############################################################################## # URLhaus ASN CSV Feed # # Generated on 2024-03-29 12:35:04 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS27715 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2023-12-14 12:20:13","https://focussci.com.br/temp/Drop-Icons-Installer.rar","offline","malware_download","","focussci.com.br","186.202.153.107","27715","BR" "2023-12-07 13:06:40","https://assetsjava1.websiteseguro.com/ngloar/globsarg.png","offline","malware_download","BRA|geo|zip","assetsjava1.websiteseguro.com","186.202.153.146","27715","BR" "2023-11-27 05:56:11","http://elevecosmeticos.com.br/attivita/index.php","offline","malware_download","agenziaentrate|geo|geofenced|ITA|redir-302","elevecosmeticos.com.br","189.126.122.128","27715","BR" "2023-11-17 19:17:05","https://luterlab.com.br/utim/","offline","malware_download","PikaBot|TR","luterlab.com.br","191.252.139.0","27715","BR" "2023-11-17 19:16:38","http://gnettecnologia.com.br/san/","offline","malware_download","PikaBot|TR","gnettecnologia.com.br","191.252.107.127","27715","BR" "2023-11-17 19:15:39","https://gnettecnologia.com.br/san/","offline","malware_download","PikaBot|TR","gnettecnologia.com.br","191.252.107.127","27715","BR" "2023-11-06 14:56:20","https://softlink.com.br/cuts/","offline","malware_download","Pikabot|TA577|TR","softlink.com.br","191.252.132.168","27715","BR" "2023-10-24 10:02:12","https://emailmarketing.locaweb.com.br/accounts/188466/messages/7/clicks/53979/31?envelope_id=6","offline","malware_download","","emailmarketing.locaweb.com.br","186.202.135.207","27715","BR" "2023-10-24 10:01:16","https://emailmarketing.locaweb.com.br/accounts/188466/messages/7/clicks/3734/31?envelope_id=6","offline","malware_download","","emailmarketing.locaweb.com.br","186.202.135.207","27715","BR" "2023-10-18 06:37:22","https://mpvip.com.br/docs.php","offline","malware_download","gating|gootloader","mpvip.com.br","186.202.153.204","27715","BR" "2023-08-25 18:22:35","https://dozecomunicacao.com.br/download.php","offline","malware_download","gating|gootloader","dozecomunicacao.com.br","187.45.193.215","27715","BR" "2023-06-22 06:13:11","https://publitek.com.br/aa/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","publitek.com.br","187.45.195.134","27715","BR" "2023-06-14 12:32:12","https://facilityprint.com.br/piee/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA|zip","facilityprint.com.br","186.202.153.154","27715","BR" "2023-06-13 17:52:41","https://beve.com.br/reo/","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","beve.com.br","191.252.106.160","27715","BR" "2023-05-16 13:14:31","https://sakuradedetizadora.com/ac/?1","offline","malware_download","BB28|geofenced|GuLoader|js|Qakbot|Quakbot|USA","sakuradedetizadora.com","191.252.139.128","27715","BR" "2023-05-04 13:40:17","https://jufestlocacoes.com.br/gnome2/rentfree.zip","offline","malware_download","geofenced|obama260|Qakbot|Qbot|Quakbot|USA|wsf|zip","jufestlocacoes.com.br","191.252.131.66","27715","BR" "2023-05-04 10:57:32","https://depandrefigueiredo.com/ises/","offline","malware_download","BB26|js|Qakbot|Quakbot|USA|zip","depandrefigueiredo.com","191.252.194.31","27715","BR" "2023-04-25 12:58:26","https://facilityprint.com.br/eut/nonnam.php","offline","malware_download","BB25|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","facilityprint.com.br","186.202.153.154","27715","BR" "2023-04-24 19:07:16","https://facilityprint.com.br/ttes/nonsimilique.php","offline","malware_download","BB25|geofenced|MSI|ONE|Qakbot|Qbot|Quakbot|tr|USA","facilityprint.com.br","186.202.153.154","27715","BR" "2023-04-20 18:30:19","https://facilityprint.com.br/fae/voluptatemsit.php","offline","malware_download","671|BB24|geofenced|hta|Qakbot|Qbot|Quakbot|tr|USA|zip","facilityprint.com.br","186.202.153.154","27715","BR" "2023-04-19 12:48:24","https://facilityprint.com.br/erue/utcumque.php","offline","malware_download","921|BB24|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","facilityprint.com.br","186.202.153.154","27715","BR" "2023-04-12 18:45:27","https://floraprodutosnaturais.com.br/imu/officiiscupiditate.php","offline","malware_download","921|BB23|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","floraprodutosnaturais.com.br","200.234.194.173","27715","BR" "2023-04-12 18:44:23","http://intimapassion.com.br/mimo/quaspraesentium.php","offline","malware_download","921|BB23|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","intimapassion.com.br","191.252.126.162","27715","BR" "2023-04-11 13:48:33","https://lojadaslojas.com.br/amoe/amoe.php","offline","malware_download","BB23|geofenced|Qakbot|Qbot|Quakbot|R89|tr|USA|wsf|zip","lojadaslojas.com.br","191.252.116.129","27715","BR" "2023-04-11 13:48:20","https://llenergia.com.br/se/se.php","offline","malware_download","BB23|geofenced|Qakbot|Qbot|Quakbot|R89|tr|USA|wsf|zip","llenergia.com.br","191.252.142.243","27715","BR" "2023-04-06 15:41:43","https://apollologistics.com.br/ca/ca.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","apollologistics.com.br","191.252.129.251","27715","BR" "2023-04-05 15:40:28","https://drjoaquimneves.com.br/queu/queu.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","drjoaquimneves.com.br","191.252.105.78","27715","BR" "2023-03-24 04:04:07","https://graficacanelaverde.com.br/rmru/rmru.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","graficacanelaverde.com.br","191.252.118.106","27715","BR" "2023-03-24 03:59:26","https://anjosrosa.com.br/emei/emei.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","anjosrosa.com.br","191.252.118.106","27715","BR" "2023-03-22 17:35:14","http://toiaagrosciences1.hospedagemdesites.ws/grupotoia/CPKU5ZE/","offline","malware_download","dll|emotet|epoch4|Heodo|zip","toiaagrosciences1.hospedagemdesites.ws","187.45.193.168","27715","BR" "2023-03-21 21:17:10","https://www.gomespontes.com.br/logs/OnULNYFQXXvsnhbeWvV/","offline","malware_download","dll|emotet|epoch4|Heodo|zip","www.gomespontes.com.br","186.202.153.5","27715","BR" "2023-03-15 21:51:08","https://www.gomespontes.com.br/logs/pd/","offline","malware_download","dll|emotet|epoch4|heodo|one","www.gomespontes.com.br","186.202.153.5","27715","BR" "2023-03-14 19:03:51","https://facilite.profissional.