##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2024-04-25 02:06:01 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS12616
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2023-10-09 14:12:05","http://arbitrag38.ru/centro/XgYONUGxxFSUsPIGr","offline","malware_download","agenziaentrate|geo|gozi|isfb|ITA|ursnif","arbitrag38.ru","78.110.50.106","12616","RU"
"2023-07-15 09:21:04","http://83.69.236.12/bins/sora.arm7","offline","malware_download","elf|mirai","83.69.236.12","83.69.236.12","12616","RU"
"2023-03-14 19:03:48","https://arbitrag38.ru/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","arbitrag38.ru","78.110.50.106","12616","RU"
"2023-03-14 19:03:25","https://arbitrag38.ru/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","arbitrag38.ru","78.110.50.106","12616","RU"
"2023-03-14 19:03:15","https://eurooknamsk.ru/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-03-14 19:02:57","https://evrookna.spb.ru/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","evrookna.spb.ru","78.110.50.106","12616","RU"
"2023-03-14 19:02:39","https://eurooknamsk.ru/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-03-14 19:02:16","https://arbitrag38.ru/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","arbitrag38.ru","78.110.50.106","12616","RU"
"2023-03-14 19:02:12","https://evrookna.spb.ru/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","evrookna.spb.ru","78.110.50.106","12616","RU"
"2023-03-14 19:01:28","https://eurooknamsk.ru/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-03-14 19:01:13","https://app2.geodesist.pro/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","app2.geodesist.pro","78.110.50.145","12616","RU"
"2023-03-14 19:01:02","https://app2.geodesist.pro/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","app2.geodesist.pro","78.110.50.145","12616","RU"
"2023-03-14 19:00:30","https://app2.geodesist.pro/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","app2.geodesist.pro","78.110.50.145","12616","RU"
"2023-03-14 18:59:40","https://evrookna.spb.ru/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","evrookna.spb.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:36","http://eurooknamsk.ru/headers/azienda/Agenzia_E1.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:36","http://eurooknamsk.ru/headers/azienda/Agenzia_E2.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:36","http://eurooknamsk.ru/headers/azienda/Agenzia_E6.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:07","http://eurooknamsk.ru/headers/azienda/Agenzia_E.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:07","http://eurooknamsk.ru/headers/azienda/Agenzia_E3.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:07","http://eurooknamsk.ru/headers/azienda/Agenzia_E4.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:07","http://eurooknamsk.ru/headers/azienda/Agenzia_E7.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:07","http://eurooknamsk.ru/headers/azienda/Agenzia_E8.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:06","http://eurooknamsk.ru/headers/azienda/Agenzia_E5.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-02-10 07:35:06","http://eurooknamsk.ru/headers/azienda/Agenzia_E9.zip","offline","malware_download","agenziaentrate|exe|gozi|ITA|url|ursnif|zip","eurooknamsk.ru","78.110.50.106","12616","RU"
"2023-01-23 09:46:11","http://evrookna.spb.ru/headers/online/index.php","offline","malware_download","botnet-7707|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","evrookna.spb.ru","78.110.50.106","12616","RU"
"2021-09-16 18:05:20","http://ivan-li.ru/hydrology.php","offline","malware_download","doc|hancitor|html","ivan-li.ru","31.28.24.244","12616","RU"
