##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2026-04-27 23:44:53 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS135097
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-09-10 20:06:10","http://156.224.139.59:8088/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","156.224.139.59","156.224.139.59","135097","HK"
"2024-11-19 13:59:21","http://xj.55555com.com/xj/%E6%97%B6%E6%97%B6%E5%BD%A9%20V6.7.2%20%208-21.zip","offline","malware_download","exe|zip","xj.55555com.com","156.241.125.254","135097","HK"
"2024-03-25 11:33:17","http://rebirthltd.com/mpsl","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:17","http://rebirthltd.com/x86_64","offline","malware_download","elf|Gafgyt|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:17","http://rebirthltd.com:8080/bins/x86_64","offline","malware_download","elf|Gafgyt|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:16","http://rebirthltd.com/m68k","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:16","http://rebirthltd.com:8080/bins/arm7","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:15","http://rebirthltd.com:8080/bins/arm4","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:14","http://rebirthltd.com:8080/bins/dlr.arm5","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:14","http://rebirthltd.com:8080/bins/x86_32","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:13","http://rebirthltd.com/mips","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:13","http://rebirthltd.com:8080/bins/dlr.arm7","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:13","http://rebirthltd.com:8080/bins/mips","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:12","http://rebirthltd.com:8080/bins/arm5","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:12","http://rebirthltd.com:8080/bins/mpsl","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:11","http://rebirthltd.com:8080/bins/arc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:11","http://rebirthltd.com:8080/bins/dlr.arm6","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:11","http://rebirthltd.com:8080/bins/m68k","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:11","http://rebirthltd.com:8080/bins/sh4","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:10","http://rebirthltd.com:8080/bins/arm6","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:10","http://rebirthltd.com:8080/bins/dlr.mips","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:10","http://rebirthltd.com:8080/bins/powerpc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:09","http://rebirthltd.com:8080/bins/dlr.arm","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:09","http://rebirthltd.com:8080/bins/dlr.mpsl","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:06","http://rebirthltd.com/ppc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-25 11:33:06","http://rebirthltd.com/spc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 12:47:12","http://pve.rebirthltd.com/mips64","offline","malware_download","elf|Gafgyt|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:14","http://pve.rebirthltd.com/sparc","offline","malware_download","elf|Gafgyt|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/arm5","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/arm6","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/arm7","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/mips","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/powerpc","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/rebirthmips","offline","malware_download","elf|Gafgyt|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:13","http://pve.rebirthltd.com/x86_32","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/arc","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/arm","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/arm4","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/m68k","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/mpsl","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/powerpc-440fp","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/selfrep.arm7","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/sh4","offline","malware_download","elf|Gafgyt|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:12","http://pve.rebirthltd.com/spc","