf44s65d4f.jpg", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/4e137dda612129b09c80e1d56ef1c72a01e41c113f33455fe68cfc04b8bc1b8d/", "cobaltstrike", "0", "abuse_ch"
"2024-07-01 04:10:17", "1291307", "110.41.14.58:7931", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-07-01 03:49:47", "1291306", "https://43.143.58.212/verchk/verchk_", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-07-01 02:15:20", "1291304", "79.110.62.113:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-07-01 03:12:04", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-07-01 00:45:18", "1291303", "196.65.155.135:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 23:50:16", "1291302", "147.45.47.35:5607", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-06-30 21:00:04", "1291297", "londopas.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:00:04", "75", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2024-06-30 21:00:03", "1291296", "berjimek.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:00:03", "75", "https://threatview.io/Downloads/High-Confidence-CobaltstrikeC2_platforms.txt", "CobaltStrike,threatview-io", "0", "abuse_ch"
"2024-06-30 20:20:23", "1291295", "3.125.223.134:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 20:20:22", "1291294", "3.125.209.94:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2024-07-02 02:09:13", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 20:20:21", "1291293", "3.124.142.205:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 20:20:19", "1291292", "18.192.31.165:19060", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2024-06-30 19:56:02", "1291289", "tydyjtdfjhtf.con-ip.com", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 19:16:02", "1291277", "kaylen.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:02", "1291278", "ymuren.top", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:02", "1291279", "corysy.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:02", "1291280", "soterios.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291270", "128.140.53.5:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291271", "128.140.53.5:9000", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291272", "168.119.118.92:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291273", "168.119.118.92:9000", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291274", "77.221.158.54:80", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291275", "kotawa.top", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:01", "1291276", "aliszon.xyz", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291266", "https://soterios.xyz/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291267", "195.201.251.214:9000", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291268", "195.201.251.214:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:16:00", "1291269", "65.109.243.105:443", "ip:port", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:59", "1291265", "https://corysy.xyz/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:58", "1291264", "https://ymuren.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:57", "1291263", "https://kaylen.xyz/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:56", "1291262", "http://77.221.158.54/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:55", "1291261", "https://aliszon.xyz/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:54", "1291260", "https://kotawa.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:53", "1291259", "https://168.119.118.92:9000/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:52", "1291258", "https://168.119.118.92/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:51", "1291257", "https://128.140.53.5:9000/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:50", "1291256", "https://128.140.53.5/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:49", "1291255", "https://65.109.243.105/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 19:15:48", "1291254", "https://195.201.251.214:9000/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2024-06-30 18:54:02", "1291253", "api.chinacec.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 16:25:47", "100", "None", "CobaltStrike,cs-watermark-100000,HostPapa", "0", "drb_ra"
"2024-06-30 18:54:01", "1291252", "https://api.chinacec.top/admin-apis/", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000,HostPapa", "0", "drb_ra"
"2024-06-30 18:49:55", "1291250", "94.156.69.27:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.69.27", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-06-30 18:49:55", "1291251", "94.156.69.27:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/94.156.69.27", "AsyncRAT,LIMENET", "0", "drb_ra"
"2024-06-30 18:49:52", "1291249", "136.243.111.71:20000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/136.243.111.71", "AsyncRAT,HETZNER-AS", "0", "drb_ra"
"2024-06-30 18:49:27", "1291248", "197.0.49.10:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/197.0.49.10", "AsyncRAT,TOPNET", "0", "drb_ra"
"2024-06-30 18:48:58", "1291247", "91.151.89.25:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/91.151.89.25", "Hookbot Pegasus,HOSTINGDUNYAM HOSTING DUNYAM", "0", "drb_ra"
"2024-06-30 18:48:34", "1291246", "152.32.172.190:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/152.32.172.190", "Supershell,UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED", "0", "drb_ra"
"2024-06-30 18:48:12", "1291245", "124.220.222.35:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/124.220.222.35", "Supershell,TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-30 18:47:35", "1291244", "65.109.183.189:443", "ip:port", "botnet_cc", "py.responder", "SpiderLabs Responder", "Responder", "", "50", "https://search.censys.io/hosts/65.109.183.189", "HETZNER-AS,Responder", "0", "drb_ra"
"2024-06-30 18:46:12", "1291243", "36.131.128.111:4506", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/36.131.128.111", "CHINAMOBILE-CN China Mobile Communications Group Co. Ltd.,Deimos", "0", "drb_ra"
"2024-06-30 18:25:16", "1291242", "http://89.23.97.228/JsPollcpuUpdategamelongpollSqltestDleTemporary.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 17:55:15", "1291241", "51.195.206.227:38719", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "2024-06-30 19:58:45", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2024-06-30 16:44:45", "1291058", "poliyhedira.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:44", "1291056", "nightciows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:44", "1291057", "nightcirows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:43", "1291054", "modoe.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:42", "1291055", "network.polyhedrao.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:41", "1291051", "modeu.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:41", "1291052", "modew.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:41", "1291053", "modne.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:40", "1291050", "m.chainlirst.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:39", "1291047", "jitou.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:39", "1291048", "jitoz.