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilite.profissional.ws","186.202.153.85","27715","BR" "2023-03-14 19:03:43","https://institutozoe.empresarial.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","institutozoe.empresarial.ws","186.202.153.29","27715","BR" "2023-03-14 19:03:35","https://solutionsindicancia.com.br/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","solutionsindicancia.com.br","186.202.153.54","27715","BR" "2023-03-14 19:03:32","https://cliqueebr1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR" "2023-03-14 19:03:27","https://facilitaterceiri1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilitaterceiri1.hospedagemdesites.ws","187.45.239.121","27715","BR" "2023-03-14 19:03:17","https://institutozoe.empresarial.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","institutozoe.empresarial.ws","186.202.153.29","27715","BR" "2023-03-14 19:03:03","https://granadoemurahara1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","granadoemurahara1.hospedagemdesites.ws","177.153.57.197","27715","BR" "2023-03-14 19:02:59","https://somautomotivorj.com.br/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR" "2023-03-14 19:02:42","https://elevecosmeticos.com.br/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","elevecosmeticos.com.br","189.126.122.128","27715","BR" "2023-03-14 19:02:41","https://solutionsindicancia.com.br/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","solutionsindicancia.com.br","186.202.153.54","27715","BR" "2023-03-14 19:02:24","https://weltenergia1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","weltenergia1.hospedagemdesites.ws","186.202.153.83","27715","BR" "2023-03-14 19:02:17","https://somautomotivorj.com.br/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR" "2023-03-14 19:02:13","https://elevecosmeticos.com.br/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","elevecosmeticos.com.br","189.126.122.128","27715","BR" "2023-03-14 19:02:12","https://weltenergia1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","weltenergia1.hospedagemdesites.ws","186.202.153.83","27715","BR" "2023-03-14 19:02:02","https://emprestimo.profissional.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","emprestimo.profissional.ws","186.202.153.192","27715","BR" "2023-03-14 19:02:02","https://hscor.saude.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","hscor.saude.ws","191.252.51.36","27715","BR" "2023-03-14 19:01:48","https://cliqueebr1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR" "2023-03-14 19:01:38","https://emprestimo.profissional.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","emprestimo.profissional.ws","186.202.153.192","27715","BR" "2023-03-14 19:01:37","https://facilitaterceiri1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilitaterceiri1.hospedagemdesites.ws","187.45.239.121","27715","BR" "2023-03-14 19:01:37","https://projecto.profissional.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","projecto.profissional.ws","186.202.153.163","27715","BR" "2023-03-14 19:01:36","https://granadoemurahara1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","granadoemurahara1.hospedagemdesites.ws","177.153.57.197","27715","BR" "2023-03-14 19:01:11","https://portosegurosafet1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","portosegurosafet1.hospedagemdesites.ws","187.45.239.121","27715","BR" "2023-03-14 19:01:10","https://somautomotivorj.com.br/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR" "2023-03-14 19:01:09","https://portosegurosafet1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","portosegurosafet1.hospedagemdesites.ws","187.45.239.121","27715","BR" "2023-03-14 19:01:05","https://institutozoe.empresarial.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","institutozoe.empresarial.ws","186.202.153.29","27715","BR" "2023-03-14 19:00:59","https://cliqueebr1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR" "2023-03-14 19:00:57","https://facilite.profissional.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilite.profissional.ws","186.202.153.85","27715","BR" "2023-03-14 19:00:53","https://projecto.profissional.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","projecto.profissional.ws","186.202.153.163","27715","BR" "2023-03-14 19:00:53","https://weltenergia1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","weltenergia1.hospedagemdesites.ws","186.202.153.83","27715","BR" "2023-03-14 19:00:46","https://elevecosmeticos.com.br/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","elevecosmeticos.com.br","189.126.122.128","27715","BR" "2023-03-14 19:00:44","https://emprestimo.profissional.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","emprestimo.profissional.ws","186.202.153.192","27715","BR" "2023-03-14 19:00:43","https://projecto.profissional.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","projecto.profissional.ws","186.202.153.163","27715","BR" "2023-03-14 19:00:39","https://facilite.profissional.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilite.profissional.ws","186.202.153.85","27715","BR" "2023-03-14 19:00:29","https://facilitaterceiri1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilitaterceiri1.hospedagemdesites.ws","187.45.239.121","27715","BR" "2023-03-14 18:59:59","https://granadoemurahara1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","granadoemurahara1.hospedagemdesites.ws","177.153.57.197","27715","BR" "2023-03-14 18:59:55","https://hscor.saude.