################################################################
# ThreatFox IOCs: recent additions - CSV format                #
# Last updated: 2025-05-09 08:01:38 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-05-09 08:01:38", "1518577", "nervous-mccarthy.154-53-165-98.plesk.page", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.53.165.98+nervous-mccarthy.154-53-165-98.plesk.page", "AS62425,C2,censys,KUZEYDC,panel,Unam", "0", "DonPasci"
"2025-05-09 08:01:25", "1518575", "3.25.173.186:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/3.25.173.186", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-09 08:01:25", "1518576", "3.25.173.186:2082", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/3.25.173.186", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-09 08:01:21", "1518573", "172.86.110.217:80", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.86.110.217", "AS14956,C2,censys,Havoc,ROUTERHOSTING", "0", "DonPasci"
"2025-05-09 08:01:21", "1518574", "172.86.110.217:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.86.110.217", "AS14956,C2,censys,Havoc,ROUTERHOSTING", "0", "DonPasci"
"2025-05-09 08:01:20", "1518571", "185-143-241-98.verelox.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/185.143.241.98+185-143-241-98.verelox.com", "AS52073,C2,censys,Havoc,I2SNETWORK", "0", "DonPasci"
"2025-05-09 08:01:20", "1518572", "196.251.86.20:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/196.251.86.20", "AS401120,C2,censys,CHEAPY-HOST,Havoc", "0", "DonPasci"
"2025-05-09 08:01:17", "1518569", "188.132.183.140:2053", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/188.132.183.140", "AS214036,C2,censys,Hookbot,ULTAHOST-AS", "0", "DonPasci"
"2025-05-09 08:01:17", "1518570", "103.116.8.240:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/103.116.8.240", "AS150828,C2,censys,Hookbot,VMONCLOUD-VN", "0", "DonPasci"
"2025-05-09 08:01:16", "1518568", "srv35062473.ultasrv.net", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/212.224.107.135+srv35062473.ultasrv.net", "AS44066,C2,censys,DE-FIRSTCOLO,Hookbot", "0", "DonPasci"
"2025-05-09 08:01:15", "1518566", "149.248.51.122:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/149.248.51.122", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci"
"2025-05-09 08:01:15", "1518567", "31.172.74.201:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.172.74.201", "AS16003,C2,censys,FORNEX-NL-AS,Mythic", "0", "DonPasci"
"2025-05-09 08:01:10", "1518564", "196.251.114.11:222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.114.11", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci"
"2025-05-09 08:01:10", "1518565", "196.251.114.11:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.114.11", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci"
"2025-05-09 08:01:09", "1518563", "94.26.90.69:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/94.26.90.69", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci"
"2025-05-09 08:00:59", "1518562", "20.2.234.165:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/20.2.234.165", "AS8075,C2,censys,MICROSOFT-CORP-MSN-AS-BLOCK,open-dir,payload,Sliver", "0", "DonPasci"
"2025-05-09 08:00:40", "1518561", "43.139.240.201:8389", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/43.139.240.201", "AS45090,C2,censys,CobaltStrike,cs-watermark-305419896,TENCENT-NET-AP", "0", "DonPasci"
"2025-05-09 08:00:37", "1518560", "38.165.21.124:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/38.165.21.124", "AS967,C2,censys,CobaltStrike,cs-watermark-100000,VMISS-", "0", "DonPasci"
"2025-05-09 08:00:35", "1518559", "167.99.76.115:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/167.99.76.115", "AS14061,C2,censys,CobaltStrike,cs-watermark-987654321,DIGITALOCEAN-ASN", "0", "DonPasci"
"2025-05-09 06:40:04", "1518557", "http://146.158.127.185:41312/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-09 06:15:37", "1518555", "https://vinsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dcae71ef628fe69043928102796bc97033c5a40ca4d4504fddc8259c3a525fbc/", "lumma", "0", "abuse_ch"
"2025-05-09 06:15:34", "1518554", "https://rhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dcae71ef628fe69043928102796bc97033c5a40ca4d4504fddc8259c3a525fbc/", "lumma", "0", "abuse_ch"
"2025-05-09 06:15:31", "1518553", "https://kgrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/dcae71ef628fe69043928102796bc97033c5a40ca4d4504fddc8259c3a525fbc/", "lumma", "0", "abuse_ch"
"2025-05-09 05:36:07", "1518542", "178.128.251.127:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/178.128.251.127", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:07", "1518543", "54.154.114.105:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.154.114.105", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:07", "1518544", "91.99.15.48:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/91.99.15.48", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:06", "1518545", "15.228.82.215:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/15.228.82.215", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:06", "1518546", "154.247.240.8:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "https://search.censys.io/hosts/154.247.240.8", "ALGTEL-AS,AS36947,C2,censys", "0", "dyingbreeds_"
"2025-05-09 05:36:05", "1518538", "213.157.40.164:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/213.157.40.164", "AS8393,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:05", "1518539", "149.104.28.134:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/149.104.28.134", "AS139659,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:05", "1518540", "38.128.250.180:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.128.250.180", "AS400130,censys,GoPhish,Phishing,SERV3R", "0", "dyingbreeds_"
"2025-05-09 05:36:05", "1518541", "161.35.207.1:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.207.1", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:04", "1518537", "93.125.114.39:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/93.125.114.39", "AS56740,censys,DATAHATA-AS,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-09 05:36:03", "1518529", "47.108.140.10:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.108.140.10", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-05-09 05:36:03", "1518531", "123.56.187.48:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/123.56.187.48", "AS37963,censys,Viper", "0", "dyingbreeds_"
"2025-05-09 05:36:02", "1518530", "120.46.183.147:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/120.46.183.147", "AS55990,censys,Viper", "0", "dyingbreeds_"
"2025-05-09 05:36:01", "1518526", "freeresolve.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.208.187.156+freeresolve.com", "AMAZON-AES,AS14618,C2,censys,Mythic", "0", "dyingbreeds_"
"2025-05-09 05:36:01", "1518528", "143.92.48.137:8000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-09 08:45:01", "100", "https://search.censys.io/hosts/143.92.48.137", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2025-05-09 05:36:00", "1518525", "tempoestil.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.132.51.146+tempoestil.com", "AS3132,C2,censys,Mythic", "0", "dyingbreeds_"
"2025-05-09 05:36:00", "1518527", "188.55.203.226:1337", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-09 04:01:14", "100", "https://search.censys.io/hosts/188.55.203.226", "AS25019,C2,censys,RAT,SAUDINETSTC-AS", "0", "dyingbreeds_"
"2025-05-09 05:35:59", "1518524", "43.242.200.223:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:34", "100", "https://search.censys.io/hosts/43.242.200.223", "AS142032,C2,censys", "0", "dyingbreeds_"
"2025-05-09 05:35:58", "1518522", "202.95.12.160:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:34", "100", "https://search.censys.io/hosts/202.95.12.160", "AS152194,C2,censys", "0", "dyingbreeds_"
"2025-05-09 05:35:58", "1518523", "156.245.28.75:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:34:09", "100", "https://search.censys.io/hosts/156.245.28.75", "AS133199,C2,censys", "0", "dyingbreeds_"
"2025-05-09 05:35:57", "1518520", "209.141.51.24:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "FAKEUPDATES,SocGholish", "0", "pancak3lullz"
"2025-05-09 05:35:57", "1518521", "124.220.205.147:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:33:53", "100", "https://search.censys.io/hosts/124.220.205.147", "AS45090,C2,censys", "0", "dyingbreeds_"
"2025-05-09 05:35:56", "1518504", "http://213.226.113.234/nhf7/phbf.exe", "url", "payload_delivery", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "", "dcrat", "0", "tanner"
"2025-05-09 05:35:56", "1518516", "micuh.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-09 01:34:49", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-09 05:35:56", "1518519", "158.247.206.56:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-09 05:35:54", "1518499", "hyvur.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 22:35:54", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-09 05:35:54", "1518503", "213.226.113.234:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "", "None", "0", "tanner"
"2025-05-09 05:35:53", "1518497", "security.guradclaouds.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "CoreSecThree", "0", "rmceoin"
"2025-05-09 05:35:53", "1518498", "security.clauodgaards.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "", "CoreSecThree", "0", "rmceoin"
"2025-05-09 05:35:52", "1518474", "140.143.205.14:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-09 05:35:52", "1518475", "118.195.134.148:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:45", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-09 05:35:51", "1518472", "kahox.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 19:06:16", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-09 05:35:51", "1518473", "47.242.152.186:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-09 05:35:50", "1518469", "sukum.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 18:35:34", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-09 05:35:50", "1518471", "http://129.226.189.66:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS132203,supershell,Tencent Building  Kejizhongyi Avenue", "0", "antiphishorg"
"2025-05-09 05:34:09", "1518552", "62.234.92.164:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-426352781", "0", "abuse_ch"
"2025-05-09 05:33:52", "1518551", "113.45.7.54:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-09 05:33:49", "1518550", "8.155.7.173:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-05-09 05:05:19", "1518549", "https://lclatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bdb5cb257762482a6a63c58497afb7e11190382c15c54862e6c031c4e1f095c9/", "lumma", "0", "abuse_ch"
"2025-05-09 05:05:18", "1518548", "https://kaeneasq.live/nmgj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bdb5cb257762482a6a63c58497afb7e11190382c15c54862e6c031c4e1f095c9/", "lumma", "0", "abuse_ch"
"2025-05-09 05:05:13", "1518547", "https://4homewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bdb5cb257762482a6a63c58497afb7e11190382c15c54862e6c031c4e1f095c9/", "lumma", "0", "abuse_ch"
"2025-05-09 04:01:20", "1518533", "167.86.171.34:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/167.86.171.34", "AS25019,C2,censys,Netsupport,RAT,SAUDINETSTC-AS", "0", "DonPasci"
"2025-05-09 04:01:20", "1518534", "51.20.131.192:44819", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/51.20.131.192", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-09 04:01:20", "1518535", "13.247.67.85:32963", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 08:44:36", "100", "https://search.censys.io/hosts/13.247.67.85", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-09 04:01:20", "1518536", "13.247.67.85:47163", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 08:44:36", "100", "https://search.censys.io/hosts/13.247.67.85", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-09 04:01:19", "1518532", "102.100.72.239:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 08:43:09", "100", "https://search.censys.io/hosts/102.100.72.239", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-09 03:20:12", "1518518", "38.46.14.202:27987", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-09 01:55:13", "1518517", "202.95.8.144:7081", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-09 00:05:17", "1518515", "http://8.130.132.210:7777/Rpc", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/3e53dac6ff6df102b3d056cfa5f08f9df434171add4e8fad6bb1cf57b56e72e0/", "cobaltstrike", "0", "abuse_ch"
"2025-05-09 00:01:51", "1518514", "94.198.40.6:20024", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-09 04:01:35", "100", "https://search.censys.io/hosts/94.198.40.6", "AS9009,BianLian,C2,censys,M247", "0", "DonPasci"
"2025-05-09 00:01:22", "1518513", "51.12.242.29:80", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "2025-05-09 04:00:57", "100", "https://search.censys.io/hosts/51.12.242.29", "AS8075,C2,censys,Ermac,MICROSOFT-CORP-MSN-AS-BLOCK,panel", "0", "DonPasci"
"2025-05-09 00:01:18", "1518512", "143.92.48.130:8000", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-09 08:45:01", "100", "https://search.censys.io/hosts/143.92.48.130", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,DcRAT,RAT", "0", "DonPasci"
"2025-05-09 00:01:13", "1518511", "213.209.150.210:8883", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-09 04:00:46", "100", "https://search.censys.io/hosts/213.209.150.210", "AS214943,C2,censys,Quasar,RAILNET,RAT", "0", "DonPasci"
"2025-05-09 00:01:12", "1518510", "188.132.129.196:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-09 04:00:41", "100", "https://search.censys.io/hosts/188.132.129.196", "AS214036,C2,censys,Hookbot,ULTAHOST-AS", "0", "DonPasci"
"2025-05-09 00:01:05", "1518509", "45.81.23.113:80", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 04:00:36", "100", "https://search.censys.io/hosts/45.81.23.113", "AS49870,AS49870-BV,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-05-09 00:00:53", "1518508", "77.221.158.154:31999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 04:00:29", "100", "https://search.censys.io/hosts/77.221.158.154", "AEZA-AS,AS210644,C2,censys,Sliver", "0", "DonPasci"
"2025-05-09 00:00:41", "1518507", "38.55.192.237:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:12", "100", "https://search.censys.io/hosts/38.55.192.237", "AS139659,C2,censys,CobaltStrike,LUCID-AS-AP", "0", "DonPasci"
"2025-05-09 00:00:36", "1518506", "84.46.236.55:18080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:11", "100", "https://search.censys.io/hosts/84.46.236.55", "AS46475,C2,censys,CobaltStrike,cs-watermark-666666666,LIMESTONENETWORKS", "0", "DonPasci"
"2025-05-08 23:35:15", "1518505", "213.226.113.235:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-05-08 22:57:23", "1518502", "167.86.109.240:8888", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-09 07:56:40", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-05-08 22:55:06", "1518501", "olympusgo.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:54:49", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 22:35:18", "1518500", "https://raeneasq.live/nmgj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c687d14a3d2a1e43c4a0b965892ee3f74dae3d34a9598177c2e7acaa77327bf0/", "lumma", "0", "abuse_ch"
"2025-05-08 20:53:07", "1518496", "70.31.125.238:2078", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-09 07:53:08", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-08 20:51:20", "1518495", "43.141.130.132:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 07:51:17", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-08 20:48:24", "1518494", "189.140.41.58:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-09 07:48:17", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-08 20:46:11", "1518493", "158.160.26.151:1720", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 07:45:52", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-08 20:44:07", "1518492", "116.26.10.55:36166", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 08:44:08", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-08 20:44:00", "1518491", "185.195.64.68:443", "ip:port", "botnet_cc", "win.warmcookie", "Badspace,Carrotstick,QUICKBIND", "WarmCookie", "", "100", "None", "warmcookie", "0", "Rony"
