################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2025-05-18 11:00:21 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-05-18 11:00:21", "1525225", "https://jugulagklc.live/roek", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b7d8baf7b42e19c1a07a6e79de9fb53ebd899379d96cd2cfd5671f618e2d8a9c/", "lumma", "0", "abuse_ch" "2025-05-18 11:00:13", "1525224", "https://82jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b7d8baf7b42e19c1a07a6e79de9fb53ebd899379d96cd2cfd5671f618e2d8a9c/", "lumma", "0", "abuse_ch" "2025-05-18 10:50:25", "1525223", "https://strengbllk.live/fpsz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4f5e203c632416a5ed12d4f8faf20e4a5838daac3d26ad2c51d7e1f729af5d21/", "lumma", "0", "abuse_ch" "2025-05-18 06:18:57", "1525201", "https://pastebin.com/raw/ZxCUpaSK", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-05-18 01:57:26", "1524895", "http://103.251.164.121/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS60404,The Infrastructure Group B.V.,unam", "0", "antiphishorg" "2025-05-18 00:10:13", "1524934", "http://sagefierce.temp.swtest.ru/pipephpPollupdategeneratortemp.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-17 22:50:12", "1524896", "http://mdfhyparat.temp.swtest.ru/6ead1bc6.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-17 21:10:14", "1524894", "https://5overcovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b9f61373e4555764594de3df3cdce59ebb08258d3c11f721de68b72731441d0e/", "lumma", "0", "abuse_ch" "2025-05-17 21:10:13", "1524893", "https://4posseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b9f61373e4555764594de3df3cdce59ebb08258d3c11f721de68b72731441d0e/", "lumma", "0", "abuse_ch" "2025-05-17 19:40:11", "1524818", "http://rthgdfcx23weads.atwebpages.com/externalimagepythonrequestbasePublicDownloads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-17 18:55:11", "1524813", "http://zaoasderfdsxesdzx.mygamesonline.org/VmCpuprocessorMultiBaseuniversaltrack.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-17 18:40:06", "1524811", "http://59.182.214.239:56457/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-05-17 18:28:31", "1524779", "https://9blackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250517-rx2rgshl5y/behavioral1", "None", "0", "tanner" "2025-05-17 18:28:30", "1524778", "https://tsaxecocnak.live/manj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://tria.ge/250517-rx2rgshl5y/behavioral1", "None", "0", "tanner" "2025-05-17 17:40:09", "1524798", "http://f1127298.xsph.ru/0801894c.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-17 15:37:16", "1524788", "https://tblackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/da67b132c84b38b10b705a750126ee5ceffc68f1cc52e68d25929e80af8f6033/", "lumma", "0", "abuse_ch" "2025-05-17 15:36:38", "1524787", "https://9dracxilb.digital/ozi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/da67b132c84b38b10b705a750126ee5ceffc68f1cc52e68d25929e80af8f6033/", "lumma", "0", "abuse_ch" "2025-05-17 14:46:27", "1524785", "https://vcornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch" "2025-05-17 14:45:36", "1524784", "https://ajackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch" "2025-05-17 14:45:33", "1524783", "https://1blackswmxc.top/bgry", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch" "2025-05-17 14:45:32", "1524782", "https://06laminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/eeb833931321a3f9d4307aaa22b967c203fc34d45cd1ab25176b97331dc1c37b/", "lumma", "0", "abuse_ch" "2025-05-17 14:41:02", "1524766", "https://zlaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/5cdc51b9038ac44a9a44ec9f85082006ba9aa81dfdf4f41ca2fb0d3e31ff3a93/", "lumma", "0", "abuse_ch" "2025-05-17 14:40:27", "1524765", "https://4jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/059a0a5f8ab02faae85536a23a83f9224c4ec60055ec5a1067fa0a026f72a1b4/", "lumma", "0", "abuse_ch" "2025-05-17 