##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 01:19:02 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS12824
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-06-27 05:50:13","http://serwer2494677.home.pl/bins/boatnet.arc","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:13","http://serwer2494677.home.pl/bins/boatnet.sh4","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.arm","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.arm5","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.arm6","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.arm7","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.m68k","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.mips","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.mpsl","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.ppc","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.spc","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/bins/boatnet.x86","offline","malware_download","elf|mirai|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-27 05:50:12","http://serwer2494677.home.pl/ohshit.sh","offline","malware_download","Mirai|sh|ua-wget","serwer2494677.home.pl","46.242.244.241","12824","PL"
"2025-06-18 10:26:17","https://zoltyszalik.org/?u=file","offline","malware_download","CHE|geofenced|spammed-by-tofsee|zip","zoltyszalik.org","46.242.238.136","12824","PL"
"2025-06-18 10:21:16","https://zoltyszalik.org/?u=script","offline","malware_download","CHE|geofenced|spammed-by-tofsee|zip","zoltyszalik.org","46.242.238.136","12824","PL"
"2024-10-15 06:28:10","http://46.41.138.23/Spotify.exe","offline","malware_download","AgentTesla","46.41.138.23","46.41.138.23","12824","PL"
"2024-10-15 06:28:09","http://46.41.138.23/putty.exe","offline","malware_download","","46.41.138.23","46.41.138.23","12824","PL"
"2024-06-08 17:08:07","http://79.96.65.212/pwnkit","offline","malware_download","pwnkit","79.96.65.212","79.96.65.212","12824","PL"
"2024-05-01 22:07:33","http://46.41.139.162/aaa","offline","malware_download","ConnectBack|elf","46.41.139.162","46.41.139.162","12824","PL"
"2024-03-14 11:26:08","https://sportessentia.home.pl/temp/crypted.exe","offline","malware_download","dropped-by-PrivateLoader|LummaStealer","sportessentia.home.pl","79.96.138.166","12824","PL"
"2023-10-18 06:40:11","https://obsessive.business/docs.php","offline","malware_download","gating|gootloader","obsessive.business","62.129.236.84","12824","PL"
"2023-09-18 13:39:07","https://informatyczny.expert/blog.php","offline","malware_download","gating|gootloader","informatyczny.expert","188.128.168.175","12824","PL"
"2022-08-09 15:05:06","https://progea4d.pl/waloryzacja-przyrodnicza-kamieniolomow-mydlniki-oraz-bodzow/","offline","malware_download","emotet","progea4d.pl","188.128.155.177","12824","PL"
"2022-05-18 21:34:04","http://dominiki.pl/forum/akfa6L4b/","offline","malware_download","emotet|exe|Heodo","dominiki.pl","79.96.57.219","12824","PL"
"2022-03-30 14:32:03","http://hmtpolska.home.pl/Trash/37/?i=1","offline","malware_download","c8fc17ff030feb3383d8889f69abbb|doc|emotet|epoch4|heodo|SilentBuilder","hmtpolska.home.pl","89.161.161.241","12824","PL"
"2022-03-30 14:25:05","http://hmtpolska.home.pl/Trash/37/","offline","malware_download","c8fc17ff030feb3383d8889f69abbb|emotet|epoch4|Heodo|redir-doc|SilentBuilder|xls","hmtpolska.home.pl","89.161.161.241","12824","PL"
"2021-12-23 09:55:11","http://sloneczkobb.pl/wp-admin/0d2qOvZADlR064/","offline","malware_download","emotet|epoch4|redir-doc|xls","sloneczkobb.pl","46.242.241.81","12824","PL"
"2021-12-23 02:00:10","https://skymaster.de/efqk/OQR5hro8b40FSzA315C1CEctXq/","offline","malware_download","emotet|epoch4|Heodo|SilentBuilder|xls","skymaster.de","188.128.238.40","12824","PL"
"2021-10-18 15:34:09","http://superheroes.pl/nullaet/documents.zip","offline","malware_download","SilentBuilder|TR|zip","superheroes.pl","46.242.145.97","12824","PL"
"2021-01-11 15:07:15","http://vegainwest.pl/uom2b4zog.rar","offline","malware_download","dll|Dridex","vegainwest.pl","46.242.233.46","12824","PL"
"2020-12-02 20:14:04","http://pralserwis.hts-targatz.de/js/kcfinder/themes/dark/36AbZeYcEWke4xj.php","offline","malware_download","dridex","pralserwis.hts-targatz.de","89.161.151.171","12824","PL"
"2020-11-10 18:41:05","http://www.nowemiasteczko.pl/cigpndrozhm/9401888.png","offline","malware_download","exe|qakbot|qbot|quakbot","www.nowemiasteczko.pl","212.85.113.3","12824","PL"
"2020-11-09 14:39:21","http://termek.pl/xprt3b.pdf","offline","malware_download","Dridex","termek.pl","79.96.117.39","12824","PL"
"2020-10-29 11:38:08","https://hurtokien.pl/customer/FILE/78qrpO5YSSC/","offline","malware_download","doc|emotet|epoch1|Heodo","hurtokien.pl","79.96.187.186","12824","PL"
"2020-10-26 14:41:09","https://prodvisor.pl/wp-includes/WCzyVjqQB6bFCOZ2j2L7dCeg2qxYqeBJRU/","offline","malware_download","doc|emotet|epoch2|Heodo","prodvisor.pl","46.242.245.86","12824","PL"
"2020-09-04 11:35:35","http://staniszczak.net/cpf/F/","offline","malware_download","emotet|epoch1|exe|Heodo","staniszczak.net","46.242.159.62","12824","PL"
"2020-09-03 23:07:05","http://visavis.com.pl/users/6gcd8N/","offline","malware_download","emotet|epoch2|exe|Heodo","visavis.com.pl","188.128.199.140","12824","PL"
"2020-08-27 23:14:07","http://staniszczak.net/cpf/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","staniszczak.net","46.242.159.62","12824","PL"
"2020-08-21 19:25:29","http://piotrowskimusic.pl/files/sites/676796/sno9hlrs6v0-00552/","offline","malware_download","doc|emotet|epoch3|Heodo","piotrowskimusic.pl","79.96.223.186","12824","PL"
"2020-08-21 16:37:33","http://www.bs2000.home.pl/navigator/available-zone/open-profile/rImnFGMcu4s9-hrJj3qnM4iNzw/","offline","malware_download","doc|emotet|epoch1|heodo","www.bs2000.home.pl","212.85.106.103","12824","PL"
"2020-08-20 11:06:19","http://urteste.com/wp-includes/common_resource/external_profile/2499079980411_UH8fBAITr4/","offline","malware_download","doc|emotet|epoch1|heodo","urteste.com","46.242.246.180","12824","PL"
"2020-08-19 16:05:06","http://www.bs2000.home.pl/navigator/IkwulMAU/","offline","malware_download","doc|emotet|epoch3|Heodo","www.bs2000.home.pl","212.85.106.103","12824","PL"
"2020-08-13 14:55:06","http://www.bs2000.home.pl/navigator/OCT/","offline","malware_download","doc|emotet|epoch2|heodo","www.bs2000.home.pl","212.85.106.103","12824","PL"
"2020-08-11 10:29:03","http://www.bs2000.home.pl/navigator/balance/","offline","malware_download","doc|emotet|epoch2|heodo","www.bs2000.home.pl","212.85.106.103","12824","PL"
"2020-08-11 09:46:04","http://dendi.pl/nutricia/multifunctional_resource/verified_4440848469_kgjVMkG/244882_VcaPLGg9/","offline","malware_download","doc|emotet|epoch1|heodo","dendi.pl","89.161.144.221","12824","PL"
"2020-08-06 17:52:33","http://piotrowskimusic.pl/FB/open_module/test_area/gV1HIQET9Hv_u6oLa9hmG2g/","offline","malware_download","doc|emotet|epoch1|Heodo|QuakBot","piotrowskimusic.pl","79.96.223.186","12824","PL"
"2020-08-04 16:17:50","http://www.decitum.com/qfvvcc/PZ19KO75k5.zip","offline","malware_download","Qakbot|Quakbot|zip","www.decitum.com","46.242.253.138","12824","PL"
"2020-08-04 16:11:37","http://www.decitum.com/qfvvcc/x9CGOwGH3R.zip","offline","malware_download","Qakbot|Quakbot|zip","www.decitum.com","46.242.253.138","12824","PL"
"2020-08-04 16:11:04","http://www.decitum.com/qfvvcc/U/7seFNc4J3.zip","offline","malware_download","Qakbot|Quakbot|zip","www.decitum.com","46.242.253.138","12824","PL"
"2020-07-31 13:53:03","http://piotrowskimusic.pl/templates_c/sites/","offline","malware_download","doc|emotet|epoch2|heodo","piotrowskimusic.pl","79.96.223.186","12824","PL"