"2025-05-08 20:43:17", "1518490", "103.159.50.30:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 08:43:17", "75", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2025-05-08 20:43:07", "1518489", "101.226.27.147:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 08:43:06", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-08 20:42:21", "1518488", "199.247.6.61:80", "ip:port", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "", "SpyNote", "0", "NDA0E"
"2025-05-08 20:41:43", "1518487", "fsdlaowaa.top", "domain", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "", "100", "", "SpyNote", "0", "NDA0E"
"2025-05-08 20:40:50", "1518486", "mskisdakw.top", "domain", "botnet_cc", "apk.spynote", "CypherRat", "SpyNote", "2025-05-08 20:41:43", "100", "", "SpyNote", "0", "NDA0E"
"2025-05-08 20:01:47", "1518485", "172.171.241.227:8787", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/172.171.241.227", "AS8075,C2,censys,hacktool,MICROSOFT-CORP-MSN-AS-BLOCK,Mimikatz,open-dir", "0", "DonPasci"
"2025-05-08 20:01:23", "1518484", "54.187.139.165:113", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:52:32", "100", "https://search.censys.io/hosts/54.187.139.165", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-08 20:01:22", "1518483", "52.79.126.186:11872", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:52:30", "100", "https://search.censys.io/hosts/52.79.126.186", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-08 20:01:15", "1518482", "45.80.158.238:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-09 04:00:42", "100", "https://search.censys.io/hosts/45.80.158.238", "AS210558,C2,censys,Hookbot,SERVICES-1337-GMBH", "0", "DonPasci"
"2025-05-08 20:01:08", "1518480", "196.251.118.253:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 04:00:34", "100", "https://search.censys.io/hosts/196.251.118.253", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci"
"2025-05-08 20:01:08", "1518481", "176.65.134.77:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:47:10", "100", "https://search.censys.io/hosts/176.65.134.77", "-Reserved,AS215240,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-05-08 20:01:06", "1518479", "116.62.30.120:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-09 04:00:32", "100", "https://search.censys.io/hosts/116.62.30.120", "ALIBABA-CN-NET,AS37963,C2,censys,Supershell", "0", "DonPasci"
"2025-05-08 20:00:54", "1518478", "5.35.125.77:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 04:00:22", "100", "https://search.censys.io/hosts/5.35.125.77", "ADMINVPS,AS211183,C2,censys,Sliver", "0", "DonPasci"
"2025-05-08 20:00:50", "1518477", "212.69.86.8:5061", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/212.69.86.8", "AS57043,C2,censys,HOSTKEY-AS,RAT,Remcos", "0", "DonPasci"
"2025-05-08 20:00:35", "1518476", "47.109.190.151:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:15", "100", "https://search.censys.io/hosts/47.109.190.151", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-05-08 18:50:10", "1518470", "103.12.149.123:8080", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-08 18:12:22", "1518468", "77.232.38.204:37215", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E"
"2025-05-08 18:01:36", "1518467", "fecif.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 17:44:09", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 17:21:07", "1518457", "fanpuy.com", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-08 17:21:07", "1518464", "minak.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 16:06:38", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 16:58:36", "1518466", "39.105.6.249:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:57:24", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 16:56:41", "1518465", "113.44.132.115:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:34", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 16:01:21", "1518463", "18.133.246.144:1244", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:47:35", "100", "https://search.censys.io/hosts/18.133.246.144", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-08 16:01:20", "1518462", "202.95.14.161:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-09 04:00:54", "100", "https://search.censys.io/hosts/202.95.14.161", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,DcRAT,RAT", "0", "DonPasci"
"2025-05-08 16:01:08", "1518461", "196.251.71.236:2222", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:49:12", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci"
"2025-05-08 16:00:56", "1518460", "89.111.173.134:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:53:55", "100", "https://search.censys.io/hosts/89.111.173.134", "AS-REG,AS197695,C2,censys,Sliver", "0", "DonPasci"
"2025-05-08 16:00:51", "1518458", "185.49.126.223:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:48:09", "100", "https://search.censys.io/hosts/185.49.126.223", "AS199654,C2,censys,OXIDE-GROUP-LIMITED,RAT,Remcos", "0", "DonPasci"
"2025-05-08 16:00:51", "1518459", "45.13.38.142:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:51:22", "100", "https://search.censys.io/hosts/45.13.38.142", "AS47890,C2,censys,RAT,Remcos,UNMANAGED-DEDICATED-SERVERS", "0", "DonPasci"
"2025-05-08 16:00:32", "1518456", "166.88.100.85:8001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:09", "100", "https://search.censys.io/hosts/166.88.100.85", "AS149440,C2,censys,CobaltStrike,cs-watermark-391144938,EVOXTENTERPRISE-AS-AP", "0", "DonPasci"
"2025-05-08 16:00:31", "1518454", "149.88.71.241:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:33:52", "100", "https://search.censys.io/hosts/149.88.71.241", "AS142032,C2,censys,CobaltStrike,cs-watermark-987654321,HFTCL-AS-AP", "0", "DonPasci"
"2025-05-08 16:00:31", "1518455", "154.204.35.210:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:33:48", "100", "https://search.censys.io/hosts/154.204.35.210", "AS133199,C2,censys,CobaltStrike,cs-watermark-987654321,SONDERCLOUDLIMITED-AS-AP", "0", "DonPasci"
"2025-05-08 15:51:34", "1518453", "genow.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 15:56:22", "100", "None", "clearfake", "1", "ttakvam"
"2025-05-08 15:50:07", "1518452", "a3d8e4f55c50bc916f6410f31a811e2d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/PrakkiSathwik/status/1919821345296417032", "APT,APT36,SideCopy", "0", "abuse_ch"
"2025-05-08 15:49:35", "1518451", "sohaeidacademy.com", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://x.com/skocherhan/status/1920418319225454691", "LummaStealer", "0", "abuse_ch"
"2025-05-08 15:48:51", "1518448", "c402f62212873f3a7e6fce5d490f6ddb", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/bofheaded/status/1920193029278667220", "APT,APT36,SideCopy", "0", "abuse_ch"
"2025-05-08 15:48:51", "1518449", "b03211f6feccd3a62273368b52f6079d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/bofheaded/status/1920193029278667220", "APT,APT36,SideCopy", "0", "abuse_ch"
"2025-05-08 15:48:51", "1518450", "2fde001f4c17c8613480091fa48b55a0", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/bofheaded/status/1920193029278667220", "APT,APT36,SideCopy", "0", "abuse_ch"
"2025-05-08 15:48:16", "1518447", "myspecialdot.com", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920451301835510257", "LummaStealer", "0", "abuse_ch"
"2025-05-08 15:47:07", "1518444", "bec378cef9cbb85f127691385517b659", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1920333338260258922", "AMOS", "0", "abuse_ch"
"2025-05-08 15:47:07", "1518445", "b92960006ed39ecd4a7a403b44064c01", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1920333338260258922", "AMOS", "0", "abuse_ch"
"2025-05-08 15:47:07", "1518446", "d99840757365a6c5045a870980e5fdf8", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1920333338260258922", "AMOS", "0", "abuse_ch"
"2025-05-08 15:46:20", "1518443", "a539275d837cf5501e0d98abce56f16ca8f97c9d06662162278c0dffb783d7de", "sha256_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://x.com/byrne_emmy12099/status/1920283332795117829", "APT", "0", "abuse_ch"
"2025-05-08 15:41:20", "1518442", "sihen.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 15:46:07", "100", "None", "clearfake", "1", "ttakvam"
"2025-05-08 15:40:13", "1518441", "137.220.135.67:6064", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-08 15:27:57", "1518440", "jodob.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 15:25:59", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 15:20:12", "1518439", "http://92.63.102.85/2ProvidertemporaryPrivate/HttpApitemporary6/4PublicSecureauth/lowWindows/9/lowJsVoiddb/Temporaryproton/videojavascripthttpserverProtectflowerGeneratortrafficuploadsdownloads.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-08 15:06:17", "1518429", "mehig.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 14:24:36", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 15:05:10", "1518438", "196.251.117.50:5213", "ip:port", "botnet_cc", "win.ave_maria", "AVE_MARIA,AveMariaRAT,Warzone RAT,WarzoneRAT,avemaria", "Ave Maria", "", "100", "None", "AveMariaRAT,RAT", "0", "abuse_ch"
"2025-05-08 14:55:31", "1518437", "https://ggrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/820e40285429a78a439c4f2fd7b89e463adc156be8617bf49cf7712b698d2e41/", "lumma", "0", "abuse_ch"
"2025-05-08 14:55:30", "1518436", "https://finsidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/820e40285429a78a439c4f2fd7b89e463adc156be8617bf49cf7712b698d2e41/", "lumma", "0", "abuse_ch"
"2025-05-08 14:55:19", "1518435", "https://8stuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/820e40285429a78a439c4f2fd7b89e463adc156be8617bf49cf7712b698d2e41/", "lumma", "0", "abuse_ch"
"2025-05-08 14:51:01", "1518434", "https://voznessxyy.life/bnaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b416d495be3632084094ef0c50ef47009a1d63256859023038436c5bb3e5a99/", "lumma", "0", "abuse_ch"
"2025-05-08 14:50:52", "1518433", "https://tclatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b416d495be3632084094ef0c50ef47009a1d63256859023038436c5bb3e5a99/", "lumma", "0", "abuse_ch"
"2025-05-08 14:50:37", "1518432", "https://ninepicchf.bet/lznd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b416d495be3632084094ef0c50ef47009a1d63256859023038436c5bb3e5a99/", "lumma", "0", "abuse_ch"
"2025-05-08 14:50:19", "1518431", "https://clatteqrpq.digital/kljz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8232a11066fe5a6f552302da37f9b4e42f313bbeaf51f86c61fbf84bd95b1ca9/", "lumma", "0", "abuse_ch"
"2025-05-08 14:50:14", "1518430", "https://3homewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9b416d495be3632084094ef0c50ef47009a1d63256859023038436c5bb3e5a99/", "lumma", "0", "abuse_ch"
"2025-05-08 14:18:43", "1518428", "https://wishspy.xyz/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-08 14:05:26", "1518427", "appli-cff.com", "domain", "payload_delivery", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "", "CHE,Coper,geo,Octo", "0", "abuse_ch"
"2025-05-08 14:04:55", "1518426", "cagom.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 13:53:55", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 13:35:10", "1518423", "daqev.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 13:33:27", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 13:35:10", "1518424", "https://www.thefertilemine.com/profileLayout", "url", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-05-08 13:35:09", "1518425", "166.88.164.201:443", "ip:port", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-09 07:35:33", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-05-08 13:27:22", "1518421", "160.30.44.124:2023", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "", "mirai,MooBot", "0", "NDA0E"
"2025-05-08 13:27:22", "1518422", "160.30.44.174:2023", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "", "mirai,MooBot", "0", "NDA0E"
"2025-05-08 13:16:03", "1518420", "77.90.153.228:443", "ip:port", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "75", "https://bazaar.abuse.ch/sample/1e4ed6b38ca75c7a198c5409591e974cf84baa92706aee65bda17e1d7295b3a0/", "CHE,Coper,geo,Octo", "0", "abuse_ch"
"2025-05-08 13:15:40", "1518419", "53d6c5e5e04f7e079df5d5d77bc259ea.us", "domain", "botnet_cc", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "https://bazaar.abuse.ch/sample/1e4ed6b38ca75c7a198c5409591e974cf84baa92706aee65bda17e1d7295b3a0/", "CHE,Coper,geo,Octo", "0", "abuse_ch"
"2025-05-08 13:13:35", "1518411", "https://motocyclenews.top/jse/minjs.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114472374283059996", "SmartApeSG", "0", "monitorsg"
"2025-05-08 13:13:35", "1518413", "https://motocyclenews.top/jse/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114472374283059996", "SmartApeSG", "0", "monitorsg"
"2025-05-08 13:13:34", "1518409", "https://johnoton.live/log/in", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114472368542616723", "KongTuke", "0", "monitorsg"
"2025-05-08 13:13:33", "1518410", "johnoton.live", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-08 16:10:11", "100", "https://infosec.exchange/@monitorsg/114472368542616723", "KongTuke", "0", "monitorsg"
"2025-05-08 13:13:32", "1518412", "motocyclenews.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-08 13:10:21", "100", "https://infosec.exchange/@monitorsg/114472374283059996", "SmartApeSG", "0", "monitorsg"
"2025-05-08 13:13:32", "1518414", "https://motocyclenews.top/jse/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114472374283059996", "SmartApeSG", "0", "monitorsg"
"2025-05-08 13:13:31", "1518415", "https://territoirespaysagistes.com/buts.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114472374283059996", "SmartApeSG", "0", "monitorsg"
"2025-05-08 13:13:30", "1518416", "territoirespaysagistes.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114472374283059996", "SmartApeSG", "0", "monitorsg"
"2025-05-08 13:13:30", "1518417", "ttxch.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 13:12:53", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 13:13:30", "1518418", "www.thefertilemine.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-08 13:34:07", "100", "https://infosec.exchange/@monitorsg/114472379548048316", "SocGholish", "0", "monitorsg"
"2025-05-08 13:06:22", "1518408", "mobile-cff.app", "domain", "payload_delivery", "apk.coper", "ExobotCompact,Octo", "Coper", "", "100", "https://bazaar.abuse.ch/sample/1e4ed6b38ca75c7a198c5409591e974cf84baa92706aee65bda17e1d7295b3a0/", "CHE,Coper,geo,Octo", "0", "abuse_ch"
"2025-05-08 12:56:39", "1518407", "111.230.233.129:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:29", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 12:47:53", "1518388", "mzrln.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 11:35:37", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 12:47:52", "1518405", "https://taskrunp.run/xnzbd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://www.joesandbox.com/analysis/1684313/0/html", "None", "0", "tmechen_"
"2025-05-08 12:01:31", "1518404", "wizardly-cannon.51-195-229-85.plesk.page", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-09 04:01:10", "100", "https://search.censys.io/hosts/51.195.229.85+wizardly-cannon.51-195-229-85.plesk.page", "AS16276,C2,censys,OVH,panel,Unam", "0", "DonPasci"
"2025-05-08 12:01:30", "1518403", "154.201.90.76:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-09 04:01:08", "100", "https://search.censys.io/hosts/154.201.90.76", "AS8796,C2,censys,FD-298-8796,moobot", "0", "DonPasci"
"2025-05-08 12:01:22", "1518402", "23.26.201.169:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-09 07:50:15", "100", "https://search.censys.io/hosts/23.26.201.169", "AS23470,C2,censys,Covenant,RELIABLESITE", "0", "DonPasci"
"2025-05-08 12:01:18", "1518401", "15.152.54.240:20547", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:45:22", "100", "https://search.censys.io/hosts/15.152.54.240", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-08 12:01:14", "1518399", "75.119.159.249:8000", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 07:53:10", "100", "https://search.censys.io/hosts/75.119.159.249", "AS51167,C2,censys,CONTABO,Havoc", "0", "DonPasci"
"2025-05-08 12:01:14", "1518400", "31.220.44.127:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 07:50:37", "100", "https://search.censys.io/hosts/31.220.44.127", "AS63473,C2,censys,Havoc,HOSTHATCH", "0", "DonPasci"