"2021-09-16 18:05:19","http://ivan-li.ru/helplessness.php","offline","malware_download","doc|hancitor|html","ivan-li.ru","31.28.24.244","12616","RU"
"2021-09-16 18:05:18","http://ivan-li.ru/interactive.php","offline","malware_download","doc|hancitor|html","ivan-li.ru","31.28.24.244","12616","RU"
"2021-09-16 18:05:10","http://ivan-li.ru/spied.php","offline","malware_download","doc|hancitor|html","ivan-li.ru","31.28.24.244","12616","RU"
"2021-09-16 18:05:05","http://ivan-li.ru/subtracted.php","offline","malware_download","doc|hancitor|html","ivan-li.ru","31.28.24.244","12616","RU"
"2021-09-16 18:05:04","http://ivan-li.ru/malign.php","offline","malware_download","doc|hancitor|html","ivan-li.ru","31.28.24.244","12616","RU"
"2021-01-23 02:03:04","http://theculturetrip.ru/d/wlx7lGpiGfeOk8FJOkrVMdt7dFAyWyl855H9qWh7HaKd8Rv1dlcgipmGN/","offline","malware_download","doc|emotet|epoch2|Heodo","theculturetrip.ru","78.110.50.141","12616","RU"
"2020-12-23 07:55:07","http://advokatemelyanov.ru/administrator/OMHpK/","offline","malware_download","emotet|epoch2|exe|heodo","advokatemelyanov.ru","78.110.50.131","12616","RU"
"2020-11-26 15:35:05","http://sadgad.ru/ds/231120.gif","offline","malware_download","exe|gozi|SilentBuilder|ursnif","sadgad.ru","78.110.50.130","12616","RU"
"2020-10-16 22:14:06","http://gosbooking.com/wp-admin/ej5/","offline","malware_download","emotet|epoch3|exe|Heodo","gosbooking.com","31.28.24.120","12616","RU"
"2020-09-24 00:36:05","http://la-beautystudio.ru/content/docs/vbzblv2X0BWQkd2iS7/","offline","malware_download","doc|emotet|epoch1|Heodo","la-beautystudio.ru","78.110.50.111","12616","RU"
"2020-06-02 15:36:18","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/NQAD_56107_01062020.zip","offline","malware_download","Qakbot|qbot|spx131|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 15:36:06","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/NQAD_5114_01062020.zip","offline","malware_download","Qakbot|qbot|spx131|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 15:36:05","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/NQAD_49578936_01062020.zip","offline","malware_download","Qakbot|qbot|spx131|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 15:36:03","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/2546936/NQAD_2546936_01062020.zip","offline","malware_download","Qakbot|qbot|spx131|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 10:07:49","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/NQAD_44052_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 07:49:50","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/0756471/NQAD_0756471_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 07:44:05","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/3188/NQAD_3188_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 07:43:54","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/NQAD_223256_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-06-02 07:37:31","http://xn--39-dlchgs9c.xn--p1ai/xywhlx/NQAD_4324_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--39-dlchgs9c.xn--p1ai","78.110.50.123","12616","RU"
"2020-05-28 12:23:33","http://www.fleetservicepartners.com/skzhdowbwpk/DQOR_845020883_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.fleetservicepartners.com","83.69.230.74","12616","RU"
"2020-05-28 11:46:52","http://gstat.matthewsalemstolper.com/pagament1.exe","offline","malware_download","exe|geofenced|Gozi|ISFB|ITA|Ursnif","gstat.matthewsalemstolper.com","77.87.213.90","12616","RU"
"2020-05-28 10:16:30","http://www.fleetservicepartners.com/skzhdowbwpk/1627238/DQOR_1627238_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.fleetservicepartners.com","83.69.230.74","12616","RU"