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:39", "1291049", "kr.nightciows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:38", "1291045", "jitco.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:38", "1291046", "jitot.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:37", "1291043", "finance.aerodirome.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:37", "1291044", "io.dedusit.io", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:36", "1291030", "chainlirst.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:35", "1291029", "chaimlstr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:35", "1291031", "chainlirstr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:34", "1291032", "chainlistr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:33", "1291033", "chairnlirst.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:33", "1291034", "chairnlist.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:33", "1291035", "co.kr.nightciows.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:32", "1291036", "dediust.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:32", "1291037", "dedlust.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:31", "1291038", "dedrust.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:31", "1291039", "dedusit.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:30", "1291040", "dedusit.io", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:30", "1291041", "dedust.io.dedusit.io", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:29", "1291042", "ere.yesis-store.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:28", "1291026", "aerodrome.finance.aerodirome.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:28", "1291027", "aerodromr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:28", "1291028", "chaimlistr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:27", "1291024", "aerodomc.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:27", "1291025", "aerodomr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:26", "1291022", "aerodirome.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:26", "1291023", "aerodiromr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:25", "1291021", "aerodiomc.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:17", "1291077", "seeditfyu.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:16", "1291076", "seeditfyr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:16", "1291078", "seeditfyv.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:15", "1291075", "seeditfyn.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:14", "1291072", "seeditfyc.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:14", "1291073", "seeditfyi.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:14", "1291074", "seeditfym.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:13", "1291069", "raydiuv.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:13", "1291070", "raydiux.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:13", "1291071", "raydiuz.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:12", "1291067", "raydiur.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:12", "1291068", "raydiuu.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:11", "1291064", "raydiue.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:11", "1291065", "raydiui.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:11", "1291066", "raydiul.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:10", "1291063", "raydima.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291059", "polyhedra.network.polyhedrao.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291060", "polyhedrao.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291061", "polyhedrao.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:09", "1291062", "polyhiadira.network", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:07", "1291081", "stream.pascalsoftware.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:06", "1291079", "sitemaps.chainlistr.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:06", "1291080", "specialdrilling38.ru", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:05", "1291082", "synflntues.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:05", "1291083", "synfntueis.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:05", "1291085", "nsafabole.store", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:03", "1291084", "synfntuies.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:01", "1291086", "sanchezandmore.shop", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:01", "1291087", "94.103.83.129:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:01", "1291088", "77.238.242.152:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:00", "1291089", "78.153.139.18:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "Panel,Saphira", "0", "myceliumbroker"
"2024-06-30 16:44:00", "1291095", "77-220-212-71.netherlands-2.vps.ac", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Fletchen,Panel", "0", "myceliumbroker"
"2024-06-30 16:44:00", "1291096", "176.57.212.127:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Fletchen,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:59", "1291097", "89.116.110.165:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Fletchen,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:59", "1291138", "94.158.244.72:666", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "None", "Gafgyt", "0", "elfdigest"
"2024-06-30 16:43:59", "1291240", "108.170.52.131:13587", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "", "50", "https://search.censys.io/search?q=services.tls.certificates.leaf_fp_sha_256%3D%22c11c40e1299df046e73784734d7b8de16f25fd9f56ec6dc0b3b8d7aba86696cd%22&resource=hosts", "Bianlian Go Trojan", "0", "Syndikalist"
"2024-06-30 16:43:55", "1291004", "http://produtoresflorestais.pt/understanding-wave-contracts-legal-considerations-implications", "url", "payload_delivery", "js.gootloader", "None", "GootLoader", "2024-07-02 03:20:28", "100", "None", "Stage 1", "0", "ArtifactRunner"
"2024-06-30 16:43:55", "1291020", "82-147-85-159.networktube.net", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "", "HookBot,Panel", "0", "myceliumbroker"
