##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2024-04-27 05:13:34 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS13213
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2023-11-09 14:49:17","https://adnanltd.com/dmt/","offline","malware_download","js|Pikabot|pw-H17|TR|zip","adnanltd.com","209.95.55.152","13213","US"
"2023-11-08 12:25:13","https://adnanltd.com/dpso/","offline","malware_download","Pikabot|TA577|TR","adnanltd.com","209.95.55.152","13213","US"
"2023-10-18 06:43:13","https://sydconenterprises.com/aat/","offline","malware_download","Pikabot|TA577|TR","sydconenterprises.com","174.127.110.229","13213","US"
"2023-06-14 16:56:34","https://ap.sd/iimo/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","ap.sd","77.92.84.157","13213","GB"
"2023-05-24 14:13:18","https://tasvir.co.uk/qiu/?1","offline","malware_download","BB29|geofenced|js|Qakbot|USA","tasvir.co.uk","77.92.80.174","13213","GB"
"2023-05-18 15:37:24","https://drive33.com/mo/?1","offline","malware_download","BB28|geofenced|js|Qakbot|USA","drive33.com","212.78.94.15","13213","GB"
"2023-04-06 15:41:52","https://ap.sd/teim/teim.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","ap.sd","77.92.84.157","13213","GB"
"2023-04-04 16:10:32","https://barmitzvahtoursinisrael.com/qe/qe.php","offline","malware_download","BB22|geofenced|js|Qakbot|qbot|Quakbot|TR|USA","barmitzvahtoursinisrael.com","88.202.226.33","13213","GB"
"2023-03-24 04:04:47","https://megajardinescolombia.com/toi/toi.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","megajardinescolombia.com","173.244.214.243","13213","DE"
"2023-02-27 19:37:29","https://barkotel.com/IUIR.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","barkotel.com","174.127.104.176","13213","US"
"2022-12-20 20:52:36","https://teknoron.com.tr/bia/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","teknoron.com.tr","77.92.91.191","13213","GB"
"2022-12-20 17:07:28","https://adnanltd.com/ilos/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","adnanltd.com","209.95.55.152","13213","US"
"2022-12-19 21:43:28","https://lalunamalabo.com/soao/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","lalunamalabo.com","209.236.72.17","13213","US"
"2022-12-19 21:35:21","https://crsjwbg.org/lag/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","crsjwbg.org","206.217.202.60","13213","US"
"2022-12-19 16:41:46","https://teknoron.com.tr/eurt/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","teknoron.com.tr","77.92.91.191","13213","GB"
"2022-12-19 16:26:00","https://adnanltd.com/me/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","adnanltd.com","209.95.55.152","13213","US"
"2022-12-15 17:19:15","https://adnanltd.com/obr/index.php","offline","malware_download","50000|E17|gozi|ISFB|ISO|PM11|TR|zip","adnanltd.com","209.95.55.152","13213","US"
"2022-12-15 16:12:16","https://brokersquestions.com/ui/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","brokersquestions.com","209.236.71.112","13213","US"
"2022-12-14 20:02:21","https://crsjwbg.org/sm/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","crsjwbg.org","206.217.202.60","13213","US"
"2022-12-14 16:00:45","https://brokersquestions.com/eb/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","brokersquestions.com","209.236.71.112","13213","US"
"2022-12-14 15:57:20","https://adnanltd.com/nloi/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","adnanltd.com","209.95.55.152","13213","US"
"2022-12-13 20:24:59","https://downtowncityplace.com/ntti/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","downtowncityplace.com","209.236.71.112","13213","US"
"2022-12-13 20:21:15","https://brokersquestions.com/ue/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","brokersquestions.com","209.236.71.112","13213","US"
"2022-10-31 16:11:20","https://marsomi.com/ola/qakbot.zip","offline","malware_download","BB05|BV1|iso|qakbot|qbot|quakbot|TR|zip","marsomi.com","185.9.51.36","13213","US"
"2022-10-26 07:22:41","http://alsanjari.co.uk/images/rnagaj/af%20presentation/content/Adobe%20AIR/Versions/1.0/Adobe%20AIR.dll","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-26 07:22:38","http://alsanjari.co.uk/images/rnagaj/af%20presentation/content/Adobe%20AIR/Versions/1.0/Resources/NPSWF32.dll","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-26 07:22:20","http://alsanjari.co.uk/images/rnagaj/af%20presentation/content/Adobe%20AIR/Versions/1.0/Resources/WebKit.dll","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-26 07:22:16","http://alsanjari.co.uk/images/rnagaj/af%20presentation/content/Adobe%20AIR/Versions/1.0/Resources/AdobeCP15.dll","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-26 07:22:10","http://alsanjari.co.uk/images/rnagaj/af%20presentation/content/Adobe%20AIR/Versions/1.0/Resources/CaptiveAppEntry.exe","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-26 07:22:10","http://alsanjari.co.uk/images/rnagaj/af%20presentation/content/Prezi.exe","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-26 07:21:07","http://alsanjari.co.uk/images/rnagaj/af%20presentation/Prezi.exe","offline","malware_download","exe","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-10-10 18:23:37","https://mcqgeek.com/pnle/imcnditniiuna","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","mcqgeek.com","88.202.183.220","13213","GB"
"2022-10-10 18:23:37","https://mcqgeek.com/pnle/ioasfumpfiic","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","mcqgeek.com","88.202.183.220","13213","GB"
"2022-10-10 18:23:30","https://mcqgeek.com/pnle/oieetssetliaoslamm","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","mcqgeek.com","88.202.183.220","13213","GB"
"2022-10-10 18:23:29","https://mcqgeek.com/pnle/silvet","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","mcqgeek.com","88.202.183.220","13213","GB"
"2022-10-10 18:23:21","https://mcqgeek.com/iomn/pavcuotqalsentrseutuo","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","mcqgeek.com","88.202.183.220","13213","GB"
"2022-10-10 18:23:15","https://mcqgeek.com/iomn/inrieetnluth","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","mcqgeek.com","88.202.183.220","13213","GB"
"2022-09-22 21:23:39","https://ekoulutuspro.com/ei/trsucks","offline","malware_download","bb|encrypted|iso|qakbot|qbot|quakbot|tr|zip","ekoulutuspro.com","109.123.84.29","13213","GB"
"2022-07-04 08:16:04","http://emett.com/images/kk2l4zoRKwv2vIEK/","offline","malware_download","dll|emotet|epoch4|heodo","emett.com","77.92.75.1","13213","GB"
"2022-06-23 13:38:09","http://eastbrentparishcouncil.org.uk/sdi/iumlrboamnga","offline","malware_download","Qakbot|qbot|Quakbot|TR","eastbrentparishcouncil.org.uk","77.92.84.46","13213","GB"
"2022-06-21 17:18:05","http://chainandpyle.com/Old/UlfGGNN6xbau/","offline","malware_download","dll|emotet|epoch5|heodo","chainandpyle.com","83.170.107.145","13213","GB"
"2022-06-13 09:40:05","http://alsanjari.co.uk/alsanjari.com/Wa66/","offline","malware_download","emotet|exe|heodo","alsanjari.co.uk","77.92.81.191","13213","GB"
"2022-06-09 17:52:03","http://tbarnes.co.uk/tbarnes_co_uk/8ai/","offline","malware_download","dll|emotet|epoch5|heodo","tbarnes.co.uk","83.170.79.102","13213","GB"
"2022-06-09 00:28:05","http://zoelake.co.uk/pregnancy_files/O8pDzTtBe7/","offline","malware_download","dll|emotet|epoch4|heodo","zoelake.co.uk","83.170.122.1","13213","GB"
"2022-06-03 09:46:06","http://timoleary.co.uk/css/7Nvb3VNWJH/","offline","malware_download","dll|emotet|epoch4|heodo","timoleary.co.uk","77.92.83.1","13213","GB"