14:36:37", "1524764", "https://dcornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9164bf50a1cc1e548589aa14979c6fdbba0ec977f0e3ebb6e5d4d706f5c4df40/", "lumma", "0", "abuse_ch" "2025-05-17 14:36:29", "1524763", "https://5narrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9164bf50a1cc1e548589aa14979c6fdbba0ec977f0e3ebb6e5d4d706f5c4df40/", "lumma", "0", "abuse_ch" "2025-05-17 13:35:53", "1524762", "https://dovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/080784c30b5680a3fefbbe6ae23e2466e60904c0b3ae379643ba7b697989eff0/", "lumma", "0", "abuse_ch" "2025-05-17 13:35:46", "1524761", "https://6racxilb.digital/ozi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/080784c30b5680a3fefbbe6ae23e2466e60904c0b3ae379643ba7b697989eff0/", "lumma", "0", "abuse_ch" "2025-05-17 11:52:05", "1524729", "http://194.26.192.113/panel/Login", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlquery.net/report/f710e9bd-a66b-47f6-952d-98fd611c1cf0", "c2,urlquery", "0", "juroots" "2025-05-17 11:47:17", "1524728", "http://193.124.117.178:8080/login", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlquery.net/report/061bc126-0702-4a0b-a60b-67f51922a1ed", "c2,urlquery", "0", "juroots" "2025-05-17 11:32:00", "1524727", "https://www.coinbasexpromotion.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196de03-e6fe-730a-a0d2-dd15f577487f", "fakecaptcha,urlscan", "0", "juroots" "2025-05-17 11:21:19", "1524720", "https://mainstomp.cloud/MDcMkjAxsLKsT", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots" "2025-05-17 11:21:19", "1524719", "https://sharemoc.space/XdYUmFd2xX", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots" "2025-05-17 11:21:19", "1524718", "https://temptransfer.live/SkwkUTIoFTrXYRMd", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots" "2025-05-17 11:21:19", "1524717", "https://baza.com/loader.bin", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots" "2025-05-17 11:21:19", "1524716", "https://ipfs.io/ipns/k51qzi5uqu5djqy6wp9nng1igaatx8nxwpye9iz18ce6b8ycihw8nt04khemao", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "50", "https://www.zscaler.com/blogs/security-research/technical-analysis-transferloader", "TransferLoader", "0", "juroots" "2025-05-17 10:09:54", "1524677", "https://anna-akhmatova.com/cdn-cgi/phish-bypass?atok=6N9gb5deGg8zcdG11AUBmZIPlVsnEbiNWaHlwFtqc18-1747442361.20884-0.0.1.1-%2Flogin&cf-turnstile-response=", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://urlscan.io/result/0196ddb8-bdeb-7609-9355-df1ac9956cac", "c2,lumma,urlscan", "0", "juroots" "2025-05-17 10:09:14", "1524676", "https://katz-stealer.com/login", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlscan.io/result/0196ddb8-2147-77fa-836f-dd0fced1ed08", "c2,katz,urlscan", "0", "juroots" "2025-05-17 10:09:13", "1524675", "https://katz-stealer.com/", "url", "botnet_cc", "unknown_stealer", "None", "Unknown Stealer", "", "50", "https://urlscan.io/result/0196ddb8-1f2b-709e-83cd-c143f05971cc", "c2,katz,urlscan", "0", "juroots" "2025-05-17 10:08:26", "1524674", "http://176.65.140.223/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196ddb7-67ca-73cf-9f77-e6672c70345c", "c2,hookbot,urlscan", "0", "juroots" "2025-05-17 07:01:21", "1524633", "https://zjackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4bd4b880b6f35433701cbc2cbcf408260f58c21e654d7893901b3a6ba04fdd1f/", "lumma", "0", "abuse_ch" "2025-05-17 07:01:17", "1524632", "https://tlaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b17daa18867c925a1b3c9b093d16773e0d9d8507981f4f0ea84b6528d511da49/", "lumma", "0", "abuse_ch" "2025-05-17 07:00:50", "1524631", "https://klaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c08135233df7ec3cd1a594b44d030760983f733246af93d0357c43260ee1ad74/", "lumma", "0", "abuse_ch" "2025-05-17 07:00:22", "1524630", "https://8asaxecocnak.live/manj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c08135233df7ec3cd1a594b44d030760983f733246af93d0357c43260ee1ad74/", "lumma", "0", "abuse_ch" "2025-05-17 