################################################################
# ThreatFox IOCs: recent additions - CSV format                #
# Last updated: 2025-05-18 12:57:08 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-05-18 12:57:08", "1525232", "next.avianix.tech", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:54:48", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 12:00:51", "1525231", "172.234.250.243:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.234.250.243", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci"
"2025-05-18 12:00:46", "1525230", "192.227.220.27:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/192.227.220.27", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-05-18 12:00:45", "1525228", "128.90.115.247:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.115.247", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci"
"2025-05-18 12:00:45", "1525229", "205.234.144.127:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/205.234.144.127", "AS399486,AsyncRAT,C2,censys,RAT,VIRTUO", "0", "DonPasci"
"2025-05-18 12:00:40", "1525227", "206.206.77.61:2222", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/206.206.77.61", "AS215311,C2,censys,payload,REGXA-CLOUD,Sliver", "0", "DonPasci"
"2025-05-18 12:00:30", "1525226", "86.38.225.161:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/86.38.225.161", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci"
"2025-05-18 11:00:21", "1525225", "https://jugulagklc.live/roek", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b7d8baf7b42e19c1a07a6e79de9fb53ebd899379d96cd2cfd5671f618e2d8a9c/", "lumma", "0", "abuse_ch"
"2025-05-18 11:00:13", "1525224", "https://82jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b7d8baf7b42e19c1a07a6e79de9fb53ebd899379d96cd2cfd5671f618e2d8a9c/", "lumma", "0", "abuse_ch"
"2025-05-18 10:50:25", "1525223", "https://strengbllk.live/fpsz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4f5e203c632416a5ed12d4f8faf20e4a5838daac3d26ad2c51d7e1f729af5d21/", "lumma", "0", "abuse_ch"
"2025-05-18 09:00:35", "1525222", "49.233.87.64:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:58:16", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 08:58:31", "1525221", "154.8.233.224:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:35", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 08:55:26", "1525220", "84.38.184.97:9100", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 14:53:52", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-18 08:46:46", "1525219", "158.160.51.4:9100", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 14:45:55", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-18 08:11:53", "1525218", "47.121.203.184:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-18 08:05:48", "1525129", "196.251.72.252:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:49:32", "100", "https://search.censys.io/hosts/196.251.72.252", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_"
"2025-05-18 08:05:47", "1525134", "host.tempoestil.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.132.51.146+host.tempoestil.com", "AS3132,C2,censys,Mythic", "0", "dyingbreeds_"
"2025-05-18 08:05:46", "1525125", "51.79.202.24:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:52:40", "100", "https://search.censys.io/hosts/51.79.202.24", "AS16276,C2,censys,OVH,RAT", "0", "dyingbreeds_"
"2025-05-18 08:05:45", "1525135", "45.38.20.244:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 04:00:51", "100", "https://search.censys.io/hosts/45.38.20.244", "AS215659,C2,censys,MOEMOEKYUN,Mythic", "0", "dyingbreeds_"
"2025-05-18 08:05:45", "1525138", "47.108.139.103:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.108.139.103", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-05-18 08:05:44", "1525139", "31.210.37.100:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.210.37.100", "AS60446,censys,DATEMA,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:44", "1525140", "13.60.46.114:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.60.46.114", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:43", "1525141", "61.174.243.80:40256", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/61.174.243.80", "AS136190,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:43", "1525144", "52.210.91.186:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.210.91.186", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:42", "1525142", "34.250.55.210:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.250.55.210", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:42", "1525143", "103.77.215.126:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.77.215.126", "AS140810,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:42", "1525145", "200.155.28.200:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/200.155.28.200", "AS15830,censys,EQUINIX,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:41", "1525146", "61.183.132.26:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/61.183.132.26", "AS4134,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:41", "1525147", "54.77.123.112:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.77.123.112", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:41", "1525148", "123.57.38.20:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/123.57.38.20", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:40", "1525149", "122.152.204.139:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/122.152.204.139", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:40", "1525150", "13.233.128.232:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.233.128.232", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:40", "1525151", "34.123.234.116:3000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.123.234.116", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:39", "1525152", "212.156.31.230:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/212.156.31.230", "AS9121,censys,GoPhish,Phishing,TTNET", "0", "dyingbreeds_"
"2025-05-18 08:05:39", "1525153", "158.160.185.38:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/158.160.185.38", "AS200350,censys,GoPhish,Phishing,YANDEXCLOUD", "0", "dyingbreeds_"
"2025-05-18 08:05:39", "1525154", "84.46.248.162:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/84.46.248.162", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:38", "1525155", "18.199.244.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.199.244.6", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:37", "1525156", "18.199.244.6:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.199.244.6", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:37", "1525157", "45.236.128.172:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.236.128.172", "AS52368,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-18 08:05:36", "1525205", "5.180.82.194:43957", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest"
"2025-05-18 08:05:36", "1525206", "kniznetwork.duckdns.org", "domain", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest"
"2025-05-18 08:01:10", "1525217", "176.65.142.203:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/176.65.142.203", "-Reserved,AS215240,C2,censys,moobot", "0", "DonPasci"
"2025-05-18 08:01:09", "1525216", "138.2.101.39:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/138.2.101.39", "AS31898,C2,censys,moobot,ORACLE-BMC-31898", "0", "DonPasci"
"2025-05-18 08:00:58", "1525215", "54.244.141.27:19999", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:52:52", "100", "https://search.censys.io/hosts/54.244.141.27", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-18 08:00:50", "1525214", "198.46.199.107:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:49:45", "100", "https://search.censys.io/hosts/198.46.199.107", "AS-COLOCROSSING,AS36352,C2,censys,Mythic", "0", "DonPasci"
"2025-05-18 08:00:45", "1525213", "66.63.187.252:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:53:12", "100", "https://search.censys.io/hosts/66.63.187.252", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci"
"2025-05-18 08:00:30", "1525210", "146.70.67.154:6513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:45:14", "100", "https://search.censys.io/hosts/146.70.67.154", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-05-18 08:00:30", "1525211", "196.251.83.104:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/196.251.83.104", "AS401120,C2,censys,CHEAPY-HOST,RAT,Remcos", "0", "DonPasci"
"2025-05-18 08:00:30", "1525212", "176.65.142.90:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:47:43", "100", "https://search.censys.io/hosts/176.65.142.90", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci"
"2025-05-18 08:00:29", "1525209", "45.132.107.36:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:51:44", "100", "https://search.censys.io/hosts/45.132.107.36", "AS211381,C2,censys,PODAON,RAT,Remcos", "0", "DonPasci"
"2025-05-18 08:00:13", "1525208", "193.37.58.234:48873", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:57:06", "100", "https://search.censys.io/hosts/193.37.58.234", "AS212238,C2,CDNEXT,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci"
"2025-05-18 08:00:12", "1525207", "154.64.231.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.64.231.181", "AS979,C2,censys,CobaltStrike,cs-watermark-987654321,NETLAB-SDN", "0", "DonPasci"
"2025-05-18 06:19:50", "1525204", "193.161.193.99:45540", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-05-18 06:19:10", "1525202", "economic-rob.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-05-18 06:19:10", "1525203", "warrant764-45540.portmap.io", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-05-18 06:18:57", "1525201", "https://pastebin.com/raw/ZxCUpaSK", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-05-18 06:17:40", "1525200", "193.161.193.99:34383", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-18 06:16:37", "1525199", "109.242.232.94:10048", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "", "c2,darkcomet", "0", "juroots"
"2025-05-18 06:16:19", "1525198", "makes-girl.gl.at.ply.gg", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-18 06:15:34", "1525197", "45.138.68.10:9205", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/45.138.68.10#9205", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-18 06:15:10", "1525196", "103.214.109.34:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/103.214.109.34#10001", "c2,extreme,shodan", "0", "juroots"
"2025-05-18 06:14:53", "1525195", "13.208.181.240:10397", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/13.208.181.240#10397", "c2,netsupport,shodan", "0", "juroots"
"2025-05-18 06:14:34", "1525194", "185.208.159.102:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:48:28", "50", "https://www.shodan.io/host/185.208.159.102#80", "c2,oyster,shodan", "0", "juroots"
"2025-05-18 06:14:06", "1525193", "86.123.49.75:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/86.123.49.75#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-18 06:14:05", "1525189", "24.144.82.16:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/24.144.82.16#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-18 06:14:05", "1525190", "37.252.19.120:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/37.252.19.120#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-18 06:14:05", "1525191", "172.232.121.75:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/172.232.121.75#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-18 06:14:05", "1525192", "195.2.71.152:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/195.2.71.152#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-18 06:13:51", "1525185", "105.156.224.14:5006", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#5006", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:51", "1525186", "105.156.224.14:7071", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#7071", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:51", "1525187", "41.143.200.243:10443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#10443", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:51", "1525188", "41.143.200.243:47990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#47990", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:50", "1525181", "105.156.224.14:8081", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8081", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:50", "1525182", "105.156.224.14:10250", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#10250", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:50", "1525183", "105.156.224.14:8009", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8009", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:50", "1525184", "105.156.224.14:5986", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#5986", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:49", "1525177", "105.156.224.14:8181", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8181", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:49", "1525178", "105.156.224.14:8880", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8880", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:49", "1525179", "105.156.224.14:8085", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8085", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:49", "1525180", "105.156.224.14:9001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#9001", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:48", "1525173", "105.156.224.14:9002", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#9002", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:48", "1525174", "105.156.224.14:6443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#6443", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:48", "1525175", "105.156.224.14:8834", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8834", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:48", "1525176", "105.156.224.14:4064", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#4064", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:47", "1525169", "105.156.224.14:47990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#47990", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:47", "1525170", "105.156.224.14:31337", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#31337", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:47", "1525171", "105.156.224.14:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#2087", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:47", "1525172", "105.156.224.14:55553", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#55553", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:46", "1525166", "105.156.224.14:1926", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#1926", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:46", "1525167", "105.156.224.14:2376", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#2376", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:46", "1525168", "105.156.224.14:8083", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8083", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:45", "1525163", "105.156.224.14:4444", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#4444", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:45", "1525164", "105.156.224.14:3780", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#3780", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:45", "1525165", "105.156.224.14:9898", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#9898", "c2,quasar,shodan", "0", "juroots"
"2025-05-18 06:13:24", "1525161", "101.200.183.130:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/101.200.183.130#80", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-05-18 06:13:24", "1525162", "154.8.233.224:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.8.233.224#81", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-05-18 06:13:01", "1525160", "154.8.233.224:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 06:13:24", "50", "https://www.shodan.io/host/154.8.233.224#8081", "c2,cobaltstrike,cs-watermark-600000,shodan", "0", "juroots"
"2025-05-18 06:12:45", "1525159", "118.178.192.36:8092", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 06:13:24", "50", "https://www.shodan.io/host/118.178.192.36#8092", "c2,cobaltstrike,cs-watermark-305419896,shodan", "0", "juroots"
"2025-05-18 06:12:42", "1525158", "101.200.183.130:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 06:13:25", "50", "https://www.shodan.io/host/101.200.183.130#88", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-05-18 04:00:58", "1525137", "18.182.66.217:6003", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:48:06", "100", "https://search.censys.io/hosts/18.182.66.217", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-18 04:00:42", "1525136", "8.220.195.197:8903", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/8.220.195.197", "ALIBABA-CN-NET,AS45102,C2,censys,payload,Sliver", "0", "DonPasci"
"2025-05-18 04:00:31", "1525131", "45.80.158.95:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:52:06", "100", "https://search.censys.io/hosts/45.80.158.95", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-05-18 04:00:31", "1525132", "104.37.4.116:6012", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:43:33", "100", "https://search.censys.io/hosts/104.37.4.116", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-18 04:00:31", "1525133", "104.37.4.116:6013", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:43:34", "100", "https://search.censys.io/hosts/104.37.4.116", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-18 04:00:30", "1525127", "172.94.27.162:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:47:05", "100", "https://search.censys.io/hosts/172.94.27.162", "AS396356,C2,censys,LATITUDE-SH,RAT,Remcos", "0", "DonPasci"
"2025-05-18 04:00:30", "1525128", "185.157.162.132:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:48:19", "100", "https://search.censys.io/hosts/185.157.162.132", "AS42675,C2,censys,OBEHOSTING,RAT,Remcos", "0", "DonPasci"
"2025-05-18 04:00:30", "1525130", "79.110.49.199:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:53:26", "100", "https://search.censys.io/hosts/79.110.49.199", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci"
"2025-05-18 04:00:29", "1525126", "196.251.115.237:5001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:49:20", "100", "https://search.censys.io/hosts/196.251.115.237", "AS401116,C2,censys,NYBULA,RAT,Remcos", "0", "DonPasci"
"2025-05-18 02:57:46", "1525123", "49.233.87.64:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:58:16", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:56:06", "1525122", "154.8.233.224:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:36", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:56:05", "1525121", "154.8.233.224:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:35", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:56:03", "1525120", "154.219.119.16:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:32", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:55:59", "1525119", "152.136.52.129:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:29", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:55:25", "1525118", "119.29.201.113:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:56", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:54:18", "1525117", "giajgdfgcs63da2s.ksf123.icu", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:54:45", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-18 