"2022-05-21 21:22:03","http://1roof.ltd.uk/creationmaintenance.co.uk/mE/","offline","malware_download","emotet|epoch4|exe|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2022-05-21 21:22:03","http://1roof.ltd.uk/creationmaintenance.co.uk/TOqZOS/","offline","malware_download","emotet|epoch4|exe|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2022-05-19 11:12:11","http://206.217.221.16/bins/UnHAnaAW.arm","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:11","http://206.217.221.16/bins/UnHAnaAW.arm7","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:11","http://206.217.221.16/bins/UnHAnaAW.mips","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:11","http://206.217.221.16/bins/UnHAnaAW.x86","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:10","http://206.217.221.16/bins/UnHAnaAW.arm5","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:10","http://206.217.221.16/bins/UnHAnaAW.arm6","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:10","http://206.217.221.16/bins/UnHAnaAW.m68k","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:10","http://206.217.221.16/bins/UnHAnaAW.mpsl","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:10","http://206.217.221.16/bins/UnHAnaAW.ppc","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 11:12:10","http://206.217.221.16/bins/UnHAnaAW.sh4","offline","malware_download","elf","206.217.221.16","206.217.221.16","13213","GB"
"2022-05-19 10:56:10","https://sjbrokerage.com/auet/elsoinrdto200117498","offline","malware_download","TR","sjbrokerage.com","209.236.71.112","13213","US"
"2022-05-19 06:43:07","http://olasconsulting.com/images/S4B5qmUVQBjL2xp/","offline","malware_download","emotet|epoch5|exe|heodo","olasconsulting.com","83.170.123.1","13213","GB"
"2022-05-19 06:43:07","http://payasyougopa.com/js/Xd6ezXKNSJTkKr1FSd/","offline","malware_download","emotet|epoch5|exe|heodo","payasyougopa.com","77.92.81.24","13213","GB"
"2022-05-19 06:43:06","http://pjec.com/cgi-bin/I6Nm5CjaJx/","offline","malware_download","emotet|epoch5|exe|heodo","pjec.com","46.23.69.44","13213","GB"
"2022-05-19 06:43:06","http://pjec.com/cgi-bin/I6Nm5CjaJx/","offline","malware_download","emotet|epoch5|exe|heodo","pjec.com","77.92.66.141","13213","GB"
"2022-05-18 19:18:05","http://louisdyer.com/wp-content/YyHbaZKYs/","offline","malware_download","dll|emotet|epoch5|heodo","louisdyer.com","83.170.107.1","13213","GB"
"2022-05-17 16:08:04","https://www.libcus.com/wp-admin/uY9Sq81cqNw1MM/","offline","malware_download","dll|emotet|epoch5|heodo","www.libcus.com","77.92.66.141","13213","GB"
"2022-05-17 12:11:04","http://meddiquest.com/pboapart/ZKIcuz/","offline","malware_download","dll|emotet|epoch4|heodo","meddiquest.com","77.92.75.4","13213","GB"
"2022-05-17 07:04:07","http://moynan.com/sexmatters.eu/mQbtYGG/","offline","malware_download","dll|emotet|epoch4|heodo","moynan.com","83.170.107.1","13213","GB"
"2022-05-16 21:41:09","http://mortster.net/images/fhuG9UGVBx/","offline","malware_download","dll|emotet|epoch4|heodo","mortster.net","77.92.75.2","13213","GB"
"2022-05-16 16:49:07","http://1roof.ltd.uk/creationmaintenance.co.uk/3uWJevt/","offline","malware_download","dll|emotet|epoch5|heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2022-04-29 10:42:04","https://www.clearconstruction.co.uk/scripts/Ev5IXoBvFJkBQ0MZXb/","offline","malware_download","dll|emotet|epoch4|heodo","www.clearconstruction.co.uk","77.92.74.1","13213","GB"
"2022-03-30 22:21:03","https://www.clearconstruction.co.uk/scripts/3oEJgZjRWVLNMbY14ajMQKA/","offline","malware_download","c8fc17ff030feb3383d8889f69abbb|emotet|epoch4|Heodo|xls","www.clearconstruction.co.uk","77.92.74.1","13213","GB"
"2022-03-30 17:12:07","https://www.glennsimoninc.com/glennsimoninc.com/QU5XxDDlKoy9WcCuIEyy/","offline","malware_download","emotet|epoch4|redir-doc|xls","www.glennsimoninc.com","174.127.107.202","13213","US"
"2022-03-30 17:12:06","https://www.glennsimoninc.com/glennsimoninc.com/QU5XxDDlKoy9WcCuIEyy/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","www.glennsimoninc.com","174.127.107.202","13213","US"
"2022-03-30 16:36:04","http://hadlowpharmacy.co.uk/ycam/q/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","hadlowpharmacy.co.uk","83.170.80.128","13213","GB"
"2022-03-30 16:36:03","http://hadlowpharmacy.co.uk/ycam/q/","offline","malware_download","emotet|epoch4|redir-doc|xls","hadlowpharmacy.co.uk","83.170.80.128","13213","GB"
"2022-03-30 15:07:06","http://herringtons.co.uk/_images/nxVhP4lsGmxhgUiERrp/?i=1","offline","malware_download","doc|emotet|epoch4|SilentBuilder","herringtons.co.uk","83.170.122.1","13213","GB"
"2022-03-30 15:07:04","http://herringtons.co.uk/_images/nxVhP4lsGmxhgUiERrp/","offline","malware_download","emotet|epoch4|redir-doc|xls","herringtons.co.uk","83.170.122.1","13213","GB"
"2022-03-29 17:19:04","http://emett.com/images/8/","offline","malware_download","emotet|epoch4|redir-doc|xls","emett.com","77.92.75.1","13213","GB"
"2022-03-29 17:19:04","http://emett.com/images/8/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","emett.com","77.92.75.1","13213","GB"
"2022-03-25 15:00:06","http://clanwatson.co.uk/personal/DxlCbK5yxbqq1jqP/","offline","malware_download","dll|emotet|epoch4|heodo","clanwatson.co.uk","46.23.69.44","13213","GB"
"2022-03-25 15:00:06","http://clanwatson.co.uk/personal/DxlCbK5yxbqq1jqP/","offline","malware_download","dll|emotet|epoch4|heodo","clanwatson.co.uk","77.92.79.11","13213","GB"
"2022-03-15 10:55:07","http://alsanjari.co.uk/alsanjari.com/CynW/","offline","malware_download","dll|emotet|epoch4|heodo","alsanjari.co.uk","77.92.81.191","13213","GB"
"2021-08-11 05:38:07","http://augustair.com/Resources/eft/edi.exe","offline","malware_download","bitrat|RedLineStealer|RemcosRAT","augustair.com","206.130.99.140","13213","US"
"2021-08-05 05:38:11","http://augustair.com/log/remit/edi.exe","offline","malware_download","RemcosRAT","augustair.com","206.130.99.140","13213","US"
"2021-07-14 06:24:10","http://augustair.com/log/remit/mail.exe","offline","malware_download","remcos|RemcosRAT","augustair.com","206.130.99.140","13213","US"
"2021-05-14 12:38:08","https://geniusmessage.com/KAQVXW/WilliamBrown-65.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","geniusmessage.com","109.123.121.223","13213","GB"
"2021-05-13 21:07:05","https://geniusmessage.com/KAQVXW/Emma.Garcia-80.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","geniusmessage.com","109.123.121.223","13213","GB"
"2021-05-13 16:28:06","http://geniusmessage.com/KAQVXW/patricia_huston-72.zip","offline","malware_download","qbot","geniusmessage.com","109.123.121.223","13213","GB"
"2021-05-13 13:40:23","https://geniusmessage.com/KAQVXW/Liam.Jones-53.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","geniusmessage.com","109.123.121.223","13213","GB"
"2021-05-12 19:40:18","https://geniusmessage.com/KAQVXW/Oliver.Williams-35.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","geniusmessage.com","109.123.121.223","13213","GB"
"2021-03-10 15:29:06","https://slm.justsomehosting.com/uploads/images/Q0JHHfyvwg.php","offline","malware_download","Dridex","slm.justsomehosting.com","77.92.85.129","13213","GB"
"2021-02-18 06:29:04","http://augustair.com/log/remit/edi.js","offline","malware_download","js|RAT|RemcosRAT","augustair.com","206.130.99.140","13213","US"
"2020-11-19 08:03:03","http://augustair.com/log/remit/edi.vbs","offline","malware_download","RemcosRAT|vbs","augustair.com","206.130.99.140","13213","US"
"2020-11-19 08:02:05","http://augustair.com/log/remit/edi.jpg","offline","malware_download","encoded|RemcosRAT","augustair.com","206.130.99.140","13213","US"
"2020-11-09 13:00:07","http://timesys.justsomehosting.com/vvrb6pl6.txt","offline","malware_download","Dridex","timesys.justsomehosting.com","77.92.85.129","13213","GB"
"2020-10-29 04:44:04","http://pineislandok.com/cgi-bin/RU0laGseQgcLel2iKOkEBbGXvqalg7JM0k/","offline","malware_download","doc|emotet|epoch2|Heodo","pineislandok.com","50.115.112.95","13213","US"
"2020-10-27 06:09:04","http://dunedintapfest.com/wp-admin/954446322655/nuy8ppmvrhq-07162/","offline","malware_download","doc|emotet|epoch3|Heodo","dunedintapfest.com","69.36.170.42","13213","US"
"2020-10-26 15:35:07","https://dunedintapfest.com/wp-admin/954446322655/nuy8ppmvrhq-07162/","offline","malware_download","doc|emotet|epoch3|Heodo","dunedintapfest.com","69.36.170.42","13213","US"
"2020-10-21 16:08:05","https://buildingimagination.org/openbayl/parts_service/eTgsL/","offline","malware_download","doc|emotet|epoch3|Heodo","buildingimagination.org","109.123.64.173","13213","GB"