07:00:21", "1524629", "https://7narrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4bd4b880b6f35433701cbc2cbcf408260f58c21e654d7893901b3a6ba04fdd1f/", "lumma", "0", "abuse_ch" "2025-05-17 07:00:19", "1524628", "https://5cornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7162d72e84ee4967b18ed769212c9be81bfe7505e72e5c795ad8444c65df35db/", "lumma", "0", "abuse_ch" "2025-05-17 07:00:19", "1524627", "https://3onehunqpom.life/zpxd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2c9f0a20bb3f0165a52858a879a4effeb1f0c3963f15df884f8baea7d3ff5f4a/", "lumma", "0", "abuse_ch" "2025-05-17 06:40:04", "1524369", "http://178.141.153.185:49053/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-05-17 06:35:24", "1524363", "https://ecornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/98d520e91135c2ed5310a980253a6d1c2fca3a87214c664413416d8b959406c6/", "lumma", "0", "abuse_ch" "2025-05-17 06:35:18", "1524362", "https://applyjjzl.run/quhx", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c86bb63d82014bf9a36c13fe6f94ab28c80888dd429a858194dc168b99756b1c/", "lumma", "0", "abuse_ch" "2025-05-17 06:35:16", "1524361", "https://5jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8e06de8362aa306b91416672800eab1486086e1630efd643f56fe794f6c65c2e/", "lumma", "0", "abuse_ch" "2025-05-17 06:35:00", "1524359", "https://pooier.000webhostapp.com/pony/packer.exe", "url", "payload_delivery", "win.pony", "Siplog,Fareit", "Pony", "", "50", "", "pony", "0", "juroots" "2025-05-17 06:34:46", "1524358", "https://pooier.000webhostapp.com/pony/admin.php", "url", "botnet_cc", "win.pony", "Siplog,Fareit", "Pony", "", "50", "", "c2,pony", "0", "juroots" "2025-05-17 06:33:24", "1524354", "http://magnowin.ru/d2/about.php", "url", "botnet_cc", "win.evilpony", "CREstealer", "EvilPony", "", "50", "", "c2,evilpony", "0", "juroots" "2025-05-17 06:33:24", "1524353", "http://imajobalgun.ru/d2/about.php", "url", "botnet_cc", "win.evilpony", "CREstealer", "EvilPony", "", "50", "", "c2,evilpony", "0", "juroots" "2025-05-17 06:33:24", "1524352", "http://froloccenatr.com/d2/about.php", "url", "botnet_cc", "win.evilpony", "CREstealer", "EvilPony", "", "50", "", "c2,evilpony", "0", "juroots" "2025-05-17 06:32:56", "1524351", "http://icets.at/oRbbQ3/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "50", "", "amadey,c2", "0", "juroots" "2025-05-17 06:32:06", "1524350", "http://45.141.233.43:50555/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196dcf1-55a8-703a-8aac-11bad9654e7a", "c2,hookbot,urlscan", "0", "juroots" "2025-05-17 06:25:45", "1524315", "https://retechlabp.run/ioji", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7521de9b4cccfd3833f5beb86a80696330a745c6cdde7c0e0c92462cd08f0f2f/", "lumma", "0", "abuse_ch" "2025-05-17 04:55:13", "1524303", "http://660516cm.nyashvibe.ru/videoPythonRequestPollgeoprotectTrafficwpprivate.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-16 23:20:42", "1524109", "https://jwracxilb.digital/ozi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8f3370aaf5651d6bc98794269a81acaa9f6990847636cbc1085d50cc36673d7c/", "lumma", "0", "abuse_ch" "2025-05-16 23:20:17", "1524108", "https://anarrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8f3370aaf5651d6bc98794269a81acaa9f6990847636cbc1085d50cc36673d7c/", "lumma", "0", "abuse_ch" "2025-05-16 23:15:54", "1524107", "https://onehunqpom.life/zpxd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21cfc0456efbfd7d450ea93e3170ccd17d8b308d39b92b2e94863116a08e4dbb/", "lumma", "0", "abuse_ch" "2025-05-16 23:15:25", "1524106", "https://bovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21cfc0456efbfd7d450ea93e3170ccd17d8b308d39b92b2e94863116a08e4dbb/", "lumma", "0", "abuse_ch" "2025-05-16 20:35:13", "1524098", "http://212.109.193.128/84public3/Windowsbetter3/Secure/Datalife/Base9Private/DumpFlowerApiTemporary/Javascript_/Trafficlocal/sqlimageTest/JsLinux/jsauth2/ApidumpDump/defaultapiWindows8/pythoncdn9update/Secure/Wordpress/VideoTojsCpumultitraffictestwpLocalPrivate.