"2025-05-08 12:01:13", "1518397", "setup.bestoffersfortoday.store", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 04:00:49", "100", "https://search.censys.io/hosts/104.248.5.186+setup.bestoffersfortoday.store", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-05-08 12:01:13", "1518398", "37-72-168-146.static.hvvc.us", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 04:00:48", "100", "https://search.censys.io/hosts/37.72.168.146+37-72-168-146.static.hvvc.us", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci"
"2025-05-08 12:01:11", "1518396", "45.61.165.249:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-09 04:00:45", "100", "https://search.censys.io/hosts/45.61.165.249", "AS14956,C2,censys,Quasar,RAT,ROUTERHOSTING", "0", "DonPasci"
"2025-05-08 12:00:54", "1518395", "92.63.100.74:33949", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:54:11", "100", "https://search.censys.io/hosts/92.63.100.74", "AS29182,C2,censys,RU-JSCIOT,Sliver", "0", "DonPasci"
"2025-05-08 12:00:37", "1518394", "43.139.240.201:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:34:10", "100", "https://search.censys.io/hosts/43.139.240.201", "AS45090,C2,censys,CobaltStrike,cs-watermark-305419896,TENCENT-NET-AP", "0", "DonPasci"
"2025-05-08 12:00:34", "1518393", "139.224.30.125:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:09", "100", "https://search.censys.io/hosts/139.224.30.125", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-05-08 12:00:31", "1518391", "103.140.154.238:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:15", "100", "https://search.censys.io/hosts/103.140.154.238", "AS151804,C2,censys,CobaltStrike,cs-watermark-987654321,SNOTIONPTELTD-AS-AP", "0", "DonPasci"
"2025-05-08 12:00:31", "1518392", "47.107.49.44:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:33:52", "100", "https://search.censys.io/hosts/47.107.49.44", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-05-08 12:00:30", "1518389", "202.95.12.160:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:34:09", "100", "https://search.censys.io/hosts/202.95.12.160", "AS152194,C2,censys,CobaltStrike,cs-watermark-987654321,CTGSERVERLIMITED-AS-AP", "0", "DonPasci"
"2025-05-08 12:00:30", "1518390", "116.62.205.141:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:12", "100", "https://search.censys.io/hosts/116.62.205.141", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-05-08 11:19:30", "1518378", "snhnv.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 09:45:31", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 11:19:29", "1518379", "noxajb.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-08 11:19:28", "1518380", "voznessxyy.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-08 11:19:26", "1518381", "clatteqrpq.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-08 11:19:26", "1518382", "ninepicchf.bet", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-08 11:19:25", "1518383", "https://colliel.live/log/in", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114471670175374600", "KongTuke", "0", "monitorsg"
"2025-05-08 11:19:24", "1518384", "colliel.live", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-08 12:11:29", "100", "https://infosec.exchange/@monitorsg/114471670175374600", "KongTuke", "0", "monitorsg"
"2025-05-08 11:19:23", "1518385", "fhtnt.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 10:24:02", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 11:19:21", "1518386", "xtkdt.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 10:54:43", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 10:59:24", "1518387", "81.17.20.66:4431", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-09 07:58:30", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch"
"2025-05-08 09:26:25", "1518377", "nshpd.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 09:06:24", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 08:55:16", "1518376", "110.41.60.33:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:26", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 08:54:13", "1518375", "95.135.153.175:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 07:54:18", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-08 08:43:49", "1518374", "npknn.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 08:26:02", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 08:18:02", "1518373", "life.judyfay.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "50", "", "SocGholish", "0", "juroots"
"2025-05-08 08:17:15", "1518372", "lenovo-sync.com", "domain", "payload_delivery", "unknown_stealer", "None", "Unknown Stealer", "", "50", "", "vkeylogger", "0", "juroots"
"2025-05-08 08:16:45", "1518371", "spec.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-05-08 08:16:04", "1518369", "46.101.236.176:1853", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-08 08:16:04", "1518370", "79.110.62.113:4836", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-05-08 08:15:40", "1518368", "botnet.ethoneservices.xyz", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots"
"2025-05-08 08:14:49", "1518365", "jamesrockky.ydns.eu", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-08 08:14:49", "1518366", "riches20.kozow.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-08 08:14:49", "1518367", "steveswiths.freemyip.com", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-08 08:08:29", "1518362", "qmzks.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 08:05:40", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 08:01:18", "1518364", "47.129.144.57:636", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:52:02", "100", "https://search.censys.io/hosts/47.129.144.57", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-08 08:01:11", "1518363", "134.199.169.177:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-09 08:44:41", "100", "https://search.censys.io/hosts/134.199.169.177", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-05-08 08:01:04", "1518361", "167.172.94.208:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-09 04:00:33", "100", "https://search.censys.io/hosts/167.172.94.208", "AS14061,C2,censys,DIGITALOCEAN-ASN,Supershell", "0", "DonPasci"
"2025-05-08 08:00:54", "1518360", "120.26.243.135:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/120.26.243.135", "ALIBABA-CN-NET,AS37963,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2025-05-08 08:00:51", "1518359", "66.42.44.50:53", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2025-05-09 07:53:00", "100", "https://search.censys.io/hosts/66.42.44.50", "AS-VULTR,AS20473,C2,censys,Pupy,RAT", "0", "DonPasci"
"2025-05-08 08:00:49", "1518357", "27.102.127.136:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:50:23", "100", "https://search.censys.io/hosts/27.102.127.136", "AS45996,C2,censys,DAOU-AS-KR,RAT,Remcos", "0", "DonPasci"
"2025-05-08 08:00:49", "1518358", "89.40.31.225:9373", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:53:59", "100", "https://search.censys.io/hosts/89.40.31.225", "AS215117,C2,censys,HOSTERDADDY,RAT,Remcos", "0", "DonPasci"
"2025-05-08 08:00:33", "1518356", "154.219.119.63:888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:08", "100", "https://search.censys.io/hosts/154.219.119.63", "AS137899,C2,censys,CobaltStrike,cs-watermark-666666666,ILAYERLIMITED-AS-AP", "0", "DonPasci"
"2025-05-08 08:00:30", "1518355", "121.36.228.26:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:34:10", "100", "https://search.censys.io/hosts/121.36.228.26", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci"
"2025-05-08 08:00:29", "1518354", "91.200.14.226:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:58:36", "100", "https://search.censys.io/hosts/91.200.14.226", "AS215730,C2,censys,CobaltStrike,cs-watermark-987654321,H2NEXUS-AS", "0", "DonPasci"
"2025-05-08 08:00:15", "1518353", "http://kruasanpcs.mywebcommunity.org/providerjavascriptupdategamebigloaddblinux.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-08 07:55:32", "1518352", "http://103.74.101.88/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196aee4-7bed-775d-bf44-107eb2386c44", "c2,hookbot,urlscan", "0", "juroots"
"2025-05-08 07:55:31", "1518351", "http://85.192.48.2:50555/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196aee4-779f-710c-9885-ce2535475cfd", "c2,hookbot,urlscan", "0", "juroots"
"2025-05-08 07:53:39", "1518337", "xkpdf.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 07:34:48", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 07:53:11", "1518350", "117.209.241.134:49682", "ip:port", "botnet_cc", "elf.mozi", "None", "Mozi", "", "50", "https://www.shodan.io/host/117.209.241.134#49682", "c2,mozi,shodan", "0", "juroots"
"2025-05-08 07:52:26", "1518349", "15.222.3.45:12112", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/15.222.3.45#12112", "blackshades,c2,shodan", "0", "juroots"
"2025-05-08 07:51:31", "1518348", "220.71.102.113:54984", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "50", "https://www.shodan.io/host/220.71.102.113#54984", "c2,nanocore,shodan", "0", "juroots"
"2025-05-08 07:51:01", "1518347", "158.247.207.197:443", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/158.247.207.197#443", "c2,kimsuky,shodan", "0", "juroots"
"2025-05-08 07:51:00", "1518346", "158.247.202.109:443", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/158.247.202.109#443", "c2,kimsuky,shodan", "0", "juroots"
"2025-05-08 07:50:45", "1518345", "51.21.245.196:12284", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/51.21.245.196#12284", "c2,netbus,shodan", "0", "juroots"
"2025-05-08 07:50:29", "1518343", "37.72.168.146:10443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 07:50:56", "50", "https://www.shodan.io/host/37.72.168.146#10443", "c2,havoc,shodan", "0", "juroots"
"2025-05-08 07:50:29", "1518344", "169.150.155.228:55553", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "50", "https://www.shodan.io/host/169.150.155.228#55553", "c2,havoc,shodan", "0", "juroots"
"2025-05-08 07:49:31", "1518341", "15.168.9.236:2002", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/15.168.9.236#2002", "c2,netsupport,shodan", "0", "juroots"
"2025-05-08 07:49:31", "1518342", "176.82.189.27:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/176.82.189.27#6001", "c2,netsupport,shodan", "0", "juroots"
"2025-05-08 07:48:30", "1518339", "24.199.73.199:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/24.199.73.199#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-08 07:48:30", "1518340", "158.247.218.220:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/158.247.218.220#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-08 07:47:10", "1518338", "185.196.11.181:9922", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:56:52", "50", "https://www.shodan.io/host/185.196.11.181#9922", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-05-08 07:30:38", "1518336", "https://mstuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/175dc09d98178b10ba5c1649e61513a13cbd207d9665a94c116fb951993dba6e/", "lumma", "0", "abuse_ch"
"2025-05-08 07:30:33", "1518335", "https://joctalfbsh.bet/mben", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/175dc09d98178b10ba5c1649e61513a13cbd207d9665a94c116fb951993dba6e/", "lumma", "0", "abuse_ch"
"2025-05-08 07:30:28", "1518334", "43.132.216.81:635", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-08 07:30:17", "1518332", "https://3k0monemiltxny.shop/tqiw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/795fc149a846a08473ec9f574aab38b91730908ea1db607713a6fcac714cf333/", "lumma", "0", "abuse_ch"
"2025-05-08 07:30:17", "1518333", "https://3yoctalfbsh.bet/mben", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/aa7166092d9839013f346d3210845f9e1e38ad07396b5d9075e9546695ec8098/", "lumma", "0", "abuse_ch"
"2025-05-08 07:25:15", "1518330", "pmglw.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 07:03:59", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 07:25:15", "1518331", "176.65.141.210:15390", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-08 09:20:05", "75", "None", "Mirai", "0", "elfdigest"
"2025-05-08 06:46:06", "1518318", "http://51.195.229.85/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "None", "AS16276,OVH SAS,unam", "0", "antiphishorg"
"2025-05-08 06:46:05", "1518319", "rkblm.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 06:02:22", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 06:40:28", "1518329", "https://ohomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/724f8b236a4a8b3d11c697e746d79876c952a92ed47ae872883c0af77db6fe22/", "lumma", "0", "abuse_ch"
"2025-05-08 06:40:25", "1518328", "https://mariosefqcu.shop/wrqo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/21bfbc7ad27302a1b12edc842d257ec522b48ccb7079925c76f686beb9772bd1/", "lumma", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518321", "egiftshop.cloud", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518322", "highcouncipl.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518323", "tapandshop.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518324", "tavernfolkk.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518325", "towerstozne.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518326", "unmutezcx.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:29:43", "1518327", "viscosityobserving.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://x.com/skocherhan/status/1920321510109024641", "LummaStealer", "0", "abuse_ch"
"2025-05-08 06:15:20", "1518320", "https://ctortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/412d297dee67e80c141da310ecbe4a58f3d4c3e62243dff7341d42595960a02d/", "lumma", "0", "abuse_ch"
"2025-05-08 05:48:13", "1518302", "djrtt.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 05:15:12", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 05:46:51", "1518317", "147.79.20.62:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-05-08 05:46:50", "1518316", "101.37.80.173:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-05-08 05:46:32", "1518315", "47.92.216.212:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:33:51", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-05-08 05:46:31", "1518314", "43.251.100.146:8086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2025-05-08 05:46:30", "1518313", "150.158.108.220:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-05-08 05:45:48", "1518312", "https://tremelzxiy.live/atok", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8d30a02b63faa25db2310612bebdd8db66dcda85f676ca016e1c21fc4167af61/", "lumma", "0", "abuse_ch"
"2025-05-08 05:45:38", "1518311", "https://oorijinalecza.net/kazd", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/60bc96bd8c684e5d6ff85364f7403fb56ef72fa93668ea2591635177664820e7/", "lumma", "0", "abuse_ch"
"2025-05-08 05:45:28", "1518310", "https://grizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/45f4eab50d96810f5e3046d61721127d9b9d1aa35be5b8a8d468b9b4935e70bb/", "lumma", "0", "abuse_ch"
"2025-05-08 05:45:26", "1518309", "https://egrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8d30a02b63faa25db2310612bebdd8db66dcda85f676ca016e1c21fc4167af61/", "lumma", "0", "abuse_ch"
"2025-05-08 05:45:21", "1518308", "https://apronsxrum.digital/pwq", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/28d8ba77930a7fdb5d6f7fd77b7f3d9be8a638976f563598e247fbec54574809/", "lumma", "0", "abuse_ch"
"2025-05-08 05:45:20", "1518307", "https://9octalfbsh.bet/mben", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/45f4eab50d96810f5e3046d61721127d9b9d1aa35be5b8a8d468b9b4935e70bb/", "lumma", "0", "abuse_ch"
"2025-05-08 05:22:56", "1518306", "preyinthewild.online", "domain", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "", "ConnectWise,ScreenConnect", "0", "abuse_ch"
"2025-05-08 05:20:41", "1518305", "persongiants.icu", "domain", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-08 05:19:17", "1518303", "https://brotherreligion.xyz/art.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-08 05:19:17", "1518304", "http://troublesisters.xyz/oils.php", "url", "botnet_cc", "unknown_loader", "None", "Unknown Loader", "", "100", "", "OffLoader", "0", "abuse_ch"