"2020-10-21 07:52:14","http://pineislandok.com/cgi-bin/report/zkvaiz2d2zzb4/w/","offline","malware_download","doc|emotet|epoch2|Heodo","pineislandok.com","50.115.112.95","13213","US"
"2020-09-21 08:05:21","http://kcdryervents.com/ca/D/","offline","malware_download","emotet|epoch1|exe|Heodo","kcdryervents.com","173.255.131.155","13213","US"
"2020-09-04 02:33:05","http://snowcamp.org/wpu/https:/Overview/eoJ4pr6eRStP22/","offline","malware_download","doc|emotet|epoch1|Heodo","snowcamp.org","209.236.75.75","13213","US"
"2020-09-03 15:54:05","http://snowcamp.org/wpu/https://Overview/eoJ4pr6eRStP22/","offline","malware_download","doc|emotet|epoch1|Heodo","snowcamp.org","209.236.75.75","13213","US"
"2020-08-31 12:04:50","http://modernmanna.org/isc/file/ehUxY/","offline","malware_download","emotet|epoch3|exe|Heodo","modernmanna.org","69.36.170.175","13213","US"
"2020-08-31 02:01:25","http://modernmanna.org/isc/r/","offline","malware_download","emotet|epoch1|exe|Heodo","modernmanna.org","69.36.170.175","13213","US"
"2020-08-28 16:53:29","http://bobbycooper.com/cgi-bin/3Zc/","offline","malware_download","emotet|epoch1|exe|Heodo","bobbycooper.com","69.36.164.215","13213","US"
"2020-08-28 07:20:11","http://snowcamp.org/paws/Overview/","offline","malware_download","doc|emotet|epoch2|heodo","snowcamp.org","209.236.75.75","13213","US"
"2020-08-19 07:46:35","http://sheilasteinfeld.com/8ozY17n/","offline","malware_download","emotet|epoch2|exe|heodo","sheilasteinfeld.com","173.255.128.163","13213","US"
"2020-08-19 07:45:10","http://abcofcricket.com/T3A/","offline","malware_download","emotet|epoch2|exe|heodo","abcofcricket.com","174.127.119.148","13213","US"
"2020-08-12 22:05:18","http://altdigital.co.uk/js/tCmXt/","offline","malware_download","emotet|epoch1|exe|heodo","altdigital.co.uk","174.127.110.175","13213","US"
"2020-08-12 20:06:44","http://michaelsteinfeld.com/cgi-bin/hkXmR/","offline","malware_download","emotet|epoch3|exe|heodo","michaelsteinfeld.com","173.255.128.163","13213","US"
"2020-08-12 06:48:30","http://microcommindia.com/css/whqkix-py-019/","offline","malware_download","doc|emotet|epoch3","microcommindia.com","50.115.114.101","13213","US"
"2020-08-12 06:46:09","http://www.microcommindia.com/css/whqkix-py-019/","offline","malware_download","doc|emotet|epoch3|Heodo","www.microcommindia.com","50.115.114.101","13213","US"
"2020-08-11 08:54:05","http://lochaistine.com/ww12/JbaiiKIC-KHehH37Bi0-disk/close-oj9hXtu0O-oDsV4tz28/kjshqdaogw7www-w0t3z0116/","offline","malware_download","doc|emotet|epoch1|heodo","lochaistine.com","173.255.129.252","13213","US"
"2020-08-10 18:46:06","http://bgbg.us/wp-admin/LuhsUKlH37_Lu3DRWHSa8Lqh_disk/open_46634167_akQLurN/4sAbSJ7sj_1clLyhxcrdh39/","offline","malware_download","doc|emotet|epoch1|heodo","bgbg.us","208.131.151.227","13213","US"
"2020-08-10 11:11:25","http://bagraphics.net/LochaiStine.com/08735/x5km442795227311722044p89g50x/","offline","malware_download","doc|emotet|epoch2|heodo","bagraphics.net","173.255.129.252","13213","US"
"2020-08-07 22:07:04","http://microcommindia.com/css/9wu_sjp_rvn/","offline","malware_download","emotet|epoch2|exe","microcommindia.com","50.115.114.101","13213","US"
"2020-08-07 12:25:33","http://www.microcommindia.com/css/9wu_sjp_rvn/","offline","malware_download","emotet|epoch2|exe|Heodo","www.microcommindia.com","50.115.114.101","13213","US"
"2020-08-06 16:14:04","http://abcofcricket.com/Aust/xn_fxn6_25403_prS5i/verifiable_space/hYYyIPw4VO_m18Kjeb14Jt/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","abcofcricket.com","174.127.119.148","13213","US"
"2020-08-06 05:20:08","http://fpmtmongolia.org/cgi-bin/0r0g7yl3103656715480ifx5148etoyx9kk/","offline","malware_download","doc|emotet|epoch2|Heodo","fpmtmongolia.org","68.169.34.212","13213","US"
"2020-08-06 04:33:06","http://www.fpmtmongolia.org/cgi-bin/0r0g7yl3103656715480ifx5148etoyx9kk/","offline","malware_download","doc|emotet|epoch2|heodo","www.fpmtmongolia.org","68.169.34.212","13213","US"
"2020-08-05 15:40:28","http://silverbox.rpdelio.com/kyifkezrfy/4E/k3/5gvfV9jc.zip","offline","malware_download","Qakbot|Quakbot|zip","silverbox.rpdelio.com","107.182.235.60","13213","US"
"2020-07-31 16:01:37","http://newtreedesign.co.uk/images/FILE/kqbqplc/","offline","malware_download","doc|emotet|epoch2|heodo","newtreedesign.co.uk","50.115.112.7","13213","US"
"2020-07-31 00:29:06","http://www.microcommindia.com/css/9xvyu-2ljp-1187/","offline","malware_download","doc|emotet|epoch3|Heodo","www.microcommindia.com","50.115.114.101","13213","US"
"2020-07-30 14:19:07","http://altdigital.co.uk/js/private-module/verified-profile/myoigsxqpsim-0z8u685t/","offline","malware_download","doc|emotet|epoch1|Heodo","altdigital.co.uk","174.127.110.175","13213","US"
"2020-07-30 01:55:36","http://bloodcreative.co.uk/Scripts/private-B1PxU-bpyyZM3/lwm1o260shb-cdsu5t590era-ryiK9Kt-Pd9L2ciooPLIEB/192817551-NzXgC6/","offline","malware_download","doc|emotet|epoch1|Heodo","bloodcreative.co.uk","77.92.84.46","13213","GB"
"2020-07-29 21:36:04","http://sheilasteinfeld.com/browse/","offline","malware_download","doc|emotet|epoch2|Heodo","sheilasteinfeld.com","173.255.128.163","13213","US"
"2020-07-28 14:57:03","http://clanwatson.co.uk/personal/docs/crtijac8/","offline","malware_download","doc|emotet|epoch2|Heodo","clanwatson.co.uk","46.23.69.44","13213","GB"
"2020-07-28 14:57:03","http://clanwatson.co.uk/personal/docs/crtijac8/","offline","malware_download","doc|emotet|epoch2|Heodo","clanwatson.co.uk","77.92.79.11","13213","GB"
"2020-07-28 08:01:34","http://hewittpender.com/cgi-bin/eTrac/gt321682268121jey0b2cx76ipg9804b/","offline","malware_download","doc|emotet|epoch2|heodo","hewittpender.com","174.127.104.151","13213","US"
"2020-07-28 07:09:04","https://tiffanysballoons.co.uk/cgi-bin/Reporting/3lqrm02lx/5w88292934908719027c3078lru7uixzg6nijocx/","offline","malware_download","doc|emotet|epoch2|heodo","tiffanysballoons.co.uk","83.170.83.1","13213","GB"
"2020-07-28 05:18:09","http://solangecross.com/wp-admin/3qfq1-i3-28959/","offline","malware_download","doc|emotet|epoch3|Heodo","solangecross.com","77.92.75.5","13213","GB"
"2020-07-27 16:22:34","http://wildnights.co.uk/ebay/docs/sehtd4jxav/","offline","malware_download","doc|emotet|epoch2|heodo","wildnights.co.uk","83.170.122.30","13213","GB"
"2020-07-27 14:40:07","http://tres-w.com/whmcs/browse/","offline","malware_download","doc|emotet|epoch2|heodo","tres-w.com","174.127.108.187","13213","US"
"2020-07-27 14:32:07","http://thetiaratalkshow.com/wp-admin/Reporting/","offline","malware_download","doc|emotet|epoch2|heodo","thetiaratalkshow.com","50.115.112.11","13213","US"
"2020-07-27 13:49:03","http://humpleby.org.uk/cgi-bin/report/","offline","malware_download","doc|emotet|epoch2|heodo","humpleby.org.uk","77.92.83.100","13213","GB"
"2020-07-27 13:15:47","http://sheilasteinfeld.com/cgi-bin/rlD/","offline","malware_download","emotet|epoch1|exe|Heodo","sheilasteinfeld.com","173.255.128.163","13213","US"
"2020-07-27 10:13:04","http://safelecservices.co.uk/cgi-bin/public/p6gm0uj/r225995381388x2aqncjkpyf4kg/","offline","malware_download","doc|emotet|epoch2|heodo","safelecservices.co.uk","109.123.75.100","13213","GB"
"2020-07-23 19:14:35","http://bagraphics.net/discreetlaundryservices.com/personal_array/test_cloud/461281829124_RsSGemjuK/","offline","malware_download","doc|emotet|epoch1|heodo","bagraphics.net","173.255.129.252","13213","US"
"2020-07-22 21:09:05","http://abcofcricket.com/Aust/swift/","offline","malware_download","doc|emotet|epoch2|heodo","abcofcricket.com","174.127.119.148","13213","US"
"2020-07-14 04:58:03","http://109.123.95.107/3lg5p1K5hRq.php","offline","malware_download","","109.123.95.107","109.123.95.107","13213","GB"
"2020-06-03 09:32:10","https://procrastinatings.tk/manaM.bin","offline","malware_download","encrypted|GuLoader","procrastinatings.tk","185.225.210.16","13213","DE"