"2020-05-28 08:50:37","http://www.fleetservicepartners.com/skzhdowbwpk/DQOR_07399464_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.fleetservicepartners.com","83.69.230.74","12616","RU"
"2020-05-19 07:27:07","https://post.positivefocusskills.com/abonento9.exe","offline","malware_download","","post.positivefocusskills.com","77.87.213.82","12616","RU"
"2020-02-06 08:38:35","http://up-liner.ru/config.recognize/comun_sector/137474056356_9YPA1JoM_137474056356_9YPA1JoM/aj397lun0w_7uyx/","offline","malware_download","doc|emotet|epoch1|Heodo","up-liner.ru","78.110.50.105","12616","RU"
"2020-01-29 10:32:04","http://yojersey.ru/system/protected-module/security-cloud/etZVha3tt-LlNw7ppd/","offline","malware_download","doc|emotet|epoch1|Heodo","yojersey.ru","78.110.50.105","12616","RU"
"2020-01-23 21:54:08","http://mishoop.ru/wp-includes/report/ascxz2/","offline","malware_download","doc|emotet|epoch2|Heodo","mishoop.ru","78.110.50.126","12616","RU"
"2020-01-22 19:51:35","http://yojersey.ru/system/52yl-mcilu-924/","offline","malware_download","doc|emotet|epoch3|heodo","yojersey.ru","78.110.50.105","12616","RU"
"2020-01-17 04:24:03","http://up-liner.ru/config.recognize/report/a9aom86ij9z/42-41939-871834826-0x0ztouwc-4uwo4g6/","offline","malware_download","doc|emotet|epoch2|Heodo","up-liner.ru","78.110.50.105","12616","RU"
"2020-01-16 21:18:04","http://yojersey.ru/system/INC/seqrxy-483627-0862-3pj61ohg-4dxokenie/","offline","malware_download","doc|emotet|epoch2|Heodo","yojersey.ru","78.110.50.105","12616","RU"
"2020-01-15 03:40:04","http://up-liner.ru/config.recognize/Overview/s96kk8am8g/","offline","malware_download","doc|emotet|epoch2|heodo","up-liner.ru","78.110.50.105","12616","RU"
"2020-01-14 21:14:05","http://yojersey.ru/system/closed-box/external-cloud/3pGn9UnjvK9l-08LrcgK6/","offline","malware_download","doc|emotet|epoch1|Heodo","yojersey.ru","78.110.50.105","12616","RU"
"2020-01-14 03:37:03","http://odigital.ru/files/ih9a-aw-007/","offline","malware_download","doc|emotet|epoch3|heodo","odigital.ru","78.110.50.105","12616","RU"
"2019-12-20 07:36:48","http://yojersey.ru/system/MCb99174856/","offline","malware_download","doc|emotet|epoch3|Heodo","yojersey.ru","78.110.50.105","12616","RU"
"2019-12-16 22:55:03","http://odigital.ru/files/protected-wzdqrsfob-y75c/dgyubltjtb-md2ku-warehouse/89978360-EBg36czjX/","offline","malware_download","doc|emotet|epoch1|Heodo","odigital.ru","78.110.50.105","12616","RU"
"2019-12-16 22:49:05","http://up-liner.ru/config.recognize/2cx0hre9/","offline","malware_download","doc|emotet|epoch2|heodo","up-liner.ru","78.110.50.105","12616","RU"
"2019-12-16 22:47:05","http://yojersey.ru/system/1ffz45n0-cyjo499450bj-4WzgmWUrzy-zR0PNZdMZ3x/security-profile/3275828-XhTtE8lbD/","offline","malware_download","doc|emotet|epoch1|Heodo","yojersey.ru","78.110.50.105","12616","RU"
"2019-12-13 16:45:16","http://odigital.ru/files/protected_zone/close_warehouse/zok0v9sxyx0_6941zu/","offline","malware_download","doc|emotet|epoch1|Heodo","odigital.ru","78.110.50.105","12616","RU"
"2019-12-13 16:25:04","http://up-liner.ru/config.recognize/OCT/q0qci2-02215605-444050966-uhvn-c3bq8ql9o/","offline","malware_download","doc|emotet|epoch2|heodo","up-liner.ru","78.110.50.105","12616","RU"
"2019-12-13 16:20:03","http://yojersey.ru/system/IZKIOFKMSBPKGY/yf6kmi02brk6/hoavfy9-730660-75415-fma989n5x-lcgxmy/","offline","malware_download","doc|emotet|epoch2|heodo","yojersey.ru","78.110.50.105","12616","RU"
"2019-12-11 23:35:04","http://best-fences.ru/JS/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","best-fences.ru","78.110.50.127","12616","RU"