"2020-07-22 15:45:32","http://roznorodnosc.pnwm.org/icpw67da/available-array/additional-profile/g5lGvD-ezkwbbwvHjt8q/","offline","malware_download","doc|emotet|epoch1|Heodo","roznorodnosc.pnwm.org","188.128.233.164","12824","PL"
"2020-07-17 17:41:27","http://psotm.pl/wp-includes/closed_zone/interior_area/963338392_kCrsPUBs/","offline","malware_download","doc|emotet|epoch1|heodo","psotm.pl","46.242.238.245","12824","PL"
"2020-06-23 19:37:33","http://orewbobolice.pl/odiwsyiwyk/p/47HGlISTA.zip","offline","malware_download","Qakbot|Quakbot|zip","orewbobolice.pl","79.96.140.177","12824","PL"
"2020-06-23 16:27:08","http://orewbobolice.pl/svlglmtdt/c/3t1utgQQU.zip","offline","malware_download","Qakbot|Quakbot|zip","orewbobolice.pl","79.96.140.177","12824","PL"
"2020-06-09 17:40:06","http://wegry.galeco.pl/hhxqxuwbbps/A/zOB7utZaa.zip","offline","malware_download","Qakbot|Quakbot|zip","wegry.galeco.pl","89.161.255.100","12824","PL"
"2020-06-09 15:01:13","http://wegry.galeco.pl/hhxqxuwbbps/w/valViB5eA.zip","offline","malware_download","Qakbot|Quakbot|zip","wegry.galeco.pl","89.161.255.100","12824","PL"
"2020-05-18 16:24:12","http://79.96.0.49/download/4500238599564355576.vbs","offline","malware_download","AgentTesla|encoded|vbs","79.96.0.49","79.96.0.49","12824","PL"
"2020-02-05 12:54:06","http://norbert.strzelecki.org/wp-includes/6jGh/","offline","malware_download","emotet|epoch2|exe|Heodo","norbert.strzelecki.org","46.242.246.76","12824","PL"
"2020-02-05 11:22:05","http://flexistyle.com.pl/js/protegido-seccion/831956149230-CBjEW4grRnZZM-831956149230-CBjEW4grRnZZM/18BgrBvclV-jgHMMwa9M321ta/","offline","malware_download","doc|emotet|epoch1|Heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2020-02-04 19:11:11","http://cvc.com.pl/pub/331351937320/","offline","malware_download","doc|emotet|epoch2|heodo","cvc.com.pl","212.85.96.113","12824","PL"
"2020-02-03 20:04:03","http://msspartners.pl/pub/common-zone/security-yn6zIFtRyW-gLMjgbjExTl/3fh-2260x43z7y2z26/","offline","malware_download","doc|emotet|epoch1|heodo","msspartners.pl","212.85.96.56","12824","PL"
"2020-01-30 21:56:03","http://cvc.com.pl/pub/personal-03131231-HUEsJZS/ayfi7-48u72gkdnaf9u-profile/6287342-1k07cpVibHw8W538/","offline","malware_download","doc|emotet|epoch1|Heodo","cvc.com.pl","212.85.96.113","12824","PL"
"2020-01-29 07:24:03","http://flexistyle.com.pl/js/attachments/","offline","malware_download","doc|emotet|epoch2|heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2020-01-29 06:31:03","http://msspartners.pl/pub/Reporting/uau9w40o/79042721793-2693-z1ndme33krh/","offline","malware_download","doc|emotet|epoch2|heodo","msspartners.pl","212.85.96.56","12824","PL"
"2020-01-24 06:33:04","http://cvc.com.pl/pub/hKVKcqUr/","offline","malware_download","emotet|epoch3|exe|Heodo","cvc.com.pl","212.85.96.113","12824","PL"
"2020-01-23 17:27:33","https://summe.pl/wp-admin/044753863918_cFn95AdDG94ZsDs_zone/GAeHztLW_OCVz1jIYLds9_cloud/nqytw09wwpqa_84t94/","offline","malware_download","doc|emotet|epoch1|Heodo|word2007","summe.pl","79.96.182.37","12824","PL"
"2020-01-23 06:33:06","http://flexistyle.com.pl/js/statement/dbyvnff8unaf/vgl-0001-19-0wdzj-m6ubpsdp/","offline","malware_download","doc|emotet|epoch2|heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2020-01-22 14:59:33","http://msspartners.pl/pub/dy9yy-fqpr-3644/","offline","malware_download","doc|emotet|epoch3|Heodo","msspartners.pl","212.85.96.56","12824","PL"
"2020-01-21 06:36:04","http://bwrose.pl/2015_bwrose_www/docs/nf-966757-393560118-vemwldow-alw767f8t2a/","offline","malware_download","doc|emotet|epoch2|heodo","bwrose.pl","89.161.133.218","12824","PL"
"2020-01-21 06:33:03","http://f-plast.pl/pub/wdeq-73-131338/","offline","malware_download","doc|emotet|epoch3|heodo","f-plast.pl","79.96.27.202","12824","PL"
"2020-01-21 06:07:02","http://flexistyle.com.pl/js/swift/myuftm/4iqds3c-575-06069-aq6j11-af6i9dz0hqyq/","offline","malware_download","doc|emotet|epoch2|Heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2020-01-20 08:53:03","http://msspartners.pl/pub/Reporting/3-615439800-7595-n99ww9-jx22an/","offline","malware_download","doc|emotet|epoch2|heodo","msspartners.pl","212.85.96.56","12824","PL"
"2020-01-16 22:16:05","http://cvc.com.pl/pub/closed-section/security-warehouse/425579568637-fWqJI/","offline","malware_download","doc|emotet|epoch1|Heodo","cvc.com.pl","212.85.96.113","12824","PL"
"2020-01-16 22:06:04","http://demetrio.pl/images/private_84y2h7_7t2dd/open_w8k4od3r6pbt_cx5z4/rn5f3iCO_g2o3l6sj/","offline","malware_download","doc|emotet|epoch1|Heodo","demetrio.pl","188.128.171.245","12824","PL"
"2020-01-16 21:51:08","http://bwrose.pl/2015_bwrose_www/protected_resource/close_chP5Q_1QEsysxlTc/0608265426040_DfvjFHS8nPKcx9jL/","offline","malware_download","doc|emotet|epoch1|Heodo","bwrose.pl","89.161.133.218","12824","PL"
"2020-01-16 21:34:03","http://f-plast.pl/pub/Overview/mvcl-925-34547227-jl5gklrj0qv-v63zyco79ita/","offline","malware_download","doc|emotet|epoch2|heodo","f-plast.pl","79.96.27.202","12824","PL"
"2020-01-16 21:27:04","http://flexistyle.com.pl/pub/OD3l-mZXF4Y6G-module/security-area/083269430-Xt8ieI/","offline","malware_download","doc|emotet|epoch1|Heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2020-01-14 13:52:42","https://dmt.waw.pl/a/vgoijw-pe7bqxyrg-9521243287/","offline","malware_download","emotet|epoch3|exe|Heodo","dmt.waw.pl","62.129.211.30","12824","PL"
"2019-12-20 05:32:02","http://polandpresents.info/libraries/personal-651994924-X7V6myRRAG/corporate-737079-fKT1mrk/pYnBz5M-n1dNzvbmG8mzjo/","offline","malware_download","doc|emotet|epoch1|Heodo","polandpresents.info","62.129.209.7","12824","PL"
"2019-12-19 13:40:10","http://max-alarm.pl/wp-includes/6N/","offline","malware_download","emotet|epoch2|exe","max-alarm.pl","212.85.96.113","12824","PL"
"2019-12-19 07:43:05","https://autowache.pl/1/aperto_risorsa/speciali_profilo/cdb02_1z8173410yxv/","offline","malware_download","doc|emotet|epoch1|Heodo","autowache.pl","46.242.238.20","12824","PL"
"2019-12-19 03:20:03","http://ojwiosna.krusznia.org/wp-contentgalleryedycja-2016/invoice/","offline","malware_download","doc|emotet|epoch1|epoch2|heodo","ojwiosna.krusznia.org","79.96.23.208","12824","PL"
"2019-12-18 22:22:04","http://mistransport.pl/pub/closed-module/interior-cloud/27322188698-3tD2bO/","offline","malware_download","doc|emotet|epoch1|Heodo","mistransport.pl","79.96.73.208","12824","PL"
"2019-12-18 21:48:03","http://prestigebroker.com.pl/pub/attachments/","offline","malware_download","doc|emotet|epoch2|heodo","prestigebroker.com.pl","89.161.193.203","12824","PL"
"2019-12-17 06:27:05","http://polandpresents.info/libraries/statement/i6bkyofwihoo/t22f7j-757073672-96-504wghr-so1m/","offline","malware_download","doc|emotet|epoch2|heodo","polandpresents.info","62.129.209.7","12824","PL"
"2019-12-17 04:00:03","http://flexistyle.com.pl/js/nkcZU-2sXPtH-36724/","offline","malware_download","doc|emotet|epoch3|heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2019-12-17 03:54:02","http://dach-dom.com/NEWFEDERACJA/attachments/uv-678-514173068-v2a8rl3o-c3qz4nilpduc/","offline","malware_download","doc|emotet|epoch2|heodo","dach-dom.com","46.242.247.248","12824","PL"
"2019-12-13 12:01:02","http://msspartners.pl/pub/protected_module/external_5PsYIAs_IQBxrkk3/tnwa4l7vadg_9y0wtx399zx/","offline","malware_download","doc|Emotet|Heodo","msspartners.pl","212.85.96.56","12824","PL"
