################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2025-04-03 17:58:48 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-04-03 17:58:48", "1484563", "https://check.xuxyf.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-04-03 17:36:04", "1484561", "https://sprmendu.live/nabgb", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/94d4904e697315bfc3586a115c66e657fc74e056350f9b4987f4ddd4fa185900/", "lumma", "0", "abuse_ch" "2025-04-03 17:35:50", "1484560", "https://kgalxnetb.today/GsuIAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/94d4904e697315bfc3586a115c66e657fc74e056350f9b4987f4ddd4fa185900/", "lumma", "0", "abuse_ch" "2025-04-03 17:26:06", "1484559", "https://steptbli.digital/jkagz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4cd99e88f2af1d6125faaf04cc423537fbdd1dda3a345161031fa4d079f3abd7/", "lumma", "0", "abuse_ch" "2025-04-03 17:25:45", "1484558", "https://hxrfxcaseq.live/gspaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4cd99e88f2af1d6125faaf04cc423537fbdd1dda3a345161031fa4d079f3abd7/", "lumma", "0", "abuse_ch" "2025-04-03 17:06:01", "1484557", "https://q6rhxhube.run/pogrs", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b2bd3ce6aee7a3aede24889c7a2f21caf448e47ed94e20cbb31b38348b84f880/", "lumma", "0", "abuse_ch" "2025-04-03 17:05:50", "1484556", "https://ijrxsafer.top/shpaoz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b2bd3ce6aee7a3aede24889c7a2f21caf448e47ed94e20cbb31b38348b84f880/", "lumma", "0", "abuse_ch" "2025-04-03 16:01:13", "1484543", "https://latchclan.shop/Wjquw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/68c3beef0ed60dbfab18afa76b20bbd8c699177c88121079ec4dd94f11055f9f/", "lumma", "0", "abuse_ch" "2025-04-03 16:00:51", "1484533", "https://fastbenerfa.shop/biSUz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/68c3beef0ed60dbfab18afa76b20bbd8c699177c88121079ec4dd94f11055f9f/", "lumma", "0", "abuse_ch" "2025-04-03 16:00:37", "1484532", "https://6bugildbett.top/bAuz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/68c3beef0ed60dbfab18afa76b20bbd8c699177c88121079ec4dd94f11055f9f/", "lumma", "0", "abuse_ch" "2025-04-03 15:56:04", "1484529", "https://unicornu.digital/nojh", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/92cbc9d11b1dac5ddc467b6a9004531f4619ca553ea7be2b930af78dde07a6db/", "lumma", "0", "abuse_ch" "2025-04-03 15:55:41", "1484528", "https://gxrfxcaseq.live/gspaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/92cbc9d11b1dac5ddc467b6a9004531f4619ca553ea7be2b930af78dde07a6db/", "lumma", "0", "abuse_ch" "2025-04-03 15:10:56", "1484524", "https://yjrxsafer.top/shpaoz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8982bcc7399d4e6a2c578c9c081d4287fee1c9b0ce2f2d73a7dfdb3fa07b8e96/", "lumma", "0", "abuse_ch" "2025-04-03 15:10:39", "1484523", "https://jrlxspoty.run/nogoaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/3ee59ef4b79abd6090d315da94142a19d69a16c27b1916ee4e1ef3a906acb497/", "lumma", "0", "abuse_ch" "2025-04-03 15:06:01", "1484521", "https://utargett.top/dsANGt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e0c211297e4300d977719cc2e0722b40426551e44e711bffe77f0f348aed5852/", "lumma", "0", "abuse_ch" "2025-04-03 15:05:36", "1484520", "https://aadvento.run/SAOznj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e0c211297e4300d977719cc2e0722b40426551e44e711bffe77f0f348aed5852/", "lumma", "0", "abuse_ch" "2025-04-03 15:03:24", "1484397", "https://covaticonstructioncorp.shop/pictures/analytics.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114274429114211477", "SmartApeSG", "0", "monitorsg" "2025-04-03 15:03:22", "1484399", "https://covaticonstructioncorp.shop/pictures/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114274429114211477", "SmartApeSG", "0", "monitorsg" "2025-04-03 15:03:20", "1484400", "https://covaticonstructioncorp.shop/pictures/video.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114274429114211477", "SmartApeSG", "0", "monitorsg" "2025-04-03 15:03:19", "1484401", "https://mindsparkdigital.com/msg.