02:02:14", "1525116", "c3e0b4bc50bfea388a257827ecdf8e32", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:13", "1525114", "451b70a6614735b538d3aaa11f1f827cbf77d5b6", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:13", "1525115", "21cfc0456efbfd7d450ea93e3170ccd17d8b308d39b92b2e94863116a08e4dbb", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:07", "1525111", "ea35df49846b7057f24e52c8f93ff8e9ea78d0dc", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:07", "1525112", "8f3370aaf5651d6bc98794269a81acaa9f6990847636cbc1085d50cc36673d7c", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:07", "1525113", "740666a1cc8903a4430169f163e44e47", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:05", "1525110", "139dda84a3ed2adbeb493f73f7811fb1", "md5_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:04", "1525108", "edbd232ca9eb23fa13779b84c304d04856ee1065", "sha1_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:04", "1525109", "f497e0f58f93c129f70a89f01aa20b3a5372e4e9f83580ad9a1d8e613ab389a9", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:03", "1525105", "a9e922e78403466f9b3c1d3c176cda22ae433190", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:03", "1525106", "81997543956e55be841eb355689d94756b835a44ed083d57c8b61df05d762974", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:03", "1525107", "a9a67bc3c3b3b1d85f2c6f126b7604a5", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:02", "1525104", "b91e1896c75590e4d298f4f37d6d3ace", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:01", "1525102", "65ce7f2fdd216814712830ba35ee851296f758cc", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:01", "1525103", "63df9c4e6fda2207cb035da1fe9d6ef5f9b195a0c0169f75483408e43948cca2", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:02:00", "1525101", "a574f73378cff4b73aec42cf71671c12", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:55", "1525099", "795d642e2b5989d7e500e55b14444dd894dd1471", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:55", "1525100", "6a754fd38b06364bb6e59672330787c746e6b36cddb10169d7959c6024279453", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:54", "1525097", "7521de9b4cccfd3833f5beb86a80696330a745c6cdde7c0e0c92462cd08f0f2f", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:54", "1525098", "7e5062d38e14859f4f6b0227e88b43ed", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:53", "1525095", "2744f25a963b50f5967d1a0e6eee16f8", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:53", "1525096", "83f3173269c6c3fd36163a8e70eac8a7ff4cca18", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:52", "1525093", "4edb9c2004c977580731596f2b57cd5c2f650c8e", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:52", "1525094", "145289accb8c684e583ca3d99532d64d0a6a40142062e648c65ffd8da070c4c9", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:51", "1525092", "35fcb7588ab312aa4f62122d54bdd3ac", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:50", "1525090", "3f49baf4a6cfe92ad860732f557679bd1361b841", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:50", "1525091", "98d520e91135c2ed5310a980253a6d1c2fca3a87214c664413416d8b959406c6", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:49", "1525087", "a106349d86b132dd9bac546a3c24ad394fb1a3a6", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:49", "1525088", "8e06de8362aa306b91416672800eab1486086e1630efd643f56fe794f6c65c2e", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:49", "1525089", "21bccabd7c5c630ee0b8bb7647fd0bcf", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:48", "1525086", "e9121cd3f1b76f1b07cc370c614fe910", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:47", "1525084", "c4af5422c0bf529c7cc8c45dfb291325f05538e2", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:47", "1525085", "c86bb63d82014bf9a36c13fe6f94ab28c80888dd429a858194dc168b99756b1c", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:46", "1525082", "0c181b7d7e866be58430f2b4ea0b8822bd1c1a5c64e63815ae9b8531134f42b4", "sha256_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:46", "1525083", "4e8144068daf97ae616160fdcc26f34f", "md5_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:45", "1525079", "c01b2a6d818eb13727f56b003f3f42cc6495256a8850e32a5590a7a96261b69e", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:45", "1525080", "fdc7b3bc5b6fc7fad55293e21fd8d4a5", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:45", "1525081", "66d10c2196581c0ec79357b0ccece28f1020081f", "sha1_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:44", "1525077", "4797cb80b22ba0da0ede6593bfc16399a5ffc289400155115c8de7786ea0db49", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:44", "1525078", "38439d609f28dbf31519348baa0cf13d04fe46b1", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:43", "1525075", "a47cc5e21cdfd874757acfbca43d728a", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:43", "1525076", "7e8483541f47b4bc70577db6fac8479597a321d0", "sha1_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:42", "1525073", "a798cf50521d8689ba0e7e4533caf3e55c5c5097", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:42", "1525074", "43a1d69c1f2d0c38298be7068a959e67dd980973eee15a1f143f15dadbb5b573", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:41", "1525072", "962d2a0880c5325328930b66bb4e2cf1", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:40", "1525069", "0ccf16eefb633fdb203d03b80efe491b", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:40", "1525070", "c19a065d2b5b37f1bf59175d1e497dc165a5ab88", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:40", "1525071", "08037de4a729634fa818ddf03ddd27c28c89f42158af5ede71cf0ae2d78fa198", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:39", "1525067", "d6837a89f51e8b49d1f0cfba2f926836130a252d", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:39", "1525068", "c5243dc70d3c827625232487d03a0eb3f1a445a4983203fcff63fc8fcd3f5b79", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:38", "1525066", "7757498f14522566d23d228016119578", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:37", "1525064", "60825a9d08dc7222d6c5dc94f87cc17c0359c875", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:37", "1525065", "3255fdcd6de6c6672517ca718a96c0115ddd6267299cfe76ec109d4899b2a1ab", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:36", "1525061", "42e566aaae6cf3a410fa00dec87a3857ded8333e", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:36", "1525062", "30fc2960f2f2d22a93d2eea95401b32f71d1e067e05d08faaa564aafe7510385", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:36", "1525063", "652a93c98869279a911eee1c960ed7cd", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:30", "1525059", "7162d72e84ee4967b18ed769212c9be81bfe7505e72e5c795ad8444c65df35db", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:30", "1525060", "211ba815ca7a8519a235a80f72e29b27", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:29", "1525057", "ece44d60060e4961dade561f02912a29", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:29", "1525058", "1ec33bef0a3176071bfa21e9acbaccb2c129b1c5", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:28", "1525055", "0b0c7a06e8350831c7bab4ab6a02c3f503f20ad4", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:28", "1525056", "f6735d833ebf13de06be97b1cb8aa544e974e3dd2c566e16a4ab9716ff2f663e", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:27", "1525054", "c8426e90c57e263c2c1db241b0975d1c", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:22", "1525053", "2c9f0a20bb3f0165a52858a879a4effeb1f0c3963f15df884f8baea7d3ff5f4a", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:21", "1525051", "ece1d1507b62c20327e999c6936a95a7", "md5_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:21", "1525052", "f5014fd9153758561e1fd87cccfdba38f5071849", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:20", "1525049", "b512bb8131168cc268f487c655116a37d8b888d3", "sha1_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:20", "1525050", "8eb08322033f193a5e7ea16d83c0cd324efaaab628fb245bdb27f6977c2a6d86", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:14", "1525045", "95bf1cd9da53c1d3e7f20bed07f292a4", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:14", "1525046", "ec5cc6be8491152cece5ab74682a269349a6202d", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:14", "1525047", "4bd4b880b6f35433701cbc2cbcf408260f58c21e654d7893901b3a6ba04fdd1f", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:14", "1525048", "594d06021e5f3b46fec68997d7707dee", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:13", "1525043", "9c0df8c6daeb6dca86932fd21877912a43166bb3", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:13", "1525044", "c08135233df7ec3cd1a594b44d030760983f733246af93d0357c43260ee1ad74", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:12", "1525041", "b17daa18867c925a1b3c9b093d16773e0d9d8507981f4f0ea84b6528d511da49", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:12", "1525042", "ce62715f2ea5e5243dc03dd8202343db", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:11", "1525039", "07a97a749a4818950e08989ecb4719df", "md5_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:11", "1525040", "47d5661e6ca7df5f647404d490ad9307c8dea4be", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:10", "1525037", "3593c1360a474cf62063f8621ff2805c10f297c7", "sha1_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:10", "1525038", "e0a8383a4c0beb02f1004468b777a85720343bf25e09f50d23975bb91fff4448", "sha256_hash", "payload", "win.netwire", "NetWeird,NetWire,Recam", "NetWire RC", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:09", "1525035", "9c65d850589e6ab34c6c8e65b8a3b4aa26fa913ca850472023a3b708f95c226b", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:09", "1525036", "eaf71e0105c5c4380d1b50a31ab8cd55", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:08", "1525033", "1647a78f3b8e4419628368026534b89f", "md5_hash", "payload", "win.kelihos", "None", "Kelihos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:08", "1525034", "37f559d3834cda1a3004b1c7261eba2f012b0be7", "sha1_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:07", "1525031", "106d36a7cc749575bdf6891ef1efa6997d5f239e", "sha1_hash", "payload", "win.kelihos", "None", "Kelihos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:07", "1525032", "a8977835c0902ff41c536597be155d1fe6f66af9be6d435c186fbce1cfc5f3b8", "sha256_hash", "payload", "win.kelihos", "None", "Kelihos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:06", "1525029", "aed8dd0a6fbfac572a19165b8a46a6c732a350d960a6f4ff24b81596a3318e8a", "sha256_hash", "payload", "win.kelihos", "None", "Kelihos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:06", "1525030", "e10ef247a8035a02828a07a406dfecdf", "md5_hash", "payload", "win.kelihos", "None", "Kelihos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:05", "1525027", "8485d36986bc3359aaec8b1a209cea4a", "md5_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:05", "1525028", "38dd43fa9485c9e30b854ac222f35d8e6cb934f8", "sha1_hash", "payload", "win.kelihos", "None", "Kelihos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:04", "1525024", "6e6982099ff3a60fec816c9899cfb8e1", "md5_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:04", "1525025", "a833063a1731c30f2f423459afba7b59a8803f27", "sha1_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:04", "1525026", "cb9b9a4ad6fc4595d77b0768c78ad8fa7d8a1420f93a9dcd3db7cdebd091c4d0", "sha256_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:03", "1525022", "4221b91ccb495bf5db2d1db168898eac58c13e58", "sha1_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:03", "1525023", "080784c30b5680a3fefbbe6ae23e2466e60904c0b3ae379643ba7b697989eff0", "sha256_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:02", "1525020", "76a1e13e2ae561157a2d227dbb8cd71ef48cd78839d9551d15a17441b64ebe75", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:02", "1525021", "00bf0dabd98dc8258b2e9cbc206d1138", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:01", "1525019", "e31584dc750d5cd4c898dd8bb9abd3833a22b4f1", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:00", "1525016", "23d23c5a5d3a999ee826e92a688a904dafb9c52b", "sha1_hash", "payload", "win.banatrix", "None", "Banatrix", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:00", "1525017", "05a7ff73cb4f91eafdf472336c1d319e0ce697817f72e2c916a5251dc4748336", "sha256_hash", "payload", "win.banatrix", "None", "Banatrix", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:01:00", "1525018", "ec2fe26228a454bcd392c732d70a66e2", "md5_hash", "payload", "win.banatrix", "None", "Banatrix", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:59", "1525014", "9164bf50a1cc1e548589aa14979c6fdbba0ec977f0e3ebb6e5d4d706f5c4df40", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:59", "1525015", "e31b68621550d6dea6aa230f4302f2e5", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:58", "1525012", "4b9d57b4506ed4c331ce7837da19fb3f", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:58", "1525013", "6691f8e3808ac8db9ecc6135220201f28574de1a", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:57", "1525010", "27424c18197a1807e8d4b062e26228c990ed6a7d", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:57", "1525011", "260d329675466f49ea46d96831920929d78f23881137ecad447116e88d4f0271", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:56", "1525007", "7c1fc969e10aae2f7c5725611559eab438c8cbfd", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:56", "1525008", "059a0a5f8ab02faae85536a23a83f9224c4ec60055ec5a1067fa0a026f72a1b4", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:56", "1525009", "5813bfc4da23ef6c272959821cf30c8f", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:55", "1525005", "5cdc51b9038ac44a9a44ec9f85082006ba9aa81dfdf4f41ca2fb0d3e31ff3a93", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:55", "1525006", "ab7c7484fc2615fea7cb9ffe0fc30416", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:54", "1525003", "7d66d21a9b41e1004bac03db42431ec6", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:54", "1525004", "c11b0c9de38d4b8873d9fcea471b53f87bc1cb33", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:53", "1525001", "2c3b029e9ca0f09d770cee24c616d8083ad59301", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:53", "1525002", "9085f21c1b1530bba6a058781ff7ebf33928dbecfe39ffb7bd2fc34344ac6bdb", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:52", "1524999", "47b6f1e0346a0bb399ca8879aafbe96df8743f53665bdf4e725c0dbbc38fd833", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:52", "1525000", "4281ed62aa255ec35ea4d46844385bd0", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:51", "1524996", "50928be47ca78ed6c558bb63b9cfb6e1c626fcc5ef05a4a5789f4d9136447429", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:51", "1524997", "81ad2d3ad55fad381f69ec9afe44dbf9", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:51", "1524998", "d17e5020bed42827b276e4929ce994d1ed6c12e1", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:50", "1524994", "d2b464bf33e03cdb8af20ecf68273d50", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:50", "1524995", "1014fae66318c8917dda1117e2d6bd710fce0d10", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:49", "1524992", "989570c9815735f0c97f263e7fca4b5dbb538689", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:49", "1524993", "eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:48", "1524990", "3038fc8a58eec6eff77e2fe6670d33a161fcac66f1bfdd6dd1633d0798b106de", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:48", "1524991", "74a8bd9f5f04ba48d4bd363de13e45e7", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:47", "1524988", "7c69d23dea04e9055d45b7f733c4936c", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:47", "1524989", "cd663f6252133e8e474ac82bee8ca2f518d74692", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:46", "1524986", "7fb0bc6aeb0847031015c046f7384901c3d2112d", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:46", "1524987", "6aa5a517d11b9e284918d908934f6ec92fda37e7c75c2df496e406445c241d82", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:44", "1524983", "abb1958c5707c288b4c2485e863cf86e1777be4f", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:44", "1524984", "da67b132c84b38b10b705a750126ee5ceffc68f1cc52e68d25929e80af8f6033", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:44", "1524985", "d14a22031323c343623d6766ba80b1ed", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:43", "1524982", "c57991e4269b688783bc55d013358972", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:42", "1524979", "d86d3681d91bc4c45b74ec367d45ebfa", "md5_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:42", "1524980", "d3a93df05e3a79ebec97b2dd2ea3848d182f7ee6", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:42", "1524981", "c348c7e4d9028bdf84aba828bbb81ce46ae55c0246a94351edbfb9c63e41a8ee", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:40", "1524978", "1bb62b8f0c01f58705361307deb03268199c6f6bac72680e88fdf7fbda20e03e", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:39", "1524976", "d0ce127f0027c56422f24ae00b604679", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:39", "1524977", "d10afacbf8bdeb558b41225a3cca7140d3029060", "sha1_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:38", "1524974", "ff00c572af61f937aa5721870a45654aba6fc57b", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:38", "1524975", "0b19084264fe9256d7368451aaf3d495b656cf2276a69c5bd8b7f59f138951cf", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:37", "1524972", "903ee65f5cca5ef223d0a0f3f40fca223e5f07318826b68f7ab14d7dc1ec2f1d", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:37", "1524973", "49e019dc811a8026510e67e0bd14dfc3", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:36", "1524970", "7169b05e52ce3b7ed3a36a79eaaf79ee", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:36", "1524971", "ee962271cf3d82095297319b61f9f857e6f42eeb", "sha1_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:35", "1524968", "83fc589a079cbd2300c082c7792e54381ea34609", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:35", "1524969", "8ef3426e9aa6403d62a7d7fa32f60dfe79b53b2951dcd6e125c0a6159c12eef8", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:34", "1524965", "571c5eb9d254313c4f97f0ae7e0d7b37e0df0dbc", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:34", "1524966", "a28a41b1c71fe6d1f94f12689495be60f44f387625283c62635241bb67686a1d", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:34", "1524967", "93bf91fb47404ce797e4fa20414b21cc", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:33", "1524963", "bd0d735a8bd758e6a751dfb19f7a66ce95e403a9df9688e2eefddab4301fa3b2", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:33", "1524964", "9d62da0ab950520600505b7fed03198f", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:32", "1524961", "88570e726b985ebed8c69e14a9084834", "md5_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:32", "1524962", "0295273c68055145122cbfaba1709be8f0907925", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:31", "1524959", "28d5ac5e16a0b7aa7f4597e5fffc77dc63d5bfcc", "sha1_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:31", "1524960", "b9f61373e4555764594de3df3cdce59ebb08258d3c11f721de68b72731441d0e", "sha256_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:30", "1524957", "0a949be7d17d6df4d6f4f2d9f06bd5b4b33d262ef61ff83fdb7a9103082cf6e4", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:30", "1524958", "8b4505dbc0c6215cdbc6ca926afe52b6", "md5_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:29", "1524956", "86e25ff14daf0196bc275f4f7909558b59a2ac94", "sha1_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:28", "1524955", "f57d4a85c0f2587368df1e8b552684d5", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:27", "1524952", "ce1a4ef4b410e3395c60efe9c5b00bab", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:27", "1524953", "1423c9209f966edb4bc2d57dbce76000584b58d4", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:27", "1524954", "a100668c95c95b6495c0396622fd787bd23f03f91296d6630b7bcbf1cd69b3a7", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:26", "1524950", "1184265568df4313283909d03493135f2973f362", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:26", "1524951", "a2bf7e2d657258fc5a6a6b5b7f8994a7abf59260e83e0e4be4127531fbbf959c", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:25", "1524948", "06922dd72ff4f3e3cffcfe8a6f2070672c341588f3a8ea1f847a0cdf601854d5", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:25", "1524949", "272c8579cd80454ad9914d4cacce381a", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:24", "1524946", "3cfca059a9110f3137c1786a194b2f6e", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:24", "1524947", "a8ea1f39e9671a6b192fe87051705f52e8ac2610", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:23", "1524944", "1b38a5cdfa19342e8f6b392f7a2cb2663237119a", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:23", "1524945", "ba53acdb7d2c6ab550ec8696242a76ef562ca7da24c39656184d7e5333838177", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:22", "1524943", "4252188da5a4c0e6a3e6cea13885ac9f", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:20", "1524941", "e110b95728b1940eb6364d3ab911dc32bf7a272f", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:20", "1524942", "674a755e4f7bd797d0d0f22c530ced65c4a774d2f522129897cd91c501c64c8a", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:19", "1524939", "384620f94988af3dc7fbe73d9475b88d6912b00a3bc4ddd0c050aae356ac2809", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:19", "1524940", "519d3053e22dc16eddd6da080a8935c7", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:18", "1524937", "240068633e980e781ef4a3903c423c87", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:18", "1524938", "158c7f76b41badd3529313a706b20779bd3fd02a", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:17", "1524935", "a7474b6716e1da4f69bae306a867afba5ed2abb2", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 02:00:17", "1524936", "c43c36331895be9c8dbc41b1993144c13953b10399423b013587bd7c5afe4279", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "None", "None", "0", "Grim"
"2025-05-18 01:57:48", "1524918", "172.104.143.142:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:47", "1524917", "92.65.104.212:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:46", "1524916", "120.26.4.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:45", "1524915", "49.232.230.33:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:44", "1524914", "193.188.23.150:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:57:06", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:43", "1524913", "205.185.122.202:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:42", "1524912", "156.238.245.84:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:41", "1524911", "94.103.4.228:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:40", "1524910", "60.204.210.63:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:38", "1524909", "13.218.104.66:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:37", "1524908", "106.15.127.125:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:36", "1524907", "64.176.60.8:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:35", "1524906", "8.147.118.153:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:34", "1524905", "45.143.234.221:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:33", "1524904", "150.109.109.38:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:32", "1524903", "47.236.58.201:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:31", "1524902", "47.109.201.173:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:30", "1524901", "43.138.81.232:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:29", "1524900", "43.140.243.146:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:28", "1524899", "47.100.68.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:27", "1524898", "47.108.157.156:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-18 01:57:26", "1524895", "http://103.251.164.121/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS60404,The Infrastructure Group B.V.,unam", "0", "antiphishorg"
"2025-05-18 01:57:24", "1524885", "176.65.138.123:7716", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2025-05-18 01:57:23", "1524819", "www.emelowebshop.hu", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "None", "formbook,payload", "0", "ninjacatcher"