"2019-12-10 19:35:03","http://srv77956.ht-test.ru/gino/Reporting/63g2p0m/","offline","malware_download","doc|Emotet|epoch2|Heodo","srv77956.ht-test.ru","78.110.50.127","12616","RU"
"2019-12-10 17:14:08","http://smskey.ru/stats_script/common_sector/verified_forum/4mty825k_y14z9s/","offline","malware_download","doc|emotet|epoch1|Heodo","smskey.ru","78.110.50.105","12616","RU"
"2019-12-09 19:02:05","http://best-fences.ru/JS/2bpxor-3v-67/","offline","malware_download","doc|emotet|epoch3|Heodo","best-fences.ru","78.110.50.127","12616","RU"
"2019-12-09 18:57:07","http://best-fences.ru/JS/2bpxor-3v-67","offline","malware_download","doc","best-fences.ru","78.110.50.127","12616","RU"
"2019-12-06 17:23:05","http://best-fences.ru/css/4ey-6v7y0-5856/","offline","malware_download","doc|emotet|epoch3|Heodo","best-fences.ru","78.110.50.127","12616","RU"
"2019-12-04 11:41:19","http://real-money.online/nobwi/w53254/","offline","malware_download","emotet|epoch1|exe|Heodo","real-money.online","78.110.50.127","12616","RU"
"2019-05-13 16:41:28","http://blog.blissbuy.ru/wp-content/3lpcmuw-pyzoq9-sdvd/","offline","malware_download","doc|Emotet|epoch2|Heodo","blog.blissbuy.ru","78.110.50.124","12616","RU"
"2019-05-11 05:49:15","http://blog.blissbuy.ru/wp-content/US/Clients_transactions/2019-05/","offline","malware_download","emotet|epoch1","blog.blissbuy.ru","78.110.50.124","12616","RU"
"2019-05-07 09:16:07","http://tabuncov.ru/wp-content/uploads/uviobj-f6thcgn-rplemje/","offline","malware_download","doc|emotet|epoch2|Heodo","tabuncov.ru","78.110.61.33","12616","RU"
"2019-05-06 14:32:06","http://blog.blissbuy.ru/wp-content/trusted.EN.logged.public.biz/","offline","malware_download","Emotet|epoch1|Heodo","blog.blissbuy.ru","78.110.50.124","12616","RU"
"2019-05-03 19:55:04","http://blog.blissbuy.ru/wp-content/parts_service/qjsbgVce/","offline","malware_download","doc|emotet|epoch2|Heodo","blog.blissbuy.ru","78.110.50.124","12616","RU"
"2019-04-12 16:57:10","http://vvk888.ru/wp-content/Ds_G/","offline","malware_download","emotet|epoch2|exe|Heodo","vvk888.ru","31.28.24.118","12616","RU"
"2019-04-08 18:03:18","http://akppservis30.ru/wp-content/QJPWA-7FXMIIx25aOo5C_bNwWjEYUL-dr7/","offline","malware_download","Emotet|Heodo","akppservis30.ru","31.28.24.118","12616","RU"
"2019-04-05 16:21:22","http://imiselectro.ru/wp-admin/trust.myacc.send.com/","offline","malware_download","doc|emotet|epoch1|Heodo","imiselectro.ru","78.110.50.137","12616","RU"
"2019-04-02 22:14:05","http://akppservis30.ru/l3stwbb/secure.myaccount.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","akppservis30.ru","31.28.24.118","12616","RU"
"2019-04-02 06:28:59","http://imiselectro.ru/wp-admin/secure.accounts.resourses.com/","offline","malware_download","Emotet|Heodo","imiselectro.ru","78.110.50.137","12616","RU"
"2019-03-28 20:16:06","http://arendakass.su/wordpress/sec.accs.send.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","arendakass.su","78.110.50.143","12616","RU"
"2019-03-14 06:00:29","http://ARENDAKASS.su/wordpress/fq4r-5gkg7w-eejk/","offline","malware_download","Emotet|Heodo","ARENDAKASS.su","78.110.50.143","12616","RU"
"2019-03-12 10:12:06","http://linetours.ru/wp-content/themes/untitled/styles/msg.jpg","offline","malware_download","exe|Troldesh","linetours.ru","78.110.50.105","12616","RU"
"2019-03-12 01:34:43","http://linetours.ru/wp-content/themes/untitled/styles/kia.zip","offline","malware_download","js|RUS|Troldesh|zip","linetours.ru","78.110.50.105","12616","RU"
"2019-03-11 23:34:06","http://arendakass.su/wordpress/w3gr-jwf1g-zqyb.view/","offline","malware_download","doc|emotet|epoch1|Heodo","arendakass.su","78.110.50.143","12616","RU"