"2024-06-30 16:43:54", "1291015", "198.7.114.191:33966", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-06-30 16:43:54", "1291016", "boats.cloudboats.vip", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-06-30 15:47:47", "1291238", "41d652145e82ff966b3a820b490f0fe7d3850c2916c5f4d3522536fec53017e5", "sha256_hash", "payload", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:47", "1291239", "ff5735fd2989c4a287ab1224205aa5f8", "md5_hash", "payload", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:44", "1291237", "dce12b73ab4ce77a8208f30962190defa6e7264c", "sha1_hash", "payload", "win.phorpiex", "Trik,phorphiex", "Phorpiex", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:28", "1291235", "1bb56efc0a5848106b94aed4e2e3e9e05935ad16c50b31b22c1c8f4bf6e3e727", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:28", "1291236", "ad3893ee2a8e40f2700236672635f5aa", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:25", "1291234", "80f3c0bc398c473e32eeb1420218be6a5feb291d", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:24", "1291232", "10b3c6068f0a789fb58f35230fdf9ab01f54aba30cf50fb06566f09568df7d1e", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:24", "1291233", "f87fe42f687b5960b4b1bd73e6a9aae9", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:21", "1291230", "f6bc727b25a9d6d15f62d459f2d875d0", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:21", "1291231", "4425a5fabfd6900d539a57504e1c2b2c730028b4", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:20", "1291229", "04f28f4975a7ff3cb3439b65b8d2fad8e99e3431b65be0e065c194908459790e", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:18", "1291228", "a7502f6990fc98c4f634ec3e995cc7f443487b13", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:17", "1291227", "90a6868b7ce2020387d453aa38668584", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:16", "1291226", "d2b430a0c74ef2bd97c86d95c35fe964bd00ed17d2e6542be33cc7c99def9d5a", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:14", "1291225", "7bde411bb0d7b6aa7a020266a61ce0d61ef0b362", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:13", "1291224", "6850a8c541b310a2f4a5cd88352856a3", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:12", "1291223", "87fdd3337325634e35611a0cf9a9a4de31d4630dada6eeea83f261be5fbcaa95", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:10", "1291222", "372ff19e90cec46e37797b343fe6f537116b4aae", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:09", "1291220", "fb10fadb9d3eb6066371843b50117c28f88c67f14effdcc23a5b6285b9f1e158", "sha256_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:09", "1291221", "199c0a43e18ed14aaeca53007d4c4f4d", "md5_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:06", "1291218", "1aeb3a19d439d8a4a00313d12f463827", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:06", "1291219", "fd5392b8c22e1f7d20fabf2e6253a101d32cceed", "sha1_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:05", "1291217", "b0e5fddc8448dc854ab400c9b0ac82c43a2f44fa6970cd2975e7d28116a7740d", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:02", "1291216", "beedd7366e1ef168595d800ebe013067c78775de", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:01", "1291214", "dcf95d14fbf8ed9cef6cf7be3e71a753d5334c1be5deaba771d8354f5bd0f5e6", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:47:01", "1291215", "2bebcc27d5c495d9b776162968f42b07", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:58", "1291212", "c6107dbd486b08126c43455536ca3478", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:58", "1291213", "bfa471133b6a8b74b35fa054e62871c6ce05f873", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:57", "1291211", "c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:54", "1291210", "d665a8a53a8d1025b4e5b302b8233f3dbac4c0b5", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:53", "1291209", "2f77b6ba0d6b4cf6cb232c0e5aa2f999", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:50", "1291207", "5bc392a75e9f0c3b36f344096f0183cc", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:50", "1291208", "4bb0d8a5c6e42374d1a58b8b025bbf99cda42b77", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:49", "1291206", "81513a82573e2a72bf3b56b6b309ea2f73716f602e1f00d0ee957abd3408b6a3", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:46", "1291204", "19e47b9abf123f4502545a5fcb43c855", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:46", "1291205", "a2f48b659efa913e5ed17d1621f517c21a9305a6", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:45", "1291203", "d3215483bba6219bb6587367aa3fa8c1737706497ed4befcb175649dc00e7be2", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:43", "1291202", "c722baba8294f20abdb344b61d72d444a4171b62", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:42", "1291201", "b88f61a7938ef8af011259c59efc3d3d", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:41", "1291200", "640397d3d855cbb8e3400f7564294bae51d591f7adb0f7856b7acfeb47f4e3d2", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:39", "1291199", "ba6f4356993959799fbd88bb350558045c363a85", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:38", "1291198", "46019f266084534e1c19c1204e62a618", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:37", "1291197", "27d5e1f8e49a537ecbd834bf1fa4ed193cba9401cedcc85232b82ef0aaf1b217", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:35", "1291196", "a5bbe2c21328c1f6e4f6498e2f1f30743b5883e9", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:34", "1291194", "1dddbe35f087419bed5effd4ac7b9cacb4be3d6f8239b7650cf81b2a01b2b369", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:34", "1291195", "29c4f7618e72214116ae6e7c578a4dc9", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:31", "1291193", "0e7e98f7705566e1c7a4bd41222d166b18236808", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:30", "1291192", "5038e381411591332b285c540d4b6bef", "md5_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:27", "1291190", "23e15451f81dcb7b0f16e61635b21e8d", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:27", "1291191", "4af0f013e8652e3d03c296a59c67c70508e39612", "sha1_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:26", "1291189", "219ce74446b241b891fadd597f2120483dfcbd0a1c3daa78d16d7df6deb42c7c", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:23", "1291188", "fabcab8c6953e5db1040aafc0501eca2c1f6878a", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:22", "1291187", "03ff3bba0065b0b29723f59c41890e45", "md5_hash", "payload", "win.phobos", "None", "Phobos", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:19", "1291186", "37bcd0bdcf97e436b54440627bee368800f4188e", "sha1_hash", "payload", "win.phobos", "None", "Phobos", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:18", "1291184", "2a8353551d099c78ac100b44718a691142f8cc7879b47e842ee8491426e15c08", "sha256_hash", "payload", "win.phobos", "None", "Phobos", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:18", "1291185", "ec656f2e9d53e5c30ae03301cc4348ea", "md5_hash", "payload", "win.phobos", "None", "Phobos", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:15", "1291183", "abe66e0123a837890ff0f64039e5cc9b91549866", "sha1_hash", "payload", "win.phobos", "None", "Phobos", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:14", "1291181", "d0a798b5e7ef375f640e4f4f2329a8e40c6ea4d9f65ce63d513fc1b00ad1da71", "sha256_hash", "payload", "win.younglotus", "DarkShare", "YoungLotus", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:14", "1291182", "3d3aedfaeaf39544ff74fe6fe4541fc2", "md5_hash", "payload", "win.younglotus", "DarkShare", "YoungLotus", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:11", "1291180", "ad4135e142b3e9564d90d96eca0c21e17f0de542", "sha1_hash", "payload", "win.younglotus", "DarkShare", "YoungLotus", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:10", "1291178", "a8733ea13062f65d6aaeb65f8836f9c57bc3c3af7c0d04b94bd072ed2f56b1d1", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:10", "1291179", "18f5a3194d73e08d7d66b7a3b42568b3", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:07", "1291177", "86d424c8a86ec2f20407f9f2