"2025-05-18 00:10:13", "1524934", "http://sagefierce.temp.swtest.ru/pipephpPollupdategeneratortemp.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-18 00:01:15", "1524933", "118.184.186.43:54681", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 14:44:07", "100", "https://search.censys.io/hosts/118.184.186.43", "AS138950,censys,Chaos,CHINATELECOM-JIANGSU-WUXI-INTERNATIONAL-IDC,panel", "0", "DonPasci"
"2025-05-18 00:01:13", "1524932", "82.27.2.254:55650", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-18 04:01:04", "100", "https://search.censys.io/hosts/82.27.2.254", "AS215703,C2,censys,FREAKHOSTING,moobot", "0", "DonPasci"
"2025-05-18 00:01:01", "1524931", "15.152.32.140:789", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:45:25", "100", "https://search.censys.io/hosts/15.152.32.140", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-18 00:01:00", "1524930", "3.24.180.187:14265", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:50:52", "100", "https://search.censys.io/hosts/3.24.180.187", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-18 00:00:59", "1524929", "111.170.171.242:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 14:43:52", "100", "https://search.censys.io/hosts/111.170.171.242", "AS151185,C2,censys,CT-XIANGYANG-IDC2,DcRAT,RAT", "0", "DonPasci"
"2025-05-18 00:00:57", "1524928", "193.35.154.157:4449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-05-18 04:00:48", "100", "https://search.censys.io/hosts/193.35.154.157", "AS212219,C2,censys,HOSTINGDUNYAM,RAT,Venom", "0", "DonPasci"
"2025-05-18 00:00:54", "1524927", "110.231.239.196:14782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:41", "100", "https://search.censys.io/hosts/110.231.239.196", "AS4837,C2,censys,CHINA169-BACKBONE,Quasar,RAT", "0", "DonPasci"
"2025-05-18 00:00:47", "1524926", "196.251.87.67:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:49:38", "100", "https://search.censys.io/hosts/196.251.87.67", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci"
"2025-05-18 00:00:46", "1524925", "94.101.128.110:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:54:21", "100", "https://search.censys.io/hosts/94.101.128.110", "AS50810,AsyncRAT,C2,censys,MOBINNET-AS,RAT", "0", "DonPasci"
"2025-05-18 00:00:35", "1524923", "34.45.231.202:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:51:07", "100", "https://search.censys.io/hosts/34.45.231.202", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Sliver", "0", "DonPasci"
"2025-05-18 00:00:35", "1524924", "18.191.200.148:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/18.191.200.148", "AMAZON-02,AS16509,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-05-18 00:00:34", "1524922", "34.30.115.167:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:51:07", "100", "https://search.censys.io/hosts/34.30.115.167", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Sliver", "0", "DonPasci"
"2025-05-18 00:00:19", "1524921", "45.131.42.75:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:57:44", "100", "https://search.censys.io/hosts/45.131.42.75", "AS49505,C2,censys,CobaltStrike,SELECTEL", "0", "DonPasci"
"2025-05-18 00:00:16", "1524920", "118.178.192.36:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:53", "100", "https://search.censys.io/hosts/118.178.192.36", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci"
"2025-05-18 00:00:10", "1524919", "1.94.181.67:28088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:11", "100", "https://search.censys.io/hosts/1.94.181.67", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci"
"2025-05-17 22:57:18", "1524897", "137.220.205.223:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:18", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-17 22:50:12", "1524896", "http://mdfhyparat.temp.swtest.ru/6ead1bc6.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-17 21:10:14", "1524894", "https://5overcovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b9f61373e4555764594de3df3cdce59ebb08258d3c11f721de68b72731441d0e/", "lumma", "0", "abuse_ch"
"2025-05-17 21:10:13", "1524893", "https://4posseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b9f61373e4555764594de3df3cdce59ebb08258d3c11f721de68b72731441d0e/", "lumma", "0", "abuse_ch"
"2025-05-17 21:00:20", "1524890", "62.60.226.191:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-05-17 20:53:26", "1524889", "8.217.245.162:58008", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:53:36", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-17 20:52:19", "1524888", "49.232.6.238:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-18 14:52:28", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2025-05-17 20:51:24", "1524887", "39.40.184.19:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-18 14:51:32", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-17 20:21:44", "1524886", "202.181.24.126:9663", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "", "Gafgyt", "0", "NDA0E"
"2025-05-17 20:01:24", "1524884", "86.48.26.83:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/86.48.26.83", "AS40021,Byakugan,C2,censys,NL-811-40021,panel,Stealer", "0", "DonPasci"
"2025-05-17 20:01:12", "1524883", "15.228.248.225:2404", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 04:00:51", "100", "https://search.censys.io/hosts/15.228.248.225", "AMAZON-02,AS16509,C2,censys,DcRAT,RAT", "0", "DonPasci"
"2025-05-17 20:01:08", "1524882", "188.225.9.121:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 14:48:41", "100", "https://search.censys.io/hosts/188.225.9.121", "AS9123,C2,censys,Havoc,TIMEWEB-AS", "0", "DonPasci"
"2025-05-17 20:01:05", "1524877", "105.156.224.14:9042", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:05", "1524878", "105.156.224.14:30165", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:05", "1524879", "105.156.224.14:2080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:05", "1524880", "105.156.224.14:4433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:05", "1524881", "105.156.224.14:19161", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:04", "1524872", "105.156.224.14:64101", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:04", "1524873", "105.156.224.14:22560", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:04", "1524874", "105.156.224.14:55556", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:04", "1524875", "105.156.224.14:60902", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:04", "1524876", "105.156.224.14:1534", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:03", "1524866", "105.156.224.14:26002", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:03", "1524867", "105.156.224.14:55396", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:03", "1524868", "105.156.224.14:56988", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:03", "1524869", "105.156.224.14:10761", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:03", "1524870", "105.156.224.14:36433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:03", "1524871", "105.156.224.14:62732", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:02", "1524863", "105.156.224.14:47594", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:02", "1524864", "105.156.224.14:2", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:42", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:02", "1524865", "105.156.224.14:50001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:01", "1524861", "105.156.224.14:3494", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:01", "1524862", "105.156.224.14:5628", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:00", "1524855", "105.156.224.14:5386", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:00", "1524856", "105.156.224.14:6001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:00", "1524857", "105.156.224.14:14591", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:00", "1524858", "105.156.224.14:31879", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:00", "1524859", "105.156.224.14:53226", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:01:00", "1524860", "105.156.224.14:51094", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:59", "1524850", "105.156.224.14:12509", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:59", "1524851", "105.156.224.14:29885", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:59", "1524852", "105.156.224.14:37781", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:59", "1524853", "105.156.224.14:47662", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:59", "1524854", "105.156.224.14:623", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:58", "1524846", "105.156.224.14:57916", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:58", "1524847", "105.156.224.14:58175", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:58", "1524848", "105.156.224.14:2116", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:58", "1524849", "105.156.224.14:9201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:57", "1524841", "105.156.224.14:47824", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:57", "1524842", "105.156.224.14:752", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:57", "1524843", "105.156.224.14:5980", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:57", "1524844", "105.156.224.14:23037", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:57", "1524845", "105.156.224.14:103", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:56", "1524836", "105.156.224.14:22054", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:56", "1524837", "105.156.224.14:2083", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:56", "1524838", "105.156.224.14:2125", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:56", "1524839", "105.156.224.14:3260", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:56", "1524840", "105.156.224.14:43942", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:55", "1524833", "105.156.224.14:11300", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:55", "1524834", "105.156.224.14:15443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:55", "1524835", "105.156.224.14:20183", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:54", "1524828", "105.156.224.14:25255", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:54", "1524829", "105.156.224.14:32938", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:54", "1524830", "105.156.224.14:47999", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:54", "1524831", "105.156.224.14:636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:54", "1524832", "105.156.224.14:3000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:53", "1524826", "105.156.224.14:12746", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:53", "1524827", "105.156.224.14:63524", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 20:00:45", "1524825", "206.238.115.155:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:50:01", "100", "https://search.censys.io/hosts/206.238.115.155", "AS399077,AsyncRAT,C2,censys,RAT,TERAEXCH", "0", "DonPasci"
"2025-05-17 20:00:44", "1524824", "103.27.225.199:2021", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:43:20", "100", "https://search.censys.io/hosts/103.27.225.199", "AS22363,AsyncRAT,C2,censys,PHMGMT-AS1,RAT", "0", "DonPasci"
"2025-05-17 20:00:31", "1524823", "158.247.215.42:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2025-05-18 14:45:57", "100", "https://search.censys.io/hosts/158.247.215.42", "AS-VULTR,AS20473,C2,censys,Pupy,RAT", "0", "DonPasci"
"2025-05-17 20:00:29", "1524822", "185.157.162.132:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:48:19", "100", "https://search.censys.io/hosts/185.157.162.132", "AS42675,C2,censys,OBEHOSTING,RAT,Remcos", "0", "DonPasci"
"2025-05-17 20:00:26", "1524821", "154.194.35.243:4567", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-05-18 04:00:16", "100", "https://search.censys.io/hosts/154.194.35.243", "AS215123,C2,censys,DarkComet,QZ,RAT", "0", "DonPasci"
"2025-05-17 20:00:09", "1524820", "137.220.205.223:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:19", "100", "https://search.censys.io/hosts/137.220.205.223", "AS152194,C2,censys,CobaltStrike,cs-watermark-987654321,CTGSERVERLIMITED-AS-AP", "0", "DonPasci"
"2025-05-17 19:40:11", "1524818", "http://rthgdfcx23weads.atwebpages.com/externalimagepythonrequestbasePublicDownloads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-17 19:09:23", "1524814", "wps.nbpmmkrb.cn", "domain", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "", "None", "0", "JaffaCakes118"
"2025-05-17 19:09:23", "1524815", "47.83.164.89:7777", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://x.com/skocherhan/status/1923802868525437418", "None", "0", "JaffaCakes118"
"2025-05-17 19:09:21", "1524816", "td.ldxwpedf.cn", "domain", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://x.com/skocherhan/status/1923816588328775707", "None", "0", "JaffaCakes118"
"2025-05-17 19:09:20", "1524817", "app.sparrowallet.net", "domain", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "2025-05-17 19:05:55", "100", "", "c2", "0", "ninjacatcher"
"2025-05-17 18:55:11", "1524813", "http://zaoasderfdsxesdzx.mygamesonline.org/VmCpuprocessorMultiBaseuniversaltrack.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-17 18:55:09", "1524812", "107.150.0.72:9792", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-05-17 18:40:49", "1524810", "178.208.187.90:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2025-05-17 18:40:06", "1524811", "http://59.182.214.239:56457/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-17 18:28:31", "1524779", "https://9blackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250517-rx2rgshl5y/behavioral1", "None", "0", "tanner"
"2025-05-17 18:28:30", "1524778", "https://tsaxecocnak.live/manj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250517-rx2rgshl5y/behavioral1", "None", "0", "tanner"
"2025-05-17 17:56:21", "1524804", "51.79.57.15:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-17 17:56:22", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-17 17:56:21", "1524805", "45.154.96.21:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-17 17:56:21", "1524806", "176.100.36.19:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-17 17:56:21", "1524807", "51.38.140.90:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-17 17:56:21", "1524808", "37.114.50.115:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-17 17:56:21", "1524809", "128.0.118.43:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-17 17:55:09", "1524799", "all.tcphangjews.lol", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-17 17:55:09", "100", "https://www.virustotal.com/gui/ip-address/51.79.57.15/relations", "Mirai", "0", "NDA0E"
"2025-05-17 17:55:09", "1524800", "katana.tcphangjews.lol", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "https://www.virustotal.com/gui/ip-address/51.79.57.15/relations", "Mirai", "0", "NDA0E"
"2025-05-17 17:55:09", "1524801", "lipaisanigger.niekot.xyz", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "https://www.virustotal.com/gui/ip-address/51.79.57.15/relations", "Mirai", "0", "NDA0E"
"2025-05-17 17:55:09", "1524802", "deathbotnet.lol", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-17 17:55:09", "100", "https://www.virustotal.com/gui/ip-address/51.79.57.15/relations", "Mirai", "0", "NDA0E"
"2025-05-17 17:55:09", "1524803", "wolf.tcphangjews.lol", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "https://www.virustotal.com/gui/ip-address/51.79.57.15/relations", "Mirai", "0", "NDA0E"
"2025-05-17 17:40:09", "1524798", "http://f1127298.xsph.ru/0801894c.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-17 16:10:10", "1524797", "38.181.35.83:6628", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-17 16:01:12", "1524796", "120.26.48.72:54681", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 14:44:13", "100", "https://search.censys.io/hosts/120.26.48.72", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci"
"2025-05-17 16:01:09", "1524795", "89.42.88.163:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-18 04:01:04", "100", "https://search.censys.io/hosts/89.42.88.163", "AS211409,C2,censys,FOXIBYTES,moobot", "0", "DonPasci"
"2025-05-17 16:00:56", "1524794", "18.231.125.241:1194", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:48:10", "100", "https://search.censys.io/hosts/18.231.125.241", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-17 16:00:53", "1524793", "200.100.117.217:7000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-05-18 04:00:47", "100", "https://search.censys.io/hosts/200.100.117.217", "AS27699,C2,censys,RAT,TELEFONICA,Venom", "0", "DonPasci"
"2025-05-17 16:00:50", "1524792", "142.147.97.184:1000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:42", "100", "https://search.censys.io/hosts/142.147.97.184", "AS64236,C2,censys,Quasar,RAT,UNREAL-SERVERS", "0", "DonPasci"
"2025-05-17 16:00:47", "1524789", "172.232.121.75:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:46:52", "100", "https://search.censys.io/hosts/172.232.121.75", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci"
"2025-05-17 16:00:47", "1524790", "144.91.92.240:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:45:06", "100", "https://search.censys.io/hosts/144.91.92.240", "AS51167,C2,censys,CONTABO,Mythic", "0", "DonPasci"
"2025-05-17 16:00:47", "1524791", "144.172.93.173:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:45:02", "100", "https://search.censys.io/hosts/144.172.93.173", "AS14956,C2,censys,Mythic,ROUTERHOSTING", "0", "DonPasci"
"2025-05-17 15:37:16", "1524788", "https://tblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/da67b132c84b38b10b705a750126ee5ceffc68f1cc52e68d25929e80af8f6033/", "lumma", "0", "abuse_ch"
"2025-05-17 15:36:38", "1524787", "https://9dracxilb.digital/ozi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/da67b132c84b38b10b705a750126ee5ceffc68f1cc52e68d25929e80af8f6033/", "lumma", "0", "abuse_ch"
"2025-05-17 15:30:12", "1524786", "39.46.104.231:6903", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-05-17 14:46:27", "1524785", "https://vcornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch"
"2025-05-17 14:45:36", "1524784", "https://ajackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch"
"2025-05-17 14:45:33", "1524783", "https://1blackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch"
"2025-05-17 14:45:32", "1524782", "https://06laminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch"
"2025-05-17 14:44:04", "1524781", "botnet.s3oox.com", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots"
"2025-05-17 14:43:19", "1524780", "87.65.108.118:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/87.65.108.118#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-17 14:42:42", "1524777", "43.199.156.171:16027", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/43.199.156.171#16027", "c2,netsupport,shodan", "0", "juroots"
"2025-05-17 14:42:09", "1524776", "91.132.92.182:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/91.132.92.182#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 14:42:08", "1524773", "167.99.51.2:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/167.99.51.2#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 14:42:08", "1524774", "64.227.174.56:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/64.227.174.56#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 14:42:08", "1524775", "185.14.31.2:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/185.14.31.2#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 14:42:05", "1524771", "41.143.200.243:5986", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#5986", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 14:42:05", "1524772", "41.143.200.243:5006", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#5006", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 14:42:04", "1524767", "41.143.200.243:7443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#7443", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 14:42:04", "1524768", "41.143.200.243:16993", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#16993", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 14:42:04", "1524769", "41.143.200.243:9091", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9091", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 14:42:04", "1524770", "41.143.200.243:9002", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9002", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 14:41:02", "1524766", "https://zlaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/5cdc51b9038ac44a9a44ec9f85082006ba9aa81dfdf4f41ca2fb0d3e31ff3a93/", "lumma", "0", "abuse_ch"
"2025-05-17 14:40:27", "1524765", "https://4jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/059a0a5f8ab02faae85536a23a83f9224c4ec60055ec5a1067fa0a026f72a1b4/", "lumma", "0", "abuse_ch"
"2025-05-17 14:36:37", "1524764", "https://dcornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9164bf50a1cc1e548589aa14979c6fdbba0ec977f0e3ebb6e5d4d706f5c4df40/", "lumma", "0", "abuse_ch"
"2025-05-17 14:36:29", "1524763", "https://5narrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9164bf50a1cc1e548589aa14979c6fdbba0ec977f0e3ebb6e5d4d706f5c4df40/", "lumma", "0", "abuse_ch"