"2019-03-07 15:02:12","http://ARENDAKASS.su/wordpress/yb8oe-imzb4-pwhm.view/","offline","malware_download","Emotet|Heodo","ARENDAKASS.su","78.110.50.143","12616","RU"
"2019-03-05 16:46:30","http://ARENDAKASS.su/v6yq8qg/sendincencrypt/legal/ios/en_EN/032019/","offline","malware_download","doc|emotet|epoch1|Heodo","ARENDAKASS.su","78.110.50.143","12616","RU"
"2019-03-04 13:10:03","http://otlm.pharmso.ru/de_DE/ZSJZYFE3065782/Rechnung/DOC","offline","malware_download","doc","otlm.pharmso.ru","78.110.50.125","12616","RU"
"2019-02-27 16:10:12","http://otlm.pharmso.ru/mymf1-56vioi-jdopl.view/","offline","malware_download","","otlm.pharmso.ru","78.110.50.125","12616","RU"
"2019-02-22 11:40:07","http://otlm.pharmso.ru/de_DE/ZSJZYFE3065782/Rechnung/DOC/","offline","malware_download","doc|emotet|epoch1|Heodo","otlm.pharmso.ru","78.110.50.125","12616","RU"
"2019-02-20 13:10:02","http://otlm.pharmso.ru/Februar2019/EJGMRFJS8962743/Rech/Zahlung/","offline","malware_download","doc|emotet|epoch1|Heodo","otlm.pharmso.ru","78.110.50.125","12616","RU"
"2019-02-19 14:59:18","http://personit.ru/dA6Oi9YKR3/","offline","malware_download","emotet|epoch1|exe|Heodo","personit.ru","31.28.24.190","12616","RU"
"2019-02-15 19:49:05","http://port-vostochny.ru/company/Invoice/5839993372131/fNDH-UTv7_SMvffHRVw-0bl/","offline","malware_download","Emotet|Heodo","port-vostochny.ru","78.110.50.106","12616","RU"
"2019-02-13 19:23:04","http://port-vostochny.ru/document/Invoice/mEjvW-9yrE0_KXix-jk/","offline","malware_download","Emotet|Heodo","port-vostochny.ru","78.110.50.106","12616","RU"
"2019-02-11 12:30:04","http://port-vostochny.ru/Februar2019/TYPXGG4494638/gescanntes-Dokument/Rechnungszahlung/","offline","malware_download","Emotet|Heodo","port-vostochny.ru","78.110.50.106","12616","RU"
"2019-02-11 08:22:03","http://otdih-sevastopol.com/De/WWEOLYBSY9725635/Rechnungskorrektur/RECHNUNG/","offline","malware_download","","otdih-sevastopol.com","78.110.50.124","12616","RU"
"2019-02-08 21:43:07","http://pirates-mist.ru/jTHE_83-UHPJM/US/corporation/Invoice_number/trvyt-YYM_jKsCtva-sBp/","offline","malware_download","emotet|epoch1|Heodo","pirates-mist.ru","78.110.50.106","12616","RU"
"2019-02-07 08:42:28","http://otdih-sevastopol.com/Telekom/Rechnungen/01_19/","offline","malware_download","doc|emotet|heodo","otdih-sevastopol.com","78.110.50.124","12616","RU"
"2019-02-06 22:39:03","http://port-vostochny.ru/En/file/Ennqn-BPIFH_TwspntABc-3bT/","offline","malware_download","doc|emotet|epoch2|Heodo","port-vostochny.ru","78.110.50.106","12616","RU"
"2019-02-06 16:00:15","http://pirates-mist.ru/BMhrM_wdcxd-BwhKCk/Az3/Transactions/02_19/","offline","malware_download","emotet|epoch1|Heodo","pirates-mist.ru","78.110.50.106","12616","RU"
"2019-02-04 21:54:54","http://tradesovet.ru/EN_en/document/Iyqp-IH5N_yaLpwswKl-eF1/","offline","malware_download","doc|emotet|epoch2|Heodo","tradesovet.ru","83.69.230.34","12616","RU"
"2019-02-04 21:54:40","http://port-vostochny.ru/download/New_invoice/eOLd-i4YTi_pDVAw-H2I/","offline","malware_download","doc|emotet|epoch2|Heodo","port-vostochny.ru","78.110.50.106","12616","RU"
"2019-02-04 16:24:07","http://pirates-mist.ru/US/corporation/Invoice_number/ioclB-P9McX_npaZC-ht/","offline","malware_download","doc|emotet|epoch2|Heodo","pirates-mist.ru","78.110.50.106","12616","RU"
"2019-02-01 14:41:05","http://pirates-mist.ru/Tiln_mZtzk-SsAGQ/li6/Clients_Messages/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","pirates-mist.ru","78.110.50.106","12616","RU"