db9133a0a2b314f7", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:06", "1291175", "a8719935964133167d0f6f5e0997cb598aa65641887b90d5993c7b3f5f49e2ae", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:06", "1291176", "5d66f215d88815d93ff3b29f204c276e", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:02", "1291174", "7d0d92489bc2ffacbf235db86047bdcf325b4197", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:01", "1291173", "428bdccd4c240a253810e1c2a4ff8b78", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:46:00", "1291172", "b9565d219fb7879e482bfc859721acc5e10edadb73a9bb6eb3190e58e45bea5d", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:56", "1291171", "6cb81ccde6f9cd26b0b60ce5b5d948dbda609c8c", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:55", "1291170", "44af609614d408633bb7ef5f561776c8", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:54", "1291169", "499db06f2972e7f7a4861ef3b6f9cc7e9d850383e315df00a6c9ad682908759f", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:49", "1291167", "48c2137034bee9bdfc2c9df1e71e9e04", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:49", "1291168", "93c9ce7211132715569472b9162e1afbc56a5cb9", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:48", "1291166", "54559193c7dc48fc6e2d0e2115eaaaf9ffd48b4aa40350673b6b93bdc6c92d88", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:44", "1291165", "573e8453bc08e2b4e8e65b8560d81b150a9acdd8", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:43", "1291164", "44809186c26c6851b67bd98c5498f3ca", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:42", "1291163", "b6b7748dc00fc7ab14ca8ed870f992306ae599ea0aa199360b97337bdcc473f8", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:37", "1291162", "32de1b7315ecf0f684cb5e3f5b6ccc8b77b214f5", "sha1_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:36", "1291161", "4ff5332f95664c94649a67a3b0719cd1", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:35", "1291160", "65152ab9e3715b4ed0b8578289480e9136ecfe7546f894333a624bdd85912f24", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:27", "1291159", "e30796dd3407c03c0daa7e1d7165a80fc650041e", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:26", "1291158", "587e1d2473fea9284918bfbcf9897de2", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:25", "1291157", "c729d915ac96ff25722e76303e87e67c8ed51f776992724fa89fedbb77fc8a28", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:01", "1291156", "25dc1703e07cc5cc890238cc18d0199effab86be", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:45:00", "1291155", "5973141a1645142524005a976300ad3a", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:59", "1291153", "617eb3b2bf0d4d853c5710304318a1ce", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:59", "1291154", "ead922ce88867e6804ff1d47f1e030a093675da4", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:58", "1291152", "dbf0490cf6c6f1a69790755b1d1c6d08edb74f74a068af5a18f4e88331a849b5", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:50", "1291151", "c13752a148e2c42f65f3d8fb8333e5352cbfee6e", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:49", "1291150", "57cb0d1fbbe7e57e906d9bec624ff50f", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:48", "1291149", "235feecbf39c506144e406ee52d764d830e5124d113280a5e339bf3bdee978a5", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:44", "1291147", "0c5a964f9cbf2fec077302e6baa7316f", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:44", "1291148", "d8eeb1c8e4530d619c7a5927fec5fcc892e0b24f", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:43", "1291146", "dd93e71cdd590d9c74d24a1b822948e7501b7a38df590d4d52ddf3e862a0cb2d", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:39", "1291145", "d0593ff771d4cf489903b807aa93f29f5a51f0b5", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:38", "1291144", "5e4f2d9678bad336f1d711b618dc673f", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:36", "1291143", "e5b9978b7d400f977c1ffceb9193c2d7995d5cf63cfca3573b67a7f25bcb7c8b", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:33", "1291141", "65e2a9349c75ee34280992ed2e7aa548", "md5_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:33", "1291142", "9a4e3758e5b5b80503a5e1a0f9265cf146f850f5", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:32", "1291140", "552e61ad619a32a252b5a7e52dfee9aff417040e147e34bf0111e3f89dc433aa", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:44:29", "1291139", "d57c9017e2cbdb589c2698d899ee7f9063e35142", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2024-06-30 15:32:29", "1291132", "0ec61eda09a5b90027808d2295a193eb7a8e81d440e5460d00a69328c2f9ee81", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:29", "1291133", "013e39d10c6ec3d7f91105322804e5ec7d6cff966e44659fc568957f243e67a1", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:29", "1291134", "515b5f68bcb696982f8ff8abb4f27b9b29dd7ca7aebb47d02b57e3239f303610", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:29", "1291135", "d2860ed79191451e82ebaa6f33cce920fdb3ac6aa8f848042e801d1bb3e2a173", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:29", "1291136", "b50fe08b9598a37d20d27c92177223bf5950e247bf69e180d224699c2a96787e", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:29", "1291137", "6aab3b6b44e0998f84dac8bf0b42e5964651364f0d4f6695c0c915b8d85333c0", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291106", "033794fea47473d7b211bcb1e2d3bbc034e13987622e2ce096b62f87585ce8ac", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291107", "507a27b4f17f0f09bc39350ec9fcf4e3b46cf8e2f86438ee3a1293dc7633953f", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291108", "b49345933bab77fb1a712c49023c05f9cb1a37a08f8af2d80e96f8ed5fed34c6", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291109", "0eb72f14116fa9ed23add8f2350b5c599bf07d147497185dba551977fff5cc8f", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291110", "bc06c56e0226f4cc0075c739daeaf1f53dbda14d6ce09bf2792e84d6696afc28", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291111", "9f624204ef0eecdddef3942f1f5ec0c33ede232d89467a274f4a2d7d63b7add0", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291112", "923625a35af60a1d508168538c310e9db029bebe022200ddf56b7dff267c97a5", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291113", "692456ed13333fce730b553072c2b9bca111ccca6e920a4557f823d16fd7eb18", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291114", "d05fda175788a92e639767449006e7321100d427ad0deae840182f515cef81a4", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291115", "c2be545ffaaebb2cccc7a218dd89398b3f560ba0ba60dd7a6a761d71272752c4", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291116", "aaa39d58b2876b5253f46e2e9de769951300214e40b916f5a93a6017f1cfff4f", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291117", "315a3d7f30476a7ae9a96c321f2d121d61406cdcc859e0395908a6d709ec670a", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291118", "2280463cb95824decd3128ea25aecaf912c1e2d7c5d9371031e8f003015b8e11", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291119", "7b8055abe55bf505c6c90b62830bf97805534afcb296d79bdb0762c329a2484f", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