"2019-12-13 11:36:05","http://msspartners.pl/pub/protected_module/external_5PsYIAs_IQBxrkk3/tnwa4l7vadg_9y0wtx399zx//","offline","malware_download","doc|emotet|epoch1|Heodo","msspartners.pl","212.85.96.56","12824","PL"
"2019-12-13 04:28:04","http://brettonfoods.pl/pub/mvUT/","offline","malware_download","doc|emotet|epoch3|heodo","brettonfoods.pl","89.161.200.248","12824","PL"
"2019-12-13 03:53:02","http://bwrose.pl/2015_bwrose_www/docs/","offline","malware_download","doc|emotet|epoch2|heodo","bwrose.pl","89.161.133.218","12824","PL"
"2019-12-13 02:43:03","http://cvc.com.pl/extras/attachments/98q8yij3/","offline","malware_download","doc|emotet|epoch2|heodo","cvc.com.pl","212.85.96.113","12824","PL"
"2019-12-13 02:03:02","http://dach-dom.com/NEWFEDERACJA/Document/","offline","malware_download","doc|emotet|epoch2|heodo","dach-dom.com","46.242.247.248","12824","PL"
"2019-12-13 01:58:04","http://demetrio.pl/images/browse/invrbhf/","offline","malware_download","doc|emotet|epoch2|heodo","demetrio.pl","188.128.171.245","12824","PL"
"2019-12-13 01:02:04","http://f-plast.pl/pub/fj0s-i984g-470112/","offline","malware_download","doc|emotet|epoch3|heodo","f-plast.pl","79.96.27.202","12824","PL"
"2019-12-13 00:17:02","http://flexistyle.com.pl/js/eTrac/as6t66gfng/0ji91dwoo-61945811-373606583-fkdq-brzuy0d/","offline","malware_download","doc|emotet|epoch2|heodo","flexistyle.com.pl","212.85.96.51","12824","PL"
"2019-12-12 22:59:02","http://kancelariajp.pl/pub/OCT/gi5rs661i7/1sflmsypzr-1091035875-621637-696ey7w9y-3kv6tx/","offline","malware_download","doc|emotet|epoch2|heodo","kancelariajp.pl","89.161.236.56","12824","PL"
"2019-12-12 22:04:03","http://inforun.pl/pub/FILE/8agkp-92573-1356-6x0isht-rezp/","offline","malware_download","doc|emotet|epoch2|heodo","inforun.pl","79.96.196.94","12824","PL"
"2019-12-12 17:42:08","http://polandpresents.info/libraries/65284EU/","offline","malware_download","emotet|epoch2|exe|Heodo","polandpresents.info","62.129.209.7","12824","PL"
"2019-12-06 16:40:05","http://rmcentre.bigfilmproduction.com/wp-includes/LrOqh/","offline","malware_download","emotet|epoch2|exe|Heodo","rmcentre.bigfilmproduction.com","46.242.232.155","12824","PL"
"2019-12-06 13:36:08","http://recreate.bigfilmproduction.com/wp-includes/2x8vf9j1507/","offline","malware_download","emotet|epoch1|exe|Heodo","recreate.bigfilmproduction.com","46.242.232.155","12824","PL"
"2019-11-09 18:28:59","http://pbcenter.home.pl/REDIRS/53o4p89/","offline","malware_download","emotet|epoch1|exe|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2019-11-01 19:07:01","http://pbcenter.home.pl/pbc/iZRwLwNJqckuGyWtTELun/","offline","malware_download","doc|emotet|epoch2|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2019-11-01 13:50:19","http://ksiaznica.torun.pl/wp-content/x/","offline","malware_download","emotet|epoch2|exe|Heodo","ksiaznica.torun.pl","89.161.252.212","12824","PL"
"2019-10-28 15:51:05","http://ksiaznica.torun.pl/wp-content/7be/","offline","malware_download","emotet|epoch2|exe|Heodo","ksiaznica.torun.pl","89.161.252.212","12824","PL"
"2019-10-23 19:15:56","http://clearenergy.pl/wp-admin/enl3t-lklwtk-79/","offline","malware_download","emotet|epoch3|exe|Heodo","clearenergy.pl","46.242.240.19","12824","PL"
"2019-10-15 07:25:17","http://pbcenter.home.pl/pbc/ib3k/","offline","malware_download","Emotet|epoch2|exe|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2019-09-26 13:56:03","http://momentum.noworudzianin.pl/wp-content/plugins/fonts/Tuesday.exe","offline","malware_download","AgentTesla|exe","momentum.noworudzianin.pl","46.242.243.40","12824","PL"
"2019-09-25 11:12:05","http://momentum.noworudzianin.pl//wp-content/plugins/fonts/Tuesday.exe","offline","malware_download","AgentTesla|exe","momentum.noworudzianin.pl","46.242.243.40","12824","PL"
"2019-09-17 21:52:12","http://pbcenter.home.pl/ML/lm/mdIRvmLUs/","offline","malware_download","doc|emotet|epoch2|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2019-09-16 15:18:04","https://pklgroup.pl/meta/uTMPayYYZdGnjoSOVDrSHtBdtKMEUi/","offline","malware_download","doc|Emotet|epoch2|Heodo","pklgroup.pl","46.242.241.233","12824","PL"
"2019-08-24 05:16:07","http://ecocolor.pl/wp-admin/css/colors/blue/doc.zip","offline","malware_download","zip","ecocolor.pl","46.242.233.180","12824","PL"
"2019-08-24 04:15:04","http://conci.pl/2/wp-admin/css/colors/blue/1c.jpg","offline","malware_download","exe","conci.pl","46.242.233.180","12824","PL"
"2019-07-05 09:31:12","http://swieradowbiega.pl/wp-content/themes/twentyfourteen/css/1c.jpg","offline","malware_download","exe|Troldesh","swieradowbiega.pl","89.161.231.117","12824","PL"
"2019-07-02 02:41:02","http://cembritbold.pl/cembritbold/public/cembritbold/download/Windows_Run.zip","offline","malware_download","bat|zip","cembritbold.pl","212.85.126.70","12824","PL"
"2019-05-29 21:11:02","http://swiat-ksiegowosci.pl/attachments/lm/tvjOgMVPKXSOHfTuTiuhhhCxU/","offline","malware_download","doc|emotet|epoch2|Heodo","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-05-28 23:21:02","http://grafikomp-web.pl/images/paclm/qz9gnqox86a836cnaqmi34dpk_z1w9s07-6758905517/","offline","malware_download","doc|emotet|epoch2|Heodo","grafikomp-web.pl","79.96.72.31","12824","PL"
"2019-05-28 20:39:03","http://pbcenter.home.pl/pbc/sites/PUxCKmLk/","offline","malware_download","doc|emotet|epoch2|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2019-05-28 19:19:03","http://qualitec.pl/images/INC/832x74abrffu77vfdt_05vnmis-7201257285/","offline","malware_download","doc|emotet|epoch2|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-05-26 17:34:32","http://szkolenia.pgbhr.com/DIRECTS/IJA.EXE","offline","malware_download","exe","szkolenia.pgbhr.com","89.161.194.139","12824","PL"
"2019-05-26 15:43:32","http://szkolenia.pgbhr.com/directs/harrycry.exe","offline","malware_download","exe","szkolenia.pgbhr.com","89.161.194.139","12824","PL"
"2019-05-21 08:08:26","http://moolo.pl/pub/NauVcJcbPH/","offline","malware_download","emotet|epoch2|exe|Heodo","moolo.pl","188.128.160.48","12824","PL"
"2019-05-16 14:44:25","http://cebiro.com/wp-snapshots/paclm/aucDwidPpIdoSULVOHNDpxhI/","offline","malware_download","doc|emotet|epoch2|Heodo","cebiro.com","89.161.150.218","12824","PL"
"2019-05-15 10:35:04","http://weseleopole.pl/wp-content/esp/MhYFThDgwjpSCpqovlBDVJdVjOzow/","offline","malware_download","doc|emotet|epoch2|Heodo","weseleopole.pl","46.242.253.129","12824","PL"
"2019-05-07 21:24:05","http://dekormc.pl/images/adwRp-R0oVcX7Ck8K9Hb_OJXOXuZe-fvg/","offline","malware_download","doc|emotet|epoch1|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2019-05-01 15:47:08","http://dj-joker.pl/etc/Scan/o7Zvz3HN/","offline","malware_download","Emotet|Heodo","dj-joker.pl","46.242.247.66","12824","PL"
"2019-04-30 18:29:04","http://qualitec.pl/images/FILE/fHn6q8j7qKIF/","offline","malware_download","doc|emotet|epoch2|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-04-30 17:42:02","http://cupartner.pl/pub/secure.accounts.docs.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","cupartner.pl","79.96.133.187","12824","PL"
"2019-04-24 20:11:08","http://swiat-ksiegowosci.pl/attachments/Document/5OPeWvisGPV/","offline","malware_download","Emotet|Heodo","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-04-23 21:54:02","http://qualitec.pl/images/IbZf-DhxY86DPSuUKI2_KPeuiNEJ-FU/","offline","malware_download","doc|emotet|epoch1|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-04-23 21:12:03","http://grafikomp-web.pl/newfolde_r/Document/FQWQAVrb/","offline","malware_download","Emotet|Heodo","grafikomp-web.pl","79.96.72.31","12824","PL"