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:11","http://pve.rebirthltd.com/dlr.arm","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:11","http://pve.rebirthltd.com/dlr.arm7","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:11","http://pve.rebirthltd.com/dlr.mpsl","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:11","http://pve.rebirthltd.com/ppc","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:10","http://pve.rebirthltd.com/dbg","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:10","http://pve.rebirthltd.com/x86-64","offline","malware_download","elf|Gafgyt|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:10","http://pve.rebirthltd.com/x86_64","offline","malware_download","elf|Gafgyt|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:09","http://pve.rebirthltd.com/dlr.arm5","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:09","http://pve.rebirthltd.com/dlr.arm6","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:09","http://pve.rebirthltd.com/dlr.mips","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:09","http://pve.rebirthltd.com/mipsel","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:20:09","http://pve.rebirthltd.com/x86","offline","malware_download","elf|mirai","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:14:05","http://pve.rebirthltd.com/w.sh","offline","malware_download","elf|shellscript","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:14:05","http://pve.rebirthltd.com/wget.sh","offline","malware_download","elf|shellscript","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:13:05","http://pve.rebirthltd.com/telnet.sh","offline","malware_download","elf|shellscript","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 08:10:20","http://pve.rebirthltd.com/","offline","malware_download","elf|shellscript","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:57:07","http://pve.rebirthltd.com/bins.sh","offline","malware_download","elf|shellscript","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:57:05","http://pve.rebirthltd.com/all.sh","offline","malware_download","elf|shellscript","pve.rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:15","http://rebirthltd.com/bins/mips","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:14","http://rebirthltd.com/bins/arm7","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:14","http://rebirthltd.com/sparc","offline","malware_download","elf|Gafgyt|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:11","http://rebirthltd.com/bins/arm5","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:11","http://rebirthltd.com/bins/arm6","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:11","http://rebirthltd.com/bins/m68k","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:11","http://rebirthltd.com/bins/mpsl","offline","malware_download","elf|Gafygt|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:11","http://rebirthltd.com/bins/sh4","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:11","http://rebirthltd.com/mipsel","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:10","http://rebirthltd.com/bins/ppc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:09","http://rebirthltd.com/bins/spc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-21 07:25:09","http://rebirthltd.com/bins/x86","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 10:44:07","http://rebirthltd.com/info.zip","offline","malware_download","coinminer|elf","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 10:44:04","http://rebirthltd.com","offline","malware_download","coinminer|elf","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:08","http://rebirthltd.com/arm7","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:08","http://rebirthltd.com/bins.sh","offline","malware_download","elf|shellscript","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:08","http://rebirthltd.com/dlr.arm","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/arc","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/arm4?ddos","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/arm5?ddos","offline","malware_download","elf|Gafgyt|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/arm6?ddos","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/arm7?ddos","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/arm?ddos_bot","