"2025-05-17 14:18:29", "1524741", "koegje.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:28", "1524742", "skjym.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:27", "1524743", "normacw.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:26", "1524744", "chmydt.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:25", "1524745", "sinb.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:24", "1524747", "towhnl.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:23", "1524746", "brapl.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:20", "1524748", "feidm.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:19", "1524749", "conmog.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:19", "1524750", "intabg.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:17", "1524751", "swizcpll.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:16", "1524752", "alleup.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:15", "1524753", "royat.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:14", "1524754", "wilgch.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:13", "1524755", "gratcf.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:12", "1524756", "kizscs.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:12", "1524757", "comstmo.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:10", "1524758", "garyb.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:09", "1524759", "teoja.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:18:08", "1524760", "timertvey.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-05-17 14:17:58", "1524700", "43.140.37.228:8022", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:57", "1524701", "45.77.15.155:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:53", "1524702", "106.54.186.146:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:51", "1524703", "103.4.8.40:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:47", "1524704", "119.45.250.61:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:46", "1524705", "103.195.191.221:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:40", "1524706", "1.94.228.130:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:39", "1524707", "45.192.99.52:9991", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:38", "1524708", "116.62.208.141:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:35", "1524709", "61.135.130.176:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:34", "1524710", "139.224.191.58:10010", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 14:17:32", "1524711", "47.113.219.193:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 13:35:53", "1524762", "https://dovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/080784c30b5680a3fefbbe6ae23e2466e60904c0b3ae379643ba7b697989eff0/", "lumma", "0", "abuse_ch"
"2025-05-17 13:35:46", "1524761", "https://6racxilb.digital/ozi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/080784c30b5680a3fefbbe6ae23e2466e60904c0b3ae379643ba7b697989eff0/", "lumma", "0", "abuse_ch"
"2025-05-17 12:01:12", "1524740", "88.216.68.32:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:54:02", "100", "https://search.censys.io/hosts/88.216.68.32", "AS204770,censys,CHERRYSERVERS3-AS,EvilGoPhish,panel,Phishing", "0", "DonPasci"
"2025-05-17 12:00:54", "1524739", "101.99.94.33:4449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/101.99.94.33", "AS45839,C2,censys,RAT,SHINJIRU-MY-AS-AP,Venom", "0", "DonPasci"
"2025-05-17 12:00:43", "1524736", "115.190.82.210:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:43:59", "100", "https://search.censys.io/hosts/115.190.82.210", "AS137718,AsyncRAT,C2,censys,RAT,VOLCANO-ENGINE", "0", "DonPasci"
"2025-05-17 12:00:43", "1524737", "115.190.82.210:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:43:59", "100", "https://search.censys.io/hosts/115.190.82.210", "AS137718,AsyncRAT,C2,censys,RAT,VOLCANO-ENGINE", "0", "DonPasci"
"2025-05-17 12:00:43", "1524738", "196.251.116.59:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:49:28", "100", "https://search.censys.io/hosts/196.251.116.59", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci"
"2025-05-17 12:00:28", "1524734", "104.243.35.242:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:43:29", "100", "https://search.censys.io/hosts/104.243.35.242", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci"
"2025-05-17 12:00:28", "1524735", "5.8.19.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:52:35", "100", "https://search.censys.io/hosts/5.8.19.105", "AS42474,C2,censys,IL,RAT,Remcos", "0", "DonPasci"
"2025-05-17 12:00:27", "1524732", "37.120.206.166:63513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:51:18", "100", "https://search.censys.io/hosts/37.120.206.166", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-05-17 12:00:27", "1524733", "146.70.67.90:6513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:45:14", "100", "https://search.censys.io/hosts/146.70.67.90", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-05-17 12:00:10", "1524731", "139.159.148.68:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:19", "100", "https://search.censys.io/hosts/139.159.148.68", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci"
"2025-05-17 12:00:08", "1524730", "106.75.78.139:33333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:31", "100", "https://search.censys.io/hosts/106.75.78.139", "AS4808,C2,censys,CHINA169-BJ,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-05-17 11:52:05", "1524729", "http://194.26.192.113/panel/Login", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlquery.net/report/f710e9bd-a66b-47f6-952d-98fd611c1cf0", "c2,urlquery", "0", "juroots"
"2025-05-17 11:47:17", "1524728", "http://193.124.117.178:8080/login", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlquery.net/report/061bc126-0702-4a0b-a60b-67f51922a1ed", "c2,urlquery", "0", "juroots"
"2025-05-17 11:32:00", "1524727", "https://www.coinbasexpromotion.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196de03-e6fe-730a-a0d2-dd15f577487f", "fakecaptcha,urlscan", "0", "juroots"
"2025-05-17 11:27:22", "1524725", "05bf016c137230bfdc6eaae95b75a56aff76799d", "sha1_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://hivepro.com/threat-advisory/agenda-ransomware-group-escalates-attacks-with-new-multi-stage-loaders/", "Agenda,NETXLOADER,qilin,ransomware,smokeloader", "0", "juroots"
"2025-05-17 11:27:22", "1524726", "1399e63d4662076eeed3b4498c2f958c611a4387", "sha1_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://hivepro.com/threat-advisory/agenda-ransomware-group-escalates-attacks-with-new-multi-stage-loaders/", "Agenda,NETXLOADER,qilin,ransomware,smokeloader", "0", "juroots"
"2025-05-17 11:27:21", "1524721", "bdf33e2ba85f35ea86fb016620371fe80855fe68", "sha1_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://hivepro.com/threat-advisory/agenda-ransomware-group-escalates-attacks-with-new-multi-stage-loaders/", "Agenda,NETXLOADER,qilin,ransomware,smokeloader", "0", "juroots"
"2025-05-17 11:27:21", "1524722", "f995ec5d88afab30f9efb62ea3b30e1e1b62cdc3", "sha1_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://hivepro.com/threat-advisory/agenda-ransomware-group-escalates-attacks-with-new-multi-stage-loaders/", "Agenda,NETXLOADER,qilin,ransomware,smokeloader", "0", "juroots"
"2025-05-17 11:27:21", "1524723", "16b776ff80f08105b362f9bc76c73a21c51664c2", "sha1_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://hivepro.com/threat-advisory/agenda-ransomware-group-escalates-attacks-with-new-multi-stage-loaders/", "Agenda,NETXLOADER,qilin,ransomware,smokeloader", "0", "juroots"
"2025-05-17 11:27:21", "1524724", "4684aa8ab09a70d0e25139286e1178c02b15920b", "sha1_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://hivepro.com/threat-advisory/agenda-ransomware-group-escalates-attacks-with-new-multi-stage-loaders/", "Agenda,NETXLOADER,qilin,ransomware,smokeloader", "0", "juroots"
"2025-05-17 11:21:19", "1524716", "https://ipfs.io/ipns/k51qzi5uqu5djqy6wp9nng1igaatx8nxwpye9iz18ce6b8ycihw8nt04khemao", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:19", "1524717", "https://baza.com/loader.bin", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:19", "1524718", "https://temptransfer.live/SkwkUTIoFTrXYRMd", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:19", "1524719", "https://sharemoc.space/XdYUmFd2xX", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:19", "1524720", "https://mainstomp.cloud/MDcMkjAxsLKsT", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:07", "1524713", "b8f00bd6cb8f004641ebc562e570685787f1851ecb53cd918bc6d08a1caae750", "sha256_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:07", "1524714", "b55ba0f869f6408674ee9c5229f261e06ad1572c52eaa23f5a10389616d62efe", "sha256_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 11:21:07", "1524715", "11d0b292ed6315c3bf47f5df4c7804edccbd0f6018777e530429cc7709ba6207", "sha256_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots"
"2025-05-17 10:58:33", "1524712", "13.61.187.30:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-18 14:56:16", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-05-17 10:22:14", "1524681", "13.217.84.67:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:13", "1524682", "81.70.251.110:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:13", "1524683", "1.12.73.153:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:12", "1524684", "47.115.202.29:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:10", "1524685", "43.142.137.164:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:10", "1524686", "124.70.34.224:10080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:09", "1524687", "193.37.69.42:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:08", "1524688", "139.59.43.25:44319", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:07", "1524689", "139.180.212.104:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:06", "1524690", "81.70.197.166:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:05", "1524691", "137.184.162.1:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:03", "1524692", "13.229.249.25:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:02", "1524693", "111.229.116.40:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:01", "1524694", "222.186.56.77:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:22:00", "1524695", "103.59.110.143:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:21:59", "1524696", "54.226.0.4:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:21:59", "1524697", "51.210.104.196:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:21:58", "1524698", "107.175.36.100:20001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:21:57", "1524699", "139.180.202.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v"
"2025-05-17 10:15:11", "1524680", "154.23.184.57:4433", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-17 10:11:03", "1524679", "gets-surfaces.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-05-17 10:10:37", "1524678", "216.9.227.170:2013", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-17 10:09:54", "1524677", "https://anna-akhmatova.com/cdn-cgi/phish-bypass?atok=6N9gb5deGg8zcdG11AUBmZIPlVsnEbiNWaHlwFtqc18-1747442361.20884-0.0.1.1-%2Flogin&cf-turnstile-response=", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/0196ddb8-bdeb-7609-9355-df1ac9956cac", "c2,lumma,urlscan", "0", "juroots"
"2025-05-17 10:09:14", "1524676", "https://katz-stealer.com/login", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlscan.io/result/0196ddb8-2147-77fa-836f-dd0fced1ed08", "c2,katz,urlscan", "0", "juroots"
"2025-05-17 10:09:13", "1524675", "https://katz-stealer.com/", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlscan.io/result/0196ddb8-1f2b-709e-83cd-c143f05971cc", "c2,katz,urlscan", "0", "juroots"
"2025-05-17 10:08:26", "1524674", "http://176.65.140.223/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196ddb7-67ca-73cf-9f77-e6672c70345c", "c2,hookbot,urlscan", "0", "juroots"
"2025-05-17 10:07:39", "1524673", "105.101.121.203:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/105.101.121.203#1604", "c2,darkcomet,shodan", "0", "juroots"
"2025-05-17 10:07:24", "1524672", "2.143.144.138:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/2.143.144.138#6001", "c2,netsupport,shodan", "0", "juroots"
"2025-05-17 10:06:55", "1524670", "18.132.35.207:30001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/18.132.35.207#30001", "c2,netbus,shodan", "0", "juroots"
"2025-05-17 10:06:55", "1524671", "18.132.35.207:3151", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/18.132.35.207#3151", "c2,netbus,shodan", "0", "juroots"
"2025-05-17 10:06:38", "1524669", "176.126.163.56:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/176.126.163.56#9000", "c2,sectop,shodan", "0", "juroots"
"2025-05-17 10:06:37", "1524668", "91.184.242.37:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/91.184.242.37#9000", "c2,sectop,shodan", "0", "juroots"
"2025-05-17 10:06:20", "1524665", "41.143.200.243:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#2087", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 10:06:20", "1524666", "41.143.200.243:9898", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9898", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 10:06:20", "1524667", "41.143.200.243:8443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#8443", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 10:06:19", "1524663", "41.143.200.243:7548", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#7548", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 10:06:19", "1524664", "41.143.200.243:5001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#5001", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 10:06:16", "1524662", "1.94.238.169:55555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/1.94.238.169#55555", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-17 08:55:06", "1524661", "84.33.244.17:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 14:53:52", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-17 08:54:39", "1524660", "8.130.15.174:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 14:53:27", "75", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2025-05-17 08:54:28", "1524659", "70.31.125.18:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-18 14:53:17", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-17 08:53:49", "1524658", "51.79.255.203:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-17 19:53:06", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-17 08:52:28", "1524657", "38.253.29.29:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 14:51:27", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-17 08:47:09", "1524656", "167.99.51.2:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:46:42", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-17 08:46:55", "1524655", "165.227.163.243:31337", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-05-18 14:46:31", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2025-05-17 08:46:41", "1524654", "163.181.72.106:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 14:46:22", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-17 08:01:12", "1524653", "34.141.142.28:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 15:24:02", "100", "https://search.censys.io/hosts/34.141.142.28", "AS396982,censys,Chaos,GOOGLE-CLOUD-PLATFORM,panel", "0", "DonPasci"
"2025-05-17 08:00:58", "1524652", "18.231.248.100:14385", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/18.231.248.100", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-17 08:00:57", "1524651", "154.44.186.53:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 04:00:50", "100", "https://search.censys.io/hosts/154.44.186.53", "AS214036,C2,censys,DcRAT,RAT,ULTAHOST-AS", "0", "DonPasci"
"2025-05-17 08:00:51", "1524649", "88.198.50.169:7201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:41", "100", "https://search.censys.io/hosts/88.198.50.169", "AS24940,C2,censys,HETZNER-AS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 08:00:51", "1524650", "212.53.231.176:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:42", "100", "https://search.censys.io/hosts/212.53.231.176", "AS62336,C2,censys,PURTEL-AS,Quasar,RAT", "0", "DonPasci"
"2025-05-17 08:00:50", "1524647", "85.239.33.120:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 04:00:38", "100", "https://search.censys.io/hosts/85.239.33.120", "ALEXHOST,AS200019,C2,censys,Hookbot", "0", "DonPasci"
"2025-05-17 08:00:50", "1524648", "108.165.230.99:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 04:00:39", "100", "https://search.censys.io/hosts/108.165.230.99", "AS210356,BATTLEHOST,C2,censys,Hookbot", "0", "DonPasci"
"2025-05-17 08:00:49", "1524646", "www.ucued.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 04:00:37", "100", "https://search.censys.io/hosts/118.107.42.200+www.ucued.com", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,Hookbot", "0", "DonPasci"
"2025-05-17 08:00:48", "1524645", "158.220.95.153:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 04:00:34", "100", "https://search.censys.io/hosts/158.220.95.153", "AS51167,C2,censys,CONTABO,Mythic", "0", "DonPasci"
"2025-05-17 08:00:44", "1524644", "45.141.84.229:15747", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/45.141.84.229", "AS206728,C2,censys,MEDIALAND-AS,RAT,Sectop", "0", "DonPasci"
"2025-05-17 08:00:43", "1524643", "128.90.106.188:4000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:44:26", "100", "https://search.censys.io/hosts/128.90.106.188", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci"
"2025-05-17 08:00:42", "1524642", "5.180.105.158:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:52:29", "100", "https://search.censys.io/hosts/5.180.105.158", "AS209737,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-05-17 08:00:32", "1524641", "167.99.51.2:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:46:41", "100", "https://search.censys.io/hosts/167.99.51.2", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2025-05-17 08:00:31", "1524640", "134.209.72.63:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:44:40", "100", "https://search.censys.io/hosts/134.209.72.63", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci"
"2025-05-17 08:00:27", "1524638", "176.65.142.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:47:37", "100", "https://search.censys.io/hosts/176.65.142.105", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci"
"2025-05-17 08:00:27", "1524639", "91.206.169.79:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:54:11", "100", "https://search.censys.io/hosts/91.206.169.79", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-05-17 08:00:26", "1524637", "176.65.142.114:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:47:38", "100", "https://search.censys.io/hosts/176.65.142.114", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci"
"2025-05-17 08:00:12", "1524636", "159.75.84.224:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:41", "100", "https://search.censys.io/hosts/159.75.84.224", "AS45090,C2,censys,CobaltStrike,cs-watermark-305419896,TENCENT-NET-AP", "0", "DonPasci"
"2025-05-17 08:00:08", "1524635", "38.47.106.119:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:57:22", "100", "https://search.censys.io/hosts/38.47.106.119", "AS55933,C2,censys,CLOUDIE-AS-AP,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-05-17 08:00:06", "1524634", "144.172.92.218:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:23", "100", "https://search.censys.io/hosts/144.172.92.218", "AS14956,C2,censys,CobaltStrike,cs-watermark-987654321,ROUTERHOSTING", "0", "DonPasci"
"2025-05-17 07:01:21", "1524633", "https://zjackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4bd4b880b6f35433701cbc2cbcf408260f58c21e654d7893901b3a6ba04fdd1f/", "lumma", "0", "abuse_ch"
"2025-05-17 07:01:17", "1524632", "https://tlaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b17daa18867c925a1b3c9b093d16773e0d9d8507981f4f0ea84b6528d511da49/", "lumma", "0", "abuse_ch"
"2025-05-17 07:00:50", "1524631", "https://klaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c08135233df7ec3cd1a594b44d030760983f733246af93d0357c43260ee1ad74/", "lumma", "0", "abuse_ch"
"2025-05-17 07:00:22", "1524630", "https://8asaxecocnak.live/manj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c08135233df7ec3cd1a594b44d030760983f733246af93d0357c43260ee1ad74/", "lumma", "0", "abuse_ch"
"2025-05-17 07:00:21", "1524629", "https://7narrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4bd4b880b6f35433701cbc2cbcf408260f58c21e654d7893901b3a6ba04fdd1f/", "lumma", "0", "abuse_ch"
"2025-05-17 07:00:19", "1524627", "https://3onehunqpom.life/zpxd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2c9f0a20bb3f0165a52858a879a4effeb1f0c3963f15df884f8baea7d3ff5f4a/", "lumma", "0", "abuse_ch"