"2019-04-23 21:00:03","http://pbcenter.home.pl/pbc/FILE/p9yIqYZN3/","offline","malware_download","Emotet|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2019-04-23 15:25:04","http://cupartner.pl/izabela.gil/DOC/9OMmfxHPyRRq/","offline","malware_download","Emotet|Heodo","cupartner.pl","79.96.133.187","12824","PL"
"2019-04-22 19:25:02","http://moolo.pl/pub/INC/Rkw4RGtmAx/","offline","malware_download","Emotet|Heodo","moolo.pl","188.128.160.48","12824","PL"
"2019-04-18 21:39:04","http://lim-pol.pl/z77awp4/PonE-xWyCuTWDlvlq3Q_HRktCWJdx-0U/","offline","malware_download","doc|emotet|epoch1","lim-pol.pl","46.242.244.86","12824","PL"
"2019-04-18 18:53:02","http://cupartner.pl/izabela.gil/HXJF-lUiw9kOIxstVW4_qILJKxaT-0n/","offline","malware_download","doc|emotet|epoch1","cupartner.pl","79.96.133.187","12824","PL"
"2019-04-18 18:04:16","http://kamel.com.pl/wp-content/NPGwM-Z3oZRtlIA3egff_RpSzXHHmz-DmJ/","offline","malware_download","doc|emotet|epoch1","kamel.com.pl","212.85.104.199","12824","PL"
"2019-04-18 09:07:03","http://mistransport.pl/pub/OQMIW-lE4nDG4SD5I0c1D_UDTRuuZO-pV9/","offline","malware_download","doc|emotet|epoch1","mistransport.pl","79.96.73.208","12824","PL"
"2019-04-17 23:36:08","http://moolo.pl/pub/LLC/SvLMHTEK/","offline","malware_download","doc|emotet|epoch2","moolo.pl","188.128.160.48","12824","PL"
"2019-04-16 13:50:12","http://cupartner.pl/izabela.gil/JrhYj-q2M6V3veMKHibY_MdQlmmzJ-eL/","offline","malware_download","doc|emotet|epoch1|Heodo","cupartner.pl","79.96.133.187","12824","PL"
"2019-04-16 13:23:03","http://cipherme.pl/shell/qepa-bgoas2-yfdprkc/","offline","malware_download","Emotet|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2019-04-16 13:20:05","http://cipherme.pl/shell/wzXB-NJjaRBl9TKeb2FO_tKbPrJqx-iV/uu159ad-4jkh5m-xmio/","offline","malware_download","doc|emotet|epoch2|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2019-04-16 13:16:02","http://cipherme.pl/reception/j0ve36-i3ptt-lqcc/","offline","malware_download","doc|emotet|epoch2|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2019-04-16 07:36:03","http://kamel.com.pl/wp-content/h1qke-ie0ps-krfyo/","offline","malware_download","doc|emotet|epoch2|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-04-16 05:59:27","http://swiat-ksiegowosci.pl/attachments/u80natm-ekya9-awqdxsz/","offline","malware_download","Emotet|Heodo","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-04-16 05:39:02","http://qualitec.pl/images/g6x8oo-id68z-dqsno/","offline","malware_download","Emotet|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-04-13 07:05:46","http://dekormc.pl/pub/YtPQ-X0rgEsEjZHtPEN_tJdDwvHsm-hI/","offline","malware_download","Emotet|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2019-04-11 08:17:06","http://kamel.com.pl/wp-content/gmmosm-d8h06-uuxcqdi/","offline","malware_download","Emotet|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-04-11 08:09:08","http://cupartner.pl/izabela.gil/h_se/","offline","malware_download","emotet|epoch2|exe|Heodo","cupartner.pl","79.96.133.187","12824","PL"
"2019-04-10 21:30:12","http://dekormc.pl/pub/FNgvz-9nGKAHzjudqqeTv_weGawwdq-9r/","offline","malware_download","doc|emotet|epoch1|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2019-04-10 21:28:04","http://swiat-ksiegowosci.pl/attachments/Tbkme-I6ICJ4xwnvX5IcZ_ZthJMRlIR-W70/","offline","malware_download","doc|emotet|epoch1|Heodo","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-04-10 20:05:04","http://cipherme.pl/shell/wzXB-NJjaRBl9TKeb2FO_tKbPrJqx-iV/","offline","malware_download","doc|emotet|epoch1|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2019-04-10 14:28:05","http://qualitec.pl/images/ySKQ-XXrRaJtiutdHn7_mKhejIcdT-Ho/","offline","malware_download","Emotet|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-04-08 19:45:05","http://swiat-ksiegowosci.pl/attachments/KvTHi-ivzVNTQCUbrEby_jReXpvuXL-kd/","offline","malware_download","doc|emotet|epoch1|Heodo","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-04-08 09:40:05","http://qualitec.pl/images/1so1io-30hj8p-djfovuw/","offline","malware_download","Emotet|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-04-06 01:45:16","http://kamel.com.pl/wp-content/FSeC-cNkmIVOdZw9DKOC_eUvCqbiWa-d1V/","offline","malware_download","Emotet|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-04-05 20:12:17","http://qualitec.pl/images/wsue-iFySOmtNXYDt7u_xQzmkyZx-nN/","offline","malware_download","emotet|epoch1|Heodo","qualitec.pl","89.161.211.174","12824","PL"
"2019-04-03 05:17:08","http://cupartner.pl/izabela.gil/secure.accs.send.net/","offline","malware_download","doc|emotet|epoch1|Heodo","cupartner.pl","79.96.133.187","12824","PL"
"2019-04-02 15:38:22","http://content24.pl/wp-snapshots/secure.accounts.docs.com/","offline","malware_download","emotet|epoch1|Heodo","content24.pl","79.96.147.111","12824","PL"
"2019-03-28 18:47:04","http://kamel.com.pl/wp-content/nvMP-p8XW4_hdgnjaQv-dg/","offline","malware_download","doc|emotet|epoch2|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-03-26 18:26:07","http://kamel.com.pl/wp-content/fzp5513-5w3hlvh-tuiiwhe/","offline","malware_download","doc|emotet|epoch2|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-03-21 15:20:02","http://kamel.com.pl/wp-content/2a8f-0imsul-ruzjl/","offline","malware_download","Emotet|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-03-21 10:40:05","http://dekormc.pl/pub/1a1797q-9x15g3n-eojxkb/","offline","malware_download","Emotet|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2019-03-21 01:01:02","http://swiat-ksiegowosci.pl/attachments/sendincencrypt/service/trust/en_EN/032019/","offline","malware_download","emotet|epoch1|Heodo","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-03-20 23:58:02","http://swiat-ksiegowosci.pl/attachments/sendincsecure/legal/trust/EN/2019-03/","offline","malware_download","doc|emotet|epoch1|Heodo|Zegost","swiat-ksiegowosci.pl","212.85.122.198","12824","PL"
"2019-03-15 00:33:03","http://mistransport.pl/sass/verif.myacc.send.biz/","offline","malware_download","doc|Emotet|Heodo","mistransport.pl","79.96.73.208","12824","PL"
"2019-03-14 17:55:02","http://kamel.com.pl/wp-content/jee8j-r6t06-kkmaz/","offline","malware_download","doc|emotet|epoch2|Heodo","kamel.com.pl","212.85.104.199","12824","PL"
"2019-03-13 19:34:02","http://przedszkoleps.pl/templates/dd_kidsschool_23/themes/default/msg.jpg","offline","malware_download","exe|Troldesh","przedszkoleps.pl","79.96.166.169","12824","PL"
"2019-03-13 19:32:03","http://przedszkoleps.pl/templates/dd_kidsschool_23/themes/default/msges.jpg","offline","malware_download","exe|Troldesh","przedszkoleps.pl","79.96.166.169","12824","PL"
"2019-03-13 18:08:07","http://przedszkoleps.pl/templates/dd_kidsschool_23/themes/default/stroi-industr.zip","offline","malware_download","zip","przedszkoleps.pl","79.96.166.169","12824","PL"
"2019-03-13 13:45:34","http://tb.ostroleka.pl/templates/siteground12/images/tehnikol.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-03-13 13:45:30","http://tb.ostroleka.pl/templates/siteground12/images/stroi-industr.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-03-13 13:45:09","http://przedszkoleps.pl/templates/dd_kidsschool_23/themes/default/tehnikol.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","przedszkoleps.pl","79.96.166.169","12824","PL"
"2019-03-12 11:26:00","http://www.wsu.pl/templates/atomic/addons/demo_panel/images/reso.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","www.wsu.pl","188.128.255.251","12824","PL"