291120", "1273e9f196d6e3a967c253f333cb4e09712e7710ded72ba45295436f547ad54d", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291121", "24fe4d823b93cb9e09a132cca6c2a964fda8363b6c6015a47a51f08e00a0abfb", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291122", "f4f06fd17b3f1ade279e00d191943494a6df14b8f5dd649d7e2ba77098c423f9", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291123", "1e0c28d7b90c2b36916fcbed87ae28f1035c1167936010b735437ec6e5acfbe1", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291124", "261e1a36e96c1130298e80c8b373b3b9984a17fe674fb68e6f5ea8e09ffd06b9", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291125", "1914fbabf572eb29eea594dd6eccccbaadb82e6c3e99adc9ee8c302179d128e2", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291126", "115389caf74f5964a571b30c2852b8d3b6c91a5b2110c44f78878a68b0d7cca1", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291127", "dec1bcdae1ed8a3cd3446c79f40ff73fad9a4962b15d946ed1875ffff546c651", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291128", "c3dd479040f9634af3679f6c935d3740c751a7dfbb81971b43ff106fa6e83148", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291129", "eb07f292e4a46ad121d85bac9bea91ab03ffb795527d7c1c1047e7312ea597c0", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291130", "c6eb58e6a7889ef27e38ebc6b3ab4220b2fdb9b7a804d2db760638a31eda2e51", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:28", "1291131", "7c92d300b75356ce0a554295e40e14549591c0ef320de3dd0f5f0e865b68691e", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:27", "1291102", "07d14eecbd23f8159c4593075e9c90e6aec2d58b0ff5a956c03d619db2a8cd4c", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:27", "1291103", "72a61910d0ce3c1796c072b1b7a14574918d3b1e5d5b23727ca8d55473ac3d57", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:27", "1291104", "9e2ff687de6af3e57f24f99b400a3ac7dea9f5d56f2dec5b319a4a951525a58c", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:32:27", "1291105", "345a6f419fc556f80f7f4b5b019c19c6340ea086d4bf08c96445b04c39b41a05", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,Remcos", "0", "nickkuechel"
"2024-06-30 15:31:54", "1291101", "84.32.41.112:443", "ip:port", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "", "60", "None", "backconnect", "0", "Rony"
"2024-06-30 15:25:16", "1291100", "http://a1000383.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 14:45:27", "1291099", "http://228282cm.nyashka.top/ExternalimagevmRequestlongpollsqldbLocal.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 14:10:14", "1291098", "http://445798cm.nyashka.top/ProviderEternalLinephpRequestSecurePacketprocessauthwordpress.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 13:52:43", "1291094", "https://91.149.236.162/match", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "Baxet Group Inc.,CobaltStrike,cs-watermark-1234567890", "0", "drb_ra"
"2024-06-30 13:52:37", "1291093", "http://47.109.186.179/ga.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-06-30 13:52:23", "1291092", "https://47.94.42.245:8443/bootstrap-5.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938,Hangzhou Alibaba Advertising Co.Ltd.", "0", "drb_ra"
"2024-06-30 13:51:59", "1291091", "124.222.91.4:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-30 13:51:58", "1291090", "http://www.nbch1na.com:8080/jquery-3.3.1.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-30 12:35:13", "1291019", "http://a0999045.xsph.ru/74e37122.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 12:24:02", "1291018", "77.91.77.82:80", "ip:port", "botnet_cc", "win.amadey", "None", "Amadey", "2024-07-02 05:12:02", "50", "https://tracker.viriback.com/index.php?q=77.91.77.82", "Amadey,ViriBack", "0", "abuse_ch"
"2024-06-30 11:30:16", "1291017", "http://mortilove9.temp.swtest.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 10:13:31", "1291014", "107.148.146.30:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,PEG-LA", "0", "drb_ra"
"2024-06-30 10:13:30", "1291013", "c2.yuyake.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 16:19:34", "100", "None", "CobaltStrike,cs-watermark-987654321,PEG-LA", "0", "drb_ra"
"2024-06-30 10:13:29", "1291012", "https://c2.yuyake.top/www/handle/doc", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,PEG-LA", "0", "drb_ra"
"2024-06-30 10:13:20", "1291011", "162.251.94.192:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:40", "100", "None", "CobaltStrike,cs-watermark-666666666,HKLNIL Landui Cloud ComputingHK Limited", "0", "drb_ra"
"2024-06-30 10:13:19", "1291010", "www.qianxinnbplus.xyz", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 16:20:00", "100", "None", "CobaltStrike,cs-watermark-666666666,HKLNIL Landui Cloud ComputingHK Limited", "0", "drb_ra"
"2024-06-30 10:13:18", "1291009", "https://www.qianxinnbplus.xyz/fam_cart.html", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666,HKLNIL Landui Cloud ComputingHK Limited", "0", "drb_ra"
"2024-06-30 09:30:14", "1291008", "http://a0988906.xsph.ru/_Defaultwindows.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 09:25:42", "1291007", "http://1.92.91.192/ptj", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938,Huawei Cloud Service data center", "0", "drb_ra"
"2024-06-30 09:22:58", "1291006", "http://110.41.21.173/g.pixel", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Huawei Cloud Service data center", "0", "drb_ra"
"2024-06-30 08:52:50", "1291005", "https://yuanruicn.top:8443/api/3", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321,Shenzhen Tencent Computer Systems Company Limited", "0", "drb_ra"
"2024-06-30 08:11:25", "1290998", "47.109.51.223:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "", "c2,cobaltstrike", "0", "hunting_rabbits"
"2024-06-30 08:08:07", "1291001", "95.214.27.187:443", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 08:08:07", "1291002", "95.214.27.160:443", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 08:08:07", "1291003", "37.44.238.67:443", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "75", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 08:06:59", "1291000", "conn.masjesu.zip", "domain", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://bazaar.abuse.ch/sample/7798262d33e8ea811b9c8f565f745408f42cdd55248328630691fcab52fc116b/", "Gafgyt", "0", "abuse_ch"
"2024-06-30 08:05:11", "1290999", "http://a1000492.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 07:59:14", "1290996", "194.113.74.24:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2024-06-30 08:01:21", "50", "", "c2,sliver", "0", "hunting_rabbits"
"2024-06-30 07:50:08", "1290995", "4.213.168.254:35456", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "https://bazaar.abuse.ch/sample/77bac2b4723bdb6551cb2ed5d72075b68370b197ae59c321ae0ac0f6a02fb68b/", "MooBot", "0", "abuse_ch"