"2020-05-15 06:05:18","http://kehauskitchenrestaurant.com/jrypzl/021309/LoanAgreement_021309_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","kehauskitchenrestaurant.com","209.95.48.21","13213","US"
"2020-05-15 05:57:26","http://kehauskitchenrestaurant.com/jrypzl/LoanAgreement_031870941_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","kehauskitchenrestaurant.com","209.95.48.21","13213","US"
"2020-03-28 19:34:12","http://ufostream.com/xop/vla_encrypted_69CBA70.bin","offline","malware_download","encrypted|GuLoader","ufostream.com","206.190.151.181","13213","US"
"2020-03-24 08:58:04","http://fatedlove888.com/video_encrypted_DC3D2BF.bin","offline","malware_download","AZORult|encrypted|GuLoader","fatedlove888.com","206.190.151.181","13213","US"
"2020-03-24 08:28:08","http://xxl.fatedlove888.com/sxsl/index.php","offline","malware_download","","xxl.fatedlove888.com","206.190.151.181","13213","US"
"2020-03-24 08:28:05","http://fatedlove888.com/REBALEDMELL.exe","offline","malware_download","AZORult","fatedlove888.com","206.190.151.181","13213","US"
"2020-03-24 07:39:12","http://fatedlove888.com/DESTINY%20FORMBOOK_encrypted_2E8800.bin","offline","malware_download","encrypted|Formbook|GuLoader","fatedlove888.com","206.190.151.181","13213","US"
"2020-03-20 18:11:05","http://www.zionsvillegaragedoorrepair.com/a1/vla_encrypted_2673EF0.bin","offline","malware_download","encrypted|GuLoader","www.zionsvillegaragedoorrepair.com","206.190.151.181","13213","US"
"2020-03-12 17:33:13","http://greenhousemm.com/a1/22.exe","offline","malware_download","exe|NanoCore","greenhousemm.com","206.190.151.181","13213","US"
"2020-03-12 15:40:21","http://www.jamaylibertad.com/a1/DELEGERE.exe","offline","malware_download","AZORult|exe|opendir","www.jamaylibertad.com","206.190.151.181","13213","US"
"2020-03-12 15:40:17","http://www.jamaylibertad.com/a1/Fremtidsvision.exe","offline","malware_download","AZORult|exe|opendir","www.jamaylibertad.com","206.190.151.181","13213","US"
"2020-03-12 15:40:10","http://www.jamaylibertad.com/a1/bin_encrypted_8E6856F.bin","offline","malware_download","encrypted|GuLoader|opendir","www.jamaylibertad.com","206.190.151.181","13213","US"
"2020-03-12 15:40:06","http://www.jamaylibertad.com/a1/bin_encrypted_E2CD35F.bin","offline","malware_download","AZORult|encrypted|GuLoader|opendir","www.jamaylibertad.com","206.190.151.181","13213","US"
"2020-03-12 15:39:06","http://www.jamaylibertad.com/a1/bin_encrypted_43ED530.bin","offline","malware_download","AZORult|encrypted|GuLoader|opendir","www.jamaylibertad.com","206.190.151.181","13213","US"
"2020-01-23 20:24:05","http://remcogold.com/onytljej362jfjwe/personal-PsZzwo-ulXx4OgAK/verified-area/y2r6ukb8-929258v308z/","offline","malware_download","doc|emotet|epoch1|Heodo","remcogold.com","174.127.104.27","13213","US"
"2020-01-22 02:23:11","http://testyourwebsitenow.com/wordpressjwi/wp-content/statement/","offline","malware_download","doc|emotet|epoch2|heodo","testyourwebsitenow.com","88.202.224.226","13213","GB"
"2020-01-16 23:53:05","http://iclenvironmental.co.uk/cgi-bin/Reporting/9176-2520-24509-7n9nu-oth99/","offline","malware_download","doc|emotet|epoch2|heodo","iclenvironmental.co.uk","77.92.69.132","13213","GB"
"2020-01-16 17:25:05","http://testyourwebsitenow.com/wordpressjwi/wp-content/eTrac/t1-204863787-350310-bufc-u7ewo6rvr/","offline","malware_download","doc|emotet|epoch2|heodo","testyourwebsitenow.com","88.202.224.226","13213","GB"
"2020-01-13 22:31:19","https://howelltaxi.com/wp-admin/jX/","offline","malware_download","emotet|epoch2|exe|Heodo","howelltaxi.com","109.123.65.85","13213","GB"
"2019-12-23 18:04:33","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/scheldule_8353.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:04:31","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/purchase_order_1516.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:04:29","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/payment_receipt_2298.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:04:02","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/order_8620.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:04:00","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/order_6704.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:03:58","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/order_5122.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:03:55","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/order_2722.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-23 18:03:53","http://seafortealing.com/wp-content/themes/bootcake5/assets/1223/application_to_fill_7313.doc","offline","malware_download","doc|icedID","seafortealing.com","77.92.82.196","13213","GB"
"2019-12-20 22:10:04","http://www.etsikiallios.gr/wp-content/invoice/","offline","malware_download","doc|emotet|epoch2|heodo","www.etsikiallios.gr","174.127.108.27","13213","US"
"2019-12-19 18:45:04","http://primecrystal.net/cgi-bin/parts_service/nr0qercz/bg-000250234-27365979-alw0euq-6mkl0hq594p/","offline","malware_download","doc|emotet|epoch2|heodo","primecrystal.net","209.95.56.247","13213","US"
"2019-12-19 11:23:13","http://profitcoach.net/wp-includes/5s419/","offline","malware_download","emotet|epoch1|exe|Heodo","profitcoach.net","216.119.152.128","13213","US"
"2019-12-18 19:28:03","http://splmarine.com/images/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","splmarine.com","109.123.75.40","13213","GB"
"2019-12-17 14:44:07","http://sherwoodparkhall.com/wp-includes/multifunctional-139215322-iHMp7MUHwPOE/open-space/078818934-SUTZNcBaAFk/","offline","malware_download","doc|emotet|epoch1|Heodo","sherwoodparkhall.com","77.92.89.1","13213","GB"
"2019-12-17 03:31:03","http://generalpro.com/_private/LLC/nifu97/k3tfrg-74647-732191429-tdp2z-35v1/","offline","malware_download","doc|emotet|epoch2|heodo","generalpro.com","209.236.74.80","13213","US"
"2019-12-13 19:21:04","http://iclenvironmental.co.uk/cgi-bin/prp6-96sjd-738/","offline","malware_download","doc|emotet|epoch3|heodo","iclenvironmental.co.uk","77.92.69.132","13213","GB"
"2019-12-13 10:14:15","http://generalpro.com/_private/a/","offline","malware_download","emotet|epoch2|exe|Heodo","generalpro.com","209.236.74.80","13213","US"
"2019-12-13 05:43:03","http://agiandsam.com/2014-09-10-public_html/Scan/49zld2xp/b6px2d-32061-5779830-cknhj-gfp2kb/","offline","malware_download","doc|emotet|epoch2|heodo","agiandsam.com","109.123.72.70","13213","GB"
"2019-12-13 03:41:04","http://clinton.me.uk/Clinton_Family_Website/gf0gf-perpjr-06618/","offline","malware_download","doc|emotet|epoch3|heodo","clinton.me.uk","77.92.82.201","13213","GB"
"2019-12-13 01:11:02","http://epicguru.co.uk/cgi-bin/OCT/6gmjgtu6q-03827405-824379190-qa4ec6qy-ayveqtm7/","offline","malware_download","doc|emotet|epoch2|heodo","epicguru.co.uk","176.67.162.22","13213","GB"
"2019-11-17 05:31:03","https://masterlabphoto.com/ogh/h9m/","offline","malware_download","Emotet|exe|Heodo","masterlabphoto.com","107.182.233.147","13213","US"
"2019-11-15 22:41:50","https://www.masterlabphoto.com/ogh/h9m/","offline","malware_download","emotet|epoch2|exe|Heodo","www.masterlabphoto.com","107.182.233.147","13213","US"
"2019-10-29 07:20:05","http://staging.therobertstreethub.com/staging.therobertstreethub.com/rvd97157/","offline","malware_download","Emotet|epoch1|exe|Heodo","staging.therobertstreethub.com","31.24.224.224","13213","GB"
"2019-10-11 13:28:24","http://rupertsherwood.com/Templates/yug9dpo98155/","offline","malware_download","emotet|epoch1|exe|Heodo","rupertsherwood.com","77.92.74.183","13213","GB"
"2019-09-28 03:49:03","http://globedigitalmedia.com/templates/atomic/new/RFQ-HL51L07.doc","offline","malware_download","doc","globedigitalmedia.com","77.92.69.142","13213","GB"
"2019-09-17 21:52:28","http://rupertsherwood.com/Templates/esp/b207qn1fc3l1lugdtga23zf0o_b178b9ps-936935507/","offline","malware_download","doc|emotet|epoch2|Heodo","rupertsherwood.com","77.92.74.183","13213","GB"