"2019-03-12 11:22:40","http://tb.ostroleka.pl/templates/siteground12/css/reso.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-03-12 09:02:02","http://wsu.pl/templates/atomic/addons/demo_panel/images/msg.jpg","offline","malware_download","exe","wsu.pl","188.128.255.251","12824","PL"
"2019-03-12 08:57:04","http://www.wsu.pl/templates/atomic/js/msg.jpg","offline","malware_download","exe|Troldesh","www.wsu.pl","188.128.255.251","12824","PL"
"2019-03-12 01:34:29","http://www.wsu.pl/templates/atomic/js/kia.zip","offline","malware_download","js|RUS|Troldesh|zip","www.wsu.pl","188.128.255.251","12824","PL"
"2019-03-12 01:34:26","http://tb.ostroleka.pl/templates/siteground12/css/kia.zip","offline","malware_download","js|RUS|Troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-03-12 01:33:01","http://www.wsu.pl/templates/atomic/js/major.zip","offline","malware_download","js|RUS|Troldesh|zip","www.wsu.pl","188.128.255.251","12824","PL"
"2019-03-12 01:32:58","http://tb.ostroleka.pl/templates/siteground12/css/major.zip","offline","malware_download","js|RUS|Troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-03-07 16:59:11","http://senmat.com/css/sendincsec/messages/question/En/03-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","senmat.com","212.85.106.177","12824","PL"
"2019-03-06 08:03:45","http://tb.ostroleka.pl/templates/siteground12/css/GKPIK.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-02-25 13:36:51","http://bkm-adwokaci.pl/res/Apple/support/verif/de_DE/02-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","bkm-adwokaci.pl","62.129.238.44","12824","PL"
"2019-02-23 23:50:20","http://tb.ostroleka.pl/templates/siteground12/css/pic.zip","offline","malware_download","compressed|exe|javascript|payload|ransomware|Shade|stage2|TrolDesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-02-23 23:50:20","http://tb.ostroleka.pl/templates/siteground12/css/pik.zip","offline","malware_download","compressed|exe|javascript|payload|ransomware|Shade|stage2|TrolDesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-02-23 23:50:19","http://tb.ostroleka.pl/templates/siteground12/css/msg.jpg","offline","malware_download","compressed|exe|javascript|payload|ransomware|Shade|stage2|TrolDesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-02-22 16:11:22","http://kostrzewapr.pl/ww4w/file/New_invoice/xlABM-8iP_WgGcAABXA-1E/","offline","malware_download","emotet|epoch2|Heodo","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-02-22 15:51:04","http://kostrzewapr.pl/ww4w/file/New_invoice/xlABM-8iP_WgGcAABXA-1E//","offline","malware_download","Emotet|Heodo","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-02-22 14:37:08","http://bkm-adwokaci.pl/res/Inv/xDPv-TrKM_HlCY-DsB/","offline","malware_download","Emotet|Heodo","bkm-adwokaci.pl","62.129.238.44","12824","PL"
"2019-02-21 09:55:03","http://lazell.pl/wp-includes/de_DE/FBLWXUCY2886002/Rechnungs/FORM/","offline","malware_download","Emotet|Heodo","lazell.pl","62.129.225.249","12824","PL"
"2019-02-21 03:59:39","http://apartamentyeuropa.pl/company/online/sec/view/BtLRIjX59vLoYlIaup7YYwMx/","offline","malware_download","doc|emotet|epoch1|Heodo","apartamentyeuropa.pl","188.128.255.251","12824","PL"
"2019-02-20 16:03:27","http://kostrzewapr.pl/css/organization/online_billing/billing/secur/view/hKWKk56SJmIoylKQn1KT7/","offline","malware_download","doc|emotet|epoch1|Heodo","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-02-20 14:19:04","http://bkm-adwokaci.pl/res/EN_en/llc/New_invoice/Yypxo-mu_wq-ubK/","offline","malware_download","Emotet|Heodo","bkm-adwokaci.pl","62.129.238.44","12824","PL"
"2019-02-20 10:40:26","http://lazell.pl/wp-includes/DE_de/MCQRSXA6896107/DE_de/DOC-Dokument/","offline","malware_download","emotet|epoch1|Heodo","lazell.pl","62.129.225.249","12824","PL"
"2019-02-18 15:39:27","http://kostrzewapr.pl/css/de_DE/TDXIKZH6760304/Rechnungskorrektur/Rechnungsanschrift/","offline","malware_download","emotet|epoch2|Heodo|Tinba","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-02-16 04:40:10","http://www.wsu.pl/templates/atomic/images/blog_images/messg.jpg","offline","malware_download","exe|payload|ransomware|stage2|TrolDesh","www.wsu.pl","188.128.255.251","12824","PL"
"2019-02-15 22:57:03","http://www.wsu.pl/templates/atomic/addons/demo_panel/images/messg.jpg","offline","malware_download","exe|payload|ransomware|stage2|TrolDesh","www.wsu.pl","188.128.255.251","12824","PL"
"2019-02-15 22:06:59","http://lazell.pl/wp-includes/Amazon/Transaction_details/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","lazell.pl","62.129.225.249","12824","PL"
"2019-02-14 15:19:01","http://kostrzewapr.pl/css/En_us/RKgIj-oF4_dC-JEq/","offline","malware_download","Emotet|Heodo","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-02-14 13:35:53","http://www.vetcruzverde.es/Telekom/Transaktion/012019/","offline","malware_download","doc|emotet|epoch1|Heodo","www.vetcruzverde.es","46.242.240.21","12824","PL"
"2019-02-14 07:54:03","http://bkm-adwokaci.pl/res/En/Copy_Invoice/NexAt-nx_dWYibmDm-G2k/","offline","malware_download","Emotet|Heodo","bkm-adwokaci.pl","62.129.238.44","12824","PL"
"2019-02-12 14:04:06","http://kostrzewapr.pl/css/EN_en/LUEQ-03j_HcgPoYnh-S1P/","offline","malware_download","Emotet|Heodo","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-02-11 20:26:09","http://dwdsystem.home.pl/css/secure.accounts.send.net/","offline","malware_download","doc|emotet|epoch1|Heodo","dwdsystem.home.pl","212.85.119.104","12824","PL"
"2019-02-09 22:23:03","http://tb.ostroleka.pl/templates/siteground12/css/messg.jpg","offline","malware_download","compressed|exe|javascript|loader|payload|ransomware|share|stage1|stage2|troldesh|zip","tb.ostroleka.pl","62.129.198.194","12824","PL"
"2019-02-06 22:39:28","http://kostrzewapr.pl/css/ATTBusiness/d3Qd_54Xb3a_RMjSnCx/","offline","malware_download","doc|emotet|epoch1|Heodo","kostrzewapr.pl","46.242.241.212","12824","PL"
"2019-01-22 15:32:14","http://agatawierzbicka.com/MdM5N5SCi/","offline","malware_download","emotet|epoch1|Heodo","agatawierzbicka.com","46.242.177.30","12824","PL"
"2019-01-22 12:33:06","http://agatawierzbicka.com//MdM5N5SCi/","offline","malware_download","emotet|epoch1|exe|Heodo","agatawierzbicka.com","46.242.177.30","12824","PL"
"2019-01-18 22:49:09","http://rozwijamy.biz/wp-content/uploads/flwe-3yXO_TTxLoNHf-YI/EXT/PaymentStatus/US/Companies-Invoice-16854071/","offline","malware_download","doc|emotet|epoch2|Heodo","rozwijamy.biz","89.161.251.246","12824","PL"
"2018-12-18 23:58:58","http://busferie.pl/pFEf-dZIOwMwAfDyK8l3_yXuvheJlH-g8q/","offline","malware_download","emotet|epoch1|Heodo","busferie.pl","89.161.149.194","12824","PL"
"2018-12-18 13:51:37","http://www.busferie.pl/pFEf-dZIOwMwAfDyK8l3_yXuvheJlH-g8q/","offline","malware_download","doc|emotet|heodo","www.busferie.pl","89.161.149.194","12824","PL"
"2018-12-14 16:23:45","http://nierada.net/qZaD-JXl3uSaZOlw3ll_HEzbYOMQ-lk/","offline","malware_download","emotet|epoch2|Heodo","nierada.net","212.85.124.183","12824","PL"
"2018-12-13 18:59:02","http://nierada.net//invoices/589665763560/FILE/En_us/Scan","offline","malware_download","doc","nierada.net","212.85.124.183","12824","PL"
"2018-12-13 09:57:02","http://pbcenter.home.pl//ACH/PaymentInfo/Corporation/US_us/Document-needed","offline","malware_download","doc","pbcenter.home.pl","62.129.201.213","12824","PL"
"2018-12-12 19:37:07","http://spina.pl/wordpress/EN_US/Clients_information/2018-12/","offline","malware_download","emotet|epoch1|Heodo","spina.pl","46.242.252.29","12824","PL"