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/dlr.arm6","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:46:07","http://rebirthltd.com/dlr.mpsl","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/all.sh","offline","malware_download","elf|shellscript","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/arm","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/arm4","offline","malware_download","elf|Gafgyt|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/arm5","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/arm6","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/arm?ddos","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/dbg","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/dlr.arm5","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/dlr.arm7","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2024-03-18 08:45:36","http://rebirthltd.com/dlr.mips","offline","malware_download","elf|mirai","rebirthltd.com","154.197.240.233","135097","SC"
"2023-05-16 11:25:58","https://crempcoop.com/qu/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","crempcoop.com","154.197.152.63","135097","SC"
"2022-05-27 01:03:08","https://sarssonconsulting.com/pun/mc/7e/4416vdbO.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 21:46:29","http://sarssonconsulting.com/pun/R/Ae4gEfMEl.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 18:33:16","https://sarssonconsulting.com/pun/u/VuiI3nz4A.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 18:33:14","https://sarssonconsulting.com/pun/LUC/qPr/okR/hVhxpY8.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 18:33:09","https://sarssonconsulting.com/pun/mFVWe8RH4W.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 18:32:28","https://sarssonconsulting.com/pun/BBK/JrU/i9B/C28lKPB.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 18:32:11","https://sarssonconsulting.com/pun/1FY/8qz/CMy/4xxBeZk.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-05-26 14:50:12","https://sarssonconsulting.com/pun/R/Ae4gEfMEl.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","sarssonconsulting.com","154.204.216.222","135097","HK"
"2022-03-14 23:21:08","http://www.altoxi.com/UIc/04GtHAQGA/","offline","malware_download","dll|emotet|epoch4|heodo","www.altoxi.com","154.197.148.74","135097","SC"
"2021-11-03 15:56:10","https://affirmingyourlife.com/tenterhook.php","offline","malware_download","doc|hancitor|html","affirmingyourlife.com","154.204.212.72","135097","HK"
"2021-08-01 16:29:11","http://www.dacui.online/download/update/%E9%80%A0%E5%B0%8F%E4%BA%BA.exe","offline","malware_download","32|exe","www.dacui.online","156.241.67.241","135097","HK"
"2021-02-02 19:26:03","https://freigthconninc.com/shipdoc/HoBLAyiLzCsYr1/","offline","malware_download","exe","freigthconninc.com","156.241.123.178","135097","HK"
"2021-02-02 18:55:08","https://freigthconninc.com/shipdoc/HoBLAyiLzCsYr1","offline","malware_download","Dridex","freigthconninc.com","156.241.123.178","135097","HK"
"2021-02-02 18:31:05","https://freigthconninc.com/shipdoc/KlFFODDp1Cq.php","offline","malware_download","Dridex","freigthconninc.com","156.241.123.178","135097","HK"
"2021-01-04 17:44:10","http://union.jctrip.cn/wp-includes/kv5xqyfsYEYMO0Ql9A0hbRefUSjOpfRhlLXhxZ3JGSBlX/","offline","malware_download","doc|emotet|epoch2|Heodo","union.jctrip.cn","154.212.236.141","135097","SC"
"2020-12-23 00:26:06","http://www.moninediy.com/data/oVg/","offline","malware_download","doc|emotet|epoch2|Heodo","www.moninediy.com","154.212.227.37","135097","SC"
"2020-10-27 23:59:06","http://357shop.com/wp-includes/sites/fPo/","offline","malware_download","doc|emotet|epoch3|Heodo","357shop.com","156.226.71.167","135097","SC"
"2020-10-27 16:14:18","http://cenfeng.top/wp-admin/EpxrQYPgwlY8HcYnjxust36VOaU1LYYG0YlNddIYSp01Ea45vnJUoM3A3yMyvhspMMD/","offline","malware_download","doc|emotet|epoch2|Heodo","cenfeng.top","154.204.193.11","135097","HK"
"2020-10-27 12:24:08","https://cenfeng.top/wp-admin/EpxrQYPgwlY8HcYnjxust36VOaU1LYYG0YlNddIYSp01Ea45vnJUoM3A3yMyvhspMMD/","offline","malware_download","doc|emotet|epoch2|Heodo","cenfeng.top","154.204.193.11","135097","HK"
"2020-10-26 14:40:12","https://cenfeng.top/wp-admin/Pages/2zkn7HO9l0/","offline","malware_download","doc|emotet|epoch1|Heodo","cenfeng.top","154.204.193.11","135097","HK"