"2025-05-08 05:08:57", "1518298", "8.138.46.58:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-08 05:08:56", "1518299", "20.205.16.222:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-08 05:02:33", "1518300", "http://baleturn.com/front.php", "url", "botnet_cc", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "https://bazaar.abuse.ch/sample/885268e2da486a7c3473e76c11a1a51595efe389c33af5ece150a44166cee80d/", "LegionLoader,Satacom", "0", "abuse_ch"
"2025-05-08 05:02:33", "1518301", "https://fmecoutsm.com/diagnostics.php", "url", "botnet_cc", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "https://bazaar.abuse.ch/sample/885268e2da486a7c3473e76c11a1a51595efe389c33af5ece150a44166cee80d/", "LegionLoader,Satacom", "0", "abuse_ch"
"2025-05-08 04:50:44", "1518297", "xmlvm.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-08 04:55:44", "100", "None", "clearfake", "1", "ttakvam"
"2025-05-08 04:50:10", "1518296", "http://a1106686.xsph.ru/L1nc0In.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-08 04:31:15", "1518128", "df-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:57", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:14", "1518129", "en-koinly.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:13", "1518130", "metatradar5.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:13", "1518131", "optislgns.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:12", "1518132", "paychex-us.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:11", "1518134", "www.qik.su", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:57", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:10", "1518133", "bbvanetcashs.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:07", "1518135", "4kdownloadl.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:06", "1518136", "techsmlth.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:05", "1518137", "ccieaner.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:04", "1518138", "koinly-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:02", "1518139", "zoho-us.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:01", "1518140", "dv-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:31:00", "1518141", "en-payroll.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:59", "1518142", "easycrypto.su", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:57", "1518143", "www.dp-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:57", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:56", "1518144", "www.cisco-us.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:56", "1518145", "audacltyteam.org", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:45:04", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:55", "1518146", "cllcktime.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:54", "1518147", "quantower.site", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:52", "1518148", "quantower.pw", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:51", "1518149", "adoobes.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:49", "1518150", "sportsenginec.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:48", "1518151", "apachefrlends.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:48", "1518152", "dk-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:46", "1518153", "xrpscan-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:46", "1518154", "coinomi.pw", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:40", "1518155", "en-sdccu.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:39", "1518156", "monadls.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:38", "1518157", "web-chatgpt.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:37", "1518158", "ccieaner.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:36", "1518159", "www.drr-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:35", "1518160", "metatradar5.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:34", "1518161", "keepassw.info", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:33", "1518162", "web.guarda.pw", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:32", "1518163", "floridarealestatechool.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:31", "1518164", "www.dq-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:57", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:30", "1518165", "www.dy-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:29", "1518166", "bot.installs.pro", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:28", "1518167", "web-silkai.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:27", "1518168", "wasabiwallet.pw", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:26", "1518169", "moblsystems.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:25", "1518170", "openofflce.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:24", "1518171", "manageenglne.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:23", "1518172", "dg-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:57", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:20", "1518173", "newrelic-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:19", "1518174", "tlger.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:18", "1518175", "sultecrm.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:17", "1518176", "do-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:17", "1518177", "www.bawag-web.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:16", "1518178", "openofflce.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:15", "1518179", "ninjaone-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:14", "1518180", "du-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:57", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:12", "1518181", "admin.prompasport.ru", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:11", "1518182", "techsmlth.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:10", "1518183", "apachefrlends.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:08", "1518184", "brightdata-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:07", "1518185", "sysaid-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:07", "1518186", "www.shopmeyxchange.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:06", "1518187", "coreidraw.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:04", "1518188", "cllcktime.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:03", "1518189", "ion-login.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:03", "1518190", "blendrer.org", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-07 20:44:58", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:30:02", "1518191", "www-yoast.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:59", "1518192", "quantower.su", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:57", "1518193", "3cx-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:56", "1518194", "moblerecharges.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:55", "1518195", "ultraviewer-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:54", "1518196", "tlger.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:53", "1518197", "ultravlewer.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:52", "1518198", "4kdownloadl.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:50", "1518199", "testerscrypto.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:50", "1518200", "bitpay.pw", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "2025-05-08 08:47:36", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:48", "1518201", "sportsenginec.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:47", "1518202", "jam-softwarec.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:46", "1518203", "password-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:45", "1518204", "dx-www.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:45", "1518205", "ledgers.su", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:44", "1518206", "manageenglne.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:43", "1518207", "bamboohr-en.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:42", "1518208", "web-goodcrypto.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:29:41", "1518209", "symblosis.com", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:28:58", "1518210", "testerscrypto.store", "domain", "payload_delivery", "unknown_loader", "None", "Unknown Loader", "", "90", "None", "Fake Software,fakeapp,loader", "0", "pancak3lullz"
"2025-05-08 04:28:57", "1518213", "bbssj.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 20:55:16", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 04:28:56", "1518216", "hspmj.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 23:54:12", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 04:28:55", "1518233", "h1.glitzyentire.top", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-08 02:03:24", "100", "https://app.any.run/tasks/e846da58-2c0f-4fb3-8125-3e13c29687ae", "None", "0", "pitachu"
"2025-05-08 04:28:54", "1518234", "101.35.235.124:123", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-08 04:28:53", "1518235", "1.13.156.116:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-08 04:28:52", "1518236", "111.230.212.37:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "beacon,c2,Cobalt Strike,CobaltStrike", "0", "pancak3lullz"
"2025-05-08 04:28:51", "1518237", "http://137.184.35.179:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-08 07:55:25", "100", "None", "AS14061,DigitalOcean  LLC,supershell", "0", "antiphishorg"
"2025-05-08 04:28:50", "1518238", "https://rocketlump.com/hdz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-08 01:19:07", "50", "https://www.virustotal.com/gui/file/2155840186f85307c2b1789f05f3a343870ed964e8378bdf2622dd44e8c4c36c/behavior", "None", "1", "pitachu"
"2025-05-08 04:28:49", "1518239", "https://fanpuy.com/zxod", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:48", "1518240", "https://medikalbitkisel.org/pek", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:47", "1518241", "https://victoreqs.run/xapw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:46", "1518242", "https://viridisw.top/qwed", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:45", "1518243", "https://toptalentw.top/qena", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:45", "1518244", "https://crocodilefg.top/qeji", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:43", "1518245", "https://wolverineas.top/xadw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:42", "1518246", "https://steamcommunity.com/profiles/76561199845513035", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:40", "1518247", "https://t.me/kubasex", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://www.virustotal.com/gui/file/a19e224ea94067509bb9723c684cc7d9b63dbbb892e62d0d64480dff20cf2162/behavior", "None", "0", "pitachu"
"2025-05-08 04:28:39", "1518248", "80.64.18.161:80", "ip:port", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "50", "https://app.any.run/tasks/6371365b-462d-4912-b634-3ac7c3b44fa6", "None", "0", "pitachu"
"2025-05-08 04:28:38", "1518249", "improvxf.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-08 15:49:35", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:37", "1518250", "tribunap.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:36", "1518251", "tremelzxiy.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:35", "1518252", "thinkellk.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:34", "1518253", "apronsxrum.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "None", "0", "pitachu"
"2025-05-08 04:28:31", "1518263", "ec2-18-166-31-74.ap-east-1.compute.amazonaws.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/18.166.31.74+ec2-18-166-31-74.ap-east-1.compute.amazonaws.com", "AMAZON-02,AS16509,C2,censys", "0", "dyingbreeds_"
"2025-05-08 04:28:31", "1518264", "nl-2.193.27.90.134.nip.io", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/193.27.90.134+nl-2.193.27.90.134.nip.io", "ALEXHOST,AS200019,C2,censys", "0", "dyingbreeds_"
"2025-05-08 04:28:30", "1518265", "3.236.12.85:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:50:30", "90", "https://search.censys.io/hosts/3.236.12.85", "AMAZON-AES,AS14618,C2,censys", "0", "dyingbreeds_"
"2025-05-08 04:28:29", "1518266", "186.169.63.68:9999", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:48:10", "100", "https://search.censys.io/hosts/186.169.63.68", "AS3816,C2,censys,RAT", "0", "dyingbreeds_"
"2025-05-08 04:28:26", "1518267", "94.26.90.245:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:54:16", "100", "https://search.censys.io/hosts/94.26.90.245", "AS214943,C2,censys,RAILNET,RAT", "0", "dyingbreeds_"
"2025-05-08 04:28:25", "1518268", "176.65.142.198:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:47:18", "100", "https://search.censys.io/hosts/176.65.142.198", "AS215240,C2,censys,RAT", "0", "dyingbreeds_"
"2025-05-08 04:28:24", "1518269", "196.251.71.236:5555", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:49:12", "100", "https://search.censys.io/hosts/196.251.71.236", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_"
"2025-05-08 04:28:23", "1518270", "ec2-44-246-89-112.us-west-2.compute.amazonaws.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/44.246.89.112+ec2-44-246-89-112.us-west-2.compute.amazonaws.com", "AMAZON-02,AS16509,C2,censys,Mythic", "0", "dyingbreeds_"
"2025-05-08 04:28:23", "1518271", "razesec.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.218.205+razesec.com", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "dyingbreeds_"
"2025-05-08 04:28:21", "1518272", "dotfoods.socalmediazone.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-08 04:01:08", "100", "https://search.censys.io/hosts/104.21.59.57+dotfoods.socalmediazone.com", "AS13335,C2,censys,CLOUDFLARENET,Hookbot", "0", "dyingbreeds_"
"2025-05-08 04:28:20", "1518273", "sci.socalmediazone.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-08 04:01:09", "100", "https://search.censys.io/hosts/172.67.215.33+sci.socalmediazone.com", "AS13335,C2,censys,CLOUDFLARENET,Hookbot", "0", "dyingbreeds_"
"2025-05-08 04:28:19", "1518275", "45.11.229.12:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-08 04:01:26", "100", "https://search.censys.io/hosts/45.11.229.12", "AS58087,C2,censys,FLORIANKOLB", "0", "dyingbreeds_"
"2025-05-08 04:28:19", "1518276", "159.69.199.17:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.69.199.17", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:18", "1518277", "3.141.231.53:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.141.231.53", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:16", "1518278", "15.164.18.179:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/15.164.18.179", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:15", "1518279", "203.193.174.94:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/203.193.174.94", "AS7633,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:14", "1518280", "46.38.254.23:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.38.254.23", "AS197540,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:13", "1518281", "4.237.239.110:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/4.237.239.110", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:13", "1518282", "34.249.182.250:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.249.182.250", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:11", "1518283", "52.210.91.186:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.210.91.186", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:11", "1518284", "146.190.118.96:1234", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/146.190.118.96", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:10", "1518285", "38.55.198.29:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/38.55.198.29", "AS139659,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:09", "1518286", "124.71.7.106:10002", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/124.71.7.106", "AS55990,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:08", "1518287", "192.241.135.51:1234", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/192.241.135.51", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:07", "1518288", "43.135.76.103:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/43.135.76.103", "AS132203,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:06", "1518289", "1.92.158.252:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/1.92.158.252", "AS55990,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:05", "1518290", "117.88.102.214:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/117.88.102.214", "AS134756,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:04", "1518291", "37.27.242.2:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/37.27.242.2", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:03", "1518292", "188.166.255.201:1724", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/188.166.255.201", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:02", "1518293", "103.175.217.17:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.175.217.17", "AS133800,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:01", "1518294", "3.39.87.72:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.39.87.72", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:28:00", "1518295", "13.124.234.4:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.124.234.4", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-05-08 04:27:57", "1518107", "aimpes.com", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-08 16:10:10", "100", "https://infosec.exchange/@monitorsg/114468130743188269", "KongTuke", "0", "monitorsg"