"2019-09-05 18:44:07","http://fixshinellc.com/vU8UK2sVHMEoywL.exe","offline","malware_download","AgentTesla|exe","fixshinellc.com","88.202.188.63","13213","GB"
"2019-09-05 14:32:10","http://fixshinellc.com/utazimb.jpg","offline","malware_download","AgentTesla|exe","fixshinellc.com","88.202.188.63","13213","GB"
"2019-09-05 11:01:06","http://fixshinellc.com/Bf0w3kHyFxPCRcp.exe","offline","malware_download","agenttesla|exe","fixshinellc.com","88.202.188.63","13213","GB"
"2019-08-29 19:25:10","http://techniksconsultants.com/cl/msk.pdf","offline","malware_download","exe|NetWire","techniksconsultants.com","174.127.106.65","13213","US"
"2019-07-31 03:20:05","http://geironimo.com/Oslo2011/imgs/1c.jpg","offline","malware_download","exe|shade|troldesh","geironimo.com","174.127.110.35","13213","US"
"2019-05-31 22:41:03","http://aisis.co.uk/services/mybEKzQADXLeaqouWcgUy/","offline","malware_download","doc|emotet|epoch2|Heodo","aisis.co.uk","109.123.64.129","13213","GB"
"2019-05-31 18:51:02","http://qoogasoft.com/ip6vj8s3oc_2sv0sts-6596903033749/","offline","malware_download","doc|emotet|epoch2|Heodo","qoogasoft.com","83.170.122.174","13213","GB"
"2019-05-30 19:48:05","http://victorianlove.com/postcards/LLC/qGOJFVtZPJfgBTFnxbNcsLyIyUiNm/","offline","malware_download","doc|emotet|epoch2|Heodo","victorianlove.com","174.127.107.143","13213","US"
"2019-05-29 13:54:05","http://qoogasoft.com/gnm2inc49275/","offline","malware_download","emotet|epoch1|exe|Heodo","qoogasoft.com","83.170.122.174","13213","GB"
"2019-05-22 18:09:04","http://mountainliondesign-test.website/rw_common/YbzIImVOaXACsGOMrtVSKz/","offline","malware_download","doc|Emotet|epoch2|Heodo","mountainliondesign-test.website","77.92.79.11","13213","GB"
"2019-05-16 14:50:09","http://tetrafire.co.uk/wp-content/Document/YaMgagUqzQWDEVDtgpE/","offline","malware_download","doc|emotet|epoch2|Heodo","tetrafire.co.uk","83.170.79.102","13213","GB"
"2019-05-16 11:34:16","http://1roof.ltd.uk/creationmaintenance.co.uk/PLIK/0b7yzogc9ssofb8efy4o2otyua0o8_769kqe-314850535719656/","offline","malware_download","doc|Emotet|epoch2|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2019-05-11 06:50:09","http://aisis.co.uk/why-use-us/US/Transactions-details/05_19/","offline","malware_download","emotet|epoch1","aisis.co.uk","109.123.64.129","13213","GB"
"2019-05-08 15:51:05","http://bestcincinnatihandyman.com/webanalyze/3mmk5z1-oygro-esqh/","offline","malware_download","doc|emotet|epoch2|Heodo","bestcincinnatihandyman.com","185.72.157.174","13213","US"
"2019-05-06 20:08:18","http://sulfurvacations.com/crdservices/mwm32628/","offline","malware_download","emotet|epoch1|exe|Heodo","sulfurvacations.com","88.202.183.185","13213","GB"
"2019-05-02 18:32:05","http://perrysignslondon.co.uk/wp-includes/secure.accs.docs.net/","offline","malware_download","doc|emotet|epoch1|Heodo","perrysignslondon.co.uk","77.92.69.1","13213","GB"
"2019-05-02 13:05:03","http://sulfurvacations.com/crdservices/6g9j4aud1mkkl99ijuv3sbeq_t91rmyji7-08924296/","offline","malware_download","Emotet|Heodo","sulfurvacations.com","88.202.183.185","13213","GB"
"2019-04-17 20:40:02","http://nkuk.com/Document/dhTdTkP6a/","offline","malware_download","","nkuk.com","77.92.82.1","13213","GB"
"2019-04-15 18:08:06","http://1roof.ltd.uk/creationmaintenance.co.uk/tkRrm-NHB6wvOSnkjr80G_srzWcHfAL-AB/","offline","malware_download","Emotet|epoch2|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2019-04-12 23:36:09","http://1roof.ltd.uk/creationmaintenance.co.uk/FC_W/","offline","malware_download","emotet|epoch2|exe|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2019-04-12 23:36:07","http://bathontv.co.uk/wp-admin/7_2Y/","offline","malware_download","emotet|epoch2|exe|Heodo","bathontv.co.uk","77.92.88.1","13213","GB"
"2019-04-11 18:28:00","http://frasher.cc/wp-content/themes/attorney/library/images/inf.inf","offline","malware_download","exe|ransomware|shade|troldesh","frasher.cc","209.95.35.38","13213","US"
"2019-04-09 22:30:15","http://aisis.co.uk/why-use-us/llc/legal/trust/En_en/04-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","aisis.co.uk","109.123.64.129","13213","GB"
"2019-04-08 14:20:10","http://lisergy.info/images/SrqhB-JquuDdA5gdoLef_wqxjJBbSH-PqI/","offline","malware_download","doc|emotet|epoch2|Heodo","lisergy.info","109.123.75.40","13213","GB"
"2019-04-05 20:56:04","http://qoogasoft.com/node-v0.11.9/GwlV-EZB4mmz0MEqoIBd_iskshcRV-T2/","offline","malware_download","emotet|epoch1|Heodo","qoogasoft.com","83.170.122.174","13213","GB"
"2019-04-05 19:16:58","http://russellgracie.co.uk/images/StSy-LAsiGFKu9gYpVS_AwQsNTkp-G19/","offline","malware_download","Emotet|Heodo","russellgracie.co.uk","83.170.123.1","13213","GB"
"2019-04-02 17:39:16","http://dickleigh.co.uk/jquery/trust.myaccount.resourses.biz/","offline","malware_download","Emotet|Heodo","dickleigh.co.uk","176.67.162.146","13213","GB"
"2019-04-02 16:57:19","http://axesrus.com/css/secure.accounts.docs.com/","offline","malware_download","emotet|epoch1|Heodo","axesrus.com","77.92.66.141","13213","GB"
"2019-03-29 21:37:06","http://wellmanorfarm.co.uk/woolliesbarn.co.uk/trust.myaccount.send.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","wellmanorfarm.co.uk","109.123.75.100","13213","GB"
"2019-03-27 18:26:37","http://wardesign.com/catalog/secure.myacc.resourses.biz/","offline","malware_download","emotet|epoch1|Heodo","wardesign.com","69.36.168.146","13213","US"
"2019-03-27 09:02:36","http://nkuk.com/FaceValue/prjcW/","offline","malware_download","emotet|epoch1|exe","nkuk.com","77.92.82.1","13213","GB"
"2019-03-27 02:59:07","http://pamelaboutique.co.uk/g83v7y-l00ur-dqvsn/","offline","malware_download","Emotet|Heodo","pamelaboutique.co.uk","109.123.72.161","13213","GB"
"2019-03-25 16:26:08","http://wardesign.com/catalog/XR99b/","offline","malware_download","emotet|epoch1|exe|Heodo","wardesign.com","69.36.168.146","13213","US"
"2019-03-21 12:50:03","http://wardesign.com/catalog/35h5nn-5b07b1s-ratqzy/","offline","malware_download","Emotet|Heodo","wardesign.com","69.36.168.146","13213","US"
"2019-03-19 21:49:06","http://brisbanelife.com/t4mmh-70ihkv-bonj/","offline","malware_download","doc|emotet|epoch2|Heodo","brisbanelife.com","206.190.140.116","13213","US"
"2019-03-19 12:30:14","http://wardesign.com/catalog/aujoq-ogagiw-wuzyivr/","offline","malware_download","Emotet|Heodo","wardesign.com","69.36.168.146","13213","US"
"2019-03-16 00:01:02","http://russellgracie.co.uk/images/tcc26-1f011d-fzjme/","offline","malware_download","doc|emotet|epoch2|Heodo","russellgracie.co.uk","83.170.123.1","13213","GB"
"2019-03-14 20:17:10","http://lisergy.info/images/sec.myacc.send.com/","offline","malware_download","emotet|epoch1|Heodo","lisergy.info","109.123.75.40","13213","GB"
"2019-03-14 18:23:03","http://fomh.net/shop/7mhg-09qq1t-tztmmky/","offline","malware_download","doc|emotet|epoch2|Heodo","fomh.net","209.236.73.163","13213","US"
"2019-03-14 17:18:12","http://johnclive.co.uk/id/zv3pc-3gtms-wlehkhtmd/","offline","malware_download","doc|emotet|epoch2|Heodo","johnclive.co.uk","83.170.80.128","13213","GB"
"2019-03-12 21:16:12","http://fomh.net/shop/Intuit_EN/files/Operations/1961452/SZJJO-co_UlB-3Xbb/","offline","malware_download","emotet|epoch1|Heodo","fomh.net","209.236.73.163","13213","US"
"2019-03-11 19:06:31","http://bgbg.us/t1q3-itq15z-tsjh.view/","offline","malware_download","emotet|epoch1|Heodo","bgbg.us","208.131.151.227","13213","US"
"2019-03-08 05:30:34","http://aisis.co.uk/why-use-us/vqa4q-91wcmw-cbtxj.view/","offline","malware_download","Emotet|Heodo","aisis.co.uk","109.123.64.129","13213","GB"
"2019-02-26 23:29:09","http://pisoradiantetop.com/EN_en/info/Inv/KiVbd-ph1_xhGSETlW-SFD/","offline","malware_download","Heodo","pisoradiantetop.com","109.123.127.235","13213","GB"
"2019-02-20 07:11:04","http://solutionssoftwarematrix.com/product_open/BOSS/BOSS_Solutions.exe","offline","malware_download","exe","solutionssoftwarematrix.com","50.115.120.222","13213","US"