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","hscor.saude.ws","191.252.51.36","27715","BR" "2023-03-14 18:59:33","https://portosegurosafet1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","portosegurosafet1.hospedagemdesites.ws","187.45.239.121","27715","BR" "2023-03-14 18:59:19","https://hscor.saude.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","hscor.saude.ws","191.252.51.36","27715","BR" "2023-03-14 18:59:11","https://solutionsindicancia.com.br/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","solutionsindicancia.com.br","186.202.153.54","27715","BR" "2023-03-14 12:02:11","http://cliqueebr1.hospedagemdesites.ws/connect/index.php","offline","malware_download","agenziaentrate|geofenced|gozi|isfb|ITA|mef|mise|ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR" "2023-03-14 08:10:21","http://somautomotivorj.com.br/connect/index.php","offline","malware_download","7713|agenziaentrate|geofenced|gozi|isfb|ita|mef|mise|redir-302|ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR" "2023-02-27 20:05:30","https://clinicasilviarocha.com.br/POE.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","clinicasilviarocha.com.br","191.252.143.158","27715","BR" "2023-02-27 19:37:22","https://affectnet.com.br/END.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","affectnet.com.br","191.252.136.201","27715","BR" "2023-02-23 12:33:07","http://detail-booking.com.br/cr.jpg","offline","malware_download","","detail-booking.com.br","186.202.153.121","27715","BR" "2023-02-09 17:08:16","https://suprimax.vet.br/css/fonts/OneCleanerInst942914.exe","offline","malware_download","drop-by-malware|PrivateLoader","suprimax.vet.br","191.252.4.45","27715","BR" "2023-02-02 23:17:54","https://santorres.com.br/SEEA.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","santorres.com.br","191.252.140.88","27715","BR" "2023-02-02 23:15:31","https://oliverservice.com.br/EOLD.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","oliverservice.com.br","191.252.143.158","27715","BR" "2022-12-29 17:11:12","http://counteract.com.br/wp-admin/WWcACJFy3Yn/","offline","malware_download","emotet","counteract.com.br","191.252.130.106","27715","BR" "2022-12-19 21:51:31","https://spnoticias.tv.br/iu/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","spnoticias.tv.br","191.252.139.122","27715","BR" "2022-12-19 21:43:25","https://labproexame.com.br/ip/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","labproexame.com.br","191.252.139.0","27715","BR" "2022-12-19 21:31:49","https://aspsupermercados.com.br/unia/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","aspsupermercados.com.br","191.252.123.72","27715","BR" "2022-12-19 16:35:50","https://laza.bio.br/vla/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","laza.bio.br","191.252.140.70","27715","BR" "2022-12-15 16:16:32","https://jmbanheiras.com.br/onet/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","jmbanheiras.com.br","191.252.132.168","27715","BR" "2022-12-15 16:15:35","https://dfrlimeira.com.br/ms/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","dfrlimeira.com.br","191.252.128.237","27715","BR" "2022-12-14 16:16:16","https://trespassos.com.br/utrp/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","trespassos.com.br","191.252.132.168","27715","BR" "2022-12-14 16:08:48","https://mjbbrokers.com.br/iqa/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","mjbbrokers.com.br","191.252.132.168","27715","BR" "2022-12-13 21:51:49","https://trespassos.com.br/itse/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","trespassos.com.br","191.252.132.168","27715","BR" "2022-12-13 21:50:43","https://softlink.com.br/lor/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","softlink.com.br","191.252.132.168","27715","BR" "2022-12-13 21:48:49","https://simonlaboratorio.com.br/tn/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","simonlaboratorio.com.br","191.252.139.0","27715","BR" "2022-12-13 20:37:46","https://revestik.com.br/lo/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","revestik.com.br","191.252.135.206","27715","BR" "2022-12-13 20:32:13","https://lefdigital.com.br/teus/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","lefdigital.com.br","200.234.194.177","27715","BR" "2022-12-13 20:29:52","https://legalconsulting.com.br/uol/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","legalconsulting.com.br","191.252.132.230","27715","BR" "2022-12-13 20:26:59","https://globalplanning.com.br/duta/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","globalplanning.com.br","191.252.137.174","27715","BR" "2022-12-13 20:25:31","https://dimatex.com.br/ls/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","dimatex.com.br","191.252.130.249","27715","BR" "2022-12-13 20:24:32","https://ergocenter.med.br/tu/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","ergocenter.med.br","191.252.144.153","27715","BR" "2022-12-11 08:31:10","http://186.202.137.23/SGL.exe","offline","malware_download","exe","186.202.137.23","186.202.137.23","27715","BR" "2022-11-30 18:18:15","http://premiumspecialists.com.br/pc4ji57s0.exe","offline","malware_download","exe","premiumspecialists.com.br","191.252.51.68","27715","BR" "2022-11-25 01:29:13","http://batalhaocrazy1.hospedagemdesites.ws/vendas/imagem.jpg","offline","malware_download","32|exe|RustyStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR" "2022-11-25 01:12:17","http://batalhaocrazy1.hospedagemdesites.ws/jpg/test.exe","offline","malware_download","exe|LucaStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR" "2022-11-25 01:12:13","http://batalhaocrazy1.hospedagemdesites.ws/vendas/imagem2.jpg","offline","malware_download","msi|RustyStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR" "2022-11-23 12:31:20","http://batalhaocrazy1.hospedagemdesites.ws/vendas/imagem64.jpg","offline","malware_download","RustyStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR" "2022-11-17 