"2025-05-08 04:27:56", "1518108", "https://aimpes.com/js.php", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114468130743188269", "KongTuke", "0", "monitorsg"
"2025-05-08 04:27:55", "1518109", "https://tchmitt.live/log/in", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114468130743188269", "KongTuke", "0", "monitorsg"
"2025-05-08 04:27:54", "1518110", "tchmitt.live", "domain", "payload_delivery", "js.kongtuke", "None", "KongTuke", "2025-05-08 08:10:17", "100", "https://infosec.exchange/@monitorsg/114468130743188269", "KongTuke", "0", "monitorsg"
"2025-05-08 04:27:53", "1518111", "gfddx.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 19:23:14", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 04:27:51", "1518106", "https://aimpes.com/6t4g.js", "url", "payload_delivery", "js.kongtuke", "None", "KongTuke", "", "100", "https://infosec.exchange/@monitorsg/114468130743188269", "KongTuke", "0", "monitorsg"
"2025-05-08 04:27:50", "1518100", "ntmmh.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 18:21:54", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-08 04:00:46", "1518274", "89.40.31.57:9373", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:53:59", "100", "https://search.censys.io/hosts/89.40.31.57", "AS215117,C2,censys,HOSTERDADDY,RAT,Remcos", "0", "DonPasci"
"2025-05-08 03:10:21", "1518262", "https://insidegrah.run/ieop", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/50024331ee5446199550aeee0e77fa75d2f971ab1b1188ebb780467cf73ce360/", "lumma", "0", "abuse_ch"
"2025-05-08 03:10:16", "1518261", "https://agrizzlqzuk.live/qhbu", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/50024331ee5446199550aeee0e77fa75d2f971ab1b1188ebb780467cf73ce360/", "lumma", "0", "abuse_ch"
"2025-05-08 03:10:15", "1518260", "https://2vecturar.top/zsia", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/50024331ee5446199550aeee0e77fa75d2f971ab1b1188ebb780467cf73ce360/", "lumma", "0", "abuse_ch"
"2025-05-08 02:56:11", "1518258", "192.3.12.168:43256", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:56:57", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 02:56:11", "1518259", "192.3.12.168:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:56:57", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 02:55:41", "1518257", "152.42.199.84:1089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:56:25", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-08 02:15:13", "1518255", "46.246.84.12:7046", "ip:port", "botnet_cc", "win.vjw0rm", "None", "Vjw0rm", "", "100", "None", "Vjw0rm", "0", "abuse_ch"
"2025-05-08 02:15:13", "1518256", "46.246.84.12:2703", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch"
"2025-05-08 02:15:12", "1518254", "http://chongmei33.myddns.rocks:7046/is-ready", "url", "botnet_cc", "win.houdini", "Hworm,Jenxcus,Kognito,Njw0rm,WSHRAT,dinihou,dunihi", "Houdini", "", "100", "None", "RAT,WSHRAT", "0", "abuse_ch"
"2025-05-08 00:05:12", "1518232", "http://23.27.48.113:443/jquery-3.3.2.slim.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/78dcd1d9992452237c2e749471e2900f243f9c702be055f4e8bb8451145a4b3e/", "cobaltstrike", "0", "abuse_ch"
"2025-05-08 00:05:07", "1518231", "185.208.159.141:443", "ip:port", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "", "90", "None", "latrodectus", "0", "Rony"
"2025-05-08 00:01:42", "1518230", "139.84.132.65:10001", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/139.84.132.65", "AS-VULTR,AS20473,C2,censys,hacktool,Mimikatz,open-dir", "0", "DonPasci"
"2025-05-08 00:01:14", "1518229", "192.227.217.227:53018", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-05-08 04:00:51", "100", "https://search.censys.io/hosts/192.227.217.227", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Venom", "0", "DonPasci"
"2025-05-08 00:01:13", "1518228", "191.13.208.53:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 07:48:20", "100", "https://search.censys.io/hosts/191.13.208.53", "AS27699,C2,censys,Havoc,TELEFONICA", "0", "DonPasci"
"2025-05-08 00:01:11", "1518227", "192.121.246.166:443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-08 04:00:44", "100", "https://search.censys.io/hosts/192.121.246.166", "AS42201,C2,censys,PVDATANET,Quasar,RAT", "0", "DonPasci"
"2025-05-08 00:01:10", "1518225", "85.192.48.2:50555", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-09 07:53:46", "100", "https://search.censys.io/hosts/85.192.48.2", "AS215730,C2,censys,H2NEXUS-AS,Hookbot", "0", "DonPasci"
"2025-05-08 00:01:10", "1518226", "212.224.107.135:2053", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-08 04:00:42", "100", "https://search.censys.io/hosts/212.224.107.135", "AS44066,C2,censys,DE-FIRSTCOLO,Hookbot", "0", "DonPasci"
"2025-05-08 00:01:03", "1518223", "176.65.142.198:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:47:18", "100", "https://search.censys.io/hosts/176.65.142.198", "-Reserved,AS215240,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-05-08 00:01:03", "1518224", "196.251.117.82:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:49:05", "100", "https://search.censys.io/hosts/196.251.117.82", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci"
"2025-05-08 00:01:02", "1518221", "196.251.73.133:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:49:15", "100", "https://search.censys.io/hosts/196.251.73.133", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci"
"2025-05-08 00:01:02", "1518222", "176.65.142.198:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 07:47:17", "100", "https://search.censys.io/hosts/176.65.142.198", "-Reserved,AS215240,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2025-05-08 00:00:51", "1518220", "161.132.68.248:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:46:01", "100", "https://search.censys.io/hosts/161.132.68.248", "AS3132,C2,censys,Red,Sliver", "0", "DonPasci"
"2025-05-08 00:00:47", "1518219", "104.37.4.100:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 08:43:36", "100", "https://search.censys.io/hosts/104.37.4.100", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-08 00:00:31", "1518218", "156.245.27.240:505", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:13", "100", "https://search.censys.io/hosts/156.245.27.240", "AS133199,C2,censys,CobaltStrike,cs-watermark-666666666,SONDERCLOUDLIMITED-AS-AP", "0", "DonPasci"
"2025-05-08 00:00:27", "1518217", "101.126.144.111:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:12", "100", "https://search.censys.io/hosts/101.126.144.111", "AS137718,C2,censys,CobaltStrike,cs-watermark-987654321,VOLCANO-ENGINE", "0", "DonPasci"
"2025-05-07 20:53:05", "1518215", "81.19.141.47:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-09 07:53:34", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2025-05-07 20:52:41", "1518214", "70.31.125.238:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-09 07:53:08", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-07 20:48:12", "1518212", "188.49.76.30:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-09 07:48:15", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-07 20:46:59", "1518211", "173.187.25.146:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-09 07:46:58", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-07 20:01:38", "1518126", "myaccount.acc-cnter.site", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-08 04:01:15", "100", "https://search.censys.io/hosts/91.208.184.21+myaccount.acc-cnter.site", "ALEXHOST,AS200019,censys,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-05-07 20:01:36", "1518125", "103.77.241.172:443", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-08 04:01:07", "100", "https://search.censys.io/hosts/103.77.241.172", "AS140810,C2,censys,MEGACORE-AS-VN,moobot", "0", "DonPasci"
"2025-05-07 20:01:22", "1518124", "52.210.234.4:2761", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:52:26", "100", "https://search.censys.io/hosts/52.210.234.4", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-07 20:01:18", "1518123", "37.72.168.146:15443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-09 07:50:56", "100", "https://search.censys.io/hosts/37.72.168.146", "AS29802,C2,censys,Havoc,HVC-AS", "0", "DonPasci"
"2025-05-07 20:01:17", "1518122", "www.bestoffersfortoday.store", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-08 04:00:47", "100", "https://search.censys.io/hosts/104.248.5.186+www.bestoffersfortoday.store", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-05-07 20:01:14", "1518121", "86.38.247.78:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-08 04:00:45", "100", "https://search.censys.io/hosts/86.38.247.78", "AS212238,C2,CDNEXT,censys,Quasar,RAT", "0", "DonPasci"
"2025-05-07 20:00:53", "1518120", "8.210.232.186:45209", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:53:25", "100", "https://search.censys.io/hosts/8.210.232.186", "ALIBABA-CN-NET,AS45102,C2,censys,Sliver", "0", "DonPasci"
"2025-05-07 20:00:47", "1518118", "68.168.31.113:53284", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:53:04", "100", "https://search.censys.io/hosts/68.168.31.113", "AS-GLOBALTELEHOST,AS63023,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-05-07 20:00:47", "1518119", "186.169.63.68:8888", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:48:10", "100", "https://search.censys.io/hosts/186.169.63.68", "AS3816,C2,censys,COLOMBIA,RAT,Remcos", "0", "DonPasci"
"2025-05-07 20:00:46", "1518117", "77.220.212.80:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:53:12", "100", "https://search.censys.io/hosts/77.220.212.80", "AS211381,C2,censys,PODAON,RAT,Remcos", "0", "DonPasci"
"2025-05-07 20:00:28", "1518116", "82.115.223.251:31332", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:58:31", "100", "https://search.censys.io/hosts/82.115.223.251", "AS214927,C2,censys,CobaltStrike,cs-watermark-391144938,PSB-AS", "0", "DonPasci"
"2025-05-07 19:50:13", "1518115", "192.248.152.36:37189", "ip:port", "botnet_cc", "win.xenorat", "None", "XenoRAT", "", "100", "None", "XenoRAT", "0", "abuse_ch"
"2025-05-07 19:46:15", "1518114", "https://xtortoisgfe.top/paxk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/44dea6cce05e1463dbbf7d2de52e5f8731c3fe2682875a93614666f952c86301/", "lumma", "0", "abuse_ch"
"2025-05-07 19:45:35", "1518113", "https://albizzcdlv.digital/gmk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/44dea6cce05e1463dbbf7d2de52e5f8731c3fe2682875a93614666f952c86301/", "lumma", "0", "abuse_ch"
"2025-05-07 19:40:40", "1518112", "https://forjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/ef20391593fc572876a57ab4a9b2af239ccc3715839c7ee8a48baad97fe934dc/", "lumma", "0", "abuse_ch"
"2025-05-07 18:40:04", "1518105", "http://117.209.42.48:45419/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-07 18:28:17", "1518104", "45.158.8.156:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/45.158.8.156#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 18:25:41", "1518103", "https://gstarfiswh.live/omiga", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/fee56dc0ab93a524135acb699cf6119845f91d5438d6ac9f6d3c5658da28d162/", "lumma", "0", "abuse_ch"
"2025-05-07 18:20:54", "1518102", "https://sidebyafzy.digital/iut", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/9d153a59f7a0c6d457f71d0643fef5e3c60984c2da3564e9236fe6df834f1b60/", "lumma", "0", "abuse_ch"
"2025-05-07 18:20:12", "1518101", "http://997758cm.nyashk.ru/imageLinegeomultidefaultuniversalWordpresswp.php", "url", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "None", "DCRat,RAT", "0", "abuse_ch"
"2025-05-07 18:12:27", "1518097", "87.20.235.24:5060", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-07 18:12:27", "1518098", "87.20.235.24:5061", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-07 18:12:27", "1518099", "212.87.221.19:9999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-07 18:05:47", "1518061", "jskxw.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 15:53:35", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 18:05:47", "1518075", "qstfs.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 16:14:03", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 18:05:46", "1518076", "https://jerseysus.top/jse/minjs.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:46", "1518078", "https://jerseysus.top/jse/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:44", "1518077", "jerseysus.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-07 16:13:49", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:43", "1518081", "scf.com", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:42", "1518079", "https://jerseysus.top/jse/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:41", "1518080", "https://scf.com/cole.zip", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:41", "1518082", "94.158.245.104:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114467433438471456", "SmartApeSG", "0", "monitorsg"
"2025-05-07 18:05:40", "1518084", "lmtdb.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 16:54:58", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 18:05:40", "1518085", "insidegrah.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-07 18:05:40", "1518086", "grizzlqzuk.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "pancak3lullz"
"2025-05-07 18:05:11", "1518096", "103.68.181.215:1688", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-07 17:26:16", "1518093", "approach.ilovegaysex.su", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-07 17:26:16", "100", "", "Mirai,rrdns", "0", "NDA0E"
"2025-05-07 17:26:16", "1518094", "lane.ilovegaysex.su", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai,rrdns", "0", "NDA0E"
"2025-05-07 17:26:16", "1518095", "ministry.ilovegaysex.su", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai,rrdns", "0", "NDA0E"
"2025-05-07 17:25:09", "1518089", "77.232.37.108:8080", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E"
"2025-05-07 17:25:09", "1518090", "185.173.36.137:9035", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E"
"2025-05-07 17:25:09", "1518091", "91.142.79.142:8001", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E"
"2025-05-07 17:25:09", "1518092", "185.173.37.18:9035", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "Mirai", "0", "NDA0E"
"2025-05-07 17:10:23", "1518088", "185.208.159.64:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-07 17:06:54", "1518087", "94.26.90.76:3128", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E"
"2025-05-07 16:30:13", "1518083", "8.218.198.125:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-07 16:01:17", "1518074", "13.244.151.202:51005", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.244.151.202", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-07 16:01:16", "1518073", "13.244.151.202:6005", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.244.151.202", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-07 16:01:10", "1518072", "51.79.196.122:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-08 04:00:40", "100", "https://search.censys.io/hosts/51.79.196.122", "AS16276,C2,censys,Hookbot,OVH", "0", "DonPasci"