"2020-10-26 09:33:06","https://www.cenfeng.top/wp-admin/Pages/2zkn7HO9l0/","offline","malware_download","doc|emotet|epoch1|Heodo","www.cenfeng.top","154.204.193.11","135097","HK"
"2020-10-22 20:13:07","https://steamrub.com/wp-admin/esp/","offline","malware_download","doc|emotet|epoch2|Heodo","steamrub.com","154.212.238.238","135097","SC"
"2020-10-22 20:12:12","http://teleargentina.com/ver/public/h0hs740m6dvxcje/b9dyvy6pij06vfu/","offline","malware_download","doc|emotet|epoch2","teleargentina.com","154.220.92.212","135097","SC"
"2020-10-22 13:59:20","https://www.steamrub.com/wp-admin/esp/","online","malware_download","doc|emotet|epoch2|Heodo","www.steamrub.com","154.212.238.238","135097","SC"
"2020-10-22 00:27:08","https://www.teleargentina.com/ver/public/h0hs740m6dvxcje/b9dyvy6pij06vfu/","offline","malware_download","doc|emotet|epoch2|Heodo","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-10-21 16:07:17","http://lankenet.cn/soglashenie/report/m30bmqf/xkuzxhdgy8io1cozkuk9j/","offline","malware_download","doc|emotet|epoch2|Heodo","lankenet.cn","156.226.90.164","135097","SC"
"2020-10-16 01:20:40","http://ps.sywwl.cn/web/Reporting/","offline","malware_download","doc|emotet|epoch2|Heodo","ps.sywwl.cn","154.220.23.78","135097","SC"
"2020-10-14 22:53:10","http://nengjiankang.com/wp-admin/payment/bq02xr1fpjor/t4m5sfqj3pcjqze0j69qw1d3imf5lg/","offline","malware_download","doc|emotet|epoch2|Heodo","nengjiankang.com","154.212.235.210","135097","SC"
"2020-10-01 11:55:12","http://ps.sywwl.cn/web/QQT7D/","offline","malware_download","emotet|epoch3|exe|Heodo","ps.sywwl.cn","154.220.23.78","135097","SC"
"2020-09-30 06:38:10","https://zhengxiaosa.cn/htuen/paclm/dMQDtvplAAfGplp/","offline","malware_download","doc|emotet|epoch1|Heodo","zhengxiaosa.cn","156.224.213.19","135097","HK"
"2020-09-30 02:02:05","http://zhengxiaosa.cn/htuen/paclm/dMQDtvplAAfGplp/","offline","malware_download","doc|emotet|epoch1|Heodo","zhengxiaosa.cn","156.224.213.19","135097","HK"
"2020-09-29 07:14:05","http://kunming666.cn/wordpress/Reporting/","offline","malware_download","doc|emotet|epoch2|Heodo","kunming666.cn","156.226.54.220","135097","SC"
"2020-09-24 22:15:08","http://vip.jizhiguoren.com/cache/Zh/","offline","malware_download","emotet|epoch2|exe|Heodo","vip.jizhiguoren.com","154.220.115.230","135097","SC"
"2020-09-24 19:45:09","https://www.teleargentina.com/ver/statement/u6094juwl/","offline","malware_download","doc|emotet|epoch2|Heodo","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-09-24 15:09:18","http://vip.jizhiguoren.com/mzxf3/public/xPwhCBkpgn9Iwf1alxq/","offline","malware_download","doc|emotet|epoch1|Heodo","vip.jizhiguoren.com","154.220.115.230","135097","SC"
"2020-09-24 09:20:20","http://kunming666.cn/wordpress/attachments/pok1qv/","offline","malware_download","doc|emotet|epoch2|Heodo","kunming666.cn","156.226.54.220","135097","SC"
"2020-09-22 16:18:03","https://www.teleargentina.com/ver/LLC/","offline","malware_download","doc|emotet|epoch2|Heodo|ZLoader","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-09-22 06:44:26","http://jizhiguoren.com/savedcart/payment/1l8nlh4/","offline","malware_download","doc|emotet|epoch2","jizhiguoren.com","154.220.115.230","135097","SC"
"2020-09-21 19:03:08","http://kunming666.cn/wordpress/X6BYH21C8RHD/E5HNSYeGINF/","offline","malware_download","doc|emotet|epoch1|Heodo","kunming666.cn","156.226.54.220","135097","SC"
"2020-09-19 13:33:10","http://blog.zhengxiaosa.cn/wp-admin/esp/cgi47292591673439mkys08y32iwq9/","offline","malware_download","doc|emotet|epoch2|Heodo","blog.zhengxiaosa.cn","156.224.213.19","135097","HK"
"2020-09-19 01:27:07","http://vip.jizhiguoren.com/mzxf3/7l6w6t/","offline","malware_download","emotet|epoch3|exe|Heodo","vip.jizhiguoren.com","154.220.115.230","135097","SC"
"2020-09-17 17:29:07","http://kunming666.cn/wordpress/browse/","offline","malware_download","doc|emotet|epoch2|Heodo","kunming666.cn","156.226.54.220","135097","SC"
"2020-09-16 21:26:36","http://blog.zhengxiaosa.cn/wp-admin/LLC/kqwv8yeq8/","offline","malware_download","doc|emotet|epoch2|heodo","blog.zhengxiaosa.cn","156.224.213.19","135097","HK"
"2020-09-15 22:16:07","https://zhengxiaosa.cn/htuen/Scan/","offline","malware_download","doc|emotet|epoch2|heodo","zhengxiaosa.cn","156.224.213.19","135097","HK"