19:19:56","https://lavaville.com.br/ae/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","lavaville.com.br","200.234.194.177","27715","BR" "2022-11-04 18:40:17","http://cursosweb.com.br/portal/6ozjR/","offline","malware_download","emotet|epoch5|exe|heodo","cursosweb.com.br","186.202.161.154","27715","BR" "2022-11-04 11:11:12","http://cursosinterativos.com.br/semprichickoff2/pEl/","offline","malware_download","emotet|epoch4|exe|heodo","cursosinterativos.com.br","187.45.193.166","27715","BR" "2022-10-21 01:19:27","http://euajudoaciencia.com.br/ai/offermontfils","offline","malware_download","BB04|iso|NH833|qakbot|qbot|quakbot|TR|zip","euajudoaciencia.com.br","200.234.195.82","27715","BR" "2022-10-19 01:09:21","https://euajudoaciencia.com.br/ai/offerAlateeki","offline","malware_download","BB03|FYN09|iso|qakbot|qbot|quakbot|TR|zip","euajudoaciencia.com.br","200.234.195.82","27715","BR" "2022-10-10 14:40:12","http://www.toplevel.com.br/medico/iWM/","offline","malware_download","emotet|epoch3|exe|heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2022-09-14 16:59:06","http://melhoridade2022.msantosm.com.br/accounts/180553/messages/4/clicks/3039/2?envelope_id=2","offline","malware_download","","melhoridade2022.msantosm.com.br","186.202.135.207","27715","BR" "2022-06-22 21:22:12","http://contabilidadeplenus.com.br/ebooks/dIA4V2AnYEnQL/","offline","malware_download","emotet|exe|heodo","contabilidadeplenus.com.br","186.202.153.165","27715","BR" "2022-06-22 16:24:12","https://contabilidadeplenus.com.br/ebooks/dIA4Vv2AnYEnQL/","offline","malware_download","dll|emotet|epoch4","contabilidadeplenus.com.br","186.202.153.165","27715","BR" "2022-06-09 07:55:06","http://unisatrastreamento.com/vendor/fw3.exe","offline","malware_download","exe|RedLineStealer","unisatrastreamento.com","186.202.153.31","27715","BR" "2022-06-08 19:26:08","http://wehx.com.br/wp-snapshots/ds37LVL/","offline","malware_download","dll|emotet|epoch5|Heodo","wehx.com.br","179.188.11.44","27715","BR" "2022-05-26 12:51:07","http://www.toplevel.com.br/medico/uhfU6/","offline","malware_download","emotet|epoch2|exe|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2022-05-19 19:02:11","https://noronhalanches.com.br/cgi-bin/xixssuML9NOJO9/","offline","malware_download","dll|emotet|epoch5|heodo","noronhalanches.com.br","191.252.51.213","27715","BR" "2022-05-19 10:54:11","https://zanardini.com.br/tne/uqnieueq","offline","malware_download","TR","zanardini.com.br","191.252.138.17","27715","BR" "2022-05-18 17:26:06","http://perlasmarinhas.com.br/wp-includes/ywMovPUTPlTzd6c/","offline","malware_download","dll|emotet|epoch5|heodo","perlasmarinhas.com.br","186.202.153.104","27715","BR" "2022-05-18 14:08:05","https://meusrecursos.com.br/wp-includes/Z2kfAYcYWp/","offline","malware_download","emotet|epoch4|exe|heodo","meusrecursos.com.br","186.202.153.54","27715","BR" "2022-05-18 14:04:08","https://meusrecursos.com.br/wp-includes/rdxro/","offline","malware_download","dll|emotet|epoch4|heodo","meusrecursos.com.br","186.202.153.54","27715","BR" "2022-05-16 14:50:34","http://casamartins.com.br/pll/pjptxdbtzv.zip","offline","malware_download","b-TDS|obama183|Qakbot|qbot|Quakbot|zip","casamartins.com.br","191.252.51.54","27715","BR" "2022-05-13 17:49:07","http://jhocantemperos.com.br/wp-includes/NDL2YgHPT/","offline","malware_download","dll|emotet|epoch4|Heodo","jhocantemperos.com.br","191.252.51.215","27715","BR" "2022-05-13 17:21:41","https://casamartins.com.br/pll/PJPTxDBtzV.zip","offline","malware_download","b-TDS|obama183|Qakbot|qbot|Quakbot|zip","casamartins.com.br","191.252.51.54","27715","BR" "2022-05-13 11:17:09","http://inteirado.com.br/fonts/7dJCVvuE5x3YrGQs2oJz/","offline","malware_download","dll|emotet|epoch4|heodo","inteirado.com.br","191.252.94.202","27715","BR" "2022-04-22 15:47:07","http://www.fantasyclub.com.br/imgs/rggmVTfvT/","offline","malware_download","Emotet|epoch4|exe|Heodo","www.fantasyclub.com.br","191.252.134.87","27715","BR" "2022-04-22 11:51:11","https://www.fantasyclub.com.br/imgs/rggmVTfvT/","offline","malware_download","dll|emotet|epoch4|Heodo","www.fantasyclub.com.br","191.252.134.87","27715","BR" "2022-04-21 21:21:08","https://counteract.com.br/wp-admin/WWcACJFy3Yn/","offline","malware_download","dll|emotet|epoch4|Heodo","counteract.com.br","191.252.130.106","27715","BR" "2022-03-31 22:24:07","http://flexaviationcenter.com/bin/mvd4h6/","offline","malware_download","dll|emotet|epoch5|Heodo","flexaviationcenter.com","186.202.153.148","27715","BR" "2022-03-30 20:43:05","http://globallogistica1.hospedagemdesites.ws/Download/3iwSKW3RWhVbzdhN987MlCQEOVwO/","offline","malware_download","emotet|epoch4|Heodo|SilentBuilder|xls","globallogistica1.hospedagemdesites.ws","186.202.153.89","27715","BR" "2022-03-29 15:18:08","http://formulamedica.com.br/aspnet_client/KXEdUDsW8Q/","offline","malware_download","emotet|epoch4|redir-doc|xls","formulamedica.com.br","186.202.153.96","27715","BR" "2022-03-29 15:18:08","http://formulamedica.com.br/aspnet_client/KXEdUDsW8Q/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo","formulamedica.com.br","186.202.153.96","27715","BR" "2022-03-29 13:33:07","https://www.fitoka.com.br/plugins/oFZRcso98qlNk3FdrKPtlA8/","offline","malware_download","emotet|epoch4|redir-doc|xls","www.fitoka.com.br","191.252.139.96","27715","BR" "2022-03-29 13:33:07","https://www.fitoka.com.br/plugins/oFZRcso98qlNk3FdrKPtlA8/?i=1","offline","malware_download","doc|emotet|epoch4|SilentBuilder","www.fitoka.com.br","191.252.139.96","27715","BR" "2022-03-28 21:42:05","http://fribeiro.com.br/siteAntigo/o/?i=1","offline","malware_download","doc|emotet|epoch4|SilentBuilder","fribeiro.com.br","187.45.193.226","27715","BR" "2022-03-28 21:26:06","http://fribeiro.com.br/siteAntigo/o/","offline","malware_download","emotet|epoch4|redir-doc|xls","fribeiro.com.br","187.45.193.226","27715","BR" "2022-03-19 