"2024-06-30 07:49:32", "1290994", "91.92.244.163:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:31", "1290993", "103.234.72.208:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:26", "1290992", "101.42.247.112:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:25", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:49:25", "1290991", "23.95.65.198:2222", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:21", "1290990", "159.75.169.189:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:31", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:49:19", "1290989", "47.109.186.179:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:20", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:49:14", "1290988", "connect.bolo-botnet.net", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://bazaar.abuse.ch/sample/77bac2b4723bdb6551cb2ed5d72075b68370b197ae59c321ae0ac0f6a02fb68b/", "MooBot", "0", "abuse_ch"
"2024-06-30 07:48:59", "1290987", "47.95.31.143:4433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:55", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:56", "1290986", "47.238.48.116:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:16", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:18", "1290985", "172.245.110.33:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:43", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:48:17", "1290984", "45.61.138.167:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:13", "1290983", "39.106.83.74:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:12", "1290982", "46.183.27.41:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:41", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:48:09", "1290981", "43.207.204.175:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:30", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:48:00", "1290980", "46.183.27.41:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:47:55", "1290979", "134.122.75.115:87", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:47:24", "1290978", "106.14.69.133:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:57", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:47:22", "1290977", "176.109.109.84:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:37", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:47:12", "1290976", "134.122.75.115:86", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:47", "1290975", "18.183.19.253:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:25", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:46", "1290972", "114.55.250.233:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:30", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:46", "1290973", "34.132.104.7:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:46", "1290974", "39.100.182.56:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:30", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:39:45", "1290970", "112.126.85.180:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:11", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:45", "1290971", "49.232.199.246:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:48", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:44", "1290968", "110.40.138.5:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:42", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:44", "1290969", "114.55.57.77:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:31", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:42", "1290965", "49.232.227.129:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:29", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:39:42", "1290966", "150.158.113.86:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:27", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:39:42", "1290967", "199.195.252.200:2096", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:23", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:41", "1290963", "43.136.218.157:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:36", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:41", "1290964", "47.76.67.52:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:40", "1290961", "43.139.107.157:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:49", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:39:40", "1290962", "117.50.196.200:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:14", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:39:38", "1290959", "64.7.198.173:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:20", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:38", "1290960", "123.58.220.97:8087", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:31", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:37", "1290958", "47.121.123.96:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:47:35", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:36", "1290956", "139.9.205.12:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:38", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:36", "1290957", "43.153.222.28:433", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:21", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:35", "1290955", "97.64.18.185:3333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:17", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:32", "1290953", "121.43.124.191:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:12", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:32", "1290954", "120.53.236.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:28", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:39:31", "1290952", "111.231.20.220:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:14", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:39:30", "1290951", "64.7.198.173:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:50", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:29", "1290950", "119.91.144.105:2095", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:33", "100", "None", "CobaltStrike,cs-watermark-1359593325", "0", "abuse_ch"
"2024-06-30 07:39:27", "1290949", "134.175.229.118:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:23", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:26", "1290948", "47.108.106.118:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:37", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:39:25", "1290947", "8.219.146.174:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:16", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:24", "1290945", "206.237.24.135:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:18", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:39:24", "1290946", "43.139.107.157:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:26", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:39:23", "1290944", "154.221.24.44:8098", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:48:42", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:18", "1290943", "8.217.137.245:50000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:07", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:15", "1290942", "8.219.146.174:1337", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:20", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:14", "1290941", "8.141.13.130:8098", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:39:07", "1290940", "47.121.112.235:4567", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:55", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:05", "1290939", "47.236.74.146:