"2020-09-15 09:36:12","http://gch7.com/wp-includes/Nkwp/","offline","malware_download","emotet|epoch2|exe|Heodo","gch7.com","154.212.217.77","135097","SC"
"2020-08-23 01:07:04","https://teleargentina.com/ver/personal_zone/external_cloud/61294841175_6SGUUOwU/","offline","malware_download","doc","teleargentina.com","154.220.92.212","135097","SC"
"2020-08-22 13:37:35","https://teleargentina.com/ver/personal-box/cf7k5tp-9wpjx-Qa2bYnG-lU8NGr4aw/0f7b1dw2yt-422x1t072x/","offline","malware_download","doc","teleargentina.com","154.220.92.212","135097","SC"
"2020-08-22 12:54:34","https://teleargentina.com/ver/personal-resource/test-115938478-GI0CCjpSpmOb8/AV34nXrOH97Q-0K7tw6rHj9JwH/","offline","malware_download","doc","teleargentina.com","154.220.92.212","135097","SC"
"2020-08-22 11:39:29","https://www.teleargentina.com/ver/Y/","offline","malware_download","emotet|epoch1|exe|Heodo","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-08-17 15:32:10","http://ciinac.com/404/ttUiB/","offline","malware_download","doc|emotet|epoch3|Heodo","ciinac.com","154.212.194.145","135097","SC"
"2020-08-14 19:16:14","http://ciinac.com/404/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","ciinac.com","154.212.194.145","135097","SC"
"2020-08-14 08:23:13","http://alaxcx.com/bh1oof/aafVtyMz/","offline","malware_download","doc|emotet|epoch3|Heodo","alaxcx.com","154.197.223.172","135097","SC"
"2020-08-13 22:43:07","https://www.teleargentina.com/ver/personal-resource/test-115938478-GI0CCjpSpmOb8/AV34nXrOH97Q-0K7tw6rHj9JwH/","offline","malware_download","doc|emotet|epoch1|heodo","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-08-11 14:47:05","https://www.teleargentina.com/ver/personal-box/cf7k5tp-9wpjx-Qa2bYnG-lU8NGr4aw/0f7b1dw2yt-422x1t072x/","offline","malware_download","doc|emotet|epoch1|heodo","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-08-07 14:05:10","http://cnwanlian.cn/wp-admin/Kpce/","offline","malware_download","doc|emotet|epoch3|Heodo|QuakBot","cnwanlian.cn","154.220.123.119","135097","SC"
"2020-08-06 11:03:10","https://www.teleargentina.com/ver/personal_zone/external_cloud/61294841175_6SGUUOwU/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","www.teleargentina.com","154.220.92.212","135097","SC"
"2020-07-24 02:07:42","http://gamesmanga.com/wp-includes/INC/","offline","malware_download","doc|emotet|epoch2","gamesmanga.com","154.212.212.213","135097","SC"
"2020-07-23 20:22:33","https://gamesmanga.com/wp-includes/INC/","offline","malware_download","doc|emotet|epoch2|Heodo","gamesmanga.com","154.212.212.213","135097","SC"
"2020-07-22 15:49:03","https://gamesmanga.com/wp-includes/closed-array/interior-warehouse/29622761682207-lS3yT6jGmY/","offline","malware_download","doc|emotet|epoch1|heodo","gamesmanga.com","154.212.212.213","135097","SC"
"2020-07-21 20:52:10","https://www.hnlyx.top/wp-content/Scan/dlyc9ke/","offline","malware_download","doc|emotet|epoch2|heodo","www.hnlyx.top","154.212.196.13","135097","SC"
"2020-02-06 06:35:09","http://chanke.lixinyiyuan.com/wp-content/uploads/NpdQNm93/","offline","malware_download","emotet|epoch1|exe|heodo","chanke.lixinyiyuan.com","156.226.82.226","135097","SC"
"2020-02-05 12:32:36","https://372novels.com/wp-content/multifunctional-section/test-portal/wexp183-6w33uvy00ys50u/","offline","malware_download","doc|emotet|epoch1|heodo","372novels.com","154.220.68.80","135097","SC"
"2020-02-05 11:11:11","http://www.chenwangqiao.com/wordpress/wp-lm9-32/","online","malware_download","doc|emotet|epoch3|Heodo","www.chenwangqiao.com","154.212.217.75","135097","SC"
"2020-02-03 10:25:36","http://www.chenwangqiao.com/wordpress/3waa9-ke38h-15/","online","malware_download","doc|emotet|epoch3|heodo","www.chenwangqiao.com","154.212.217.75","135097","SC"
"2020-01-31 14:49:06","http://www.chenwangqiao.com/wordpress/FILE/","online","malware_download","doc|emotet|epoch2|heodo","www.chenwangqiao.com","154.212.217.75","135097","SC"
"2020-01-29 07:09:09","http://liuxuqing.com/wp-admin/esp/8a2ea4ka/","offline","malware_download","doc|emotet|epoch2|Heodo","liuxuqing.com","156.226.71.250","135097","SC"
"2020-01-29 03:25:07","https://www.qwqoo.com/homldw/pb7qx9vbzne8utf-m4te-disk/interior-warehouse/SBAWzc-5ey4HiwL0f/","offline","malware_download","doc|emotet|epoch1|Heodo","www.qwqoo.com","156.226.80.99","135097","SC"
"2020-01-29 02:21:07","http://eyafun.com/wp-includes/534-mr-28527/","offline","malware_download","doc|emotet|epoch3|Heodo","eyafun.com","154.212.192.231","135097","SC"