"2018-12-12 15:38:18","http://pbcenter.home.pl/ACH/PaymentInfo/Corporation/US_us/Document-needed/","offline","malware_download","emotet|epoch2|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2018-12-12 15:38:15","http://nierada.net/invoices/589665763560/FILE/En_us/Scan/","offline","malware_download","emotet|epoch2|Heodo","nierada.net","212.85.124.183","12824","PL"
"2018-12-12 15:13:22","http://zs11.koszalin.pl/wp-admin/includes/3","offline","malware_download","","zs11.koszalin.pl","89.161.146.27","12824","PL"
"2018-12-12 15:13:21","http://zs11.koszalin.pl/wp-admin/includes/1","offline","malware_download","","zs11.koszalin.pl","89.161.146.27","12824","PL"
"2018-12-12 15:13:21","http://zs11.koszalin.pl/wp-admin/includes/2","offline","malware_download","","zs11.koszalin.pl","89.161.146.27","12824","PL"
"2018-12-11 05:44:09","http://moolo.pl/Telekom/RechnungOnline/112018/","offline","malware_download","doc|emotet|epoch1|Heodo","moolo.pl","188.128.160.48","12824","PL"
"2018-12-11 04:01:13","http://sylwiaurban.pl/images/Telekom/Rechnungen/112018","offline","malware_download","emotet|epoch1","sylwiaurban.pl","79.96.86.54","12824","PL"
"2018-12-10 23:51:18","http://pbcenter.home.pl/3573529/SurveyQuestionsnewsletter/US_us/643-58-323227-737-643-58-323227-033/","offline","malware_download","doc|emotet|epoch2|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2018-12-10 16:08:02","http://pbcenter.home.pl//3573529/SurveyQuestionsnewsletter/US_us/643-58-323227-737-643-58-323227-033","offline","malware_download","doc","pbcenter.home.pl","62.129.201.213","12824","PL"
"2018-12-10 15:36:22","http://pbcenter.home.pl/3573529/SurveyQuestionsnewsletter/US_us/643-58-323227-737-643-58-323227-033","offline","malware_download","emotet|epoch2","pbcenter.home.pl","62.129.201.213","12824","PL"
"2018-12-10 15:07:25","http://nierada.net//Corporation/En/Important-Please-Read","offline","malware_download","doc","nierada.net","212.85.124.183","12824","PL"
"2018-12-10 08:39:48","http://sylwiaurban.pl/images/Telekom/Rechnungen/112018/","offline","malware_download","doc|emotet|heodo","sylwiaurban.pl","79.96.86.54","12824","PL"
"2018-12-09 00:47:02","http://sylwiaurban.pl/images/doc/US/Paid-Invoices","offline","malware_download","doc","sylwiaurban.pl","79.96.86.54","12824","PL"
"2018-12-07 23:09:53","http://nierada.net/Corporation/En/Important-Please-Read","offline","malware_download","doc|emotet|epoch2","nierada.net","212.85.124.183","12824","PL"
"2018-12-07 03:45:03","http://moolo.pl/oIx1UAV0k","offline","malware_download","emotet|epoch1|Heodo","moolo.pl","188.128.160.48","12824","PL"
"2018-12-07 03:34:51","http://nierada.net/En_us/Transactions-details/2018-12/","offline","malware_download","doc|emotet|epoch1|Heodo","nierada.net","212.85.124.183","12824","PL"
"2018-12-06 22:59:06","http://moolo.pl/oIx1UAV0k/","offline","malware_download","Emotet|exe|Heodo","moolo.pl","188.128.160.48","12824","PL"
"2018-12-06 17:18:09","http://moolo.pl//oIx1UAV0k","offline","malware_download","emotet|epoch1|exe|Heodo","moolo.pl","188.128.160.48","12824","PL"
"2018-12-06 17:14:18","http://pbcenter.home.pl/IRS/IRS-Online/Wage-and-Income-Transcript/","offline","malware_download","doc|emotet|epoch2|Heodo","pbcenter.home.pl","62.129.201.213","12824","PL"
"2018-12-06 13:46:14","http://dekormc.pl/pub/pUgp3e2xL","offline","malware_download","emotet|epoch1|exe|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-12-06 07:29:09","http://nierada.net/En_us/Transactions-details/2018-12","offline","malware_download","emotet|epoch1|Heodo","nierada.net","212.85.124.183","12824","PL"
"2018-12-05 20:54:10","http://sylwiaurban.pl/images/3ZVBGv4O","offline","malware_download","emotet|epoch1|exe|Heodo","sylwiaurban.pl","79.96.86.54","12824","PL"
"2018-12-04 14:08:06","http://dekormc.pl/pub/H0eeOPRkwr","offline","malware_download","emotet|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-12-03 16:32:03","http://sylwiaurban.pl/images/MLWmsiyDOs/","offline","malware_download","emotet|epoch1|exe|Heodo","sylwiaurban.pl","79.96.86.54","12824","PL"
"2018-12-03 16:31:12","http://sylwiaurban.pl/images/MLWmsiyDOs","offline","malware_download","emotet|epoch1|exe|Heodo","sylwiaurban.pl","79.96.86.54","12824","PL"
"2018-12-02 04:20:03","http://gops2.home.pl/libs/password.exe","offline","malware_download","exe|njrat","gops2.home.pl","62.129.211.199","12824","PL"
"2018-11-19 20:04:22","http://www.ewa-med.pl/9J/SWIFT/Personal/","offline","malware_download","emotet|heodo","www.ewa-med.pl","89.161.231.68","12824","PL"
"2018-11-14 17:28:25","http://cipherme.pl/data/7brmbUYshupk76j77yxu/biz/Privatkunden/","offline","malware_download","doc|emotet|epoch2","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-14 12:08:36","http://cipherme.pl/data/7brmbUYshupk76j77yxu/biz/Privatkunden","offline","malware_download","emotet|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-12 14:24:31","http://cipherme.pl/data/FUqfiGggE/","offline","malware_download","emotet|epoch1|exe|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-12 10:12:04","http://cipherme.pl/data/FUqfiGggE","offline","malware_download","Emotet|exe|heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-08 05:07:03","http://cipherme.pl/data/9NBXZGFYV/SEP/Personal/","offline","malware_download","doc|emotet|epoch2|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-07 15:06:43","http://cipherme.pl/data/9NBXZGFYV/SEP/Personal","offline","malware_download","doc|emotet|heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-07 07:45:21","http://bezpieczna-zywnosc.pl//4CHJZGE/com/Commercial","offline","malware_download","doc|emotet|heodo","bezpieczna-zywnosc.pl","79.96.59.100","12824","PL"
"2018-11-05 18:53:02","http://cipherme.pl/data/cw/","offline","malware_download","exe|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-05 18:45:02","http://cipherme.pl:80/data/cw","offline","malware_download","exe|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-11-05 15:25:06","http://cipherme.pl/data/cw","offline","malware_download","exe|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-10-05 07:25:32","https://sweetpearls.eu//default/En_us/Paid-Invoice","offline","malware_download","doc|emotet|heodo","sweetpearls.eu","79.96.27.88","12824","PL"
"2018-10-03 18:41:48","http://informatyczne.pl/autoinstalator/Jul2018/US_us/ACCOUNT/Invoice-0011784","offline","malware_download","doc|emotet|heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-10-03 04:51:05","http://www.ewa-med.pl//doc/En_us/Invoices-Overdue","offline","malware_download","doc|emotet|heodo","www.ewa-med.pl","89.161.231.68","12824","PL"
"2018-10-01 09:09:14","http://www.ewa-med.pl/9J/SWIFT/Personal","offline","malware_download","doc|emotet|Heodo","www.ewa-med.pl","89.161.231.68","12824","PL"
"2018-09-26 15:21:36","http://www.dmc-cw.com.pl/wp-content/3561736ECMHLBFC/SWIFT/Commercial","offline","malware_download","doc|emotet|Heodo","www.dmc-cw.com.pl","62.129.226.195","12824","PL"
"2018-09-26 14:42:02","https://sweetpearls.eu//Sep2018/En_us/Outstanding-Invoices","offline","malware_download","doc|Heodo","sweetpearls.eu","79.96.27.88","12824","PL"
"2018-09-26 11:18:39","https://sweetpearls.eu/Sep2018/En_us/Outstanding-Invoices","offline","malware_download","doc|emotet|Heodo","sweetpearls.eu","79.96.27.88","12824","PL"
"2018-09-19 04:25:09","http://cipherme.pl/data/38156BSX/identity/Personal/","offline","malware_download","doc|emotet|epoch2|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-09-17 22:44:17","http://cipherme.pl/data/38156BSX/identity/Personal","offline","malware_download","doc|emotet|Heodo","cipherme.pl","46.242.241.24","12824","PL"
"2018-09-14 06:23:28","http://balti.com.pl/hpwwoti2/5965HKYEDZW/PAYMENT/Smallbusiness","offline","malware_download","doc|emotet|heodo","balti.com.pl","188.128.190.253","12824","PL"