"2025-05-07 16:01:08", "1518071", "164.215.103.160:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-09 07:46:19", "100", "https://search.censys.io/hosts/164.215.103.160", "AS213373,C2,censys,IPCONNECT,Mythic", "0", "DonPasci"
"2025-05-07 16:01:01", "1518070", "128.90.122.247:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-09 08:44:30", "100", "https://search.censys.io/hosts/128.90.122.247", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci"
"2025-05-07 16:00:59", "1518069", "110.41.2.207:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-08 04:00:27", "100", "https://search.censys.io/hosts/110.41.2.207", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci"
"2025-05-07 16:00:45", "1518067", "94.102.49.177:5900", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:54:13", "100", "https://search.censys.io/hosts/94.102.49.177", "AS202425,C2,censys,INT-NETWORK,RAT,Remcos", "0", "DonPasci"
"2025-05-07 16:00:45", "1518068", "104.234.114.229:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 08:43:29", "100", "https://search.censys.io/hosts/104.234.114.229", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci"
"2025-05-07 16:00:34", "1518066", "103.118.29.177:8088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:12", "100", "https://search.censys.io/hosts/103.118.29.177", "AS150834,C2,censys,CobaltStrike,IDATA-VN", "0", "DonPasci"
"2025-05-07 16:00:29", "1518064", "38.55.192.237:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:12", "100", "https://search.censys.io/hosts/38.55.192.237", "AS139659,C2,censys,CobaltStrike,cs-watermark-666666666,LUCID-AS-AP", "0", "DonPasci"
"2025-05-07 16:00:29", "1518065", "1.94.96.91:2443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:00", "100", "https://search.censys.io/hosts/1.94.96.91", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci"
"2025-05-07 15:51:06", "1518063", "91.220.8.106:80", "ip:port", "botnet_cc", "win.kpot_stealer", "Khalesi,Kpot", "KPOT Stealer", "", "75", "https://x.com/500mk500/status/1920077799206924592", "KPOTStealer", "0", "abuse_ch"
"2025-05-07 15:50:23", "1518062", "http://91.220.8.106/c8PD9mEo5MnhlJi1/gate.php", "url", "botnet_cc", "win.kpot_stealer", "Khalesi,Kpot", "KPOT Stealer", "", "100", "https://x.com/500mk500/status/1920077799206924592", "KPOTStealer", "0", "abuse_ch"
"2025-05-07 15:49:53", "1518060", "85.40.86.132:7005", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "75", "https://x.com/500mk500/status/1920077799206924592", "Rhadamanthys", "0", "abuse_ch"
"2025-05-07 15:49:03", "1518059", "8503a57fa9e3424cc1cb39f8cd15419840eaa73277e9fe383a1bebb518ef9ede", "sha256_hash", "payload", "win.kimsuky", "None", "Kimsuky", "", "100", "https://x.com/SecAI_AI/status/1920129746244981095", "APT,Kimsuky", "0", "abuse_ch"
"2025-05-07 15:48:28", "1518058", "first.pokerstarus.kro.kr", "domain", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://x.com/SecAI_AI/status/1920129746244981095", "APT,Kimsuky", "0", "abuse_ch"
"2025-05-07 15:48:06", "1518057", "http://first.pokerstarus.kro.kr/image/index.php", "url", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "100", "https://x.com/SecAI_AI/status/1920129746244981095", "APT,Kimsuky", "0", "abuse_ch"
"2025-05-07 15:45:59", "1518056", "https://pdescenrugb.bet/woap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8efe9353b5564c4163786dfeae5278f195b07f1b3a1d7cfe4f8ae75a0e404993/", "lumma", "0", "abuse_ch"
"2025-05-07 15:45:50", "1518055", "https://mhomewappzb.top/tqba", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8efe9353b5564c4163786dfeae5278f195b07f1b3a1d7cfe4f8ae75a0e404993/", "lumma", "0", "abuse_ch"
"2025-05-07 15:45:46", "1518054", "https://istuffgull.top/qwio", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/8efe9353b5564c4163786dfeae5278f195b07f1b3a1d7cfe4f8ae75a0e404993/", "lumma", "0", "abuse_ch"
"2025-05-07 15:36:29", "1518036", "geckoz.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:28", "1518035", "fypal.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 15:12:36", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 15:36:27", "1518037", "horsebbv.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:27", "1518038", "koalagf.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:26", "1518039", "guppycv.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:26", "1518040", "grizzlxy.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:25", "1518041", "dingor.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:24", "1518042", "antelopej.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:24", "1518043", "flaminguo.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:23", "1518044", "elephatnt.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:22", "1518045", "giraffei.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:22", "1518046", "twilightwiarp.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:21", "1518047", "norwecono.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:21", "1518050", "kzgrowthq.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:19", "1518048", "nigecoy.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:19", "1518049", "mexicodarta.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:18", "1518051", "nigerecuon.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:18", "1518052", "maxpecoe.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 15:36:17", "1518053", "oreconp.live", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "", "None", "0", "pitachu"
"2025-05-07 14:47:38", "1518033", "cloudflare.eradigitalibl.com", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "FakeCaptcha,Lumma", "0", "threatcat_ch"
"2025-05-07 14:47:37", "1518032", "vovoh.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 14:11:02", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 14:47:36", "1518034", "din.akurasiibl.com", "domain", "payload_delivery", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "Lumma", "0", "threatcat_ch"
"2025-05-07 14:03:08", "1518030", "https://charity.cafedantorels.com/profileLayout", "url", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-05-07 14:03:07", "1518031", "charity.cafedantorels.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "2025-05-07 14:12:28", "100", "None", "fakeupdates,SocGholish", "0", "pancak3lullz"
"2025-05-07 13:55:51", "1518029", "https://therefsphn.run/goap", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/bc5053925ef7f902d2c64857597f09a299463da7f4880c10d18280d23609eda1/", "lumma", "0", "abuse_ch"
"2025-05-07 13:55:47", "1518028", "https://romulusy.digital/tqtr", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/119625d933112080625fdb40809e611476d5572d4bbe375fec56926c4427a8cc/", "lumma", "0", "abuse_ch"
"2025-05-07 13:51:10", "1518027", "xotap.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 13:33:43", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 13:25:06", "1518020", "bisaj.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 12:53:57", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 13:10:58", "1518026", "23.146.242.237:5817", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/429a93e7b3f98aaa621cf9c8e86b89d11d8b103207364c7d8a5f7a9949b3f16c/", "remcos", "0", "abuse_ch"
"2025-05-07 13:05:23", "1518025", "81.71.246.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:58:30", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-07 13:03:55", "1518024", "43.100.29.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:57:27", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-07 13:00:19", "1518023", "106.52.207.50:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:55:18", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-07 12:59:41", "1518022", "systimezone.center", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:54:52", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-07 12:59:24", "1518021", "ms-healthcheck.ru", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:54:39", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-05-07 12:40:04", "1518019", "http://102.98.39.246:44172/Mozi.m", "url", "payload_delivery", "elf.mozi", "None", "Mozi", "", "50", "None", "None", "0", "sicehicetf"
"2025-05-07 12:36:30", "1518006", "quxap.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 12:02:38", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 12:30:28", "1518018", "206.238.115.163:954", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-05-07 12:01:19", "1518017", "18.181.128.244:80", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-05-09 07:47:39", "100", "https://search.censys.io/hosts/18.181.128.244", "AMAZON-02,AS16509,BRC4,C2,censys", "0", "DonPasci"
"2025-05-07 12:01:18", "1518016", "54.212.6.27:1913", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-09 07:52:34", "100", "https://search.censys.io/hosts/54.212.6.27", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-05-07 12:01:03", "1518015", "113.44.81.252:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-08 04:00:28", "100", "https://search.censys.io/hosts/113.44.81.252", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci"
"2025-05-07 12:00:34", "1518014", "89.40.31.70:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:10", "100", "https://search.censys.io/hosts/89.40.31.70", "AS215117,C2,censys,CobaltStrike,HOSTERDADDY", "0", "DonPasci"
"2025-05-07 12:00:30", "1518012", "104.168.64.199:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 05:34:09", "100", "https://search.censys.io/hosts/104.168.64.199", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-05-07 12:00:30", "1518013", "166.108.200.194:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:16", "100", "https://search.censys.io/hosts/166.108.200.194", "AS136907,C2,censys,CobaltStrike,cs-watermark-666666666,HWCLOUDS-AS-AP", "0", "DonPasci"
"2025-05-07 12:00:29", "1518011", "155.138.164.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:10", "100", "https://search.censys.io/hosts/155.138.164.52", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-05-07 12:00:27", "1518010", "47.121.133.57:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 04:00:11", "100", "https://search.censys.io/hosts/47.121.133.57", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2025-05-07 12:00:25", "1518007", "91.200.14.226:10443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:58:36", "100", "https://search.censys.io/hosts/91.200.14.226", "AS215730,C2,censys,CobaltStrike,cs-watermark-987654321,H2NEXUS-AS", "0", "DonPasci"
"2025-05-07 12:00:25", "1518008", "8.133.251.236:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 05:46:48", "100", "https://search.censys.io/hosts/8.133.251.236", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-05-07 12:00:25", "1518009", "107.149.240.12:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-08 05:46:51", "100", "https://search.censys.io/hosts/107.149.240.12", "AS398478,C2,censys,CobaltStrike,cs-watermark-987654321,PEG-HK", "0", "DonPasci"
"2025-05-07 11:32:55", "1517788", "topax.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 11:21:37", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 11:26:28", "1518005", "cfac2fd50746ba82e4fde2b3c298b902", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/PrakkiSathwik/status/1919817159494271051", "APT,APT36,TransparentTribe", "0", "abuse_ch"
"2025-05-07 11:26:00", "1518002", "42b392c90a621475815bd62f6b2b443f", "md5_hash", "payload", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919817159494271051", "CrimsonRAT,RAT", "0", "abuse_ch"
"2025-05-07 11:26:00", "1518003", "aa022889aef77d963d2f4a4696976287", "md5_hash", "payload", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919817159494271051", "CrimsonRAT,RAT", "0", "abuse_ch"
"2025-05-07 11:26:00", "1518004", "bf5b89dbdf3907c11588775b854fa6ac", "md5_hash", "payload", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919817159494271051", "CrimsonRAT,RAT", "0", "abuse_ch"
"2025-05-07 11:25:25", "1518001", "http://blesblochem.com/two/gates1/fre.php", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://bazaar.abuse.ch/sample/a885b1f5377c2a1cead4e2d7261fab6199f83610ffdd35d20c653d52279d4683/", "lokibot", "0", "abuse_ch"
"2025-05-07 11:24:06", "1517994", "b736d9d2ca32d72181772d6aab4a8ca5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:06", "1517995", "187390322be5f643e538ff45dbfd39f5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:06", "1517996", "8b5cb84a3132e396cdf2464440705c76", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:06", "1517997", "debfec52a00da2abc9ea61346dbd7742", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:06", "1517998", "4120a68cdf6f898d351a658133ef399a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:06", "1517999", "5b0b615f51621e8f354d9f571a627ff5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:06", "1518000", "ee92b0f0bac1c9c8d37ab672600e1a07", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517985", "1bcb819677151a01d5de9ae1144c07f5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517986", "55628da8e685379cf4214dc3763664cb", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517987", "aef2b40fb0b685a2912e931afaeaa666", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517988", "121277dcdc3f275919c1cabcd59edb4b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517989", "402c7184e416914a9797bb24f140a5b2", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517990", "993dd975a0ef36bedb6532672ecd3d65", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517991", "27b57a2f068182c077e5ad6580eae527", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517992", "ef8b86deb35985016271885cac9a713b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:05", "1517993", "e8fb54b0d6780b2d032f865b78a711ba", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517975", "5d22a4ed1eef9ee71fae815e633cc673", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517976", "0922b67facd189b672670001d2910eca", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517977", "8db6eee838614a191b992e68a7653fa1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517978", "fb7abc83427e101c90a2a830d1b38271", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517979", "33191197b7bcd6eadb7126622fe89a06", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517980", "4e2a208090fcf8ce27d696ef15750d32", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517981", "24532b52054bc1a848e47d917b4cc0a9", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517982", "2434ba24c3a99d38d4e8828a7024b70c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517983", "7bfcdf4e2cc520fb8817a7bb711df873", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:04", "1517984", "308f2db72b3668d8e56008914fedef06", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517966", "d615b6a427256ebf1c132038aef19079", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517967", "0dbdae5eea88dc10f668a15bc7d6443f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517968", "2ecd724cccdff65f66027d1c9b91a1c7", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517969", "6ccb3ad50f52601d254f9c5b47f35e99", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517970", "8f84941f03bc4a9f2633a283770e780b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517971", "ed28d0bc67de67146a3f8785ddaef6b6", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517972", "eb531020d07166f41241bad62ae7aa55", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517973", "b1d50c995c191fa9a642a7b97ca643de", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:03", "1517974", "aa0f5feb21c48ac7ba8a8c61d2cd1304", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:02", "1517963", "865d3eb51125ff14eca170383ded4e26", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:02", "1517964", "2eccc71416422af47b5969cc0ac64642", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:02", "1517965", "38b4ecf10404eb0425a0b81c32f33c31", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517955", "b5228f3bad947f368d95640d170636ac", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517956", "ea80da668a5dd8723d4c4248c3bbecf8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517957", "b1aee9589ab78ea6d967adccd2f167b8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517958", "b31f67f6008931a8ff309ca7533a6070", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517959", "5bf3dfab3aac314adaa400a317987c82", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517960", "dcc7371a1bb7380221bc0d48b85d99b8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517961", "ee808afd739a8f9d8902504fa03d8cfd", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:01", "1517962", "ff57f16df2d6d726e727591e57e7f759", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517944", "9200c2686560b4bfe672a051ea0356ee", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517945", "1799f8305930359699524757cbde2381", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517946", "733bec6c135ba4a0e819b731ac7c4369", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517947", "4b9bb8a7204b28332635f342b8ffdceb", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517948", "141b2f5087059e746d291b65a072cbab", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517949", "fb1161fa1a5f5624b6fcd3aa674d864c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517950", "45436ce56e34d205f27a3b90ea6f34d4", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517951", "7d3ec2ce0e96f2d78f757d1fe72d8342", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517952", "4aa36591efdc8bfcddfe338972be9d90", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517953", "87b3f09aa41bad9d87c5cd17c1a0edfa", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:24:00", "1517954", "f07d058c7c29f4d5c061b11c53853ece", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517933", "738f49a9827206e8fdef60c6fbdf94ce", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517934", "8defef59460fe89479da2f0d00212d31", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517935", "99e5cad6249bece80c26a6023e77826d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517936", "7f3cea1165b04b096cee2d8da92e3b80", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517937", "c7b0760770fa3eab2b4fc9851ecba67e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517938", "13118a0c20843f2a09c0332f4eb12d45", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517939", "1c2cab4230749bdf4defc751adbd885a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517940", "756007cdaa3b8b85c2890d06e82c0984", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517941", "c44d1deca4dea25d451335dc62d28817", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517942", "b667c985e344a4a16bc64d18f4fda14e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:59", "1517943", "49d6227ca213fe3fcaab68670e2bbe7c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517923", "5e741d3ff10756e5eee2633ad65ecf96", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517924", "df04653e98de0dd39f4e166a5cc9339b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517925", "441b0a8999a65e2c02f81a27e7b442e5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517926", "0cd9c57c47abc7cb191739bbabfe4216", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517927", "22c5aecc3889592780338a44a2452b8b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517928", "4794af13cc0fa91c06963e1beb95de29", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517929", "dc7392e7f60537f113e25d66cff87876", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517930", "e861444baa2eaa3dcc84540389b39e5e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517931", "e6f2d39553181b74ff76a63484b8aa35", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:58", "1517932", "e1ce144c54d3808839b5a24a8ad6fd8d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517912", "b95d45860a6aca8fd23b5a75ff6f6c5c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517913", "eae10f243d9b942886d2a7158b973f72", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517914", "633dc3ef1f8d697a23b30da10f422215", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517915", "8f69165aae148726d48621471d7bf3c3", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517916", "625d30685ee83470a6a79bd704a8f430", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517917", "735e8b75c78afadf0b8d896e87a1f4e7", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517918", "e8a7b35ba3c8ea8e6be3e14191ee8bd8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517919", "096cbd2b3eff817676e83ce2129b8a84", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517920", "cbdc3846ef369daab8ee5dcbdccc4767", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517921", "8b48c725ee08a03f1ec6e8f49bd19555", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:57", "1517922", "d452a011c80ee87cb37b37296d5cff5f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517901", "630e9ae8d128e8fa21147a89ebefd0e6", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517902", "8cee838b3cc92c9f99889644d2e1e950", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517903", "643eca6a2b11a3391007c537114b4102", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517904", "3f0e86647afd46659e3838a9aa95fb1f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517905", "1f7ef2536f59f92d01644f751de02f24", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517906", "67b53b6d02ec8faf5926abcbe8eab8df", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517907", "7552223103876a69c8a162f54cc8500b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517908", "a34a354b9b59616b84dbc1503a7be058", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517909", "dc2dbcbf61b0799cdacae8c61a1b162d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517910", "a645a17ed0246606f58a7801a7fb866d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:56", "1517911", "263e909c1c9e6e1657d36c43d0d150b9", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517890", "3f2753c325e34f1a2439130ff35062a8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517891", "ecd1abe0953939b062c9ba50584209cc", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517892", "a4d8d1d4dcbc2fb3063bc3c9886de2cc", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517893", "9562d776b97cc5c843fa6699bb1cee15", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517894", "1d3fba0d99d5452acbb8d326e8f4e800", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517895", "d229af68c9896935edf632c2cc1adefc", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517896", "95639f8080597118182c89cb63bd2415", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517897", "574260101279f8c190862a89f38bf03c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517898", "b0ff9b355c154c3a8a6b63211be60121", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517899", "5b49aa1d67d60d435c5430c3e50da081", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:55", "1517900", "2df69869a379688bad6bf9c18d6aa958", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517880", "a63bbfc44e6fb3d14fbbf085c7eb4b68", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517881", "15e8950f1e4fedf8c1a0286841574a6b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517882", "1a6ff95d098d1a37e1fc17b4987c9749", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517883", "f52440e8b124ced2e69e4ce7d2700723", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517884", "6ac329c65bc4e087880395da110cf96d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517885", "5887e7ed9dcec96ac39cbda2b19d8cc0", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517886", "ef2b61de2c6f393844e1de9ad7ffa3d4", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517887", "33a4d3945aa2732cd52fbf37bc48ed2d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517888", "3a2ccc0985c7d2a919f86788952b4916", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:54", "1517889", "7d6e15948fb671909f269aad8a816cf8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517869", "c01ef0d5b74ca330b77d8c1afe10af59", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517870", "8e5cf313bfbb57aab0ccc5c4cb0d46ac", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517871", "b5fad920bf74a8c9fe2bb2ab1483be29", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517872", "d5f95af32b1fd9fb87623ec2defb21b9", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517873", "a0ab57fe1e9bc4de85d65616ebe2ebec", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517874", "0c5f94364ee042b8ab77e9ce959495bd", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517875", "0f5f2290a30c8f0f33f39a4513794806", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517876", "72721c44ec706cb67c30cc98dfdafa2f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517877", "72b2ba73736af24f5060f9003629dfdd", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517878", "7e00a7bec089ad085c306a3de539d453", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:53", "1517879", "6168cd6f30fc65e735163266863e9c41", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517859", "e824c64c99e05fcac2d2745e19f2013e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517860", "1195338df7210d99d963a040637a794d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517861", "a7fcf8a29f24504c4cb469d257a827f3", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517862", "7f0039dfcbb9098550e5f5981ec4297d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517863", "b6c46c1bd6ea86beae25c77d05280d59", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517864", "24024bdc40ecbdfa16ce8449f5d05cb7", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517865", "0d0bc6f8144b4d3f3b80654b4fd8403a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517866", "793bed4cb96031a738fa60c9b2813606", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517867", "89375ce211d9a6a474ff99a7fbace93a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:52", "1517868", "bddcc84dfe9d237e0db0f114662b1b40", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517848", "8d28158234d650c7d04e8682c4e624ee", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517849", "5cc24cc2fced61209f0a1a30ea7e32aa", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517850", "1a8aa725735cfef2a66f78ecd1606edf", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517851", "8194a7341f8eefa0afe08b6b5ced3ed1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517852", "8ed43c2c1aa9bb8c7c3902e1f3f4b473", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517853", "79f7c7356d43aee07cc613fe8d978420", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517854", "ad15c99cc96350cb25c914b5bfb94ffe", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517855", "8c9304a013c8053f1bc4bb8109b3a919", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517856", "4857d2d9d7b65e4b907b3cac728e1842", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517857", "a7bc435e704823ecabe9aef0dc82352a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:51", "1517858", "bd763de389f59b15ffe2916be6a16166", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517838", "d8a76af93cf6f52fd2c88ddcb26c6001", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517839", "fd460bb56137ce05a9e747d4d694c808", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517840", "ece41a9cc7979a716d75ef1bec89ce41", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517841", "6260c1fa3dc51d3b962f3dd85739bfe5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517842", "75599941918f313459d6151c26704083", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517843", "4c37fbc3e9cc57b0bc00facf1cef927f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517844", "f1e4a42114cfc08bfdff659ec01a1e9a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517845", "e8beb18255980acdeae7895c8a0d03f1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517846", "19c4f4e3eb499b4049c76546c99e0c10", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:50", "1517847", "53b50b5012e0492b113c270ada8c5624", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517827", "48d3a69c0102f121b7af73ec26ea7cd1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517828", "4541959091ebf97669a7362e7471217e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517829", "49f2be089ed87da030c5d331a8a9da66", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517830", "bf668193bda2db88922e5db1c360d0c1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517831", "efb855cd4ef6669457cc90e330ea4967", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517832", "8b5c6bafaa15c6906b78fb00a5fbe747", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517833", "f44854e0df2ebd9aee5b525cc6df21da", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517834", "2277d6615a877c34b67d6f3c919df5b7", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517835", "f35a29f2c7153f6a13768b77ff9da28d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517836", "73a25bacdb5da2a8e6ead5a8a7d92e70", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:49", "1517837", "fc2c9afd1a78adaeaa63028dbe894eee", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517817", "2c05347bc5b09218850331071b34a4da", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517818", "2af8158d74f6c50cb2bd6dbc808922a2", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517819", "c786e93b0984d16d8614e1e0560b679c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517820", "1177aed7c7e035e47af41a009eaaf020", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517821", "7de7717e90bb9aa2ad0e76e29994cf3f", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517822", "da0c807e2a9c933c46502eccf349fc01", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517823", "3707ad2d1afb7bf423de3c29132d41d8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517824", "36ccc47e3979f58e3a59fe9e8a019486", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517825", "8265e6e7d458617d39490b6cebdbfa67", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:48", "1517826", "93931e0aed4fc5322b1691b140de1ce9", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517806", "ee3828e997ee8e48b30c0d7d13c28e7b", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517807", "7cb34a621478c692c12f9cbbbe457a58", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517808", "db71c06452f27955314d6d4132506baa", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517809", "101cfe94fba460a2963fc67a6f6c3f6c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517810", "12bac5e49517e9a83c7b4828503b9df5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517811", "2457f093fb7953583f50c90f3ab78adb", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517812", "a11096302d4b3eb24dbdf9f033267419", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517813", "659dfc88879ddcf395356de0ccad0486", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517814", "c8b1f8d313a165976b553bb6223435d5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517815", "24cf8dd689e59ebe12bd963c997adc2d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:47", "1517816", "2c29f8ca69cd2cf27629edf0c77d7d71", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517796", "e5a972cc589109be1aae14cdb5fd6984", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517797", "f2070b889c7aa58ca153c6d1b3dc953e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517798", "e634fe96f81b8a5198c8ac65a95e58a4", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517799", "1e20b481d932582570287729f665bff8", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517800", "06b9331e6e2699a4382bd09ae85a515d", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517801", "2e30aa5886ad27092ae968471bd845c6", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517802", "2dbb998b2c87ee7dbaffb9d78b16cbe1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517803", "1fbaee13b6a905dc2e5c8467d77ad9af", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517804", "32bfa36bf24b3cca1ef9814a82ce26d1", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:46", "1517805", "64b1c49e751a15b43c69661b0ab683df", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:45", "1517792", "b8846b3e1adfc89aa767687364fecf6a", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:45", "1517793", "0b1d2e7bd7f535e427aa80adbb6a95d6", "md5_hash", "payload", "unknown", "None", "Unknown malware", "2025-05-07 11:24:02", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:45", "1517794", "a3a62b5aed61ace35c9aadde1f5cefde", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:23:45", "1517795", "1eef02b9cecf23c530b292c68a481a1c", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "50", "https://github.com/TheRavenFile/Daily-Hunt/blob/main/RA%20World%20Ransomware", "ransomware,raworld", "0", "TheRavenFile"