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:40", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:39:04", "1290938", "47.113.107.52:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:51", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:57", "1290937", "43.138.132.137:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:56", "1290936", "39.108.220.93:3333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:45", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:53", "1290935", "185.117.0.43:8887", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:52", "1290934", "185.201.226.192:4001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:49", "1290933", "154.221.24.44:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:43", "1290932", "123.58.220.97:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:48:38", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:35", "1290931", "119.45.21.247:9000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:20", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:38:33", "1290930", "115.159.50.50:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:13", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:32", "1290929", "112.124.6.100:6789", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:06", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:29", "1290928", "106.54.236.42:3306", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:59", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:28", "1290927", "106.75.249.81:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:28", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:24", "1290926", "101.200.120.13:8099", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:54", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:23", "1290925", "124.222.37.211:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:34", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:22", "1290924", "211.149.252.96:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:56", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:21", "1290923", "124.222.72.51:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:21", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:38:20", "1290922", "91.92.248.235:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:19", "1290920", "120.26.139.208:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:26", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:19", "1290921", "103.146.159.3:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:39", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:17", "1290918", "54.237.218.187:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:17", "1290919", "120.79.8.117:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:24", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:16", "1290917", "18.138.122.192:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:33", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:38:15", "1290916", "185.77.226.142:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:22", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:14", "1290915", "47.109.77.9:9001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:22", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:38:11", "1290913", "103.225.9.174:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:17", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:38:11", "1290914", "39.100.91.89:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:39", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:10", "1290912", "106.53.22.217:1080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:26", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:38:08", "1290911", "220.249.191.101:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:44", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:38:04", "1290910", "116.204.75.247:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:38:03", "1290909", "43.138.150.207:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2024-06-30 07:38:02", "1290908", "154.44.10.182:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:38:01", "1290907", "47.97.100.26:8000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:03", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:59", "1290906", "121.37.226.97:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:37:58", "1290905", "35.238.182.197:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:36", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:37:57", "1290903", "124.223.101.175:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:51", "100", "None", "CobaltStrike,cs-watermark-305419896", "0", "abuse_ch"
"2024-06-30 07:37:57", "1290904", "95.214.234.74:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:20:22", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:55", "1290901", "111.231.74.72:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:53", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:37:55", "1290902", "43.138.0.7:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:54", "1290900", "124.221.22.144:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:37:53", "1290899", "62.234.34.114:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:22", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:52", "1290897", "43.138.0.7:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:52", "1290898", "129.211.214.71:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:51", "1290895", "103.225.196.210:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:42", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:51", "1290896", "47.92.70.19:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:15", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:50", "1290894", "85.209.153.114:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:49", "1290892", "106.54.197.233:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:24", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:49", "1290893", "8.134.163.72:801", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:58", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:48", "1290890", "107.172.34.126:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:49", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2024-06-30 07:37:48", "1290891", "47.97.96.79:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:45:57", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:37:46", "1290888", "8.137.87.159:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:27", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:46", "1290889", "47.108.164.45:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:26", "100", "None", "CobaltStrike,cs-watermark-1873433027", "0", "abuse_ch"
"2024-06-30 07:37:45", "1290887", "47.97.22.116:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:43:52", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:43", "1290886", "8.134.139.130:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:20", "100", "None", "CobaltStrike,cs-watermark-666666", "0", "abuse_ch"
"2024-06-30 07:37:40", "1290885", "47.92.30.116:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:34", "100", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch"