"2020-01-24 03:18:07","https://www.qwqoo.com/homldw/docs/e6evlzd5tlzw/","offline","malware_download","doc|emotet|epoch2|heodo","www.qwqoo.com","156.226.80.99","135097","SC"
"2020-01-23 19:39:06","http://vgadb.com/www/protected-zone/verified-space/35381371-K55XOXc4/","offline","malware_download","doc|emotet|epoch1|Heodo","vgadb.com","156.226.71.29","135097","SC"
"2020-01-23 12:14:07","http://eyafun.com/wp-includes/payment/1yi-932-7507289-d9chiswrg-uiza8qgs/","offline","malware_download","doc|emotet|epoch2|heodo","eyafun.com","154.212.192.231","135097","SC"
"2020-01-23 07:11:08","http://www.fshome.top/wp-admin/aapq7-g6e-26529/","offline","malware_download","doc|emotet|epoch3|heodo","www.fshome.top","154.204.225.197","135097","HK"
"2020-01-21 14:46:30","https://www.qwqoo.com/homldw/3piyy4/","offline","malware_download","emotet|epoch2|exe|Heodo","www.qwqoo.com","156.226.80.99","135097","SC"
"2020-01-21 13:36:11","https://www.u-goo.com/wp-admin/je-at26-6086/","offline","malware_download","doc|emotet|epoch3|heodo","www.u-goo.com","154.204.217.158","135097","HK"
"2020-01-21 07:07:09","http://www.fshome.top/wp-admin/Overview/","offline","malware_download","doc|emotet|epoch2|heodo","www.fshome.top","154.204.225.197","135097","HK"
"2020-01-16 09:53:12","http://www.fshome.top/wp-admin/statement/x268s68/6z-62699727-86383-9me7cw-5bujkcd/","offline","malware_download","doc|emotet|epoch2|heodo","www.fshome.top","154.204.225.197","135097","HK"
"2020-01-15 13:24:04","http://36lian.com/42142/13xj532xpk-spit-84585131/","offline","malware_download","emotet|epoch3|exe|Heodo","36lian.com","156.226.82.21","135097","SC"
"2019-12-20 02:43:04","https://hfmgj.com/wp-includes/report/xpx-33661748-406005173-jymjce-en2t/","offline","malware_download","doc|emotet|epoch2|heodo","hfmgj.com","156.226.95.205","135097","SC"
"2019-12-18 11:14:04","https://adan-hospital.com/wiajfh56jfs/statement/","offline","malware_download","doc|emotet|epoch2|heodo","adan-hospital.com","154.213.90.70","135097","SC"
"2019-12-17 01:23:17","https://hfmgj.com/wp-includes/closed_resource/open_area/397226475_gZIBl/","offline","malware_download","doc|emotet|epoch1|Heodo","hfmgj.com","156.226.95.205","135097","SC"
"2019-12-17 01:22:18","http://www.xiaoqiyu.cn/cfw/open-eSFV8BybyR-XthJHBA/additional-forum/3148974373521-vOhjQ/","offline","malware_download","doc|emotet|epoch1|Heodo","www.xiaoqiyu.cn","154.92.101.42","135097","HK"
"2019-12-13 20:13:11","http://www.xiaoqiyu.cn/cfw/multifunctional-module/6wEZrWSx0y-7tEAMykds0-area/257743983847-jyoIw0xxU4bz8p/","offline","malware_download","doc|emotet|epoch1|Heodo","www.xiaoqiyu.cn","154.92.101.42","135097","HK"
"2019-12-13 19:01:05","https://hfmgj.com/wp-includes/tk2ke-24r-50683/","offline","malware_download","doc|emotet|epoch3|heodo","hfmgj.com","156.226.95.205","135097","SC"
"2019-12-13 18:37:07","https://hfmgj.com/wp-includes/64617348993/behazt-90894031-84353347-sqznv6-51o5hwp/","offline","malware_download","doc|emotet|epoch2|heodo","hfmgj.com","156.226.95.205","135097","SC"
"2019-12-09 19:06:13","http://www.qanghan.com/wp-content/open-sector/interior-warehouse/JVKAYFFJaYd-4sij0wz8/","offline","malware_download","doc|emotet|epoch1|Heodo","www.qanghan.com","154.91.16.172","135097","SC"
"2019-12-06 21:52:20","http://www.qanghan.com/wp-content/Scan/767s3qrc51e9/udl8oavqf-584555-3298-rh5l3wn5i0-lxltvsm3/","offline","malware_download","doc|emotet|epoch2|Heodo","www.qanghan.com","154.91.16.172","135097","SC"
"2019-09-16 15:33:06","https://shu.cneee.net/shufastudio/Scan/vv8xo9h9n2dp5af62kx_xdoeip5n-07937890306369/","offline","malware_download","doc|Emotet|epoch2|Heodo","shu.cneee.net","154.204.217.138","135097","HK"
"2019-07-19 15:07:21","http://aloe-drink.com/ONO10HLES.exe","offline","malware_download","","aloe-drink.com","154.91.10.2","135097","SC"
"2019-07-19 13:15:10","http://aloe-drink.com/host.php","offline","malware_download","Downloader.Upatre|TrickBot","aloe-drink.com","154.91.10.2","135097","SC"
"2019-05-26 00:10:33","http://www.zenkashow.com/zenkashow.exe","offline","malware_download","exe","www.zenkashow.com","156.241.82.204","135097","HK"
"2019-05-25 21:17:34","http://zenkashow.com/zenkashow.exe","offline","malware_download","exe","zenkashow.com","156.241.82.204","135097","HK"