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114274429114211477", "SmartApeSG", "0", "monitorsg" "2025-04-03 15:03:18", "1484393", "https://9na6ylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-03 15:03:17", "1484394", "https://44n8aylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-03 15:03:17", "1484395", "https://tesra.shop/drasticplay.ogg", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "hta,LummaStealer", "0", "threatcat_ch" "2025-04-03 15:03:11", "1484392", "https://6onaylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-03 13:40:41", "1484391", "https://pykrxspint.digital/kendwz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7c34a8d5dbc474efaa02494c7eb6a856880da7736ed4d942d9ed272d6d374597/", "lumma", "0", "abuse_ch" "2025-04-03 13:40:30", "1484390", "https://drhxhube.run/pogrs", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7c34a8d5dbc474efaa02494c7eb6a856880da7736ed4d942d9ed272d6d374597/", "lumma", "0", "abuse_ch" "2025-04-03 12:40:05", "1484378", "http://175.107.2.95:36387/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-04-03 12:40:04", "1484377", "http://42.235.85.115:33308/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-04-03 12:22:54", "1484373", "https://webproinc.com/3e5e.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114273958273909875", "KongTuke", "0", "monitorsg" "2025-04-03 12:22:52", "1484375", "https://webproinc.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114273958273909875", "KongTuke", "0", "monitorsg" "2025-04-03 08:15:16", "1484346", "https://grazafnulp.com/test/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "100", "None", "latrodectus", "0", "Rony" "2025-04-03 07:35:29", "1484304", "https://6grxeasyw.digital/xxepw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/73ca9bc319d447e03a717b4f781aca8dc11a5bec82ace59751f285341e4b137c/", "lumma", "0", "abuse_ch" "2025-04-03 07:30:49", "1484303", "https://srlxspoty.run/nogoaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4facc56a1012801ac81d763f53d57c6c35ed4948945aa925df96cdaa30b1b90f/", "lumma", "0", "abuse_ch" "2025-04-03 07:30:32", "1484302", "https://8ywmedici.top/noagis", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4facc56a1012801ac81d763f53d57c6c35ed4948945aa925df96cdaa30b1b90f/", "lumma", "0", "abuse_ch" "2025-04-03 07:30:30", "1484301", "https://1krxspint.digital/kendwz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/4facc56a1012801ac81d763f53d57c6c35ed4948945aa925df96cdaa30b1b90f/", "lumma", "0", "abuse_ch" "2025-04-03 07:00:53", "1482158", "https://vironloxp.live/aksdd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/585392ec23db6d24697c38aec92e87985a418587d55f6b8b4467d12423205e36/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:44", "1482156", "https://rlxspoty.run/nogoaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b86abdfbad86c5faaa00aeb30fad083c237160377227cad9ad22cc2fd4daa6da/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:42", "1482155", "https://otargett.top/dsANGt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/679cd77725c32a0d630aa1599d683720d738c24148ebfb04b9509f561862906e/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:37", "1482154", "https://gspacedbv.world/EKdlsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b86abdfbad86c5faaa00aeb30fad083c237160377227cad9ad22cc2fd4daa6da/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:36", "1482153", "https://grxeasyw.digital/xxepw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b86abdfbad86c5faaa00aeb30fad083c237160377227cad9ad22cc2fd4daa6da/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:35", "1482152", "https://exrfxcaseq.live/gspaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b86abdfbad86c5faaa00aeb30fad083c237160377227cad9ad22cc2fd4daa6da/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:31", "1482151", "https://3starcloc.bet/GOksAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b86abdfbad86c5faaa00aeb30fad083c237160377227cad9ad22cc2fd4daa6da/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:30", "1482149", "https://0ironloxp.live/aksdd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/679cd77725c32a0d630aa1599d683720d738c24148ebfb04b9509f561862906e/", "lumma", "0", "abuse_ch" "2025-04-03 06:45:30", "1482150", "https://1galxnetb.today/GsuIAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/b86abdfbad86c5faaa00aeb30fad083c237160377227cad9ad22cc2fd4daa6da/", "lumma", "0", "abuse_ch" "2025-04-03 06:40:05", "1482148", "http://45.164.177.177:11794/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf" "2025-04-03 06:11:39", "1477033", "https://nexacorenet.com/blog/tech-trends/2025-trends/index.php", "url", "botnet_cc", "win.matanbuchus", "None", "Matanbuchus", "", "100", "None", "None", "0", "Bitsight" "2025-04-03 