"2025-05-07 11:22:53", "1517791", "0fc9f35147e37b38345b8d80d093205e", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/PrakkiSathwik/status/1919815291976163467", "APT,APT36,TransparentTribe", "0", "abuse_ch"
"2025-05-07 11:22:07", "1517790", "bdf2096ac1c2cb24c49e02b887f2ca64", "md5_hash", "payload", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919815291976163467", "CrimsonRAT,RAT", "0", "abuse_ch"
"2025-05-07 11:22:06", "1517789", "b570bfd958a2e23f777d2e0d748e208d", "md5_hash", "payload", "win.crimson", "SEEDOOR,Scarimson", "Crimson RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919815291976163467", "CrimsonRAT,RAT", "0", "abuse_ch"
"2025-05-07 11:12:34", "1517750", "calub.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 10:44:31", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 11:12:34", "1517787", "1afc38c102afef00282b7851682ed9fa", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:33", "1517781", "ed6700667f91503d773c6d62dffdbbcb", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:33", "1517782", "17c17d4965ef0b457e9f163ffc732238", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:33", "1517783", "af609f70b07c4b81206b779b13cea2dc", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:33", "1517784", "ae546b0245f8dd3df71db87f29a3720b", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:33", "1517785", "f6a90f2cf020d0aeb221cf72788c4dab", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:33", "1517786", "e1912924a59bee4cb7a3e893854e3177", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:32", "1517780", "12c251ad55a15adaf2e4a3a320e136e0", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:31", "1517779", "439bc77acddd9f690d3db4a83d81275e", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:12:30", "1517778", "b07b8246b79fbea94c8e2f92dd65a451", "md5_hash", "payload", "osx.amos", "Atomic macOS Stealer", "AMOS", "", "100", "https://x.com/suyog41/status/1919977810657227035", "AMOS", "0", "abuse_ch"
"2025-05-07 11:11:18", "1517777", "mugtrimol37.top", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://x.com/TeamDreier/status/1917134627182948591", "ConnectWise,ScreenConnect", "0", "abuse_ch"
"2025-05-07 11:08:00", "1517775", "textureassets.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:08:00", "1517776", "winmy.news", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517762", "ap1w9f.top", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517763", "apesquery.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517764", "batchcopilot.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517765", "caribsljm.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517766", "ceacg.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517767", "countryclub.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517768", "cyprusestate.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517769", "dappassets.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517770", "decoding-us.media", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517771", "logicalcomputer.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517772", "lymo.live", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517773", "onsome.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:07:59", "1517774", "privacydapps.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "https://x.com/K_N1kolenko/status/1919697053652816165", "Formbook", "0", "abuse_ch"
"2025-05-07 11:05:42", "1517761", "544504aeaa35583663ae2fc3300be193", "md5_hash", "payload", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://x.com/SquiblydooBlog/status/1920065836779462705", "Rhadamanthys", "0", "abuse_ch"
"2025-05-07 11:04:23", "1517760", "ca46bdc4d7e537f0270cf7e2ac43cfa5", "md5_hash", "payload", "unknown", "None", "Unknown malware", "", "100", "https://x.com/suyog41/status/1909121702707048705", "APT,SideWinder", "0", "abuse_ch"
"2025-05-07 11:03:00", "1517759", "www-customs-gov-lk.net-co.info", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://x.com/suyog41/status/1909121702707048705", "APT,SideWinder", "0", "abuse_ch"
"2025-05-07 11:01:37", "1517758", "www-cbsl-gov-lk.dwnlld.com", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://x.com/suyog41/status/1920014750643007950", "APT,SideWinder", "0", "abuse_ch"
"2025-05-07 11:01:18", "1517757", "964befd24e41a128e9fffdc7b41399a8", "md5_hash", "payload", "win.sidewinder", "None", "SideWinder", "", "100", "https://x.com/suyog41/status/1920014750643007950", "APT,SideWinder", "0", "abuse_ch"
"2025-05-07 10:57:52", "1517754", "68c7c14b9ac69491b23b3c3ad88f3a1e", "md5_hash", "payload", "win.curlback", "None", "CurlBack RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919722443628806514", "APT,CurlBackRAT,RAT,SideCopy", "0", "abuse_ch"
"2025-05-07 10:57:52", "1517755", "b6ef8bb7e47ddc55131990e21d2519a7", "md5_hash", "payload", "win.curlback", "None", "CurlBack RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919722443628806514", "APT,CurlBackRAT,RAT,SideCopy", "0", "abuse_ch"
"2025-05-07 10:57:52", "1517756", "6af1776a02536f72f810ca0fa21f38ff", "md5_hash", "payload", "win.curlback", "None", "CurlBack RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919722443628806514", "APT,CurlBackRAT,RAT,SideCopy", "0", "abuse_ch"
"2025-05-07 10:56:59", "1517753", "https://gchindia.com/lib/pdf/Blackout-Rehearsal-Plan/wins/", "url", "payload_delivery", "win.curlback", "None", "CurlBack RAT", "", "100", "https://x.com/PrakkiSathwik/status/1919722443628806514", "APT,CurlBackRAT,RAT,SideCopy", "0", "abuse_ch"
"2025-05-07 10:52:56", "1517752", "falcondfy.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "2025-05-07 15:28:48", "100", "", "LummaStealer", "0", "abuse_ch"
"2025-05-07 10:50:51", "1517751", "103.186.117.40:47666", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 08:43:19", "75", "https://bazaar.abuse.ch/sample/7b914b902b12af16ff2f69624a886e07e69f9046e3703a598dbead0adb727119/", "remcos", "0", "abuse_ch"
"2025-05-07 10:30:53", "1517749", "196.251.69.222:2005", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-09 07:49:08", "75", "https://bazaar.abuse.ch/sample/99cf8856f15a937af5fc30dad4facf87307e43c63e2cfb6424723d9255d3b71a/", "remcos", "0", "abuse_ch"
"2025-05-07 10:30:31", "1517747", "curux.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 10:23:58", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 10:20:23", "1517748", "http://149.104.28.130:8080/jquery-3.3.2.slim.min.js", "url", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://bazaar.abuse.ch/sample/2d3ec8e1f2d23c917f3eac3064ff1e5a571c8b750693bca04fc292226bb88aa9/", "cobaltstrike", "0", "abuse_ch"
"2025-05-07 10:18:25", "1517746", "https://tiffanyearringforwomen.top/ifh/lll.php", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114466002473212677", "SmartApeSG", "0", "monitorsg"
"2025-05-07 10:18:24", "1517723", "serer.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 09:54:19", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 10:18:24", "1517744", "https://tiffanyearringforwomen.top/ifh/select.js", "url", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114466002473212677", "SmartApeSG", "0", "monitorsg"
"2025-05-07 10:18:23", "1517745", "tiffanyearringforwomen.top", "domain", "payload_delivery", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://infosec.exchange/@monitorsg/114466002473212677", "SmartApeSG", "0", "monitorsg"
"2025-05-07 09:59:43", "1517743", "anncrman.com", "domain", "botnet_cc", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "50", "", "landupdate808", "0", "juroots"
"2025-05-07 09:58:06", "1517738", "bulon.duckdns.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots"
"2025-05-07 09:58:06", "1517739", "lited-mafia.ddns.net", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots"
"2025-05-07 09:58:06", "1517740", "main.oooservers.kro.kr", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-08 09:20:16", "50", "", "c2,mirai", "0", "juroots"
"2025-05-07 09:58:06", "1517741", "takibotnet.duckdns.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots"
"2025-05-07 09:58:06", "1517742", "takidayne.duckdns.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "c2,mirai", "0", "juroots"
"2025-05-07 09:57:43", "1517737", "eaonxeypl.localto.net", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "50", "", "c2,dcrat", "0", "juroots"
"2025-05-07 09:57:26", "1517736", "23.158.232.33:3840", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-07 09:57:03", "1517735", "0kydwb3k6.localto.net", "domain", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-07 09:56:49", "1517734", "https://pastebin.com/raw/DrdJUVjT", "url", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-05-07 09:55:41", "1517733", "http://izoa.netsons.org/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlquery.net/report/c3a784d3-5349-450b-bfec-839318fc4b89", "c2,unam,urlquery", "0", "juroots"
"2025-05-07 09:55:04", "1517732", "http://45.144.53.255/", "url", "botnet_cc", "apk.hook", "None", "Hook", "", "50", "https://urlscan.io/result/0196aa2b-8da8-7756-bda9-a43b7af863e6", "c2,hookbot,urlscan", "0", "juroots"
"2025-05-07 09:54:46", "1517731", "https://154.53.165.98/pages/login.php", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196aa2b-4868-77ac-98ae-3aadc7625697", "c2,unam,urlscan", "0", "juroots"
"2025-05-07 09:53:55", "1517730", "http://87.247.188.45:5090/supershell/login", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://urlscan.io/result/0196aa2a-833f-702d-9160-2ac3c5427c1f", "c2,supershell,urlscan", "0", "juroots"
"2025-05-07 09:53:00", "1517729", "27.102.138.155:80", "ip:port", "botnet_cc", "win.kimsuky", "None", "Kimsuky", "", "50", "https://www.shodan.io/host/27.102.138.155#80", "c2,kimsuky,shodan", "0", "juroots"
"2025-05-07 09:52:45", "1517728", "103.28.90.181:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/103.28.90.181#80", "c2,mustangpanda,shodan", "0", "juroots"
"2025-05-07 09:52:10", "1517727", "103.74.101.88:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-07 11:00:02", "50", "https://www.shodan.io/host/103.74.101.88#80", "c2,hookbot,shodan", "0", "juroots"
"2025-05-07 09:51:09", "1517726", "94.98.211.222:3460", "ip:port", "botnet_cc", "win.poison_ivy", "SPIVY,pivy,poisonivy", "Poison Ivy", "", "50", "https://www.shodan.io/host/94.98.211.222#3460", "c2,poison_ivy,shodan", "0", "juroots"
"2025-05-07 09:49:58", "1517725", "91.103.253.40:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/91.103.253.40#443", "c2,shodan,villain", "0", "juroots"
"2025-05-07 09:49:42", "1517724", "146.70.213.35:8081", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/146.70.213.35#8081", "bruteratel,c2,shodan", "0", "juroots"
"2025-05-07 09:48:45", "1517722", "45.61.165.177:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/45.61.165.177#9000", "c2,sectop,shodan", "0", "juroots"
"2025-05-07 09:48:29", "1517721", "3.80.91.122:8142", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/3.80.91.122#8142", "c2,netsupport,shodan", "0", "juroots"
"2025-05-07 09:48:28", "1517719", "34.245.181.229:19", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/34.245.181.229#19", "c2,netsupport,shodan", "0", "juroots"
"2025-05-07 09:48:28", "1517720", "3.80.91.122:12242", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/3.80.91.122#12242", "c2,netsupport,shodan", "0", "juroots"
"2025-05-07 09:47:50", "1517718", "51.38.225.20:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/51.38.225.20#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:49", "1517717", "84.46.243.167:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:53:44", "50", "https://www.shodan.io/host/84.46.243.167#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:47", "1517713", "207.180.248.69:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:49:47", "50", "https://www.shodan.io/host/207.180.248.69#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:47", "1517714", "193.29.58.245:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/193.29.58.245#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:47", "1517715", "147.45.178.32:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/147.45.178.32#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:47", "1517716", "66.42.80.79:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:53:00", "50", "https://www.shodan.io/host/66.42.80.79#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:46", "1517712", "185.146.232.129:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/185.146.232.129#31337", "c2,shodan,sliver", "0", "juroots"
"2025-05-07 09:47:17", "1517711", "85.143.249.12:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/85.143.249.12#3333", "c2,gophish,phishing,shodan", "0", "juroots"
"2025-05-07 09:46:47", "1517710", "121.40.112.176:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 09:46:48", "50", "https://www.shodan.io/host/121.40.112.176#50050", "c2,cobaltstrike,shodan", "0", "juroots"
"2025-05-07 09:46:12", "1517709", "185.196.11.181:6789", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 07:56:51", "50", "https://www.shodan.io/host/185.196.11.181#6789", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots"
"2025-05-07 09:44:45", "1517708", "104.200.73.200:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-07 09:46:46", "50", "https://www.shodan.io/host/104.200.73.200#443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-07 09:44:44", "1517707", "119.28.89.169:9527", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-09 04:00:08", "50", "https://www.shodan.io/host/119.28.89.169#9527", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots"
"2025-05-07 09:40:40", "1517706", "176.123.2.242:5939", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "75", "https://bazaar.abuse.ch/sample/324f40f7bb2056632449a02712d32fee5ea186d718346be31f89f8f7fab1f856/", "remcos", "0", "abuse_ch"
"2025-05-07 09:29:54", "1517705", "tipaq.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 09:33:33", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 09:03:46", "1517692", "webis.run", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "2025-05-07 08:41:39", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-05-07 08:54:04", "1517704", "83.217.213.230:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 07:53:38", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2025-05-07 08:52:36", "1517703", "50.232.172.115:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-09 07:52:18", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch"
"2025-05-07 08:50:39", "1517702", "https://umedicalbitkisel.org/mbj", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e1d4a3fe31741f0aa65a6fbad2899080221e047cb05228210153df66fa33f279/", "lumma", "0", "abuse_ch"
"2025-05-07 08:50:27", "1517701", "https://lkariosefqcu.shop/wrqo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/1acce89ba4157f84695faab7c3e491b853b914d4f7b05a93699c31f281119580/", "lumma", "0", "abuse_ch"
"2025-05-07 08:50:26", "1517700", "https://jonemiltxny.shop/tqiw", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/1acce89ba4157f84695faab7c3e491b853b914d4f7b05a93699c31f281119580/", "lumma", "0", "abuse_ch"
"2025-05-07 08:50:23", "1517699", "https://gariosefqcu.shop/wrqo", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/c75fcc89a5ff08c2b6b8a70d46f01c988c7d61e345e3f19d16be6d4f731b75bc/", "lumma", "0", "abuse_ch"
"2025-05-07 08:50:22", "1517698", "https://dorjinalecza.net/lxaz", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/e1d4a3fe31741f0aa65a6fbad2899080221e047cb05228210153df66fa33f279/", "lumma", "0", "abuse_ch"
"2025-05-07 08:50:19", "1517697", "https://3snakejh.top/adsk", "url", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "75", "https://bazaar.abuse.ch/sample/591c5830b814217b6372a2b9c4bf1426361affe0014423bfe7d975edfbf99eec/", "lumma", "0", "abuse_ch"
"2025-05-07 08:47:21", "1517696", "176.65.144.221:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-09 07:47:24", "75", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2025-05-07 08:45:20", "1517695", "146.185.218.222:49412", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-09 08:45:11", "75", "None", "Deimos,drb-ra", "0", "abuse_ch"
# Number of entries: 880