"2019-05-14 07:03:02","http://camereco.com/wp-content/languages/4b3u-9vk9z0y-wmztpu/","offline","malware_download","emotet|epoch2","camereco.com","154.212.186.205","135097","SC"
"2019-05-13 11:41:05","http://www.camereco.com/wp-content/languages/4b3u-9vk9z0y-wmztpu/","offline","malware_download","doc|emotet|epoch2|Heodo","www.camereco.com","154.212.186.205","135097","SC"
"2019-04-25 13:50:11","http://cauar.com/wp-admin/M_V/","offline","malware_download","emotet|epoch2|exe|Heodo","cauar.com","154.204.234.108","135097","HK"
"2019-04-04 15:22:02","http://camereco.com/wp-content/languages/yW_c/","offline","malware_download","exe","camereco.com","154.212.186.205","135097","SC"
"2019-03-22 18:09:12","http://www.camereco.com/wp-content/languages/yW_c/","offline","malware_download","emotet|epoch2|exe|Heodo","www.camereco.com","154.212.186.205","135097","SC"
"2019-03-14 11:46:18","http://woofaa.cn/wp-admin/q9mv-ofau9-fukesbx/","offline","malware_download","doc|emotet|epoch2|Heodo","woofaa.cn","154.91.14.206","135097","SC"
"2019-03-12 03:14:06","https://www.huhuzhibo.net/wp-content/r5lv9-j1kozp-umplr/","offline","malware_download","Emotet|Heodo","www.huhuzhibo.net","156.226.99.239","135097","SC"
"2019-02-11 21:07:03","http://methodofsolutions.com/corporation/Inv/Rzztj-Rq_lH-iF/","offline","malware_download","Emotet|Heodo","methodofsolutions.com","156.241.118.130","135097","HK"
"2019-01-25 03:22:42","http://gustochain.com/hQSJH-dlE5_HmlZdQt-nwn/Southwire/QGV5273031915/US/Outstanding-Invoices/","offline","malware_download","emotet|epoch2|Heodo","gustochain.com","154.220.69.247","135097","SC"
"2018-12-09 03:03:03","http://jswlkeji.com/modules/mod_ariimageslidersa/Payment.zip","offline","malware_download","zip","jswlkeji.com","156.226.71.233","135097","SC"
"2018-12-09 03:02:04","http://jswlkeji.com/modules/mod_ariimageslidersa/pop/Proof%20of%20Payment.zipx","offline","malware_download","zip","jswlkeji.com","156.226.71.233","135097","SC"
"2018-11-19 19:38:10","http://23243.xc.05cg.com/xiaz/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E6%95%B0%E5%AD%97%E4%BF%A1%E5%8F%B7%E5%A4%84%E7%90%86PDF%E7%94%B5%E5%AD%90%E4%B9%A6%E4%B8%8B%E8%BD%BD%E5%B8%A6%E4%B9%A6%E7%AD%BE%E7%9B%AE%E5%BD%95sample@241_2711636.exe","offline","malware_download","Adware.Qjwmonkey|emotet|heodo","23243.xc.05cg.com","156.224.215.86","135097","HK"
"2018-11-13 19:32:17","http://vspirelab.com/scan/US/Invoice-receipt","offline","malware_download","emotet|Heodo","vspirelab.com","154.220.83.171","135097","SC"
"2018-10-04 22:12:23","http://disruptmybusiness.com/152HPKYEPC/ACH/Business","offline","malware_download","doc|emotet|Heodo","disruptmybusiness.com","154.204.230.52","135097","HK"
"2018-09-13 05:41:23","http://saidilrizamuda.com/49759AQ/identity/Smallbusiness/","offline","malware_download","doc|emotet|epoch2|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-09-11 13:07:18","http://saidilrizamuda.com/49759AQ/identity/Smallbusiness","offline","malware_download","doc|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-09-11 02:29:03","http://saidilrizamuda.com/For-Check","offline","malware_download","doc|emotet|epoch1|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-23 03:05:33","http://saidilrizamuda.com/957QLIUNS/identity/Smallbusiness/","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-22 10:09:14","http://saidilrizamuda.com/957QLIUNS/identity/Smallbusiness","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-21 16:35:46","http://merctransfers.gradycares.com/022BZX/SWIFT/US/","offline","malware_download","Heodo","merctransfers.gradycares.com","156.241.99.199","135097","HK"
"2018-08-21 12:02:36","http://merctransfers.gradycares.com/022BZX/SWIFT/US","offline","malware_download","doc|emotet|Heodo","merctransfers.gradycares.com","156.241.99.199","135097","HK"
"2018-08-14 04:28:35","http://saidilrizamuda.com/Aug2018/EN_en/Invoice/ACCOUNT5984763/","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-14 04:28:33","http://saidilrizamuda.com/026YCARD/GBKP12184031GHF/Aug-11-2018-52425/IY-HMEC-Aug-11-2018/","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-13 22:19:46","http://saidilrizamuda.com/Aug2018/EN_en/Invoice/ACCOUNT5984763","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-13 22:19:44","http://saidilrizamuda.com/11GAXDownload/YJ66629AZI/52722197/ERK-KBF-Aug-09-2018/","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-13 12:46:31","http://saidilrizamuda.com/026YCARD/GBKP12184031GHF/Aug-11-2018-52425/IY-HMEC-Aug-11-2018","offline","malware_download","doc|emotet|Heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-08-09 06:49:49","http://saidilrizamuda.com/11GAXDownload/YJ66629AZI/52722197/ERK-KBF-Aug-09-2018","offline","malware_download","doc|emotet|heodo","saidilrizamuda.com","154.212.192.84","135097","SC"