02:00:25", "1477148", "https://xrfxcaseq.live/gspaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:25", "1477149", "https://ywmedici.top/noagis", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:24", "1477147", "https://wspacedbv.world/EKdlsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:21", "1477146", "https://rhxhube.run/pogrs", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:20", "1477145", "https://qgrxeasyw.digital/xxepw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:18", "1477144", "https://mnavstarx.shop/FoaJSi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:16", "1477142", "https://jrxsafer.top/shpaoz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:16", "1477143", "https://krxspint.digital/kendwz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:13", "1477141", "https://eadvennture.top/GKsiio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:12", "1477140", "https://cironloxp.live/aksdd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-03 02:00:10", "1477139", "https://6metalsyo.digital/opsa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c6e3855f6893092020a2dce35e30869d96a7922f2b805bbdf081eec97cbba62b/", "lumma", "0", "abuse_ch" "2025-04-02 22:14:38", "1477044", "https://fluheror.run/xzvfas", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "ClearFake", "1", "ttakvam" "2025-04-02 19:45:55", "1476968", "https://lmetalsyo.digital/opsa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2237953b9b13a18569f81769755c5f56fca19cdae5c43c14462dc7a83f94ab39/", "lumma", "0", "abuse_ch" "2025-04-02 19:45:42", "1476967", "https://fadvennture.top/GKsiio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2237953b9b13a18569f81769755c5f56fca19cdae5c43c14462dc7a83f94ab39/", "lumma", "0", "abuse_ch" "2025-04-02 19:45:31", "1476966", "https://5targett.top/dsANGt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/2237953b9b13a18569f81769755c5f56fca19cdae5c43c14462dc7a83f94ab39/", "lumma", "0", "abuse_ch" "2025-04-02 19:08:40", "1476960", "https://i.jolttapestry.fun/7456f63a46cc318334a70159aa3c4291", "url", "payload_delivery", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "", "PowerShell,Rhadamanthys", "0", "threatcat_ch" "2025-04-02 19:08:39", "1476962", "https://api.blue-pencil-wave.today/78fc5131525a9e8d335b1/bu4x10qt.a1", "url", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "None", "Rhadamanthys", "0", "threatcat_ch" "2025-04-02 14:21:43", "1463262", "https://bukaman.shop/firstbookingplay.mp3", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "threatcat_ch" "2025-04-02 14:21:42", "1463264", "https://a.uueui.shop/700815a50547b01b29cf3a1ca55d7a7e3058e7d911072018.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "threatcat_ch" "2025-04-02 14:21:41", "1463266", "https://b1.uueui.shop/700815a50547b01b29cf3a1ca55d7a7e3058e7d911072018.html", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "threatcat_ch" "2025-04-02 14:21:40", "1463268", "https://kestim.shop/leonabab.ogg", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "LummaStealer", "0", "threatcat_ch" "2025-04-02 13:24:20", "1463260", "https://pub-bd53f9ae91ea4e9aa37d6a305c2fe7b7.r2.dev/connect/cloudflare.html", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f6ac-9581-712b-a812-7035a5e5a2a7", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 13:24:19", "1463259", "https://ypp-panel.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f6ac-9186-7569-bd52-28ae65544607", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 13:23:40", "1463245", "https://dcdh4.shop/pictures/analytics.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114268531892849663", "SmartApeSG", "0", "monitorsg" "2025-04-02 13:23:39", "1463247", "https://dcdh4.shop/pictures/index.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114268531892849663", "SmartApeSG", "0", "monitorsg" "2025-04-02 13:23:39", "1463248", "https://dcdh4.shop/pictures/video.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114268531892849663", "SmartApeSG", "0", "monitorsg" "2025-04-02 13:23:39", "1463249", "https://zaharaflowers.com/prflbmsg.zip", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114268531892849663", "SmartApeSG", "0", "monitorsg" "2025-04-02 13:23:38", "1463251", "https://eiesystems.com/4e2e.js", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114268570745089055", "KongTuke", "0", "monitorsg" "2025-04-02 13:23:38", "1463253", "https://eiesystems.com/js.php", "url", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114268570745089055", "KongTuke", "0", "monitorsg" "2025-04-02 13:22:42", "1463258", "https://system-update.cloud/Di0Her478/Login.