17:04:37","https://tebetdanelon.com.br/wp-content/iVrceXC3knlRRl/","offline","malware_download","Emotet|epoch4|exe","tebetdanelon.com.br","191.252.106.251","27715","BR" "2022-02-25 10:57:08","https://advb.org/zDRcRDl2Ck/56.png","offline","malware_download","dll|Qakbot|qbot|Quakbot","advb.org","186.202.157.79","27715","BR" "2022-02-23 23:49:11","https://medvital.com.br/arquivos/q6ZjbPPoR7l/","offline","malware_download","dll|emotet|epoch4","medvital.com.br","186.202.153.180","27715","BR" "2022-02-23 03:56:11","http://wvfsbrasil.com.br/Acrasieae/LIYNOqCthfZuCWQz3/","offline","malware_download","dll|emotet|epoch5|Heodo","wvfsbrasil.com.br","191.252.137.51","27715","BR" "2022-02-01 17:57:07","https://megacriacoes.com/system/neighboring.php","offline","malware_download","doc|hancitor|html","megacriacoes.com","191.252.129.230","27715","BR" "2022-02-01 17:57:05","https://megacriacoes.com/system/squirrelled.php","offline","malware_download","doc|hancitor|html","megacriacoes.com","191.252.129.230","27715","BR" "2022-02-01 17:57:05","https://megacriacoes.com/system/trigram.php","offline","malware_download","doc|hancitor|html","megacriacoes.com","191.252.129.230","27715","BR" "2022-01-27 03:47:25","https://brilhodezembalagens.com.br/adopted.php","offline","malware_download","doc|hancitor|html","brilhodezembalagens.com.br","191.252.133.208","27715","BR" "2022-01-27 03:47:13","https://brilhodezembalagens.com.br/serialize.php","offline","malware_download","doc|hancitor|html","brilhodezembalagens.com.br","191.252.133.208","27715","BR" "2022-01-14 23:49:05","http://cfcalda.com.br/Cebalrai/1980039_806941/","offline","malware_download","emotet|epoch5|redir-doc","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-14 23:49:04","http://cfcalda.com.br/Cebalrai/1980039_806941/?i=1","offline","malware_download","ArkeiStealer|doc|emotet|epoch5|Heodo","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-13 23:45:05","http://cfcalda.com.br/Cebalrai/305452_598/","offline","malware_download","emotet|epoch5|redir-doc|xls","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-13 23:45:05","http://cfcalda.com.br/Cebalrai/305452_598/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-12 23:04:04","http://cfcalda.com.br/Cebalrai/44-119611/","offline","malware_download","emotet|epoch5|redir-doc|xls","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-12 23:04:04","http://cfcalda.com.br/Cebalrai/44-119611/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-11 21:18:04","http://cfcalda.com.br/Cebalrai/ugXgY9W/?name=CVS/Pharmacy","offline","malware_download","emotet|epoch4|redir-doc","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-11 21:17:06","http://cfcalda.com.br/Cebalrai/ugXgY9W/","offline","malware_download","emotet|epoch4|redir-doc|xls","cfcalda.com.br","187.45.193.220","27715","BR" "2022-01-11 21:17:06","http://cfcalda.com.br/Cebalrai/ugXgY9W/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","cfcalda.com.br","187.45.193.220","27715","BR" "2021-12-09 11:56:22","https://brindesdesipat.com.br/blog/x/","offline","malware_download","emotet|epoch4|redir-doc","brindesdesipat.com.br","191.252.51.202","27715","BR" "2021-11-05 16:32:05","http://villaggioverde.com.br/etprovident/quaeratrerum-2741376","offline","malware_download","qbot|tr","villaggioverde.com.br","191.252.100.250","27715","BR" "2021-11-04 13:57:09","https://villaggioverde.com.br/etprovident/gerebatphosphorus-251393","offline","malware_download","ChaserLdr|SilentBuilder|TR|zip","villaggioverde.com.br","191.252.100.250","27715","BR" "2021-11-03 17:08:08","https://haraszonadamata.com.br/fitful.php","offline","malware_download","doc|hancitor|html","haraszonadamata.com.br","191.252.133.208","27715","BR" "2021-11-03 17:08:06","https://maisimoveiscabofrio.com.br/arguable.php","offline","malware_download","doc|hancitor|html","maisimoveiscabofrio.com.br","191.252.133.208","27715","BR" "2021-11-03 15:56:12","https://brilhodezembalagens.com.br/salivate.php","offline","malware_download","doc|hancitor|html","brilhodezembalagens.com.br","191.252.133.208","27715","BR" "2021-11-03 15:56:12","https://haraszonadamata.com.br/chronology.php","offline","malware_download","doc|hancitor|html","haraszonadamata.com.br","191.252.133.208","27715","BR" "2021-11-03 15:56:12","https://haraszonadamata.com.br/vulcanized.php","offline","malware_download","doc|hancitor|html","haraszonadamata.com.br","191.252.133.208","27715","BR" "2021-11-03 15:56:12","https://maisimoveiscabofrio.com.br/carpentry.php","offline","malware_download","doc|hancitor|html","maisimoveiscabofrio.com.br","191.252.133.208","27715","BR" "2021-11-03 15:56:12","https://maisimoveiscabofrio.com.br/denture.php","offline","malware_download","doc|hancitor|html","maisimoveiscabofrio.com.br","191.252.133.208","27715","BR" "2021-11-03 15:56:07","https://ondulato.com.br/cadenza.php","offline","malware_download","doc|hancitor|html","ondulato.com.br","191.252.104.182","27715","BR" "2021-10-30 09:43:12","http://prismarepres.com.br/wp/223.exe","offline","malware_download","32|exe|RedLineStealer","prismarepres.com.br","191.252.142.137","27715","BR" "2021-10-29 11:46:10","http://prismarepres.com.br/wp/new.exe","offline","malware_download","32|exe|LimeRAT","prismarepres.com.br","191.252.142.137","27715","BR" "2021-10-28 18:08:04","http://191.252.142.137/~dirtbike/loja/223.exe","offline","malware_download","32|exe|RedLineStealer","191.252.142.137","191.252.142.137","27715","BR" "2021-10-28 18:08:04","http://191.252.142.137/~dirtbike/loja/new.exe","offline","malware_download","32|exe|LimeRAT","191.252.142.137","191.252.142.137","27715","BR" "2021-10-28 17:27:04","http://191.252.142.137/~dirtbike/loja/101.exe","offline","malware_download","32|exe","191.252.142.137","191.252.142.137","27715","BR" "2021-10-28 17:23:13","http://rondoniamadeireira.com.br/wp-includes/js/star.exe","offline","malware_download","32|exe","rondoniamadeireira.com.br","191.252.142.137","27715","BR" "2021-10-28 