"2019-02-20 02:06:05","http://www.solutionssoftwarematrix.com/product_open/BOSS/BOSS_Solutions.exe","offline","malware_download","exe","www.solutionssoftwarematrix.com","50.115.120.222","13213","US"
"2019-02-19 21:46:07","http://sentineltruckingco.com/US_us/file/Copy_Invoice/ISige-QdCId_Q-Vky/","offline","malware_download","Emotet|Heodo","sentineltruckingco.com","50.115.120.214","13213","US"
"2019-02-14 10:17:04","http://www.winefriend.co.za/De/FIORQOXU7539661/Dokumente/Rechnungsanschrift/","offline","malware_download","Emotet|Heodo","www.winefriend.co.za","174.127.108.144","13213","US"
"2019-02-13 09:12:10","http://midwestfoods.com/wp-content/odbfx8yt_5yvdgPL6/","offline","malware_download","emotet|exe|heodo","midwestfoods.com","98.158.184.176","13213","US"
"2019-02-12 05:53:04","https://crichcreative.com/taping/lol.msi","offline","malware_download","exe-to-msi","crichcreative.com","209.95.48.17","13213","US"
"2019-02-07 23:53:16","http://bgbg.us/file/NMhx-7cRXi_dqNi-GV/","offline","malware_download","doc|emotet|epoch2|Heodo","bgbg.us","208.131.151.227","13213","US"
"2019-02-07 21:44:35","http://conservsystems.co.uk/bekyi-zOp_gikxhoZaF-oz/","offline","malware_download","emotet|epoch2|Heodo","conservsystems.co.uk","77.92.75.1","13213","GB"
"2019-02-06 21:44:24","http://hrhorizons.co.uk/AT_T_Online/dX2n7245T_wEDtJ7WsX_BCCOsmhP9/","offline","malware_download","emotet|epoch1|Heodo","hrhorizons.co.uk","77.92.82.201","13213","GB"
"2019-02-06 15:58:48","http://leoandcatkane.co.uk/Telekom/Rechnungen/012019/","offline","malware_download","emotet|epoch1|Heodo","leoandcatkane.co.uk","83.170.125.87","13213","GB"
"2019-02-05 22:12:41","http://fomh.net/rTuh_GSY-ED/eP/Details/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","fomh.net","209.236.73.163","13213","US"
"2019-02-05 21:05:22","http://conservsystems.co.uk/download/Invoice/Arnvu-WZ_FtvTFxO-3fs/","offline","malware_download","Emotet|Heodo","conservsystems.co.uk","77.92.75.1","13213","GB"
"2019-02-05 21:05:19","http://borealisproductions.com/EN_en/xerox/Invoice_number/bbkB-fnU_YBROSm-8bY/","offline","malware_download","Emotet|Heodo","borealisproductions.com","209.95.59.41","13213","US"
"2019-02-05 21:04:08","http://bgbg.us/En_us/llc/oljbq-RRDG_XL-Maj/","offline","malware_download","Emotet|Heodo","bgbg.us","208.131.151.227","13213","US"
"2019-02-05 19:33:10","http://aisis.co.uk/BZnni_HBNkU-a/AC/Clients_information/2019-02/","offline","malware_download","doc|emotet|epoch1|Heodo","aisis.co.uk","109.123.64.129","13213","GB"
"2019-01-29 14:36:18","http://stonescrossing.com/wp-content/themes/stones-crossing/assets/css/messg.jpg","offline","malware_download","exe|shade","stonescrossing.com","209.95.41.92","13213","US"
"2019-01-29 09:08:24","http://hiexsgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","hiexsgroup.co.uk","109.123.103.129","13213","GB"
"2019-01-29 09:08:22","https://kingasgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","kingasgroup.co.uk","109.123.103.129","13213","GB"
"2019-01-29 09:08:21","http://stevemacandsonsltd.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","stevemacandsonsltd.co.uk","46.23.69.42","13213","GB"
"2019-01-29 09:08:19","http://larrsgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","larrsgroup.co.uk","109.123.103.129","13213","GB"
"2019-01-29 09:08:16","http://otorsgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","otorsgroup.co.uk","109.123.103.129","13213","GB"
"2019-01-29 09:08:15","https://salmosgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","salmosgroup.co.uk","109.123.103.129","13213","GB"
"2019-01-29 09:08:14","http://presleybuildersltd.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","presleybuildersltd.co.uk","46.23.69.42","13213","GB"
"2019-01-29 09:08:13","https://ultrosgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","ultrosgroup.co.uk","109.123.103.129","13213","GB"
"2019-01-29 09:08:11","https://nssegroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler|RAT","nssegroup.co.uk","46.23.69.42","13213","GB"
"2019-01-18 22:46:36","http://andrewsalmon.co.uk/kokMx-ddRbM_BnsfV-8Z/INVOICE/US/Invoice-for-u/a-01/19/2019/","offline","malware_download","doc|emotet|epoch2|Heodo","andrewsalmon.co.uk","77.92.84.46","13213","GB"
"2019-01-14 10:35:03","https://tamxgroup.co.uk/Cred_Adv043H3287.jar","offline","malware_download","Qealler|RAT","tamxgroup.co.uk","83.170.79.102","13213","GB"
"2018-12-19 00:22:35","http://surgeryoverseas.com/HTetC-uc6EH15zj_gbxUl-3r/58941/SurveyQuestionsdoc/EN_en/Document-needed/","offline","malware_download","emotet|epoch2|Heodo","surgeryoverseas.com","88.202.186.184","13213","GB"
"2018-12-19 00:21:33","http://rowlandtractors.co.uk/mLKV-jVxfVvN0_XEg-Ty/Invoice/24108650/doc/En_us/0-Past-Due-Invoices/","offline","malware_download","emotet|epoch2|Heodo","rowlandtractors.co.uk","77.92.75.2","13213","GB"
"2018-12-18 19:49:17","http://kingpinmedia.co.uk/Vrax-bP65l2RR_sWfTtXmdP-aWn/PaymentStatus/Dec2018/En_us/Invoice/","offline","malware_download","emotet|epoch2|Heodo","kingpinmedia.co.uk","77.92.66.141","13213","GB"
"2018-12-18 04:25:35","http://wellmanorfarm.co.uk/TFLX-V2JlCelVeQaIta_sZQTGLFzQ-rvv/","offline","malware_download","doc|emotet|epoch2","wellmanorfarm.co.uk","109.123.75.100","13213","GB"
"2018-12-17 19:22:33","http://fomh.net/09NzQWlsLW/","offline","malware_download","emotet|epoch1|exe|Heodo","fomh.net","209.236.73.163","13213","US"
"2018-12-14 07:48:02","http://bluedsteel.com/En_us/Clients_information/122018","offline","malware_download","doc|emotet","bluedsteel.com","77.92.79.1","13213","GB"
"2018-12-14 04:23:10","http://aisis.co.uk/zlje-8YPk4rDVVjtizW_JjNEgZFTJ-aWw/PAYROLL/Personal/","offline","malware_download","emotet|epoch2|Heodo","aisis.co.uk","109.123.64.129","13213","GB"
"2018-12-14 00:27:05","http://bluedsteel.com/En_us/Clients_information/122018/","offline","malware_download","emotet|epoch1|Heodo","bluedsteel.com","77.92.79.1","13213","GB"
"2018-12-14 00:24:09","http://bathontv.co.uk/wcQWO-KRTnhp5Mu1jszyc_uTwHRwYlC-SY/biz/Business/","offline","malware_download","emotet|epoch2|Heodo","bathontv.co.uk","77.92.88.1","13213","GB"
"2018-12-13 20:24:35","http://fomh.net/VvuPz-5RzdNJT9ZWNPQC_eHHGFXjn-Kxx/WIRE/US/","offline","malware_download","emotet|epoch2|Heodo","fomh.net","209.236.73.163","13213","US"
"2018-12-13 20:24:16","http://stourside.co.uk/glUby-DJSvAlFixtjYx2a_nxzFmBts-ldG/PAYROLL/Commercial/","offline","malware_download","emotet|epoch2|Heodo","stourside.co.uk","109.123.64.131","13213","GB"
"2018-12-13 20:04:42","http://borealisproductions.com/EN_US/Messages/2018-12/","offline","malware_download","emotet|epoch1|Heodo","borealisproductions.com","209.95.59.41","13213","US"
"2018-12-13 16:23:31","http://nuancecrusaders.com/LLC/En/Overdue-payment/","offline","malware_download","emotet|epoch2|Heodo","nuancecrusaders.com","50.115.120.71","13213","US"
"2018-12-12 22:26:04","http://wellmanorfarm.co.uk/COMET/SIGNS/PAYMENT/NOTIFICATION/12/12/2018/newsletter/EN_en/Paid-Invoices/","offline","malware_download","emotet|epoch2|Heodo","wellmanorfarm.co.uk","109.123.75.100","13213","GB"
"2018-12-11 18:34:30","http://nuancecrusaders.com/InvoiceCodeChanges/Document/US/Service-Invoice/","offline","malware_download","doc|emotet","nuancecrusaders.com","50.115.120.71","13213","US"
"2018-12-11 13:57:49","http://nuancecrusaders.com/InvoiceCodeChanges/Document/US/Service-Invoice","offline","malware_download","emotet","nuancecrusaders.com","50.115.120.71","13213","US"
"2018-12-11 07:16:03","http://wellmanorfarm.co.uk/COMET/SIGNS/PAYMENT/NOTIFICATION/12/10/2018/Corporation/En/Invoice-Corrections-for-79/74","offline","malware_download","emotet|epoch2","wellmanorfarm.co.uk","109.123.75.100","13213","GB"
"2018-12-11 05:58:15","http://wellmanorfarm.co.uk/COMET/SIGNS/PAYMENT/NOTIFICATION/12/10/2018/Corporation/En/Invoice-Corrections-for-79/74/","offline","malware_download","doc|emotet|epoch2|Heodo","wellmanorfarm.co.uk","109.123.75.100","13213","GB"
"2018-12-11 02:57:12","http://victorianlove.com/Invoice/039981590/Document/US/ACH-form/","offline","malware_download","doc|emotet|epoch2|Heodo","victorianlove.com","174.127.107.143","13213","US"