"2019-02-01 12:39:04","http://www.grantkulinar.ru/Eq2DcVTLnmu0SDMA/","offline","malware_download","emotet|epoch2|exe|Heodo","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-30 10:55:20","http://www.grantkulinar.ru/Rechnungs/01_19/","offline","malware_download","emotet|epoch1|Heodo","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-28 07:19:41","http://www.grantkulinar.ru/Vodafone/DE/RechnungOnline/012019/","offline","malware_download","Heodo","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-25 18:26:17","http://www.grantkulinar.ru/NCTIn4jMv/","offline","malware_download","emotet|epoch1|exe","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-23 14:44:21","http://www.grantkulinar.ru/AMAZON/DE/Kunden_informationen/01_19/","offline","malware_download","doc|emotet|epoch1","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-21 13:46:02","http://www.grantkulinar.ru/Amazon/DE/Kunden_Messages/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-21 13:44:11","http://grantkulinar.ru/Amazon/DE/Kunden_Messages/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-18 20:02:56","http://www.grantkulinar.ru/AaLL-70_iFWIrwpBW-nS/EXT/PaymentStatus/En_us/Document-needed/","offline","malware_download","doc|emotet|epoch2|Heodo","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-16 23:06:19","http://grantkulinar.ru/IkVs-kVdot_Yg-TB/PaymentStatus/US_us/Invoice-for-r/m-01/16/2019/","offline","malware_download","emotet|epoch2|Heodo","grantkulinar.ru","78.110.50.141","12616","RU"
"2019-01-16 19:22:11","http://www.grantkulinar.ru/IkVs-kVdot_Yg-TB/PaymentStatus/US_us/Invoice-for-r/m-01/16/2019/","offline","malware_download","emotet|epoch2|Heodo","www.grantkulinar.ru","78.110.50.141","12616","RU"
"2018-12-20 15:45:04","http://rospechati.su/Amazon/Transactions-details/12_18/","offline","malware_download","emotet|epoch1|Heodo","rospechati.su","77.87.208.21","12616","RU"
"2018-11-26 19:57:17","http://okna-43.ru/dmoidUy","offline","malware_download","emotet|epoch2|exe|Heodo","okna-43.ru","83.69.230.9","12616","RU"
"2018-11-19 20:05:01","http://www.tattomakeup.ru/scan/En/Invoice-3205025/","offline","malware_download","emotet|heodo","www.tattomakeup.ru","78.110.50.126","12616","RU"
"2018-11-12 20:33:06","http://samdog.ru/uuqFH8yY7L4S/biz/Privatkunden","offline","malware_download","doc|emotet|epoch2|Heodo","samdog.ru","78.110.50.115","12616","RU"
"2018-11-12 17:56:03","http://samdog.ru/uuqFH8yY7L4S/biz/Privatkunden/","offline","malware_download","doc|Heodo","samdog.ru","78.110.50.115","12616","RU"
"2018-11-09 19:11:02","http://samdog.ru/6SVN/identity/US/","offline","malware_download","doc|Heodo","samdog.ru","78.110.50.115","12616","RU"
"2018-11-09 18:16:16","http://samdog.ru/6SVN/identity/US","offline","malware_download","doc|emotet|Heodo","samdog.ru","78.110.50.115","12616","RU"
"2018-11-08 00:54:22","http://komservis-aktiv.ru/1HXJLCFJY/PAY/US/","offline","malware_download","doc|emotet|epoch2","komservis-aktiv.ru","31.28.24.129","12616","RU"
"2018-11-07 15:08:42","http://komservis-aktiv.ru/1HXJLCFJY/PAY/US","offline","malware_download","doc|emotet|heodo","komservis-aktiv.ru","31.28.24.129","12616","RU"
"2018-11-07 07:48:41","http://samdog.ru/56YVNRUCKG/PAY/Business","offline","malware_download","doc|emotet|heodo","samdog.ru","78.110.50.115","12616","RU"
"2018-10-01 12:54:37","http://www.tattomakeup.ru/scan/En/Invoice-3205025","offline","malware_download","doc|emotet|heodo","www.tattomakeup.ru","78.110.50.126","12616","RU"
"2018-09-26 05:09:29","http://malina43.ru/46IAKC/BIZ/Commercial","offline","malware_download","doc|emotet|Heodo","malina43.ru","78.110.50.118","12616","RU"
"2018-09-25 22:42:09","http://samdog.ru/US/Clients/09_18","offline","malware_download","doc|emotet|Heodo","samdog.ru","78.110.50.115","12616","RU"