"2024-06-30 07:37:39", "1290884", "120.26.139.208:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:48", "100", "None", "CobaltStrike,cs-watermark-100000", "0", "abuse_ch"
"2024-06-30 07:37:38", "1290883", "155.94.204.114:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:14", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:31", "1290881", "155.94.204.114:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:23", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:31", "1290882", "106.75.15.3:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:30", "1290880", "91.149.236.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-02 05:19:22", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:37:29", "1290878", "107.189.13.28:800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:46:18", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:37:29", "1290879", "154.9.253.110:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:48:43", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2024-06-30 07:37:28", "1290877", "112.124.33.134:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-06-30 07:47:26", "100", "None", "CobaltStrike,cs-watermark-1234567890", "0", "abuse_ch"
"2024-06-30 07:37:27", "1290876", "8.134.137.100:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2024-07-01 06:44:45", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2024-06-30 07:33:47", "1290809", "ellaboratepwsz.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:46", "1290805", "https://penetratedpoopp.xyz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:08", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:46", "1290806", "https://steamcommunity.com/profiles/76561199724331900", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:10", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:46", "1290807", "https://swellfrrgwwos.xyz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:10", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:46", "1290808", "https://towerxxuytwi.xyz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:11", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:45", "1290803", "https://ellaboratepwsz.xyz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:07", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:44", "1290800", "contintnetksows.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:44", "1290801", "reinforcedirectorywd.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:43", "1290798", "potterryisiw.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:43", "1290799", "foodypannyjsud.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:42", "1290795", "https://contintnetksows.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:06", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:42", "1290796", "https://reinforcedirectorywd.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:09", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:42", "1290797", "piedsiggnycliquieaw.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:27:03", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:41", "1290792", "https://piedsiggnycliquieaw.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-06-29 21:26:16", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:41", "1290793", "https://potterryisiw.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:09", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:41", "1290794", "https://foodypannyjsud.shop/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:07", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:40", "1290541", "103.139.1.202:3434", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "100", "https://bazaar.abuse.ch/sample/7a4238fc6f5d3c7731c2eb33911298eaa36986040858af56e76628c5dc83e265/", "Ermac", "0", "NDA0E"
"2024-06-30 07:33:39", "1290511", "botnet.4gnekoland.top", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest"
"2024-06-30 07:33:38", "1290510", "15.235.209.194:19990", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest"
"2024-06-30 07:33:37", "1290804", "https://pedestriankodwu.xyz/api", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2024-07-01 05:46:08", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:36", "1290802", "5.59.248.220:38241", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2024-06-30 07:33:35", "1290810", "pedestriankodwu.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:35", "1290811", "penetratedpoopp.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:34", "1290812", "swellfrrgwwos.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:34", "1290813", "towerxxuytwi.xyz", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "NDA0E"
"2024-06-30 07:33:32", "1290828", "https://www.bunkomania.net/article.php", "url", "payload_delivery", "js.gootloader", "None", "GootLoader", "", "100", "None", "Stage 2", "0", "ArtifactRunner"
"2024-06-30 07:10:13", "1290875", "http://640740cm.nyashka.top/providerEternalGameWindowstest.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
"2024-06-30 06:50:43", "1290874", "213.195.117.131:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/213.195.117.131", "AsyncRAT,XTRA Telecom", "0", "drb_ra"
"2024-06-30 06:49:51", "1290873", "185.241.208.181:9090", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/185.241.208.181", "AsyncRAT,SERVICES-1337-GMBH 1337-SERVICES-GMBH-NETWORK", "0", "drb_ra"
"2024-06-30 06:49:46", "1290872", "46.246.6.14:2000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "https://search.censys.io/hosts/46.246.6.14", "AsyncRAT,PORTLANE www.portlane.com", "0", "drb_ra"
"2024-06-30 06:49:18", "1290871", "91.92.240.70:50555", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/91.92.240.70", "Hookbot Pegasus,LIMENET", "0", "drb_ra"
"2024-06-30 06:48:54", "1290870", "176.32.38.11:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/176.32.38.11", "ASBAXETN,Supershell", "0", "drb_ra"
"2024-06-30 06:48:17", "1290869", "46.246.4.17:9000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "https://search.censys.io/hosts/46.246.4.17", "DcRat,PORTLANE www.portlane.com", "0", "drb_ra"
"2024-06-30 06:48:06", "1290868", "79.107.142.212:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "50", "https://search.censys.io/hosts/79.107.142.212", "Qakbot,WIND-AS", "0", "drb_ra"
"2024-06-30 06:46:34", "1290867", "37.111.183.34:443", "ip:port", "botnet_cc", "win.deimos", "None", "Deimos", "", "50", "https://search.censys.io/hosts/37.111.183.34", "Deimos,TPP-AS-PK Telenor Pakistan", "0", "drb_ra"
"2024-06-30 06:46:10", "1290866", "52.183.57.173:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/52.183.57.173", "MICROSOFT-CORP-MSN-AS-BLOCK,Mythic", "0", "drb_ra"
"2024-06-30 06:45:54", "1290865", "178.18.254.10:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://search.censys.io/hosts/178.18.254.10", "CONTABO,Covenant", "0", "drb_ra"
"2024-06-30 06:45:28", "1290864", "52.196.181.68:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://search.censys.io/hosts/52.196.181.68", "AMAZON-02,Sliver", "0", "drb_ra"
"2024-06-30 06:40:13", "1290863", "http://a1000330.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat", "0", "abuse_ch"
# Number of entries: 1428