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch" "2025-05-16 19:27:40", "1524003", "https://xonehunqpom.life/zpxd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch" "2025-05-16 19:27:13", "1524002", "https://narrathfpt.top/tekq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch" "2025-05-16 19:27:04", "1524001", "https://jackthyfuc.run/xpas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch" "2025-05-16 19:26:37", "1524000", "https://30featurlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/a41450093961f95d046caf4ed1e1160b268404bc980c7b411df8f36b8545ae49/", "lumma", "0", "abuse_ch" "2025-05-16 19:16:32", "1523988", "https://venaetdqfn.run/gjud", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4b49ecdac3221f60f27bf1fc2950f86a5ff640fab62729c4a6a84717a828bb3c/", "lumma", "0", "abuse_ch" "2025-05-16 19:15:58", "1523987", "https://fovercovtcg.top/juhd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0f378f4dbf137ca4abdf88f8d137684c4196935df8bc8e3cfabeb4bdc5c3ba75/", "lumma", "0", "abuse_ch" "2025-05-16 19:15:32", "1523986", "https://aposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0f378f4dbf137ca4abdf88f8d137684c4196935df8bc8e3cfabeb4bdc5c3ba75/", "lumma", "0", "abuse_ch" "2025-05-16 18:51:51", "1523981", "https://volleyballbranch.icu/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch" "2025-05-16 18:43:53", "1523970", "https://itrtruck.com/js.php", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg" "2025-05-16 18:43:52", "1523968", "https://itrtruck.com/5r3e.js", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg" "2025-05-16 18:43:51", "1523971", "https://events-datamicrosoft.org/u4tr3ibjal", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114518636689093540", "KongTuke", "0", "monitorsg" "2025-05-16 14:51:35", "1523892", "https://domtrst455.com/work/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "https://bazaar.abuse.ch/sample/69af1d10dd1dacae362ab8fd4e5bcc97ddb363cdeb06a4bf1bc3db4dfc68b1e1/", "Latrodectus", "0", "abuse_ch" "2025-05-16 14:51:35", "1523891", "https://daringdesigners.com/work/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "https://bazaar.abuse.ch/sample/69af1d10dd1dacae362ab8fd4e5bcc97ddb363cdeb06a4bf1bc3db4dfc68b1e1/", "Latrodectus", "0", "abuse_ch" "2025-05-16 14:25:14", "1523890", "http://43.154.244.145:10101/api/x", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/7b30344c6bf06b6ec7aba1e5f9ac6953014ea8b78631e2911d15612272668340/", "cobaltstrike", "0", "abuse_ch" "2025-05-16 14:16:21", "1523883", "https://www.kmmagency.com/profileLayout", "url", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz" "2025-05-16 14:05:46", "1523889", "https://ucornerdurv.top/adwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7e2f2a1638c79ab8c7f0853c5c0a8cecbb3b623f9a069ee7a1685eeb0dc72665/", "lumma", "0", "abuse_ch" "2025-05-16 14:05:38", "1523888", "https://rwefeaturlyin.top/pdal", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d54167a2c70fa2a4d038fee137e4b3772856640abe81f7ed00b1e322a1900805/", "lumma", "0", "abuse_ch" "2025-05-16 14:05:30", "1523887", "https://flaminaflbx.shop/twoq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d54167a2c70fa2a4d038fee137e4b3772856640abe81f7ed00b1e322a1900805/", "lumma", "0", "abuse_ch" "2025-05-16 14:05:22", "1523886", "https://cposseswsnc.top/akds", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/995acf8dfee5d50968d18bf3d069b0647dd37ba471593a78d3fd2d95692b36a3/", "lumma", "0", "abuse_ch" "2025-05-16 14:05:14", "1523885", "https://anesthwtcm.run/ladj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/995acf8dfee5d50968d18bf3d069b0647dd37ba471593a78d3fd2d95692b36a3/", "lumma", "0", "abuse_ch" # Number of entries: 84