"2018-09-24 04:52:46","http://gazvodstroy.ru/394715NKGYKS/WIRE/Personal","offline","malware_download","doc|emotet","gazvodstroy.ru","78.110.50.105","12616","RU"
"2018-09-19 04:24:05","http://avangard30.ru/40674FQDPLRUT/oamo/Business/","offline","malware_download","doc|emotet|epoch2","avangard30.ru","78.110.50.131","12616","RU"
"2018-09-14 09:12:37","http://avangard30.ru/40674FQDPLRUT/oamo/Business","offline","malware_download","doc|emotet|Heodo","avangard30.ru","78.110.50.131","12616","RU"
"2018-09-13 13:20:05","http://avangard30.ru/UiDWw/","offline","malware_download","exe|Heodo","avangard30.ru","78.110.50.131","12616","RU"
"2018-09-11 15:45:10","http://avangard30.ru/UiDWw","offline","malware_download","emotet|exe|Heodo","avangard30.ru","78.110.50.131","12616","RU"
"2018-09-06 03:12:11","http://atb-sz.ru/DOC/US_us/Invoices-Overdue/","offline","malware_download","doc|emotet|epoch2|Heodo","atb-sz.ru","78.110.50.154","12616","RU"
"2018-09-05 04:56:22","http://atb-sz.ru/DOC/US_us/Invoices-Overdue","offline","malware_download","doc|emotet|epoch2|Heodo","atb-sz.ru","78.110.50.154","12616","RU"
"2018-08-28 16:48:48","http://zavod-pt.com/T","offline","malware_download","emotet|exe|Heodo","zavod-pt.com","31.28.24.112","12616","RU"
"2018-08-24 10:19:17","http://gazvodstroy.ru/DOC/US/New-order","offline","malware_download","doc|emotet|heodo","gazvodstroy.ru","78.110.50.105","12616","RU"
"2018-08-22 22:19:06","http://9val.msk.ru/09M/ACH/US/","offline","malware_download","doc|emotet|Heodo","9val.msk.ru","78.110.50.154","12616","RU"
"2018-08-21 16:34:13","http://ar-vrn.ru/06EB/ACH/Commercial/","offline","malware_download","","ar-vrn.ru","78.110.50.111","12616","RU"
"2018-08-21 08:42:03","http://ar-vrn.ru/06EB/ACH/Commercial","offline","malware_download","doc|emotet|Heodo","ar-vrn.ru","78.110.50.111","12616","RU"
"2018-08-21 08:02:35","http://9val.msk.ru/09M/ACH/US","offline","malware_download","doc|emotet|heodo","9val.msk.ru","78.110.50.154","12616","RU"
"2018-08-17 03:33:30","http://ar-vrn.ru/WellsFargo/US/Aug-14-2018/","offline","malware_download","doc|emotet|Heodo","ar-vrn.ru","78.110.50.111","12616","RU"
"2018-08-09 05:15:25","http://gazvodstroy.ru/98DOIDOC/HRDK318866905SAXKHN/45891077639/XIB-WWSVE-Aug-09-2018","offline","malware_download","doc|emotet|Heodo","gazvodstroy.ru","78.110.50.105","12616","RU"
"2018-07-26 03:56:30","http://shr-amur.ru/sites/US_us/Open-invoices/Account-80066/","offline","malware_download","doc|emotet|epoch2|Heodo","shr-amur.ru","83.69.230.34","12616","RU"
"2018-07-02 13:55:29","http://vent-postavka.com/0IPz87qOj/","offline","malware_download","emotet|epoch1|Heodo|payload","vent-postavka.com","78.110.50.137","12616","RU"
"2018-06-28 05:37:41","http://vent-postavka.com/DETAILS/Rechnung-vom-27/06/2018","offline","malware_download","emotet|heodo","vent-postavka.com","78.110.50.137","12616","RU"
"2018-06-28 04:33:34","http://vent-postavka.com/DETAILS/Rechnung-vom-27/06/2018/","offline","malware_download","Heodo","vent-postavka.com","78.110.50.137","12616","RU"
"2018-06-22 21:35:02","http://vent-postavka.com/FORM/in-Rechnung-gestellt-Nr02024/","offline","malware_download","doc|emotet|Heodo","vent-postavka.com","78.110.50.137","12616","RU"
"2018-06-22 12:55:27","http://vent-postavka.com/FORM/in-Rechnung-gestellt-Nr02024","offline","malware_download","emotet|Heodo","vent-postavka.com","78.110.50.137","12616","RU"
"2018-05-31 10:02:05","http://obogrev.com.ru/Purolator-Shipment.zip","offline","malware_download","","obogrev.com.ru","78.110.50.110","12616","RU"
"2018-03-14 13:20:43","http://gazvodstroy.ru/Rechnung/","offline","malware_download","doc|Emotet|Heodo","gazvodstroy.ru","78.110.50.105","12616","RU"
# of entries: 153