17:06:05","http://191.252.142.137/~dirtbike/loja/star.exe","offline","malware_download","32|exe","191.252.142.137","191.252.142.137","27715","BR" "2021-07-01 01:39:49","https://vargasfarias.com.br/wp-content/plugins/contact-form-7/includes/block-editor/DkH2zjlJSYo.php","offline","malware_download","Dridex","vargasfarias.com.br","186.202.153.100","27715","BR" "2021-07-01 01:39:26","https://mapasweb.com.br/wp-content/plugins/admin-menu-editor/modules/access-editor/Flx5adj9j4Gld.php","offline","malware_download","Dridex","mapasweb.com.br","191.252.123.119","27715","BR" "2021-07-01 01:37:04","https://vargasfarias.com.br/wp-content/plugins/contact-form-7/includes/block-editor/reC1QrbQGV6EEq6.php?xEqual=.xsl","offline","malware_download","Dridex|opendir","vargasfarias.com.br","186.202.153.100","27715","BR" "2021-06-30 17:57:15","https://xfitacademia.com/wp-includes/back/Host_bgcRmvI27.bin","offline","malware_download","encrypted|GuLoader","xfitacademia.com","200.234.195.80","27715","BR" "2021-06-28 14:16:22","https://www.salaoviedeluxe.com.br/posts/FbV8lY8a8V9Tb0.php","offline","malware_download","Dridex","www.salaoviedeluxe.com.br","191.252.105.201","27715","BR" "2021-06-22 14:21:09","https://sierraimoveis.com.br/ager/bower_ponsotstrap/l7/mixn/BpZbPd8mY0.php","offline","malware_download","Dridex","sierraimoveis.com.br","187.45.238.197","27715","BR" "2021-06-21 19:46:38","https://www.kmgfoods.com.br/posts/OZjXnqwHlV.php","offline","malware_download","Dridex","www.kmgfoods.com.br","191.252.105.201","27715","BR" "2021-06-21 19:46:32","https://www.vidroboxbirigui.com.br/posts/GqlwMINB3GC.php","offline","malware_download","Dridex","www.vidroboxbirigui.com.br","191.252.105.201","27715","BR" "2021-06-21 19:46:26","https://www.eloyfestas.com.br/posts/EwyU0Hv3aBAST.php","offline","malware_download","CobaltStrike|Dridex","www.eloyfestas.com.br","191.252.105.201","27715","BR" "2021-06-21 19:46:24","https://sierraimoveis.com.br/manager/bower_components/bootstrap/less/mixins/BpZbPd8mY0.php","offline","malware_download","Dridex","sierraimoveis.com.br","187.45.238.197","27715","BR" "2021-06-21 19:46:20","https://vsstransportes.com.br/backup/wp-content/plugins/all-in-one-seo-pack/images/vunCfcncQMI1B.php","offline","malware_download","Dridex","vsstransportes.com.br","179.188.52.14","27715","BR" "2021-06-21 19:46:14","https://agafarmameninodeus.com.br/loja/wp-includes/sodium_compat/namespaced/Core/QznYUjHXl0IUi8.php","offline","malware_download","Dridex","agafarmameninodeus.com.br","187.45.238.197","27715","BR" "2021-06-09 17:14:11","https://novaeraservicos.com.br/images/fotos/thumbs/iW3WDwbg7nG6w.php","offline","malware_download","22201|dll|dridex","novaeraservicos.com.br","179.188.52.14","27715","BR" "2021-06-09 17:14:10","https://rogersmatrizes.com.br/wp-includes/js/tinymce/skins/lightgray/OywfppLsJ8j.php","offline","malware_download","22201|dll|dridex","rogersmatrizes.com.br","179.188.52.14","27715","BR" "2021-06-08 14:06:20","https://chavesbrasil.com.br/posts/GcdkIjqyWmtwX.php","offline","malware_download","Dridex","chavesbrasil.com.br","191.252.105.201","27715","BR" "2021-06-08 14:06:18","https://www.salaoviedeluxe.com.br/posts/7Lz4tIeiNHT9.php","offline","malware_download","Dridex","www.salaoviedeluxe.com.br","191.252.105.201","27715","BR" "2021-06-08 03:16:09","https://quiropraxiazonasul.com.br/manager/bower_components/fullcalendar/dist/lang/Bkud3eM77r.php","offline","malware_download","22201|dll|dridex","quiropraxiazonasul.com.br","187.45.238.197","27715","BR" "2021-06-06 15:32:08","http://maketotalshop.com.br/wp-content/plugins/main/asn_okiNuxQK191.bin","offline","malware_download","encrypted|GuLoader","maketotalshop.com.br","187.45.195.13","27715","BR" "2021-05-26 12:59:20","https://mottanet.com.br/dr--una-leffler-ii/Liam.Smith-67.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","mottanet.com.br","187.45.240.104","27715","BR" "2021-05-26 11:50:08","https://www.cartoriodesaovicente.com.br/tmp/12123/conter/BND4295F12ASI9F44160.php","offline","malware_download","mekotio|spy","www.cartoriodesaovicente.com.br","186.202.188.84","27715","BR" "2021-05-20 14:35:46","https://plascom.ind.br/_img/parceiros/Ii2g4cYzKfaMLz7.php","offline","malware_download","Dridex","plascom.ind.br","191.252.142.218","27715","BR" "2021-04-27 15:31:13","https://habitacionalimoveis.com.br/fat.php","offline","malware_download","doc|hancitor","habitacionalimoveis.com.br","191.252.113.188","27715","BR" "2021-04-26 14:58:10","https://sistemasvip.com.br/profmobile/vendor/doctrine/annotations/docs/yN6mOpJ1jmbI.php","offline","malware_download","40111|dll|dridex","sistemasvip.com.br","191.252.63.85","27715","BR" "2021-04-21 18:03:21","https://mundodelas.sistemasvip.com.br/new/full/imagens/R0UtGyWd.php","offline","malware_download","Dridex","mundodelas.sistemasvip.com.br","191.252.63.85","27715","BR" "2021-04-21 18:03:21","https://sisprofamilia.sistemasvip.com.br/profmobile/vendor/doctrine/collections/docs/E6owcrdAVifHpML.php","offline","malware_download","Dridex","sisprofamilia.sistemasvip.com.br","191.252.63.85","27715","BR" "2021-04-19 20:33:12","https://pnspsocorro.sistemasvip.com.br/autocomplete2/img/_notes/mANaBBNQfE1d.php","offline","malware_download","Dridex","pnspsocorro.sistemasvip.com.br","191.252.63.85","27715","BR" "2021-04-19 20:33:08","https://construaki.com.br/js/vendor/bootstrap/less/mixins/SKKzd9Fe7Q3B.php","offline","malware_download","Dridex","construaki.com.br","191.252.104.182","27715","BR" "2021-04-19 13:11:14","https://loja.bigfisher.com.br/e8190ys.rar","offline","malware_download","dridex","loja.bigfisher.com.br","191.252.142.218","27715","BR" "2021-04-13 19:22:12","https://timberart.com.br/ambassadorial.php","offline","malware_download","doc|Hancitor","timberart.com.br","191.252.144.65","27715","BR" "2021-04-13 19:22:12","https://timberart.com.br/decompose.php","offline","malware_download","doc|Hancitor","timberart.com.br","191.252.144.65","27715","BR" "2021-04-13 