"2025-05-17 07:00:19", "1524628", "https://5cornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7162d72e84ee4967b18ed769212c9be81bfe7505e72e5c795ad8444c65df35db/", "lumma", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524610", "yiowaaeuiemuicoe.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524611", "yiowuamqscmcoiyy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524612", "yiqgoccuasygswsu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524613", "yiswmcgaymyyiowc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524614", "yoeecywqumyekwck.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524615", "yogmocomiqsiecgu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524616", "yomsuyciwsygecuk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524617", "yougauociaqquiek.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524618", "yowgwiikqsusesos.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524619", "yowuwcgwousiaews.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524620", "ywkqkqagwqqisusq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524621", "ywmkqaoaaekkkuso.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524622", "ywmukmccmemugsiw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524623", "ywoaecyuqsaucqom.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524624", "ywoiuyusqeameaqy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524625", "ywuqkogeueocoweu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:31", "1524626", "ywwwywkeikcewoqc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524589", "wsoasusyaesauuqc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524590", "wsqoemkuocswageo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524591", "wsyskqsyqgumgcyi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524592", "wyakeucwqskkymqu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524593", "wyesyewucooeskks.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524594", "wykaecyuaoqwqacu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524595", "wyqkkymuwuowyukg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524596", "wyyqskemagwqsoso.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524597", "yccuaksuwyeqcwoa.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524598", "yckqygyiaygimqyg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524599", "ycqccooegqwgaacm.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524600", "yiacyuawawmuguqq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524601", "yiamkeiaguiekmmw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524602", "yicgeayykwmyamyu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524603", "yieokgqcmogmwgsi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524604", "yieuwoiiigiegacs.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524605", "yiggwiayqeuquaks.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524606", "yiiawuuciyyammwe.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524607", "yiioqiskceacaakk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524608", "yikqycsgsceowwma.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:30", "1524609", "yimqmeikmsewseos.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524565", "ugseckgmoosasqou.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524566", "uoaueuswwogmgeau.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524567", "uoeykgceuemgiuyw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524568", "uoiqygmesocacyua.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524569", "uokquausuqmosiak.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524570", "uoogwcesumqwmuso.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524571", "uoyoegccucieiqes.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524572", "uucmsumayyuyycik.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524573", "uugkmqsymucqgkek.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524574", "uuikeeouymuaeuog.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524575", "uuiwcwiwymomyiuk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524576", "uuksgmsooymkmeoq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524577", "uuqouweqwogckseo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524578", "uuskwkcsuckgmwow.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524579", "uuuueqagocmoegeu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524580", "wegoqgwuuyewwamu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524581", "wkaaawecmmoqwccq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524582", "wkaiawiekoqmessq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524583", "wkaysayqwiqsqasg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524584", "wkmaisiuociowmyc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524585", "wkoyiawacwswamao.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524586", "wkucuimiwguoscww.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524587", "wsasuuowqqsqagoa.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:29", "1524588", "wsiggqasqmyumsmk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524541", "qykyqqmmeukcumus.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524542", "qyooskisayweocok.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524543", "qyqyccwmwgowyacm.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524544", "qyyumkkeyiqocyks.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524545", "sceysyuyemeikaqw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524546", "sciowicckwqimkem.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524547", "scuumkuomumsucey.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524548", "skackwwwaosmsmus.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524549", "skimgqwegkymciou.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524550", "skkucomuaeqauocg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524551", "sksacmoesssmgweg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524552", "sqimmueswgiwasko.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524553", "sqkegoyqyuowameu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524554", "sqkwwawqgaemecgo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524555", "sqoikciussugksma.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524556", "sqssmqyumsiowywc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524557", "swagimkyamoiwgck.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524558", "swemsyquwgosmiie.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524559", "swowkmmmwsuewoco.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524560", "swsyuamgquyiaogi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524561", "swwoocwikackcsma.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524562", "uakumugyiskimess.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524563", "uaswamcocogcsiau.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:28", "1524564", "ugkkkgmgewewccmg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524518", "oocmaeooakwgcqwg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524519", "ooiuayomcemakkye.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524520", "ookiaiuiqwamgoem.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524521", "ookkcyuckmyokgci.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524522", "ookmemoekeokwasy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524523", "ouaomqcscyqqeeqe.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524524", "ougoaccmwemmqsyc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524525", "ouowiooyqcsemmyy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524526", "ouqmcawiqwakoukk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524527", "ouwegkoqkickmamk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524528", "ouwkcoweyockwsgw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524529", "qggmcuuaqemwuiie.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524530", "qgssaemeuswgiaiu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524531", "qgsywiemyeuwmsku.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524532", "qmgiuaeeimemokie.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524533", "qmiugiuwwgugouye.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524534", "qmogquuasssaygco.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524535", "qmuggosioecqoiys.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524536", "qmwqyyqiugekasso.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524537", "qsegemwesoaceoas.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524538", "qsgomskuwgwekaqo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524539", "qswueioeeeiuyusm.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:27", "1524540", "qyicwumasouywwum.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524496", "mqgekaqssoiqoyic.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524497", "mqioucuoseayiyiu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524498", "mqiwgcwkcksiueig.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524499", "mqwwcmgessowosyc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524500", "mqyemuaaacgykyuw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524501", "myeicyioiswwuykw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524502", "myeikemwaiqaceis.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524503", "myemcesckwkkcmoi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524504", "mygeaiquuasogsec.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524505", "mymmiawokeoiquwk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524506", "mywwaqcgmuyskqug.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524507", "occiwcqmsyweowyy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524508", "oceosasmwakcusmg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524509", "ocuygoamsqsiwoiy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524510", "ocwumeukaakiamuu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524511", "oiacgskqawygykue.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524512", "oiaiwkeiyyoqmuqq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524513", "oieqyqcmueoiayeu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524514", "oikuaaasmsuysemk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524515", "oioaeyuiaskmocwy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524516", "oiuuuwkkuemswiow.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:26", "1524517", "ooasaqkioawqcywo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524474", "kmmqyswwecscogyy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524475", "kmwoegwmyugkyiao.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524476", "kmwykuuokuyeqiui.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524477", "kueswkcwkwqqeqam.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524478", "kugicswiygswaseg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524479", "kugqequsoygysice.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524480", "kumcogoekioqogqm.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524481", "kummqagiyqqcccee.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524482", "kuoqwgocwqemqkes.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524483", "kuqaaqmiasossewg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524484", "kusmuoekiasmauuu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524485", "kuyioocwgyomkggq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524486", "meesgueccgeaeugs.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524487", "megkogeqycyqkymy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524488", "meoessmqeaigacmy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524489", "mkeegoikaguysweu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524490", "mkgaskocqayuomqo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524491", "mkokgkaiqqayogcy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524492", "mkomgcmkmkciccka.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524493", "mksoaogqiayoquiq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524494", "mkuisskyuicqwkew.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:25", "1524495", "mkuqwisaayeoiiys.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524451", "iiquuueuiykoqyys.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524452", "iiqyakcossmiaygy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524453", "iiuymkceqkowomuq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524454", "iiykomgoseimesku.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524455", "iqiciuagaaqcwuic.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524456", "iqimggmscaciemgo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524457", "iqqgukowcoymwusk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524458", "iwaoyycmegkcgmoa.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524459", "iwmqmiaqqaysmssi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524460", "iwwmoecsiacgsoke.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524461", "kaaiyykgkcemkmuq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524462", "kaiqqokqiekekkqe.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524463", "kakmcswwiqcymygg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524464", "kaoaeyquouwkokiu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524465", "kggegmyuekuqyqgi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524466", "kgmkgskwqecmkoay.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524467", "kgoqeacaqyumkiew.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524468", "kgqkuomaacmkoiqk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524469", "kmackskcikuuigmq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524470", "kmcswskiwwogomoc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524471", "kmkqiiwmigeiguug.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524472", "kmmaswueaewwoqci.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:24", "1524473", "kmmisukisyaqysao.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524430", "geaueeqcksqkgoik.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524431", "gegkcwwiocoueimy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524432", "gekmcewwuakeikiy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524433", "geqiskwcewecuwga.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524434", "geyqaegaksoiskie.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524435", "gmcwkasamouyueoo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524436", "gmsaeyweogmoagoq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524437", "gmwkmeeiiawyumeq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524438", "gseackciquoumauq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524439", "gskocqcgcceueoks.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524440", "gskuieimkcaeoouk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524441", "gsoykskgamyiuyuu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524442", "gsyosogcegsssyyo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524443", "gycmesykqmemuiye.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524444", "gymymykccmaqceuw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524445", "iccqwuieekaewamg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524446", "icoscsmgwagccwus.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524447", "icsqqeaqqkcoocmk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524448", "icyyamcaygqoikqc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524449", "iiakiywsmygukaea.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:23", "1524450", "iiouuiggkwceecac.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524408", "cwewsuwqgiggikie.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524409", "cwggkgigacoquosi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524410", "cwggkmwwyakkmqcg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524411", "cwisacqekiiagqeg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524412", "cwkoaawoaeooygcy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524413", "cwweigkiywsamkme.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524414", "eacskoeomguoumie.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524415", "eawigyeoekwawcqg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524416", "eayeowswguiiccmc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524417", "eiamiqokqqgoyggi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524418", "eigkscceomecucim.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524419", "eiiacmkguaoaegky.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524420", "eikcyeamsgqgskug.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524421", "eikqaqkwasyesiqq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524422", "eioyaeuyuyagwggo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524423", "eiqcogakaoigwyua.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524424", "eoeoyuecaaggewwe.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524425", "eoggcmqcssqisoiw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524426", "eoioeuwkamscigmq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524427", "eowuagwgcaayiyam.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524428", "eowuuaaaewauooiy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:22", "1524429", "euaecwawyyqwukss.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524386", "askcmeoiqicaoyyw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524387", "ceaqoaioswesksia.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524388", "ceqaescwqsyqismk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524389", "ceqwaicwawumyega.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524390", "cewgqwaywkakemyw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524391", "ckcwaoesqusceuye.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524392", "ckesyiecgmmowmme.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524393", "ckiaoqcmcuomousy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524394", "ckiwgkssssqkekwc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524395", "ckooeiaikgwuoqsm.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524396", "ckwqamawuuuecmeq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524397", "ckygwwmoiaeeikyq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524398", "cqcyuucywwwaiqmw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524399", "cqgeumgsaaigqwkc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524400", "cqosgiscwackoguy.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524401", "cqowsuwuuqeaguwk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524402", "cqsqmuyioaoiayeo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524403", "cqugkaqwsqmgsicc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524404", "cqwmycaqwgqggmoi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524405", "cqwqqkqiuagmqsue.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524406", "cqwwkkqykkysiuqq.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:21", "1524407", "cwawamcayosmymyo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524372", "aaacokkaakcyywqw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524373", "aaiiwqmsqyyiegmi.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524374", "aawqwgmquyeaawaw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524375", "ageiikuqmwcygcmw.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524376", "agkeymooywqswwmk.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524377", "agsamacckwkgawcu.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524378", "agykgqgqcqekwysc.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524379", "ameykwkygsekweay.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524380", "amoeqissaciwwkaa.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524381", "amucaugimcccmwki.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524382", "amucosckweckosmg.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524383", "amuiwiaigeoiaueo.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524384", "amyweosgkmgiouka.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:49:20", "1524385", "asimuyosiaaaoecm.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer,seed-5654", "0", "abuse_ch"
"2025-05-17 06:45:03", "1524371", "ycuwskmikicqiace.xyz", "domain", "botnet_cc", "win.metastealer", "None", "MetaStealer", "2025-05-17 06:49:30", "100", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer", "0", "abuse_ch"
"2025-05-17 06:45:00", "1524370", "185.200.191.124:443", "ip:port", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "75", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer", "0", "abuse_ch"
"2025-05-17 06:40:04", "1524369", "http://178.141.153.185:49053/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-17 06:36:41", "1524366", "greg12boy-54325.portmap.io", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "2025-05-18 06:19:10", "50", "", "c2,xworm", "0", "juroots"
"2025-05-17 06:36:41", "1524367", "java-fioricet.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "2025-05-18 06:19:10", "50", "", "c2,xworm", "0", "juroots"
"2025-05-17 06:36:41", "1524368", "jazperwashere69-51726.portmap.io", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "2025-05-18 06:19:10", "50", "", "c2,xworm", "0", "juroots"
"2025-05-17 06:35:34", "1524364", "185.29.8.65:6374", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-17 06:35:34", "1524365", "216.9.227.170:1213", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-17 06:35:24", "1524363", "https://ecornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/98d520e91135c2ed5310a980253a6d1c2fca3a87214c664413416d8b959406c6/", "lumma", "0", "abuse_ch"
"2025-05-17 06:35:18", "1524362", "https://applyjjzl.run/quhx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c86bb63d82014bf9a36c13fe6f94ab28c80888dd429a858194dc168b99756b1c/", "lumma", "0", "abuse_ch"
"2025-05-17 06:35:16", "1524361", "https://5jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8e06de8362aa306b91416672800eab1486086e1630efd643f56fe794f6c65c2e/", "lumma", "0", "abuse_ch"
"2025-05-17 06:35:14", "1524360", "rembvt.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-17 06:35:00", "1524359", "https://pooier.000webhostapp.com/pony/packer.exe", "url", "payload_delivery", "win.pony", "Siplog,Fareit", "Pony", "", "50", "", "pony", "0", "juroots"
"2025-05-17 06:34:46", "1524358", "https://pooier.000webhostapp.com/pony/admin.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "50", "", "c2,pony", "0", "juroots"
"2025-05-17 06:34:19", "1524355", "cyberthreats.ddns.net", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots"
"2025-05-17 06:34:19", "1524356", "market-needed.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots"
"2025-05-17 06:34:19", "1524357", "water-keyword.gl.at.ply.gg", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots"
"2025-05-17 06:33:24", "1524352", "http://froloccenatr.com/d2/about.php", "url", "botnet_cc", "win.evilpony", "CREstealer", "EvilPony", "", "50", "", "c2,evilpony", "0", "juroots"
"2025-05-17 06:33:24", "1524353", "http://imajobalgun.ru/d2/about.php", "url", "botnet_cc", "win.evilpony", "CREstealer", "EvilPony", "", "50", "", "c2,evilpony", "0", "juroots"
"2025-05-17 06:33:24", "1524354", "http://magnowin.ru/d2/about.php", "url", "botnet_cc", "win.evilpony", "CREstealer", "EvilPony", "", "50", "", "c2,evilpony", "0", "juroots"
"2025-05-17 06:32:56", "1524351", "http://icets.at/oRbbQ3/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "50", "", "amadey,c2", "0", "juroots"
"2025-05-17 06:32:06", "1524350", "http://45.141.233.43:50555/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196dcf1-55a8-703a-8aac-11bad9654e7a", "c2,hookbot,urlscan", "0", "juroots"
"2025-05-17 06:30:34", "1524349", "85.239.33.120:8089", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "50", "https://www.shodan.io/host/85.239.33.120#8089", "c2,ermac,shodan", "0", "juroots"