"2018-09-13 10:31:53","http://www.mainpartners.eu/6287508P/oamo/US","offline","malware_download","doc|emotet|Heodo","www.mainpartners.eu","188.128.134.173","12824","PL"
"2018-09-13 05:43:31","http://www.mainpartners.eu/6287508P/oamo/US/","offline","malware_download","doc|emotet|epoch2|Heodo","www.mainpartners.eu","188.128.134.173","12824","PL"
"2018-09-12 14:40:29","https://mainpartners.eu/6287508P/oamo/US","offline","malware_download","doc|emotet","mainpartners.eu","188.128.134.173","12824","PL"
"2018-09-12 08:38:05","http://mainpartners.eu/6287508P/oamo/US","offline","malware_download","doc|emotet|Heodo","mainpartners.eu","188.128.134.173","12824","PL"
"2018-09-12 08:18:04","http://mainpartners.eu/6287508P/oamo/US/","offline","malware_download","doc|Heodo","mainpartners.eu","188.128.134.173","12824","PL"
"2018-09-07 14:58:10","http://zs1bb.pl/Sep2018/En_us/ACH-form","offline","malware_download","doc|emotet|Heodo","zs1bb.pl","89.161.255.7","12824","PL"
"2018-09-06 03:16:11","http://mazuryrowery.pl/wp-admin/FILE/En/Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2","mazuryrowery.pl","46.242.197.210","12824","PL"
"2018-09-04 14:28:46","http://mazuryrowery.pl/wp-admin/FILE/En/Past-Due-Invoices","offline","malware_download","doc|emotet|Heodo","mazuryrowery.pl","46.242.197.210","12824","PL"
"2018-08-23 13:37:11","http://progea4d.pl/w/","offline","malware_download","emotet|exe|Heodo","progea4d.pl","188.128.155.177","12824","PL"
"2018-08-23 06:24:07","http://progea4d.pl/w","offline","malware_download","emotet|exe|Heodo","progea4d.pl","188.128.155.177","12824","PL"
"2018-08-09 05:52:47","http://informatyczne.pl/autoinstalator/977RDINFO/TRJK31801808701TKCAY/30816/OLG-KQX-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-08-09 05:15:59","http://informatyczne.pl/autoinstalator/LLC/BH9680018C/0328017371/QP-ZSTZ-Aug-06-2018/","offline","malware_download","doc|emotet|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-08-09 05:15:58","http://informatyczne.pl/autoinstalator/977RDINFO/TRJK31801808701TKCAY/30816/OLG-KQX-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-08-07 10:26:06","http://informatyczne.pl/autoinstalator/LLC/BH9680018C/0328017371/QP-ZSTZ-Aug-06-2018","offline","malware_download","doc|emotet|heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-08-03 05:14:20","http://informatyczne.pl/autoinstalator/DHL-number/US","offline","malware_download","doc|emotet|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-08-03 04:24:50","http://informatyczne.pl/autoinstalator/DHL-number/US/","offline","malware_download","doc|emotet|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-08-02 03:31:34","http://elkasen.szczecin.pl/sites/En_us/Address-Changed/","offline","malware_download","doc|emotet|epoch2|Heodo","elkasen.szczecin.pl","79.96.33.199","12824","PL"
"2018-07-31 22:27:16","http://elkasen.szczecin.pl/newsletter/En_us/OVERDUE-ACCOUNT/invoice","offline","malware_download","doc|emotet|heodo","elkasen.szczecin.pl","79.96.33.199","12824","PL"
"2018-07-31 19:15:47","http://elkasen.pl/doc/GER/Zahlung/Hilfestellung-zu-Ihrer-Rechnung-AN-14-54208/","offline","malware_download","doc|emotet|epoch2|Heodo","elkasen.pl","79.96.33.199","12824","PL"
"2018-07-30 20:26:12","http://elkasen.szczecin.pl/newsletter/En_us/OVERDUE-ACCOUNT/invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","elkasen.szczecin.pl","79.96.33.199","12824","PL"
"2018-07-30 15:32:04","http://informatyczne.pl/autoinstalator/Tracking/","offline","malware_download","doc|emotet|epoch2|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-07-26 03:53:40","http://dekormc.pl/js/sites/US_us/OVERDUE-ACCOUNT/Invoice-931714/","offline","malware_download","doc|emotet|epoch2|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-07-25 23:52:08","http://kardiokonf.pl/fngtbsMZ","offline","malware_download","emotet|epoch2|Fuery|Heodo|payload","kardiokonf.pl","79.96.128.59","12824","PL"
"2018-07-25 03:58:22","http://informatyczne.pl/autoinstalator/Jul2018/US_us/OVERDUE-ACCOUNT/Account-67098/","offline","malware_download","doc|emotet|epoch2|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-07-24 05:36:00","http://www.dekormc.pl/dekor/Jul2018/En_us/Client/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","www.dekormc.pl","79.96.69.212","12824","PL"
"2018-07-24 05:34:35","http://slajd.eu/pdf/En/New-Order-Upcoming/021068/","offline","malware_download","doc|emotet|epoch2|Heodo","slajd.eu","62.129.236.238","12824","PL"
"2018-07-24 05:30:08","http://dekormc.pl/dekor/Jul2018/En_us/Client/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-07-20 03:43:49","http://informatyczne.pl/autoinstalator/pdf/EN_en/STATUS/Invoice-5539312/?rcpt=Kundenbetreuung/","offline","malware_download","doc|emotet|epoch2|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-07-19 09:32:14","http://www.dekormc.pl/dekor/Jul2018/En_us/Client/Auditor-of-State-Notification-of-EFT-Deposit","offline","malware_download","doc|emotet|Heodo","www.dekormc.pl","79.96.69.212","12824","PL"
"2018-07-19 09:30:48","http://dekormc.pl/dekor/Jul2018/En_us/Client/Auditor-of-State-Notification-of-EFT-Deposit","offline","malware_download","doc|emotet|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-07-18 22:51:14","http://slajd.eu/instalacje/Factures/","offline","malware_download","doc|emotet|epoch1|Heodo","slajd.eu","62.129.236.238","12824","PL"
"2018-07-18 10:06:07","http://informatyczne.pl/autoinstalator/pdf/EN_en/STATUS/Invoice-5539312/","offline","malware_download","doc|emotet|Heodo","informatyczne.pl","79.96.52.114","12824","PL"
"2018-07-17 21:37:08","http://lksm.pl/cgi-bin/sites/US/FILE/Invoice-082090","offline","malware_download","doc|emotet|heodo","lksm.pl","89.161.189.108","12824","PL"
"2018-07-16 21:32:27","http://lksm.pl/wp-content/Borradores-documentos/","offline","malware_download","doc|emotet|epoch1|Heodo","lksm.pl","89.161.189.108","12824","PL"
"2018-07-16 16:13:50","http://lksm.pl/cgi-bin/doc/En/DOC/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|epoch2|Heodo","lksm.pl","89.161.189.108","12824","PL"
"2018-07-16 10:18:13","http://www.lksm.pl/cgi-bin/doc/En/DOC/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|heodo","www.lksm.pl","89.161.189.108","12824","PL"
"2018-07-16 10:18:08","http://dropbydrop.pl/files/En/Order/Past-Due-invoice/","offline","malware_download","doc|emotet|heodo","dropbydrop.pl","46.242.242.190","12824","PL"
"2018-07-13 13:28:09","http://happyparkonline.pl/jposeirt/X/","offline","malware_download","Andromeda|emotet|exe|heodo","happyparkonline.pl","89.161.219.227","12824","PL"
"2018-07-11 15:37:06","http://happyparkonline.pl/jposeirt/default/EN_en/Client/Invoice-10214/","offline","malware_download","doc|emotet|heodo","happyparkonline.pl","89.161.219.227","12824","PL"
"2018-07-05 10:57:42","http://www.ddsolutions.pl/US/Jul2018/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|Heodo","www.ddsolutions.pl","46.242.246.52","12824","PL"
"2018-07-02 21:30:13","http://ftp.adspace.pl/webs/Open-invoices-02/07/2018/","offline","malware_download","doc|emotet|epoch1|Heodo","ftp.adspace.pl","188.128.255.251","12824","PL"