"2018-12-11 02:56:46","http://shawnballantine.com/LP88/invoicing/newsletter/EN_en/Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","shawnballantine.com","176.67.164.141","13213","GB"
"2018-12-10 21:16:19","http://victorianlove.com/Invoice/039981590/Document/US/ACH-form","offline","malware_download","emotet|epoch2","victorianlove.com","174.127.107.143","13213","US"
"2018-12-10 15:36:15","http://shawnballantine.com/LP88/invoicing/newsletter/EN_en/Past-Due-Invoices","offline","malware_download","emotet|epoch2","shawnballantine.com","176.67.164.141","13213","GB"
"2018-12-07 23:10:18","http://victorianlove.com/IRS/Internal-Revenue-Service-Online-Center/Record-of-Account-Transcript/","offline","malware_download","doc|emotet|epoch2|Heodo","victorianlove.com","174.127.107.143","13213","US"
"2018-12-07 23:09:34","http://jasoft.co.uk/images/uploads/INFO/En/Paid-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","jasoft.co.uk","46.23.67.250","13213","GB"
"2018-12-07 14:43:23","http://jasoft.co.uk/images/uploads/INFO/En/Paid-Invoices","offline","malware_download","emotet|epoch2|Heodo","jasoft.co.uk","46.23.67.250","13213","GB"
"2018-12-07 01:00:18","http://shawnballantine.com/scan/US_us/New-order/","offline","malware_download","doc|emotet|epoch2|Heodo","shawnballantine.com","176.67.164.141","13213","GB"
"2018-12-07 00:53:20","http://wellmanorfarm.co.uk/Internal-Revenue-Service/Verification-of-Non-filing-Letter/","offline","malware_download","doc|emotet|epoch2|Heodo","wellmanorfarm.co.uk","109.123.75.100","13213","GB"
"2018-12-07 00:52:25","http://pamelaboutique.co.uk/xerox/En/Invoice-receipt/","offline","malware_download","doc|emotet|epoch2|Heodo","pamelaboutique.co.uk","109.123.72.161","13213","GB"
"2018-12-06 21:41:09","http://pamelaboutique.co.uk/xerox/En/Invoice-receipt","offline","malware_download","emotet|epoch2|Heodo","pamelaboutique.co.uk","109.123.72.161","13213","GB"
"2018-12-06 17:14:35","http://rupertsherwood.com/Document/En/Invoices-Overdue/","offline","malware_download","doc|emotet|epoch2","rupertsherwood.com","77.92.74.183","13213","GB"
"2018-12-06 16:14:12","http://shawnballantine.com/scan/US_us/New-order","offline","malware_download","emotet|epoch2|Heodo","shawnballantine.com","176.67.164.141","13213","GB"
"2018-12-06 00:12:42","http://rupertsherwood.com/Document/En/Invoices-Overdue","offline","malware_download","emotet|epoch2|Heodo","rupertsherwood.com","77.92.74.183","13213","GB"
"2018-12-05 23:51:42","http://jasoft.co.uk/images/uploads/scan/US_us/Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","jasoft.co.uk","46.23.67.250","13213","GB"
"2018-12-05 23:51:41","http://jasoft.co.uk/images/uploads/scan/US_us/Past-Due-Invoices","offline","malware_download","doc|emotet|epoch2|Heodo","jasoft.co.uk","46.23.67.250","13213","GB"
"2018-12-05 06:30:56","http://wessexproductions.co.uk/Download/EN_en/Service-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","wessexproductions.co.uk","77.92.74.100","13213","GB"
"2018-12-04 12:33:02","http://wessexproductions.co.uk/Download/EN_en/Service-Invoice","offline","malware_download","emotet|epoch2|Heodo","wessexproductions.co.uk","77.92.74.100","13213","GB"
"2018-12-04 06:49:04","http://hoardingsuk.com/Kv/","offline","malware_download","Emotet|exe|Heodo","hoardingsuk.com","109.123.104.200","13213","GB"
"2018-12-03 20:21:07","http://eibtech.com/kNLSCHYq","offline","malware_download","emotet|epoch2|exe|Heodo","eibtech.com","208.131.150.143","13213","US"
"2018-12-03 20:20:08","http://hoardingsuk.com/Kv","offline","malware_download","emotet|epoch2|exe|Heodo","hoardingsuk.com","109.123.104.200","13213","GB"
"2018-11-30 06:05:54","http://tonycookdesigner.co.uk/doc/EN_en/Invoice-for-you/","offline","malware_download","doc|emotet|epoch2|Heodo","tonycookdesigner.co.uk","77.92.79.1","13213","GB"
"2018-11-30 04:41:02","http://wessexproductions.co.uk/FILE/EN_en/Question/","offline","malware_download","doc|Heodo","wessexproductions.co.uk","77.92.74.100","13213","GB"
"2018-11-30 03:49:35","http://wessexproductions.co.uk/FILE/EN_en/Question","offline","malware_download","emotet|epoch2|Heodo","wessexproductions.co.uk","77.92.74.100","13213","GB"
"2018-11-29 21:59:09","http://tonycookdesigner.co.uk/doc/EN_en/Invoice-for-you","offline","malware_download","emotet|epoch2|Heodo","tonycookdesigner.co.uk","77.92.79.1","13213","GB"
"2018-11-29 01:26:14","http://joshsolarlovesyou.com/2ET/PAYMENT/Smallbusiness/","offline","malware_download","doc|emotet|epoch2|Heodo","joshsolarlovesyou.com","206.130.123.151","13213","US"
"2018-11-29 01:26:13","http://joshsolarlovesyou.com/2ET/PAYMENT/Smallbusiness","offline","malware_download","doc|emotet|epoch2|Heodo","joshsolarlovesyou.com","206.130.123.151","13213","US"
"2018-11-28 18:09:53","http://eurofives.co.uk/5658XRQFJ/PAY/Smallbusiness","offline","malware_download","doc|emotet|heodo","eurofives.co.uk","46.23.69.44","13213","GB"
"2018-11-28 17:59:03","http://bluedsteel.com/2690975NM/PAYROLL/Business","offline","malware_download","doc|emotet","bluedsteel.com","77.92.79.1","13213","GB"
"2018-11-24 06:08:04","http://lifewithdogmovie.com/0K3jRwA/","offline","malware_download","Emotet|exe|Heodo","lifewithdogmovie.com","67.212.232.33","13213","US"
"2018-11-23 20:25:21","http://lifewithdogmovie.com/0K3jRwA","offline","malware_download","emotet|epoch1|exe|Heodo","lifewithdogmovie.com","67.212.232.33","13213","US"
"2018-11-23 13:56:09","http://angeleproductions.com/99O/com/US","offline","malware_download","doc|emotet|heodo","angeleproductions.com","109.123.104.200","13213","GB"
"2018-11-19 19:49:26","http://hestonweddings.com/newsletter/En_us/Document-needed/","offline","malware_download","emotet|heodo","hestonweddings.com","174.127.119.210","13213","US"
"2018-11-13 16:13:39","http://angelelect.com/312555as.exe","offline","malware_download","exe|Gozi","angelelect.com","109.123.104.200","13213","GB"
"2018-11-06 15:17:13","http://dmas.es/US/Details/11_18/","offline","malware_download","doc|emotet|epoch1|Heodo","dmas.es","107.182.228.228","13213","US"
"2018-11-06 15:17:11","http://dmas.es/US/Details/11_18","offline","malware_download","doc|emotet|epoch1|Heodo","dmas.es","107.182.228.228","13213","US"
"2018-10-11 07:43:38","http://techniksconsultants.com/a/k.pdf","offline","malware_download","exe","techniksconsultants.com","174.127.106.65","13213","US"
"2018-10-01 15:16:04","http://bpepc.co.uk/3917XAGGX/SWIFT/Commercial","offline","malware_download","doc|emotet|Heodo","bpepc.co.uk","77.92.79.11","13213","GB"
"2018-09-27 02:00:30","http://olympusenterprise.com/DOC/US/Past-Due-Invoice","offline","malware_download","doc|emotet|heodo","olympusenterprise.com","174.127.104.217","13213","US"
"2018-09-25 18:56:43","http://josound.net/Corporation/En/Important-Please-Read","offline","malware_download","doc|emotet|Heodo","josound.net","109.123.75.224","13213","GB"
"2018-09-25 15:46:28","http://josound.net/Corporation/En/Important-Please-Read/","offline","malware_download","emotet|Heodo|macro|word doc","josound.net","109.123.75.224","13213","GB"
"2018-09-24 23:09:10","http://olympusenterprise.com/sites/EN_en/Past-Due-Invoices","offline","malware_download","doc|emotet","olympusenterprise.com","174.127.104.217","13213","US"
"2018-09-21 14:47:19","http://evolantra.org/3581818NH/com/Smallbusiness","offline","malware_download","doc|emotet|Heodo","evolantra.org","209.236.64.25","13213","US"
"2018-09-21 14:47:13","http://formulaonegym.co.uk/7640K/SEP/Business","offline","malware_download","doc|emotet|Heodo","formulaonegym.co.uk","77.92.81.1","13213","GB"
"2018-09-21 09:14:38","http://danforshaw.com/63SMSMM/biz/Business","offline","malware_download","doc|emotet|Heodo","danforshaw.com","77.92.69.41","13213","GB"
"2018-09-21 06:20:30","http://kinginternational.co.uk/5621XGQ/ACH/Personal","offline","malware_download","doc|emotet|heodo","kinginternational.co.uk","83.170.108.1","13213","GB"