"2025-05-17 06:30:20", "1524348", "79.124.62.10:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/79.124.62.10#9000", "c2,sectop,shodan", "0", "juroots"
"2025-05-17 06:30:07", "1524347", "13.208.60.44:4063", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/13.208.60.44#4063", "blackshades,c2,shodan", "0", "juroots"
"2025-05-17 06:29:52", "1524346", "88.247.35.166:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/88.247.35.166#1604", "c2,darkcomet,shodan", "0", "juroots"
"2025-05-17 06:29:40", "1524345", "156.223.210.247:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "https://www.shodan.io/host/156.223.210.247#1177", "c2,njrat,shodan", "0", "juroots"
"2025-05-17 06:29:27", "1524344", "210.215.129.230:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/210.215.129.230#4443", "c2,shodan,villain", "0", "juroots"
"2025-05-17 06:29:13", "1524343", "162.254.85.213:9443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/162.254.85.213#9443", "bruteratel,c2,shodan", "0", "juroots"
"2025-05-17 06:28:42", "1524341", "118.122.8.221:19071", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/118.122.8.221#19071", "c2,netbus,shodan", "0", "juroots"
"2025-05-17 06:28:42", "1524342", "18.132.35.207:6001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/18.132.35.207#6001", "c2,netbus,shodan", "0", "juroots"
"2025-05-17 06:28:22", "1524340", "2.143.144.138:600", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/2.143.144.138#600", "c2,netsupport,shodan", "0", "juroots"
"2025-05-17 06:28:21", "1524338", "18.208.161.116:49", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/18.208.161.116#49", "c2,netsupport,shodan", "0", "juroots"
"2025-05-17 06:28:21", "1524339", "16.78.93.131:7634", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/16.78.93.131#7634", "c2,netsupport,shodan", "0", "juroots"
"2025-05-17 06:27:55", "1524335", "47.120.38.173:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/47.120.38.173#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-17 06:27:55", "1524336", "190.123.46.143:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/190.123.46.143#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-17 06:27:55", "1524337", "100.29.177.149:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/100.29.177.149#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-17 06:27:54", "1524334", "91.99.67.190:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/91.99.67.190#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-17 06:27:29", "1524331", "8.216.80.229:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/8.216.80.229#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 06:27:29", "1524332", "192.210.201.119:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/192.210.201.119#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 06:27:29", "1524333", "51.79.255.203:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/51.79.255.203#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 06:27:28", "1524329", "80.78.30.127:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/80.78.30.127#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 06:27:28", "1524330", "156.244.46.77:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/156.244.46.77#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-17 06:27:09", "1524327", "41.143.200.243:1926", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#1926", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:27:09", "1524328", "41.143.171.44:8085", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.171.44#8085", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:27:08", "1524324", "41.143.200.243:10909", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#10909", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:27:08", "1524325", "41.143.200.243:9095", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9095", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:27:08", "1524326", "41.143.200.243:4434", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#4434", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:27:07", "1524322", "41.143.200.243:8139", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#8139", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:27:07", "1524323", "41.143.200.243:9443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9443", "c2,quasar,shodan", "0", "juroots"
"2025-05-17 06:26:26", "1524321", "106.38.201.218:8800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/106.38.201.218#8800", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-05-17 06:26:25", "1524320", "124.221.30.83:8889", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/124.221.30.83#8889", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-05-17 06:26:23", "1524319", "101.35.109.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/101.35.109.246#443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-17 06:26:22", "1524316", "120.27.20.98:10086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:59", "50", "https://www.shodan.io/host/120.27.20.98#10086", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-17 06:26:22", "1524317", "154.44.10.82:8840", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.44.10.82#8840", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-17 06:26:22", "1524318", "1.95.148.173:2083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/1.95.148.173#2083", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-17 06:25:45", "1524315", "https://retechlabp.run/ioji", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7521de9b4cccfd3833f5beb86a80696330a745c6cdde7c0e0c92462cd08f0f2f/", "lumma", "0", "abuse_ch"
"2025-05-17 06:21:25", "1524313", "45.81.23.48:47001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "None", "0", "Abodovic"
"2025-05-17 06:11:54", "1524097", "sorts-pushed-completely-manuals.trycloudflare.com", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114519413640245965", "KongTuke", "0", "monitorsg"
"2025-05-17 06:11:53", "1524254", "54.37.226.59:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:08:00", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:53", "1524255", "8.134.70.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:08:19", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:52", "1524256", "118.107.42.247:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:08:41", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:52", "1524257", "117.72.74.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:51", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:52", "1524258", "47.116.181.251:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:28", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:51", "1524259", "113.250.188.15:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:30", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:51", "1524260", "118.107.42.250:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:50", "1524261", "103.82.53.18:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:16", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:50", "1524262", "1.14.200.238:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:18", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:49", "1524263", "49.0.246.64:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:49", "1524264", "117.72.107.255:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:48", "1524265", "15.156.70.35:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:47", "1524266", "117.72.17.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic"
"2025-05-17 06:11:47", "1524267", "150.241.97.83:31999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:45:32", "90", "https://search.censys.io/hosts/150.241.97.83", "AEZA-AS,AS210644,C2,censys", "0", "dyingbreeds_"
"2025-05-17 06:11:47", "1524272", "147.45.116.129:2053", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-17 04:00:44", "100", "https://search.censys.io/hosts/147.45.116.129", "AS215540,C2,censys,GCS-AS,Hookbot", "0", "dyingbreeds_"
"2025-05-17 06:11:45", "1524273", "176.65.140.223:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 14:47:32", "100", "https://search.censys.io/hosts/176.65.140.223", "AS214717,C2,censys,DOLPHINHOST-AS,Hookbot", "0", "dyingbreeds_"
"2025-05-17 06:11:44", "1524280", "172.245.82.123:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.245.82.123", "AS-COLOCROSSING,AS36352,censys,Viper", "0", "dyingbreeds_"
"2025-05-17 06:11:44", "1524281", "103.149.90.231:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.149.90.231", "AS142032,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:44", "1524282", "84.200.24.88:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/84.200.24.88", "AS44066,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:43", "1524283", "185.30.208.29:8082", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.30.208.29", "AS199917,censys,DECIMA-AS,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:43", "1524284", "194.163.190.200:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/194.163.190.200", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:42", "1524285", "47.113.202.225:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.113.202.225", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:42", "1524286", "185.238.2.144:60008", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.238.2.144", "AS200313,censys,GoPhish,INTERNET-IT,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:41", "1524287", "54.77.123.112:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.77.123.112", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:40", "1524288", "3.16.55.246:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.16.55.246", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:40", "1524289", "52.56.128.85:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.56.128.85", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:39", "1524290", "52.78.66.48:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.78.66.48", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:39", "1524291", "34.151.202.206:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.151.202.206", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:37", "1524292", "146.190.147.191:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/146.190.147.191", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:37", "1524293", "5.129.200.4:3434", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/5.129.200.4", "AS9123,censys,GoPhish,Phishing,TIMEWEB-AS", "0", "dyingbreeds_"
"2025-05-17 06:11:36", "1524294", "35.176.128.30:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.176.128.30", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:36", "1524296", "48.209.8.189:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/48.209.8.189", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:35", "1524295", "34.123.234.116:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.123.234.116", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:35", "1524299", "54.36.208.252:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.36.208.252", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:34", "1524297", "64.227.173.94:1724", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/64.227.173.94", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:34", "1524298", "167.71.93.67:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/167.71.93.67", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:33", "1524300", "159.138.136.69:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.138.136.69", "AS136907,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:32", "1524301", "20.84.117.139:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.84.117.139", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:11:32", "1524302", "34.100.236.204:3000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.100.236.204", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-17 06:04:58", "1524310", "47.254.149.115:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-17 06:04:58", "1524311", "103.45.65.80:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:26", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-17 06:04:58", "1524312", "156.238.224.164:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 08:11:54", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-17 06:04:44", "1524309", "104.143.38.36:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-05-17 06:04:42", "1524305", "196.251.83.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 08:11:31", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-17 06:04:42", "1524306", "106.15.105.78:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-05-17 06:04:42", "1524307", "120.76.238.109:800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-17 06:04:42", "1524308", "196.251.83.52:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 08:11:35", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-17 06:04:38", "1524304", "154.92.15.53:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch"
"2025-05-17 04:55:13", "1524303", "http://660516cm.nyashvibe.ru/videoPythonRequestPollgeoprotectTrafficwpprivate.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-17 04:01:14", "1524279", "193.252.54.170:8081", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/193.252.54.170", "AS3215,C2,censys,France,hacktool,Mimikatz,open-dir", "0", "DonPasci"
"2025-05-17 04:01:05", "1524278", "overcast2384.crabdance.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-17 04:01:43", "100", "https://search.censys.io/hosts/194.15.36.168+overcast2384.crabdance.com", "AS58087,C2,censys,FLORIANKOLB,panel,Unam", "0", "DonPasci"
"2025-05-17 04:00:52", "1524277", "3.249.21.15:5984", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:50:53", "100", "https://search.censys.io/hosts/3.249.21.15", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-17 04:00:51", "1524276", "54.191.4.203:1963", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:52:49", "100", "https://search.censys.io/hosts/54.191.4.203", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-17 04:00:48", "1524274", "202.61.192.161:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 14:49:56", "100", "https://search.censys.io/hosts/202.61.192.161", "AS197540,C2,censys,Havoc,NETCUP-AS", "0", "DonPasci"
"2025-05-17 04:00:48", "1524275", "202.61.192.161:4433", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 14:49:57", "100", "https://search.censys.io/hosts/202.61.192.161", "AS197540,C2,censys,Havoc,NETCUP-AS", "0", "DonPasci"
"2025-05-17 04:00:28", "1524270", "34.45.231.202:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/34.45.231.202", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,open-dir,payload,Sliver", "0", "DonPasci"
"2025-05-17 04:00:28", "1524271", "86.123.49.75:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/86.123.49.75", "AS8708,C2,censys,open-dir,payload,RCS-RDS,Sliver", "0", "DonPasci"
"2025-05-17 04:00:23", "1524268", "146.70.137.90:3010", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:45:11", "100", "https://search.censys.io/hosts/146.70.137.90", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-05-17 04:00:23", "1524269", "172.111.244.100:37830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:46:49", "100", "https://search.censys.io/hosts/172.111.244.100", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci"
"2025-05-17 02:54:30", "1524253", "api.saicfinance.work", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:54:36", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-17 01:59:12", "1524250", "ddd7107e166df63a174c5469da76b1d86f6371aa", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:12", "1524251", "8bcd87aebddfd8d5810fb0831a71229bc80efa384989484141dc2808529885f1", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:12", "1524252", "8c9e5bf2d91d6555bb836c6504bcbb0e", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:11", "1524248", "d54167a2c70fa2a4d038fee137e4b3772856640abe81f7ed00b1e322a1900805", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:11", "1524249", "6e9ae4727e5b78d3441e0d1594e6a18f", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:10", "1524246", "b303c880c532e3f3421074c4170b1c71", "md5_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:10", "1524247", "9efedd629ebc2509e0f7769491b85403b72d0436", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:09", "1524243", "26d8699c9540caa81c4a85b53b9108fa", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:09", "1524244", "780dbc75b9becc9d2bb1b587da75ce4295c645ce", "sha1_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:09", "1524245", "f198bb6bee83222fdfe3e8041edc25f9dada1f715379d5c632c64a49f8171b38", "sha256_hash", "payload", "win.screenlocker", "None", "ScreenLocker", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:08", "1524241", "5bcce967130704eb5deab7cc3765eef5fffe8977", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:08", "1524242", "cb112fd22daaab7536c3741ec96b151cc6125f55ea218613c1d3155625acc260", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:07", "1524239", "bb57b8e646c8202ecd16a679d4d8b97c4ba74e913c92fe311c8e9cda5333e3d2", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:07", "1524240", "925e81bfcc3127d9dd8bf06065ee1378", "md5_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:06", "1524237", "72ad9a338206da91156189ef261f120b", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:06", "1524238", "f93050d63aeff7eb0a0d530789b51217c9e81bc8", "sha1_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:05", "1524235", "760d3130494973cb7e00fd940b56885c917877fd", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:05", "1524236", "7e268bf5ccd71be30eea4258e54cd291f4e0191fa6eb6b28825ba71098abd486", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:04", "1524232", "46b918c44be12004cfd5c43395551868026da316", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:04", "1524233", "4ba169f5c334b0f841bd919e5f06c1044a7c864fa6ab7d855ee8b12337c0e26a", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:04", "1524234", "ea901d024730d280e9195ca52bfd5a3d", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:03", "1524230", "2871df2b1ffcf8b30a42cace024a0a85a90fc3a5f3b2be985cb00cc6eee0cc05", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:03", "1524231", "51d9b3de09fe1c17612722698d6d4e4f", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:02", "1524228", "3d1a810dc31683e726b32414a3f0587f", "md5_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:02", "1524229", "86b5b70b9c0a4514cd078b31552025580f9ed0c6", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:01", "1524226", "b6031bcf04e9918d72670f201bce8d8b3d200787", "sha1_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:01", "1524227", "45a638c989dc770b1c043699d1c6c67373b4d5310f95dfd627c642d35931710f", "sha256_hash", "payload", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:00", "1524224", "7b30344c6bf06b6ec7aba1e5f9ac6953014ea8b78631e2911d15612272668340", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:59:00", "1524225", "e4601c9d3537a78acf12dae922f70b5c", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:59", "1524222", "bbb2eb34fed468b8ec5cd0be88f9acbb", "md5_hash", "payload", "win.troldesh", "Shade", "Troldesh", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:59", "1524223", "bf971b50964bb2957d3b48ac6f694b682d2c1929", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:58", "1524220", "6b0c0a35d0020700cc2baf744eb3b2a250945bbf", "sha1_hash", "payload", "win.troldesh", "Shade", "Troldesh", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:58", "1524221", "69af1d10dd1dacae362ab8fd4e5bcc97ddb363cdeb06a4bf1bc3db4dfc68b1e1", "sha256_hash", "payload", "win.troldesh", "Shade", "Troldesh", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:57", "1524217", "41becdc40f12c56b4d33f65eb9fcfdec44b54e39", "sha1_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:57", "1524218", "2abb588a9e421c7e2da7f58231de94a990a89251957d1d71c8098cea1709b0f1", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:57", "1524219", "0bb9a76cc29185477e69fccb0a60a348", "md5_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:56", "1524215", "a94c30191ea73419ebf08919e8a1c8ea0ace0e5d05da21e3692ed8a91f96c659", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:56", "1524216", "4edfa1364a6e703a3de2f73da22841c3", "md5_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:55", "1524213", "bff537f368cf413f3d6d6d9481b1ed50", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:55", "1524214", "63502b60153f75f812e47ba5bf810eccbbabe31d", "sha1_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:54", "1524211", "6161b4304a086644e9d5fc41bd131c9b2bc1c8f4", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:54", "1524212", "868e724925e76c170363a3a3d1a9f302f522389cdfac2a26651d3f1052e03828", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:53", "1524208", "a6e7816d9681da2699463e36419f0585b7b2c4ed", "sha1_hash", "payload", "win.coldstealer", "None", "ColdStealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:53", "1524209", "e11aa20425dc6577dda92c4e64c4c7ba74650900d4d52f9e57f555cf5b4356ed", "sha256_hash", "payload", "win.coldstealer", "None", "ColdStealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:53", "1524210", "3c28ed0310ed002983e57a9d841e3671", "md5_hash", "payload", "win.coldstealer", "None", "ColdStealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:52", "1524206", "e1eaea80fc723c6ae674cb446cdd9b2bfd9e4093102e444eb86f0b1a4c5bdc75", "sha256_hash", "payload", "win.dostealer", "None", "DOSTEALER", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:52", "1524207", "ddb717eacdfdc3c24eb2df2724677398", "md5_hash", "payload", "win.dostealer", "None", "DOSTEALER", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:51", "1524204", "35378b6f6d68ae938f48853b3fbf3b4e", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:51", "1524205", "2d558db86bbd81b457ae783926c73c0df0c0e4f3", "sha1_hash", "payload", "win.dostealer", "None", "DOSTEALER", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:50", "1524202", "aefe3736f4b7c416061a5d7f