"2018-07-21 08:06:14","http://kdrecord.com/SA0FH9a","offline","malware_download","emotet|exe|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-07-21 07:41:04","http://kdrecord.com/SA0FH9a/","offline","malware_download","Emotet|exe|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-07-17 21:35:56","http://kdrecord.com/doc/EN_en/OVERDUE-ACCOUNT/Invoices/","offline","malware_download","doc|emotet|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-07-04 22:45:08","http://impavn.com/cfs/LatestPO..exe","offline","malware_download","exe|Pony","impavn.com","154.197.135.252","135097","SC"
"2018-07-04 05:05:29","http://kdrecord.com/En/FILE/invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-07-04 04:45:04","http://impavn.com/cfs/PurchaseOrderJuly.exe","offline","malware_download","exe|Formbook|Pony","impavn.com","154.197.135.252","135097","SC"
"2018-06-30 06:07:32","http://kdrecord.com/Order/84317","offline","malware_download","emotet|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-30 06:07:30","http://kdrecord.com/ACCOUNT/New-Invoice-CN0222-TZ-11755","offline","malware_download","emotet|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-28 05:26:06","http://kdrecord.com/Order/84317/","offline","malware_download","emotet|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-26 17:01:05","http://kdrecord.com/ACCOUNT/New-Invoice-CN0222-TZ-11755/","offline","malware_download","doc|emotet|epoch2|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-21 13:02:09","http://kdrecord.com/Facture-impayee/New-Order-Upcoming/Services-06-20-18-New-Customer-IC","offline","malware_download","emotet|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-21 05:40:05","http://kdrecord.com/Facture-impayee/New-Order-Upcoming/Services-06-20-18-New-Customer-IC/","offline","malware_download","emotet|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-18 22:50:11","http://kdrecord.com/STATUS/ACCOUNT1800948/","offline","malware_download","AgentTesla|doc|emotet|epoch2|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-13 18:46:17","http://kdrecord.com/IRS-TRANSCRIPTS-04/87/","offline","malware_download","doc|emotet|epoch1|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-11 14:23:19","http://kdrecord.com/IRS-Tax-Transcipts-07/64/","offline","malware_download","doc|emotet|epoch1|Formbook|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-08 17:21:07","http://kdrecord.com/VJJjAUmAL/","offline","malware_download","emotet|epoch2|Heodo|payload","kdrecord.com","154.213.85.32","135097","SC"
"2018-06-05 16:40:11","http://kdrecord.com/Client/Invoices/","offline","malware_download","doc|emotet|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-05-29 06:54:00","http://kdrecord.com/Rechnungszahlung/Zahlungserinnerung-vom-Mai-0751-3840/","offline","malware_download","doc|emotet|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-05-24 08:13:22","http://kdrecord.com/ACCOUNT/INV13334035808/","offline","malware_download","doc|emotet|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-05-18 10:36:48","http://kdrecord.com/InformationRechnung/","offline","malware_download","doc|emotet|Heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-05-15 06:39:38","http://www.xaidol.com/update.php","offline","malware_download","AgentTesla|gandcrab|Loki|ransomware|Ransomware.GandCrab","www.xaidol.com","154.212.247.51","135097","SC"
"2018-04-11 19:55:26","http://kdrecord.com/Past-Due-Invoices/","offline","malware_download","doc|emotet|heodo","kdrecord.com","154.213.85.32","135097","SC"
"2018-03-27 17:45:57","http://jswlkeji.com/modules/mod_ariimageslidersa/pep/Payment.zip","offline","malware_download","jar|qexvmc|zip","jswlkeji.com","156.226.71.233","135097","SC"
"2018-03-27 09:49:15","http://jswlkeji.com/modules/mod_ariimageslidersa/","offline","malware_download","","jswlkeji.com","156.226.71.233","135097","SC"
# of entries: 240