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "50", "https://urlscan.io/result/0195f6ab-16a5-76ef-b6c5-39a04a415f81", "amadey,c2,urlscan", "0", "juroots" "2025-04-02 12:03:22", "1463191", "https://onay245lihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-02 12:03:22", "1463192", "https://onayl753ihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-02 12:03:21", "1463193", "https://onaylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-02 12:03:21", "1463194", "https://3onaylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-02 12:03:21", "1463195", "https://ona6ylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-02 12:03:20", "1463196", "https://on8aylihasadaizlireklam.site/ODg4MTMyZDNmODA0/", "url", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "80", "None", "apk,Coper", "0", "myonium1" "2025-04-02 11:47:09", "1463180", "http://103.143.230.128:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS138152,supershell,YISU CLOUD LTD", "0", "antiphishorg" "2025-04-02 11:25:57", "1463190", "https://rxoffersu.run/klgsa", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/d542019c1b2ddb602966fd905e6bbc7caa02309a383ce443ec081b2f0c71122f/", "lumma", "0", "abuse_ch" "2025-04-02 10:20:06", "1463177", "https://check.zaqob.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-04-02 10:08:17", "1463168", "http://system-update.cloud/Di0Her478/Login.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "None", "amadey,AS13335,Cloudflare Inc.,WEBCC", "0", "antiphishorg" "2025-04-02 09:16:06", "1463171", "https://newpillr.digital/pweri", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fdf80694651dc47b27eb9e4c75e65215ca84e4eb0fc25a28cf8776edde9bf670/", "lumma", "0", "abuse_ch" "2025-04-02 09:11:51", "1463170", "https://radvennture.top/GKsiio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/45c7ff8e9ea76d1c1d91bb4b6f9ca3ad9dbb2707122c32e68d1d199d5beb189e/", "lumma", "0", "abuse_ch" "2025-04-02 09:00:48", "1463169", "https://ferroyxo.run/quiwdz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7c321f8a0d6c357d3406afb96408968d107c81f8282e2353ea4cebed67432f88/", "lumma", "0", "abuse_ch" "2025-04-02 08:55:23", "1463160", "https://2starcloc.bet/GOksAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/1f684625be309e146edd8153997480e1623ed28686f287befc0e0f0de6169bd5/", "lumma", "0", "abuse_ch" "2025-04-02 08:50:48", "1463159", "https://orodformi.run/aUosoz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7b72b67072f75f232a0d6fb52b8a51960f5697dc47e033c77bd7f91a388f1e3c/", "lumma", "0", "abuse_ch" "2025-04-02 08:50:24", "1463158", "https://6targett.top/dsANGt", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/7b72b67072f75f232a0d6fb52b8a51960f5697dc47e033c77bd7f91a388f1e3c/", "lumma", "0", "abuse_ch" "2025-04-02 07:48:34", "1463086", "https://check.dasoc.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-04-02 07:36:38", "1463084", "http://system-update.cloud/Di0Her478/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "", "100", "", "Amadey", "0", "abuse_ch" "2025-04-02 07:33:23", "1463082", "https://research.90shipsnormal.site/api/log", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "", "Prysmax", "0", "abuse_ch" "2025-04-02 07:25:38", "1463079", "https://ideahubk.run/GpsaOA", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/f0a7e2c8daf33fedc43bf9870d5c3215b4d214fbf188adb77e6b13f7b39a1dc4/", "lumma", "0", "abuse_ch" "2025-04-02 07:20:33", "1463078", "https://tacticaltalks.live/glKShay", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/0a3015b8106de793930707781764e7823aab2607ed0b1e01efce6a973e92f760/", "lumma", "0", "abuse_ch" "2025-04-02 07:10:44", "1463077", "https://check.kywau.