50cf7efbfa8a56b4", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:50", "1524203", "0b9c492b506d9ce227c13c35dd60ab2060c6dfeaf229877bf0a28bc34dbce09f", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:49", "1524199", "cb6ffcbb6cb9d44e76ec620f8a92d7ef9aac4361", "sha1_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:49", "1524200", "1aa3ee229a01291246afb56e5c79d2c8de523bcd76e603c1bef084bb2acb3d24", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:49", "1524201", "47d0dc2b70e5b1aa76b78365c0bab5e5", "md5_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:48", "1524197", "d65d7e8220fcc8124f9ec3f06945e043db9861f0386afffcc13972db4c7dfb06", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:48", "1524198", "81d750507053ae8581f5a32477f32274", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:47", "1524195", "e8afe371b2d9c56b771befb5efc0e854", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:47", "1524196", "f5d6a1910c3e40e6df3927d3eb6cd5184700cfc9", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:46", "1524193", "254cd717c711a3c43692a53ab27a0f6123eaca6d", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:46", "1524194", "943699ed8f49842c31c0d7de09dce2b105e65b8931babc996d0beb67dd53aaeb", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:45", "1524191", "b84e1918251ab01c78812d26711528b38394633cdb819e5a9db2ce1fa865b4bf", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:45", "1524192", "041da02759f1488b3af4c3a36fa383d7", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:44", "1524190", "08860c73177760b0066e606e5d72301e7bb3042b", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:43", "1524188", "188c3798b6d41bdfa3981bb61a40b81f4fe123c64b9bed2d4c40951de2064f19", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:43", "1524189", "6a497a436f0ff474236190edf4e2561c", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:42", "1524186", "640c6068e307cf7c88cbd17ea4446f07", "md5_hash", "payload", "win.colony", "Bandios,GrayBird", "Colony", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:42", "1524187", "50c3543bbd13ce1a26d569d3868a1b1fcb5bbb13", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:41", "1524184", "17c76239248b41d157e41cc8ea4819b3a63dd477", "sha1_hash", "payload", "win.colony", "Bandios,GrayBird", "Colony", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:41", "1524185", "c1882e6c6759224796831228964c83a3f46c9d99f4fecfc0da0aa3ba18f831cd", "sha256_hash", "payload", "win.colony", "Bandios,GrayBird", "Colony", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:40", "1524182", "65fd5041c1a1c4115b0c59995221023486f02e5e5d8e313c3e48f3a42ef9a623", "sha256_hash", "payload", "win.lambert", "Plexor", "Lambert", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:40", "1524183", "63d835764d036db9502a8fb315895b66", "md5_hash", "payload", "win.lambert", "Plexor", "Lambert", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:39", "1524180", "77e7d644b09bb7025981ab48a2e4f59a", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:39", "1524181", "7c4ba2d13098df8d56b587eab64c0a450da624ba", "sha1_hash", "payload", "win.lambert", "Plexor", "Lambert", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:38", "1524178", "5569476add5cd3287abac27a2f3db50f76fda499", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:38", "1524179", "f52eeccf731a3deb198e5ddb2e8dd8e5041c8c2d740fe1e2830f48d97ebd3801", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:37", "1524175", "e5745808093271c8ae2ff00b492f9d9375f56598", "sha1_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:37", "1524176", "a066757dfe3345e1e1fa00ff7257c5ee91251f725e3aa460eac92c17f7daed1b", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:37", "1524177", "f25eec33d99697fb1bd3d8252eb51f52", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:36", "1524173", "9ef929cb19bdcb4355d34e51d9e014223079fee809bdd7c47facea5cec8324e1", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:36", "1524174", "0017f18960948b746109973076f00520", "md5_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:35", "1524171", "3b2263f2c7d2dea527a671ceb22e95cb", "md5_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:35", "1524172", "93376d4971ce1616bf3820abcf2b4b2b422c233c", "sha1_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:34", "1524169", "1e8867107b72d367870bbd604e5a614f011311a0", "sha1_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:34", "1524170", "bc6699756662da1ae9f17951f44a167e670379dac4b028aa3c1153623a22387b", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:33", "1524166", "6f06909c83002c033e0c8786036c3c189bebaf4d", "sha1_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:33", "1524167", "58c6957733081459bec81413b4d13af0f1f185f2efff4ea47897be570ba0ae28", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:33", "1524168", "e865f60a461c74454ba80715da8cc8d9", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:32", "1524164", "dce3dcd7656e25fd5af87ecd2967355c4e2de8d90b701cafdfcc509f03904c70", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:32", "1524165", "42b392116ee84912b0f270aa183d549d", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:31", "1524162", "9808a677476b79b3f704b944d71d1162", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:31", "1524163", "24999a62f8207f07299d67fb087caf5cd4c9d3bf", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:30", "1524160", "2cb1bfa87e26e9fc62c49f2195f3979842e79fb7", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:30", "1524161", "b3c91a9caf078acc8c6b8b03807b035885f85acedbe907debb016d02414c1c35", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:29", "1524157", "3083f5855053c2fcde28e946aff1f59db0fc4539", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:29", "1524158", "186ff54556fc88758fa7d80c8a2d901011ea59a2740d2f5cc793b5cd29a897af", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:29", "1524159", "981f6077b7bbd3c39d69fa5a740a6d24", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:28", "1524155", "e0ffd8621c2519c898ef4381db8b83264e4589b6fad4f69dc3f8550465f4386b", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:28", "1524156", "4b36ec259e16b77a751ad5e2c1ce3940", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:27", "1524153", "5bdf4f3aa32819ec9f05733dbacb15ea", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:27", "1524154", "f1b462b1d7a197be2adddce225ca046959ddc439", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:26", "1524151", "3211853d6afe9e6a2e79da2d3c98dd2e597f784d", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:26", "1524152", "5125bdd56a603dcb3929a4bf2282467ded28ccfed837d908ad4eff4246f43e94", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:25", "1524149", "0f378f4dbf137ca4abdf88f8d137684c4196935df8bc8e3cfabeb4bdc5c3ba75", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:30", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:25", "1524150", "e0f16d8cd1eec1c672fe72f736626714", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:31", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:24", "1524147", "4019f43f477b70d6c0b0d482eb7769a7", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:30", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:24", "1524148", "74d16ab7c6d2a7d66527e3e6a43c2df2b004aef1", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:30", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:23", "1524144", "7991da32dd4e19427fef96554c00f4bb", "md5_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:29", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:23", "1524145", "321d3ecfa4efa8dc769f0177e34f00ed6d0db480", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:29", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:23", "1524146", "4b49ecdac3221f60f27bf1fc2950f86a5ff640fab62729c4a6a84717a828bb3c", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:30", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:22", "1524142", "9a4b7a47b39501679cf11c6cfa216abf982dca05", "sha1_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:28", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:22", "1524143", "a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "2025-05-18 02:02:28", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:21", "1524140", "aa5422f677a5edd3939d9652209e15fe56f26998a293bd23b521f48a3b3ca318", "sha256_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "2025-05-18 02:02:27", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:21", "1524141", "6597668d61de582a555608470409f424", "md5_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "2025-05-18 02:02:27", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:20", "1524139", "f4296b3bf76e9959b2b9e6ac448e8f2defafca03", "sha1_hash", "payload", "win.darkcloud", "None", "DarkCloud Stealer", "2025-05-18 02:02:26", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:19", "1524138", "7d3e5bf34015f5bfd5c926495580a312", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 02:02:26", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:18", "1524135", "0c461478b1b7fd0226d03a9d173facc8", "md5_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 02:02:24", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:18", "1524136", "9bdbe1c945016205d36222ff633bd899d1a8314a", "sha1_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 02:02:25", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:18", "1524137", "ace5562cb154f79a019c1fc331a7dd39e2857b6d22dffe0986d6353cd5d2c5d3", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 02:02:25", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:16", "1524133", "9540a9e3dfedfc5dfc09995c4af17940cba38b39", "sha1_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 02:02:23", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:16", "1524134", "8b6f5e8d604cefb319e3b76a745ecfb6e98e866b8dd190192a594488229b6a0f", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 02:02:24", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:15", "1524131", "9fdf9e7540e981ffda3d6a60e9a44557fb5e1866d830187fd5415a6d0def7f92", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:23", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:15", "1524132", "337ee3f038ea8645ed0c9bb3d0350776", "md5_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:23", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:14", "1524129", "87c3187c4694b40d24f92ef1393db1dd", "md5_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:22", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:14", "1524130", "050b87087ebcf482f50225e9d4e756e960e8d690", "sha1_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:22", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:13", "1524126", "16218630cb686cc8172b0cff7329887c", "md5_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:15", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:13", "1524127", "25b96ad443fe3d45b1d7295736f1dfe9e07f57af", "sha1_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:16", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:13", "1524128", "92157f11be0dd49d07b0ef671b5a61b168f167cb0105af08520fa0ea246541ab", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:21", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:12", "1524124", "4184660f1ed34762a162ec9fbd536a1a85919804", "sha1_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:14", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:12", "1524125", "8453b3ac669bc4b733dda13643d3bb9b77ab956ac5a6f3941abb605c4ee6afd2", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "2025-05-18 02:02:15", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:10", "1524122", "0484e1fa67b4eccdd208258e6052a50e9f3db9175ede4d36f73b851d59570045", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2025-05-18 02:02:06", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:10", "1524123", "586f32d3aece4fa92a9d1a7025c081e6", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2025-05-18 02:02:06", "95", "None", "None", "0", "Grim"
"2025-05-17 01:58:09", "1524121", "31f65681032b802003e13f0bcaf59c762707d7e9", "sha1_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "2025-05-18 02:02:05", "95", "None", "None", "0", "Grim"
"2025-05-17 01:30:16", "1524120", "196.119.86.83:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-05-17 00:02:31", "1524119", "8.134.85.229:47486", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 14:53:28", "100", "https://search.censys.io/hosts/8.134.85.229", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci"
"2025-05-17 00:02:15", "1524117", "35.179.132.39:789", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:51:11", "100", "https://search.censys.io/hosts/35.179.132.39", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-17 00:02:15", "1524118", "3.135.183.122:718", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 14:50:50", "100", "https://search.censys.io/hosts/3.135.183.122", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-17 00:02:14", "1524116", "206.206.76.25:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-17 04:01:27", "100", "https://search.censys.io/hosts/206.206.76.25", "AS215311,C2,censys,DcRAT,RAT,REGXA-CLOUD", "0", "DonPasci"
"2025-05-17 00:02:13", "1524114", "45.141.233.60:55330", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 14:51:49", "100", "https://search.censys.io/hosts/45.141.233.60", "AS214943,C2,censys,DcRAT,RAILNET,RAT", "0", "DonPasci"
"2025-05-17 00:02:13", "1524115", "213.209.150.22:55140", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 14:50:20", "100", "https://search.censys.io/hosts/213.209.150.22", "AS214943,C2,censys,DcRAT,RAILNET,RAT", "0", "DonPasci"
"2025-05-17 00:02:10", "1524113", "18.228.31.163:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 14:48:09", "100", "https://search.censys.io/hosts/18.228.31.163", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci"
"2025-05-17 00:02:06", "1524112", "24.96.73.177:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:41", "100", "https://search.censys.io/hosts/24.96.73.177", "AS12083,C2,censys,Quasar,RAT,WOW-INTERNET", "0", "DonPasci"
"2025-05-17 00:02:05", "1524111", "45.141.233.43:50555", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 14:51:49", "100", "https://search.censys.io/hosts/45.141.233.43", "AS214943,C2,censys,Hookbot,RAILNET", "0", "DonPasci"
"2025-05-17 00:01:58", "1524110", "88.237.19.77:1000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:54:03", "100", "https://search.censys.io/hosts/88.237.19.77", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci"
"2025-05-16 23:20:42", "1524109", "https://jwracxilb.digital/ozi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8f3370aaf5651d6bc98794269a81acaa9f6990847636cbc1085d50cc36673d7c/", "lumma", "0", "abuse_ch"
"2025-05-16 23:20:17", "1524108", "https://anarrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8f3370aaf5651d6bc98794269a81acaa9f6990847636cbc1085d50cc36673d7c/", "lumma", "0", "abuse_ch"
"2025-05-16 23:15:54", "1524107", "https://onehunqpom.life/zpxd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21cfc0456efbfd7d450ea93e3170ccd17d8b308d39b92b2e94863116a08e4dbb/", "lumma", "0", "abuse_ch"
"2025-05-16 23:15:25", "1524106", "https://bovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21cfc0456efbfd7d450ea93e3170ccd17d8b308d39b92b2e94863116a08e4dbb/", "lumma", "0", "abuse_ch"
"2025-05-16 21:57:21", "1524105", "47.92.216.212:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:58:10", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-16 20:56:21", "1524104", "165.154.226.249:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:43", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-16 20:54:38", "1524103", "ns2.taipower.energy", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:54:55", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-16 20:54:36", "1524102", "ns1.taipower.energy", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:54:52", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-16 20:53:24", "1524101", "80.78.30.127:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:53:40", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-16 20:52:28", "1524100", "51.79.255.203:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:52:40", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-16 20:51:14", "1524099", "38.147.171.158:16521", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:51:23", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-16 20:35:13", "1524098", "http://212.109.193.128/84public3/Windowsbetter3/Secure/Datalife/Base9Private/DumpFlowerApiTemporary/Javascript_/Trafficlocal/sqlimageTest/JsLinux/jsauth2/ApidumpDump/defaultapiWindows8/pythoncdn9update/Secure/Wordpress/VideoTojsCpumultitraffictestwpLocalPrivate.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-16 20:02:32", "1524096", "123.60.135.200:8082", "ip:port", "botnet_cc", "win.vshell", "None", "Vshell", "2025-05-17 04:01:35", "100", "https://search.censys.io/hosts/123.60.135.200", "AS55990,C2,censys,HWCSNET,Vshell", "0", "DonPasci"
"2025-05-16 20:02:21", "1524091", "41.143.171.44:49152", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:57", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:21", "1524092", "41.143.171.44:830", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:58", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:21", "1524093", "41.143.171.44:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:10", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:21", "1524094", "41.143.171.44:21482", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:50", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:21", "1524095", "41.143.171.44:8082", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:15", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:20", "1524086", "41.143.171.44:6061", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:44", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:20", "1524087", "41.143.171.44:40736", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:09", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:20", "1524088", "41.143.171.44:4841", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:52", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:20", "1524089", "41.143.171.44:8636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:45", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:20", "1524090", "41.143.171.44:832", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:51", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:19", "1524082", "41.143.171.44:20201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:48", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:19", "1524083", "41.143.171.44:15814", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:55", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:19", "1524084", "41.143.171.44:24813", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:49", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:19", "1524085", "41.143.171.44:7547", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:01", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:18", "1524076", "41.143.200.243:25565", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:18", "1524077", "41.143.200.243:63612", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:18", "1524078", "41.143.200.243:4839", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:18", "1524079", "41.143.200.243:4841", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:18", "1524080", "41.143.200.243:24400", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:18", "1524081", "41.143.171.44:18244", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:02", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:17", "1524071", "41.143.200.243:5985", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:17", "1524072", "41.143.200.243:18310", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:17", "1524073", "41.143.200.243:22954", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:17", "1524074", "41.143.200.243:6000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:17", "1524075", "41.143.200.243:21556", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:16", "1524066", "41.143.200.243:33095", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:16", "1524067", "41.143.200.243:34492", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:16", "1524068", "41.143.200.243:46202", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:16", "1524069", "41.143.200.243:5000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:16", "1524070", "41.143.200.243:5556", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:15", "1524060", "41.143.200.243:28434", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:15", "1524061", "41.143.200.243:36153", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:15", "1524062", "41.143.200.243:44819", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:15", "1524063", "41.143.200.243:16360", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:15", "1524064", "41.143.200.243:39634", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:15", "1524065", "41.143.200.243:46704", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:14", "1524055", "41.143.200.243:12608", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:14", "1524056", "41.143.200.243:40615", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:14", "1524057", "41.143.200.243:62658", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:14", "1524058", "41.143.200.243:12984", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:14", "1524059", "41.143.200.243:17238", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:13", "1524050", "41.143.200.243:50995", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:13", "1524051", "41.143.200.243:53747", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:13", "1524052", "41.143.200.243:2", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:43", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:13", "1524053", "41.143.200.243:8122", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:13", "1524054", "41.143.200.243:11055", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:12", "1524044", "41.143.200.243:20080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:12", "1524045", "41.143.200.243:27153", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:12", "1524046", "41.143.200.243:3128", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:12", "1524047", "41.143.200.243:32941", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:12", "1524048", "41.143.200.243:47228", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:12", "1524049", "41.143.200.243:51776", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:11", "1524039", "41.143.200.243:40000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:11", "1524040", "41.143.200.243:58083", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:11", "1524041", "41.143.200.243:929", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:11", "1524042", "41.143.200.243:1201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:11", "1524043", "41.143.200.243:8883", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:10", "1524034", "41.143.200.243:6443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:10", "1524035", "41.143.200.243:43204", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:10", "1524036", "41.143.200.243:3390", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:10", "1524037", "41.143.200.243:43645", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:10", "1524038", "41.143.200.243:33840", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:09", "1524029", "41.143.200.243:50621", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:09", "1524030", "41.143.200.243:8636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:09", "1524031", "41.143.200.243:18811", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:09", "1524032", "41.143.200.243:44657", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:09", "1524033", "41.143.200.243:5903", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:08", "1524024", "41.143.200.243:65524", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:08", "1524025", "41.143.200.243:119", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:08", "1524026", "41.143.200.243:14701", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:08", "1524027", "41.143.200.243:38788", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:08", "1524028", "41.143.200.243:46259", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:07", "1524019", "41.143.200.243:60000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:07", "1524020", "41.143.200.243:31225", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:07", "1524021", "41.143.200.243:46857", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:07", "1524022", "41.143.200.243:48213", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:07", "1524023", "41.143.200.243:39313", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:06", "1524018", "41.143.200.243:3389", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 20:02:04", "1524016", "178.172.173.38:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:47:53", "100", "https://search.censys.io/hosts/178.172.173.38", "AS6697,BELPAK-AS,C2,censys,Mythic", "0", "DonPasci"