19:22:12","https://timberart.com.br/hi.php","offline","malware_download","doc|Hancitor","timberart.com.br","191.252.144.65","27715","BR" "2021-04-13 19:22:12","https://timberart.com.br/viennese.php","offline","malware_download","doc|Hancitor","timberart.com.br","191.252.144.65","27715","BR" "2021-04-13 13:52:17","https://www.srsousaerocha.com.br/servicos/bueno-netto/qeUerctujN.php","offline","malware_download","Dridex","www.srsousaerocha.com.br","191.252.129.230","27715","BR" "2021-03-22 18:07:09","http://cartoriomachado.com.br/wp-includes/js/tinymce/plugins/charmap/e1.exe","offline","malware_download","BazarCall|exe|openfield","cartoriomachado.com.br","186.202.153.165","27715","BR" "2021-03-22 18:07:09","http://cartoriomachado.com.br/wp-includes/js/tinymce/plugins/charmap/e3.exe","offline","malware_download","exe|openfield","cartoriomachado.com.br","186.202.153.165","27715","BR" "2021-03-17 17:12:15","https://plusval.com.br/js/vendor/GfHHOKjuN.php","offline","malware_download","Dridex","plusval.com.br","191.252.139.196","27715","BR" "2021-03-12 00:13:07","https://connect.rio.br/cop.php","offline","malware_download","hancitor","connect.rio.br","186.202.153.79","27715","BR" "2021-03-12 00:13:07","https://connect.rio.br/stumper.php","offline","malware_download","hancitor","connect.rio.br","186.202.153.79","27715","BR" "2021-03-03 18:51:17","https://expressoquiririm.com.br/wp-content/plugins/contact-form-7/includes/DUmXYk6VPMo.php","offline","malware_download","Dridex","expressoquiririm.com.br","191.252.143.234","27715","BR" "2021-02-17 21:46:03","https://andradeexpress.com.br/h42emv1.zip","offline","malware_download","Dridex","andradeexpress.com.br","191.252.135.187","27715","BR" "2021-02-17 15:33:16","https://sweetcotton.com.br/ikqdw6e7n.rar","offline","malware_download","Dridex","sweetcotton.com.br","191.252.135.187","27715","BR" "2021-02-15 13:46:09","https://gruppodomus.com.br/wp-content/themes/twentyten/images/headers/m54.dll","offline","malware_download","mon54|Trickbot","gruppodomus.com.br","191.252.135.187","27715","BR" "2021-02-10 14:11:01","http://ddesignmoveis.com.br/d4cdd6.rar","offline","malware_download","Dridex","ddesignmoveis.com.br","191.252.135.187","27715","BR" "2021-02-10 13:16:31","https://ddesignmoveis.com.br/d4cdd6.rar","offline","malware_download","Dridex","ddesignmoveis.com.br","191.252.135.187","27715","BR" "2021-01-26 16:42:11","https://fiscon.cnt.br/dcvn56.rar","offline","malware_download","dridex|payload","fiscon.cnt.br","191.252.138.140","27715","BR" "2021-01-25 16:41:52","https://draprevidencia.com.br/bpcymxo.rar","offline","malware_download","dridex|dropper","draprevidencia.com.br","191.252.138.140","27715","BR" "2021-01-22 16:42:06","http://resioleo.com.br/wp-includes/SqxIiERmulWWnHXE2AFezka394KNxcSSNcgKWgGZM71YyrkS8RfeLfVXAARsKspnn/","offline","malware_download","doc|Emotet|epoch2|Heodo","resioleo.com.br","187.45.240.5","27715","BR" "2021-01-21 15:22:15","http://stellarum.com.br/hknmwj.zip","offline","malware_download","Dridex","stellarum.com.br","191.252.144.65","27715","BR" "2021-01-12 16:43:07","http://www.toplevel.com.br/medico/RuFF8m0jqCTqU81JIEynpDQgNvyD9JbSYNPS04w833jj9JcAdfZ/","offline","malware_download","doc|emotet|epoch2|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-12-30 02:48:06","https://ongpassoapasso.com.br/r/1IYaxeIKDTISrYMpRRWckdwE7/","offline","malware_download","doc|emotet|epoch2|Heodo","ongpassoapasso.com.br","186.202.153.194","27715","BR" "2020-12-29 15:00:08","http://www.atemto.com.br/arquivos/qt9mZsdOWxheAArVJL5hbvpRueGJ41AAkvWeJeziYKsY0rPd/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.atemto.com.br","187.45.195.34","27715","BR" "2020-12-29 14:43:08","http://www.quatria.com.br/wp-includes/OgNrrPmKVytpTYWUw3L7zpkO6neGTNiXJYBbIoUC7hhSHjPOw/","offline","malware_download","doc|emotet|epoch2|Heodo","www.quatria.com.br","191.252.51.58","27715","BR" "2020-12-22 10:27:06","http://institutoisor.org/g/Oh1ucGWd3nfPDUukPD80BZbwbfescnqDDASuvx9GN/","offline","malware_download","doc|emotet|epoch2|Heodo","institutoisor.org","186.202.153.179","27715","BR" "2020-12-22 09:59:06","http://iguanapneus.com.br/telling-ex-isnoi/FwjV8IBKL07puzRg99GC9bb/","offline","malware_download","doc|emotet|epoch2|Heodo","iguanapneus.com.br","191.252.51.57","27715","BR" "2020-12-21 23:25:08","http://braam.com.br/c/oaA7YWWX/","offline","malware_download","dll|emotet|epoch3|exe|Heodo","braam.com.br","186.202.153.152","27715","BR" "2020-12-21 17:05:05","http://www.toplevel.com.br/medico/wuEeTldQTSKCYLrggl97PUJb7x99t1/","offline","malware_download","doc|emotet|epoch2|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-12-21 09:57:08","https://mobgroup.com.br/wp-content/font/","offline","malware_download","emotet|epoch3|exe|heodo","mobgroup.com.br","191.252.106.175","27715","BR" "2020-12-12 06:49:06","http://republicaconteudo.com.br/wp-content/tn/69Ji0BWHpYnFp51.exe","offline","malware_download","AgentTesla|exe","republicaconteudo.com.br","187.45.195.10","27715","BR" "2020-12-12 06:46:07","http://republicaconteudo.com.br/wp-content/tn/USnKpMNxeTAkbKy.exe","offline","malware_download","AgentTesla|exe","republicaconteudo.com.br","187.45.195.10","27715","BR" "2020-12-11 09:40:06","http://psicopatologiafundamental.org.br/uploads/e.php?","offline","malware_download","","psicopatologiafundamental.org.br","187.45.193.209","27715","BR" "2020-10-28 21:35:06","http://mobaviation.com.br/wp-content/PhDYRnvcUlnAQaKF79LC6b6XC1sx6IfVLuNVMTPELTQIwItaQZGT6iQm/","offline","malware_download","doc|emotet|epoch2","mobaviation.com.br","191.252.131.85","27715","BR" "2020-10-28 15:29:07","https://mobaviation.com.br/wp-content/PhDYRnvcUlnAQaKF79LC6b6XC1sx6IfVLuNVMTPELTQIwItaQZGT6iQm/","offline","malware_download","doc|emotet|epoch2|Heodo","mobaviation.com.br","191.252.131.85","27715","BR" "2020-10-28 