"2018-09-21 06:19:06","http://jasoft.co.uk/oasbscience/myadmin/config/8510UMCBZS/SWIFT/Commercial","offline","malware_download","doc|emotet|heodo","jasoft.co.uk","46.23.67.250","13213","GB"
"2018-09-21 06:16:28","http://heydn.net/036DDACKAK/com/US","offline","malware_download","doc|emotet|heodo","heydn.net","77.92.75.2","13213","GB"
"2018-09-19 14:26:32","http://hoardingsuk.com/Document/US_us/Invoice-Corrections-for-65/69","offline","malware_download","doc|emotet|Heodo","hoardingsuk.com","109.123.104.200","13213","GB"
"2018-09-19 14:26:29","http://kinginternational.co.uk/86827MMNL/BIZ/Personal","offline","malware_download","doc|emotet|Heodo","kinginternational.co.uk","83.170.108.1","13213","GB"
"2018-09-19 04:26:33","http://formulaonegym.co.uk/sites/En_us/757-79-234470-833-757-79-234470-957/","offline","malware_download","doc|emotet|epoch2","formulaonegym.co.uk","77.92.81.1","13213","GB"
"2018-09-19 04:26:32","http://formulaonegym.co.uk/63279OXGLQXJF/BIZ/US/","offline","malware_download","doc|emotet|epoch2|Heodo","formulaonegym.co.uk","77.92.81.1","13213","GB"
"2018-09-19 04:23:05","http://1roof.ltd.uk/scan/US/Invoice-for-e/e-09/18/2018/","offline","malware_download","doc|emotet|epoch2|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2018-09-19 04:05:42","http://hestonweddings.com/newsletter/En_us/Document-needed","offline","malware_download","doc|emotet|Heodo","hestonweddings.com","174.127.119.210","13213","US"
"2018-09-18 22:35:07","http://formulaonegym.co.uk/63279OXGLQXJF/BIZ/US","offline","malware_download","doc|Heodo","formulaonegym.co.uk","77.92.81.1","13213","GB"
"2018-09-18 19:36:04","http://1roof.ltd.uk/scan/US/Invoice-for-e/e-09/18/2018","offline","malware_download","doc|Heodo","1roof.ltd.uk","77.92.74.1","13213","GB"
"2018-09-18 14:32:55","http://acspartnership.com/IuTnRMZ3p/","offline","malware_download","","acspartnership.com","77.92.73.102","13213","GB"
"2018-09-18 12:14:18","http://acspartnership.com/IuTnRMZ3p","offline","malware_download","emotet|exe|Heodo","acspartnership.com","77.92.73.102","13213","GB"
"2018-09-17 13:31:06","http://formulaonegym.co.uk/sites/En_us/757-79-234470-833-757-79-234470-957","offline","malware_download","doc|emotet|Heodo","formulaonegym.co.uk","77.92.81.1","13213","GB"
"2018-09-15 13:34:05","http://clearconstruction.co.uk/zNl1M7h/","offline","malware_download","Emotet|exe|Heodo","clearconstruction.co.uk","77.92.74.1","13213","GB"
"2018-09-13 06:42:26","http://davidly.com/832N/PAYROLL/Smallbusiness","offline","malware_download","doc|emotet|heodo","davidly.com","174.127.110.175","13213","US"
"2018-09-11 12:20:23","http://smallplanettechnology.com/jUurjYuyyr","offline","malware_download","emotet|exe|Heodo","smallplanettechnology.com","77.92.75.5","13213","GB"
"2018-09-10 15:42:36","http://andytay.com/doc/En/Service-Report-8541","offline","malware_download","doc|emotet|Heodo","andytay.com","109.123.75.40","13213","GB"
"2018-09-10 15:41:40","http://bpepc.co.uk/6319986PC/PAYMENT/Commercial","offline","malware_download","doc|emotet|Heodo","bpepc.co.uk","77.92.79.11","13213","GB"
"2018-08-31 05:07:23","http://tech4bargain.com/29378ELKBTL/SWIFT/US","offline","malware_download","emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-08-22 22:24:32","http://tech4bargain.com/OyJyAau/","offline","malware_download","doc|emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-08-22 04:26:35","http://supplyteach.dayone.io/Aug2018/En_us/Inv-734744-PO-9Y536130/","offline","malware_download","doc|emotet|Heodo","supplyteach.dayone.io","77.92.69.27","13213","GB"
"2018-08-21 19:27:19","http://supplyteach.dayone.io/Aug2018/En_us/Inv-734744-PO-9Y536130","offline","malware_download","doc|emotet|Heodo","supplyteach.dayone.io","77.92.69.27","13213","GB"
"2018-08-21 08:42:17","http://tech4bargain.com/OyJyAau","offline","malware_download","doc|emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-08-10 05:17:04","http://tech4bargain.com/197KPLLC/SKZ99989459393ZIIXM/52318/BXGL-AHJO/","offline","malware_download","Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-08-10 04:22:35","http://tech4bargain.com/197KPLLC/SKZ99989459393ZIIXM/52318/BXGL-AHJO","offline","malware_download","doc|emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-08-03 05:19:31","http://orrellparkcommun.users42.interdns.co.uk/doc/US_us/Money-transfer-details","offline","malware_download","doc|emotet|Heodo","orrellparkcommun.users42.interdns.co.uk","77.92.64.15","13213","GB"
"2018-08-03 04:28:38","http://orrellparkcommun.users42.interdns.co.uk/doc/US_us/Money-transfer-details/","offline","malware_download","doc|emotet|Heodo","orrellparkcommun.users42.interdns.co.uk","77.92.64.15","13213","GB"
"2018-07-28 05:47:03","http://deltaengineering.users31.interdns.co.uk/KepZJXThttp","offline","malware_download","emotet|heodo|payload","deltaengineering.users31.interdns.co.uk","83.170.124.26","13213","GB"
"2018-07-27 16:31:18","http://deltaengineering.users31.interdns.co.uk/KepZJXT","offline","malware_download","emotet|heodo|payload","deltaengineering.users31.interdns.co.uk","83.170.124.26","13213","GB"
"2018-07-27 10:40:38","http://deltaengineering.users31.interdns.co.uk/KepZJXT/","offline","malware_download","Emotet|exe|Heodo","deltaengineering.users31.interdns.co.uk","83.170.124.26","13213","GB"
"2018-07-02 21:28:36","http://tech4bargain.com/Factura-por-descargas/","offline","malware_download","doc|emotet|heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-07-01 14:48:30","http://tech4bargain.com/INV/","offline","malware_download","Emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-30 06:12:39","http://tech4bargain.com/INV","offline","malware_download","emotet|heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-25 20:32:37","http://tech4bargain.com/RECH/Zahlungserinnerung-vom-Juni/","offline","malware_download","doc|emotet|epoch2|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-23 06:05:20","http://fbaku.org/Hilfestellung/Unsere-Rechnung-vom-21-Juni-0093185","offline","malware_download","emotet","fbaku.org","185.9.51.36","13213","US"
"2018-06-21 08:24:40","http://fbaku.org/Hilfestellung/Unsere-Rechnung-vom-21-Juni-0093185/","offline","malware_download","doc|emotet|heodo","fbaku.org","185.9.51.36","13213","US"
"2018-06-20 14:25:58","http://tech4bargain.com/Rechnungs-scan/","offline","malware_download","Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-15 15:27:16","http://cycleaddiction.com/XTNR021208/","offline","malware_download","Heodo","cycleaddiction.com","174.127.110.49","13213","US"
"2018-06-14 17:49:07","http://tech4bargain.com/3uhoMWC/","offline","malware_download","emotet|epoch2|Heodo|payload","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-14 06:03:06","http://tech4bargain.com/IRS-Tax-Transcipts-004P/62","offline","malware_download","doc|emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-13 19:05:10","http://tech4bargain.com/IRS-Tax-Transcipts-004P/62/","offline","malware_download","doc|emotet|epoch2|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-06-04 16:13:08","http://tech4bargain.com/ups.com/WebTracking/IBH-1412605798241/","offline","malware_download","doc|emotet|Heodo","tech4bargain.com","208.131.134.20","13213","US"
"2018-05-29 21:14:52","http://microcommindia.com/Client/Invoice-375624/","offline","malware_download","doc|emotet|Heodo","microcommindia.com","50.115.114.101","13213","US"
"2018-05-21 07:40:42","http://delta.com.gt/images/xRczaR9VEcckc1/","offline","malware_download","","delta.com.gt","50.115.112.245","13213","US"
"2018-05-14 15:48:56","http://www.whoisrobertjohns.com/update.php","offline","malware_download","AgentTesla|gandcrab|Heodo|Loki|ransomware|Ransomware.GandCrab","www.whoisrobertjohns.com","83.170.125.29","13213","GB"
"2018-05-08 15:47:35","http://delta.com.gt/css/ORlU9GY6S/","offline","malware_download","doc|emotet","delta.com.gt","50.115.112.245","13213","US"
"2018-04-11 19:57:09","http://microcommindia.com/Service-Report-7788/","offline","malware_download","doc|emotet|heodo","microcommindia.com","50.115.114.101","13213","US"
# of entries: 367