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-04-02 07:05:34", "1463075", "https://wstarcloc.bet/GOksAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:33", "1463073", "https://vspacedbv.world/EKdlsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:33", "1463074", "https://wgalxnetb.today/GsuIAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:30", "1463072", "https://ostarcloc.bet/GOksAo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:29", "1463071", "https://hywnnavstarx.shop/FoaJSi", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:28", "1463070", "https://hcosmosyf.top/GOsznj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:27", "1463069", "https://hadvennture.top/GKsiio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 07:05:25", "1463068", "https://1ironloxp.live/aksdd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28a2bf8b977ff55b312b74ef4a55aa7f9aec71e97f194e0dd1a5f66773a206a4/", "lumma", "0", "abuse_ch" "2025-04-02 06:50:26", "1463067", "https://castmann.run/qweir", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/cd89fa05062aba09ab8180ce9ae4ca7c9cef9beccc4625927625e642fd0e6e33/", "lumma", "0", "abuse_ch" "2025-04-02 06:39:23", "1463066", "https://check.lacoa.icu/gkcxv.google", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "clearfake", "1", "ttakvam" "2025-04-02 06:27:43", "1462789", "https://github.com/ROMILDOVAZ/musicas/releases/download/fdsfdsf/Setuvlast.zip", "url", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Github,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872" "2025-04-02 05:45:47", "1463063", "https://ww.ap.4t.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-04-02 05:45:47", "1463064", "https://116.202.0.34/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x" "2025-04-02 03:48:36", "1462981", "https://pastebin.com/raw/d5Sw0nvt", "url", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-04-02 03:47:37", "1462978", "https://review-booking34891.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49c-87fc-7731-a645-45d595294e4b", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:47:33", "1462977", "https://legderlive-desktop.org/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49c-7820-7527-bcd2-4c86ad8bb27f", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:47:26", "1462975", "https://onlyfans.bh/VioletOF", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49c-5dee-7408-884d-c5c71510db4f", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:47:22", "1462974", "https://accountsecurity.email/9wJwwWEPp3o?/secure-account", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49c-4e4d-76bf-b5bf-f597f395df3d", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:47:15", "1462973", "https://accountsecurity.email/9wJwwWEPp3o?%2Fsecure-account", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49c-333e-7012-b023-04591868fff3", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:47:03", "1462970", "https://id-ionos-de-webmail-konto-updates.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49c-02f2-752a-b439-3606f1831114", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:59", "1462969", "https://id-ionos-de-webmail-konto-system.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-f511-74fb-8ffd-360b56b32edf", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:55", "1462968", "https://id-ionos-de-webmail-appsuite.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-e54f-75ea-829c-d267d6ce9192", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:51", "1462966", "https://id-ionos-de-webmail-appsuite-id5010.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-d72e-7237-807c-d90b789daae3", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:48", "1462965", "https://id-ionos-de-webmail-system.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-c85f-762b-943b-ade2e11864f2", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:44", "1462964", "https://id-ionos-de-webmail-kunden-system.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-ba52-76cb-960d-d6d5ce3abcca", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:41", "1462963", "https://id-ionos-de-webmail-id4039.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-af2c-724c-b547-7fdcc0659eb5", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:37", "1462962", "https://id-ionos-de-webmail-login.blogspot.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-a171-773f-99c6-5be721de011b", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:34", "1462961", "http://outlook.securedmicrosoft365.com/recaptcha-verify", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-9400-7474-96f1-d5df190f2184", "fakecaptcha,urlscan", "0", "juroots" "2025-04-02 03:46:30", "1462960", "http://microsoft.securedmicrosoft365.com/recaptcha-verify", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0195f49b-8565-70f2-a4c9-de6c1ef0a23a", "fakecaptcha,urlscan", "0", "juroots" # Number of entries: 127