"2025-05-16 20:02:04", "1524017", "209.38.162.253:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:50:10", "100", "https://search.censys.io/hosts/209.38.162.253", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-05-16 20:02:03", "1524014", "185.254.198.245:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:48:33", "100", "https://search.censys.io/hosts/185.254.198.245", "AS30860,C2,censys,Mythic,YURTEH-AS", "0", "DonPasci"
"2025-05-16 20:02:03", "1524015", "34.38.189.222:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 14:51:07", "100", "https://search.censys.io/hosts/34.38.189.222", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Mythic", "0", "DonPasci"
"2025-05-16 20:01:55", "1524013", "116.205.245.113:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-17 04:00:26", "100", "https://search.censys.io/hosts/116.205.245.113", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci"
"2025-05-16 20:01:41", "1524011", "194.180.48.36:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:49:08", "100", "https://search.censys.io/hosts/194.180.48.36", "AS201814,C2,censys,MEVSPACE,RAT,Remcos", "0", "DonPasci"
"2025-05-16 20:01:41", "1524012", "198.23.200.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:49:42", "100", "https://search.censys.io/hosts/198.23.200.105", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-16 20:01:40", "1524010", "104.37.4.116:6011", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:43:33", "100", "https://search.censys.io/hosts/104.37.4.116", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-16 20:01:23", "1524009", "121.196.211.254:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:56:01", "100", "https://search.censys.io/hosts/121.196.211.254", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci"
"2025-05-16 20:01:19", "1524008", "118.25.148.25:1443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:54", "100", "https://search.censys.io/hosts/118.25.148.25", "AS45090,C2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci"
"2025-05-16 20:01:18", "1524007", "119.28.116.34:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:55", "100", "https://search.censys.io/hosts/119.28.116.34", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci"
"2025-05-16 19:39:35", "1524006", "66.63.187.232:1111", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "", "XWorm", "0", "abuse_ch"
"2025-05-16 19:39:07", "1524005", "abuwire123.duckdns.org", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "", "XWorm", "0", "abuse_ch"
"2025-05-16 19:32:30", "1524004", "196.251.88.153:6609", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-05-16 19:27:40", "1524003", "https://xonehunqpom.life/zpxd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch"
"2025-05-16 19:27:13", "1524002", "https://narrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch"
"2025-05-16 19:27:04", "1524001", "https://jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch"
"2025-05-16 19:26:37", "1524000", "https://30featurlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch"
"2025-05-16 19:19:01", "1523999", "103.245.231.8:7198", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:19:00", "1523994", "45.66.228.71:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:19:00", "1523995", "51.75.32.168:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:19:00", "1523996", "77.75.230.145:8000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:19:00", "1523997", "37.114.37.78:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:19:00", "1523998", "89.208.113.170:974", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:18:59", "1523990", "147.45.68.82:9000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:18:59", "1523991", "212.11.64.197:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:18:59", "1523992", "45.134.39.55:9999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:18:59", "1523993", "46.203.233.164:666", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:18:58", "1523989", "77.110.103.206:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E"
"2025-05-16 19:16:32", "1523988", "https://venaetdqfn.run/gjud", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4b49ecdac3221f60f27bf1fc2950f86a5ff640fab62729c4a6a84717a828bb3c/", "lumma", "0", "abuse_ch"
"2025-05-16 19:15:58", "1523987", "https://fovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0f378f4dbf137ca4abdf88f8d137684c4196935df8bc8e3cfabeb4bdc5c3ba75/", "lumma", "0", "abuse_ch"
"2025-05-16 19:15:32", "1523986", "https://aposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0f378f4dbf137ca4abdf88f8d137684c4196935df8bc8e3cfabeb4bdc5c3ba75/", "lumma", "0", "abuse_ch"
"2025-05-16 19:08:55", "1523985", "89.185.80.37:443", "ip:port", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "75", "", "MetaStealer", "0", "abuse_ch"
"2025-05-16 19:01:33", "1523983", "jackthyfuc.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-16 19:01:32", "1523982", "narrathfpt.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-17 12:34:51", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-16 19:01:31", "1523984", "onehunqpom.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-16 18:51:51", "1523981", "https://volleyballbranch.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-16 18:43:53", "1523970", "https://itrtruck.com/js.php", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg"
"2025-05-16 18:43:52", "1523966", "lordphoenix.net", "domain", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "", "None", "0", "dmoney"
"2025-05-16 18:43:52", "1523968", "https://itrtruck.com/5r3e.js", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg"
"2025-05-16 18:43:52", "1523969", "itrtruck.com", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-17 09:09:23", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg"
"2025-05-16 18:43:51", "1523971", "https://events-datamicrosoft.org/u4tr3ibjal", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg"
"2025-05-16 18:43:51", "1523972", "events-datamicrosoft.org", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-17 09:09:24", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg"
"2025-05-16 18:43:50", "1523973", "160.187.246.174:12121", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest"
"2025-05-16 18:43:50", "1523974", "156.238.233.49:18080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-16 18:43:50", "1523975", "111.231.7.138:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-16 18:43:49", "1523976", "107.173.60.88:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-16 18:43:49", "1523977", "38.54.14.145:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-16 18:43:48", "1523978", "8.147.118.153:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-16 18:43:48", "1523979", "82.163.22.139:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v"
"2025-05-16 18:10:15", "1523980", "185.196.9.158:6689", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:48:26", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-05-16 16:50:17", "1523967", "150.241.93.127:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-05-16 16:15:14", "1523965", "192.169.69.26:1000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-05-16 16:02:21", "1523964", "194.87.220.47:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 14:49:14", "100", "https://search.censys.io/hosts/194.87.220.47", "AS9123,C2,censys,Havoc,TIMEWEB-AS", "0", "DonPasci"
"2025-05-16 16:02:19", "1523963", "41.143.171.44:31842", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:08", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:18", "1523958", "41.143.171.44:16993", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:45", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:18", "1523959", "41.143.171.44:49013", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:46", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:18", "1523960", "41.143.171.44:59006", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:07", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:18", "1523961", "41.143.171.44:4101", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:01", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:18", "1523962", "41.143.171.44:6001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:05", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:17", "1523954", "41.143.171.44:4840", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:54", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:17", "1523955", "41.143.171.44:119", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:15", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:17", "1523956", "41.143.171.44:587", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:05", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:17", "1523957", "41.143.171.44:6443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:48", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:16", "1523950", "41.143.171.44:19999", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:48", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:16", "1523951", "41.143.171.44:32287", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:16", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:16", "1523952", "41.143.171.44:33228", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:58", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:16", "1523953", "41.143.171.44:81", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:08", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:15", "1523946", "41.143.171.44:44819", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:00", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:15", "1523947", "41.143.171.44:50580", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:07", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:15", "1523948", "41.143.171.44:50805", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:47", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:15", "1523949", "41.143.171.44:25565", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:12", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:14", "1523941", "41.143.171.44:6667", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:11", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:14", "1523942", "41.143.171.44:10414", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:16", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:14", "1523943", "41.143.171.44:37872", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:52", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:14", "1523944", "41.143.171.44:58440", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:04", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:14", "1523945", "41.143.171.44:231", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:00", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:13", "1523936", "41.143.171.44:49626", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:53", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:13", "1523937", "41.143.171.44:4839", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:11", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:13", "1523938", "41.143.171.44:5986", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:44", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:13", "1523939", "41.143.171.44:46993", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:04", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:13", "1523940", "41.143.171.44:2761", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:47", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:12", "1523932", "41.143.171.44:427", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:57", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:12", "1523933", "41.143.171.44:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:05", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:12", "1523934", "41.143.171.44:8000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:56", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:12", "1523935", "41.143.171.44:18082", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:14", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:11", "1523929", "41.143.171.44:771", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:53", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:11", "1523930", "41.143.171.44:4242", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:06", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:11", "1523931", "41.143.171.44:37681", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:59", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:10", "1523924", "41.143.171.44:1433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:51", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:10", "1523925", "41.143.171.44:2455", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:56", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:10", "1523926", "41.143.171.44:35055", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:12", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:10", "1523927", "41.143.171.44:38504", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:06", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:10", "1523928", "41.143.171.44:49294", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:09", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:09", "1523920", "41.143.171.44:41795", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:00", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:09", "1523921", "41.143.171.44:58603", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:50", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:09", "1523922", "41.143.171.44:623", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:55", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:09", "1523923", "41.143.171.44:990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:47", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:08", "1523916", "41.143.171.44:9042", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:54", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:08", "1523917", "41.143.171.44:14265", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:08", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:08", "1523918", "41.143.171.44:28640", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:14", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:08", "1523919", "41.143.171.44:32965", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:46", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:07", "1523912", "41.143.171.44:49502", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:17", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:07", "1523913", "41.143.171.44:591", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:49", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:07", "1523914", "41.143.171.44:833", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:13", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:07", "1523915", "41.143.171.44:7001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:06", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:06", "1523907", "41.143.171.44:1911", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:54", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:06", "1523908", "41.143.171.44:2404", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:17", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:06", "1523909", "41.143.171.44:4730", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:02", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:06", "1523910", "41.143.171.44:20001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:03", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:06", "1523911", "41.143.171.44:37341", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:46", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci"
"2025-05-16 16:02:04", "1523905", "majorfund.pro", "domain", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-17 04:00:36", "100", "https://search.censys.io/hosts/172.67.131.123+majorfund.pro", "AS13335,C2,censys,CLOUDFLARENET,Hookbot", "0", "DonPasci"
"2025-05-16 16:02:04", "1523906", "147.45.116.129:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-17 04:00:38", "100", "https://search.censys.io/hosts/147.45.116.129", "AS215540,C2,censys,GCS-AS,Hookbot", "0", "DonPasci"
"2025-05-16 16:01:57", "1523904", "172.111.151.97:57", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:46:47", "100", "https://search.censys.io/hosts/172.111.151.97", "AS9009,AsyncRAT,C2,censys,M247,RAT", "0", "DonPasci"
"2025-05-16 16:01:56", "1523902", "biz-buradayiiz.shop", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-17 04:00:28", "100", "https://search.censys.io/hosts/94.156.177.241+biz-buradayiiz.shop", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci"
"2025-05-16 16:01:56", "1523903", "185.208.156.253:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 14:48:27", "100", "https://search.censys.io/hosts/185.208.156.253", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci"
"2025-05-16 16:01:44", "1523901", "51.79.255.203:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 14:52:40", "100", "https://search.censys.io/hosts/51.79.255.203", "AS16276,C2,censys,OVH,Sliver", "0", "DonPasci"
"2025-05-16 16:01:40", "1523898", "172.245.208.27:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:46:58", "100", "https://search.censys.io/hosts/172.245.208.27", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-16 16:01:40", "1523899", "176.65.142.109:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 14:47:37", "100", "https://search.censys.io/hosts/176.65.142.109", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci"
"2025-05-16 16:01:40", "1523900", "196.251.115.237:5000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/196.251.115.237", "AS401116,C2,censys,NYBULA,RAT,Remcos", "0", "DonPasci"
"2025-05-16 16:01:36", "1523897", "93.105.1.235:1593", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-05-17 04:00:17", "100", "https://search.censys.io/hosts/93.105.1.235", "AS29314,C2,censys,DarkComet,RAT,VECTRANET-AS", "0", "DonPasci"
"2025-05-16 16:01:22", "1523896", "1.94.96.91:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:55:12", "100", "https://search.censys.io/hosts/1.94.96.91", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci"
"2025-05-16 16:01:19", "1523895", "39.100.70.46:1556", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:57:24", "100", "https://search.censys.io/hosts/39.100.70.46", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-05-16 16:01:18", "1523894", "64.176.60.8:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 14:58:21", "100", "https://search.censys.io/hosts/64.176.60.8", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-05-16 15:57:53", "1523893", "problem.cloudboats.vip", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E"
# Number of entries: 1336