"2018-07-02 16:26:55","http://own-transport.com/pub/OVERDUE-ACCOUNT/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-07-01 22:29:09","http://own-transport.com/pub/INVOICE-STATUS/Please-pull-invoice-20794/","offline","malware_download","doc|emotet|epoch2|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-30 06:09:39","http://own-transport.com/pub/Pagada-Invocacion-Recibo","offline","malware_download","emotet|heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-30 06:09:38","http://own-transport.com/pub/INVOICE-STATUS/Please-pull-invoice-20794","offline","malware_download","emotet|heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-30 06:09:37","http://own-transport.com/pub/Facturas-disponibles","offline","malware_download","emotet|heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-28 19:03:02","http://ftp.adspace.pl/dlieu/Client/Invoice-06-27-18/","offline","malware_download","Heodo","ftp.adspace.pl","188.128.255.251","12824","PL"
"2018-06-28 16:03:08","http://own-transport.com/pub/Pagada-Invocacion-Recibo/","offline","malware_download","doc|emotet|epoch1|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-28 05:40:47","http://bappress.com.pl/OVERDUE-ACCOUNT/Invoice-37558","offline","malware_download","emotet|heodo","bappress.com.pl","79.96.95.203","12824","PL"
"2018-06-28 05:39:17","http://ftp.adspace.pl/dlieu/Client/Invoice-06-27-18","offline","malware_download","emotet|heodo","ftp.adspace.pl","188.128.255.251","12824","PL"
"2018-06-28 04:29:21","http://bappress.com.pl/OVERDUE-ACCOUNT/Invoice-37558/","offline","malware_download","Heodo","bappress.com.pl","79.96.95.203","12824","PL"
"2018-06-27 04:03:14","http://own-transport.com/pub/Facturas-disponibles/","offline","malware_download","doc|emotet|epoch1|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-22 03:44:05","http://denaros.pl/Lorem/GzakV6s/","offline","malware_download","Heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-06-21 06:19:14","http://own-transport.com/pub/XgMVe3/","offline","malware_download","Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-20 05:45:24","http://own-transport.com/pub/Rechnungszahlung","offline","malware_download","doc|emotet|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-19 20:42:06","http://denaros.pl/Data/ZA4l/","offline","malware_download","Heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-06-18 14:24:09","http://own-transport.com/pub/Rechnungszahlung/","offline","malware_download","doc|emotet|epoch1|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-18 13:56:30","http://dekormc.pl/js/Fakturierung/","offline","malware_download","doc|emotet|heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-06-18 06:23:06","http://denaros.pl/Lorem/L49MGv/","offline","malware_download","Emotet|exe|Heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-06-15 21:58:13","http://dekormc.pl/js/vS1WyHUCe2/","offline","malware_download","emotet|epoch2|Heodo|payload","dekormc.pl","79.96.69.212","12824","PL"
"2018-06-14 23:04:07","http://own-transport.com/pub/Invoices-for-US-06132018-04Z/79/","offline","malware_download","doc|emotet|epoch2|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-14 05:57:32","http://own-transport.com/pub/IRS-Transcripts-June-2018-9930","offline","malware_download","doc|emotet|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-14 05:55:15","http://denaros.pl/Common/ups.com/WebTracking/HBT-6216425401","offline","malware_download","doc|emotet|Heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-06-13 15:09:21","http://dekormc.pl/js/vEV2w/","offline","malware_download","emotet|epoch1|Heodo|payload","dekormc.pl","79.96.69.212","12824","PL"
"2018-06-13 13:51:17","http://own-transport.com/pub/IRS-Transcripts-June-2018-9930/","offline","malware_download","doc|emotet|epoch2|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-12 14:30:05","http://denaros.pl/Lorem/IRS-Transcripts-02G/50/","offline","malware_download","doc|emotet|epoch1|Formbook|Heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-06-11 19:25:07","http://dekormc.pl/img/IRS-Tax-Transcipts-0991/","offline","malware_download","doc|emotet|epoch2|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-06-07 16:55:12","http://own-transport.com/pub/ACCOUNT/Invoice-702750935-Invoice-date-060718-Order-no-4720107772/","offline","malware_download","doc|emotet|epoch1|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-06 06:13:24","http://shop.firmacenter.pl/ups.com/WebTracking/TON-751399316/","offline","malware_download","doc|emotet","shop.firmacenter.pl","89.161.255.6","12824","PL"
"2018-06-05 15:44:23","http://own-transport.com/pub/Zahlungserinnerung/","offline","malware_download","doc|emotet|Heodo","own-transport.com","79.96.30.70","12824","PL"
"2018-06-01 15:57:31","http://dekormc.pl/fonts/MODIF-FACTURE/","offline","malware_download","doc|emotet|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-05-30 20:26:29","http://nexusmedia.pl/olabirthday/Facturation/","offline","malware_download","doc|emotet|Heodo","nexusmedia.pl","79.96.110.24","12824","PL"
"2018-05-30 14:55:21","http://denaros.pl/Lorem/ups.com/WebTracking/NFR-2334242002/","offline","malware_download","Heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-05-29 22:49:13","http://tatanka.pl/stardrifters/Vos-facture-impayee/","offline","malware_download","doc|emotet|Heodo","tatanka.pl","212.85.107.196","12824","PL"
"2018-05-24 08:12:37","http://irishsetter.pl/ups.com/WebTracking/IF-21739513/","offline","malware_download","doc|emotet|heodo","irishsetter.pl","79.96.177.101","12824","PL"
"2018-05-24 08:07:34","http://denaros.pl/Common/STATUS/Invoice-85130523-Invoice-date-052218-Order-no-76696152354/","offline","malware_download","doc|emotet|heodo","denaros.pl","212.85.96.113","12824","PL"
"2018-05-21 17:51:05","http://eurokarton.pl/js/ups.com/WebTracking/IZ-4156347217578/","offline","malware_download","doc|emotet","eurokarton.pl","79.96.238.164","12824","PL"
"2018-05-21 12:19:20","http://dekormc.pl/js/ncrILdi/","offline","malware_download","Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-05-17 15:23:17","http://irishsetter.pl/Payment-Receipt-from-14/05/2018/","offline","malware_download","emotet|Heodo","irishsetter.pl","79.96.177.101","12824","PL"
"2018-05-15 14:31:14","http://eurokarton.pl/auto/hZCFaKm/","offline","malware_download","emotet|Heodo","eurokarton.pl","79.96.238.164","12824","PL"
"2018-05-14 18:39:59","http://dekormc.pl/js/obdXy1lO1cbEPn/","offline","malware_download","doc|emotet|Heodo","dekormc.pl","79.96.69.212","12824","PL"
"2018-05-11 11:11:47","http://dekormc.pl/pub/OE94R8w/","offline","malware_download","doc|emotet","dekormc.pl","79.96.69.212","12824","PL"
"2018-04-24 16:50:12","http://eurokarton.pl/pub/Invoice-for-w/f-04/24/2018/","offline","malware_download","doc|emotet","eurokarton.pl","79.96.238.164","12824","PL"
"2018-04-13 05:11:42","http://www.alfredsrobygg.se/Overdue-payment/","offline","malware_download","doc|emotet|heodo","www.alfredsrobygg.se","46.242.246.61","12824","PL"
"2018-03-29 14:55:52","http://portfel-inwestycyjny.pl/INVOICE/EN-43534369357056/","offline","malware_download","doc|emotet|heodo","portfel-inwestycyjny.pl","46.242.239.95","12824","PL"
"2018-03-28 13:55:31","http://zspaw.pl/Rechnung-Nr-26690/21JYR0YP1KI/","offline","malware_download","doc|emotet|heodo","zspaw.pl","79.96.57.231","12824","PL"
"2018-03-28 13:44:48","http://parafia.kaszczorek.com/Document/Invoice/","offline","malware_download","doc|emotet|heodo","parafia.kaszczorek.com","79.96.16.243","12824","PL"
"2018-03-28 13:40:53","http://dworkociolek.pl//INV/COA-816676452701857/","offline","malware_download","doc|emotet|heodo","dworkociolek.pl","188.128.169.127","12824","PL"
"2018-03-27 07:51:54","http://starogard.otoz.pl//ekDb/","offline","malware_download","emotet heodo exe|Heodo","starogard.otoz.pl","89.161.252.246","12824","PL"
"2018-03-27 07:36:47","http://starogard.otoz.pl/ekDb/","offline","malware_download","emotet|exe|heodo","starogard.otoz.pl","89.161.252.246","12824","PL"
# of entries: 352