15:17:09","https://www.apeduti.com.br/wp-includes/XN2wg26v/","offline","malware_download","emotet|epoch3|exe|Heodo","www.apeduti.com.br","187.45.193.174","27715","BR" "2020-10-27 13:57:06","http://www.toplevel.com.br/medico/public/CGOYiZfL/","offline","malware_download","doc|emotet|epoch3|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-10-22 11:52:06","http://datacentertecnologia.com.br/model/Reporting/zxze/","offline","malware_download","doc|emotet|epoch2|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR" "2020-10-21 09:44:06","https://www.arquitetospizzarolls.com.br/wp-content_old/lm/rIcPIzzUed/","offline","malware_download","doc|emotet|epoch1|Heodo","www.arquitetospizzarolls.com.br","186.202.153.65","27715","BR" "2020-10-20 16:52:07","https://costuricesdagi.com.br/wp/B85Q0Y9/3443gkbrmiidy/","offline","malware_download","doc|emotet|epoch2|Heodo","costuricesdagi.com.br","191.252.142.172","27715","BR" "2020-10-20 10:28:06","http://rotaryclubbh.org.br/wp-snapshots/u63otkuizg15m9nw5nw/","offline","malware_download","doc|emotet|epoch2|Heodo","rotaryclubbh.org.br","191.252.51.3","27715","BR" "2020-10-20 07:12:05","http://www.toplevel.com.br/medico/58nxia2korg-382/","offline","malware_download","doc|emotet|epoch3|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-10-19 19:27:06","https://smartstorage.com.br/wp-includes/450/56441/eV/","offline","malware_download","doc|emotet|epoch3|Heodo","smartstorage.com.br","186.202.153.84","27715","BR" "2020-10-19 16:35:08","http://fcsl.com.br/wp-content/form/004417/ecjl/","offline","malware_download","doc|emotet|epoch3|Heodo","fcsl.com.br","191.252.51.53","27715","BR" "2020-10-17 05:42:06","http://bgm.com.br/site/browse/c20pgrahcqb/","offline","malware_download","doc|emotet|epoch2|Heodo","bgm.com.br","187.45.195.139","27715","BR" "2020-10-15 17:45:07","http://browardbrasil.com.br/ark-tether/Overview/ehGcn4c4Mlp/","offline","malware_download","doc|emotet|epoch1|Heodo","browardbrasil.com.br","186.202.153.23","27715","BR" "2020-10-02 04:08:12","http://clinicasallum.com/g3hrrmjj1.pdf","offline","malware_download","Dridex","clinicasallum.com","186.202.153.130","27715","BR" "2020-09-30 11:09:12","http://equipedx.com.br/wp-includes/Documentation/BMJjqjV3eq/","offline","malware_download","doc|emotet|epoch1|Heodo","equipedx.com.br","186.202.153.11","27715","BR" "2020-09-29 12:43:23","http://datacentertecnologia.com.br/model/Scan/THTwl4SSR3wi/","offline","malware_download","doc|emotet|epoch1|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR" "2020-09-29 00:43:15","http://menegotto.com.br/wp-content/esp/u6XJNrNlenkgi/","offline","malware_download","doc|emotet|epoch1|Heodo","menegotto.com.br","191.252.51.12","27715","BR" "2020-09-28 12:02:06","http://www.toplevel.com.br/medico/Reporting/8pQdFnHw3gCC1J7az/","offline","malware_download","doc|emotet|epoch1|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-28 11:27:37","http://www.polihidraulica.com.br/wp-admin/docs/QTnTi6A1NzRK7NT/","offline","malware_download","doc|emotet|epoch1|Heodo","www.polihidraulica.com.br","191.252.51.10","27715","BR" "2020-09-23 23:42:05","http://menegotto.com.br/wp-content/516810928934/jCcwmXkc27WMcwOTW1o/","offline","malware_download","doc|emotet|epoch1|Heodo","menegotto.com.br","191.252.51.12","27715","BR" "2020-09-23 23:28:08","http://www.toplevel.com.br/medico/attachments/","offline","malware_download","doc|emotet|epoch2|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-23 23:27:14","https://www.zlocker.com.br/wp-admin/browse/AKgA5Hcd3dB/","offline","malware_download","doc|emotet|epoch1|Heodo","www.zlocker.com.br","191.252.195.33","27715","BR" "2020-09-23 20:28:06","http://www.toplevel.com.br/medico/5r/","offline","malware_download","doc|emotet|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-23 20:28:04","http://www.toplevel.com.br/medico/paclm/84hq2v9n7e/","offline","malware_download","doc|emotet","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-23 20:25:08","http://www.toplevel.com.br/medico/LLC/8euzm1crm554/","offline","malware_download","doc|emotet|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-23 14:23:06","http://www.toplevel.com.br/medico/N/","offline","malware_download","emotet|epoch3|exe|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-22 06:49:17","http://mundocandee.com.br/vendor/OCT/","offline","malware_download","doc|emotet|epoch2","mundocandee.com.br","179.188.11.47","27715","BR" "2020-09-22 06:29:25","https://mundocandee.com.br/vendor/OCT/","offline","malware_download","doc|emotet|epoch2|Heodo","mundocandee.com.br","179.188.11.47","27715","BR" "2020-09-18 20:27:08","http://datacentertecnologia.com.br/model/DOC/XBQDEpYqaPxkONnlnc/","offline","malware_download","doc|emotet|epoch1|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR" "2020-09-18 17:46:04","http://www.toplevel.com.br/medico/g2t8j8p/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-16 17:44:06","http://www.toplevel.com.br/medico/FILE/8yrua11933006500180481h7soysxzpzyexior/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-16 15:16:10","http://datacentertecnologia.com.br/model/attachments/","offline","malware_download","doc|emotet|epoch2|heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR" "2020-09-10 07:08:04","http://191.252.205.120/lmaoWTF/loligang.x86","offline","malware_download","","191.252.205.120","191.252.205.120","27715","BR" "2020-09-08 16:50:19","http://lojacorpoemente.com.br/beuefuqpd/55555555.png","offline","malware_download","abc001|exe|Qakbot|qbot|QuakBot","lojacorpoemente.com.br","189.126.122.186","27715","BR" "2020-09-08 13:39:21","https://petroservice.com.br/error/srtgnwrthrwetg.txt","offline","malware_download","Dridex","petroservice.com.br","191.252.140.86","27715","BR" "2020-09-08 13:39:19","https://zapmediaplataforma.com/12/eryjmw6yjw5.pdf","offline","malware_download","Dridex","zapmediaplataforma.com","191.252.131.217","27715","BR" "2020-09-08 05:59:12","https://properties.igpublica.com.br/excelPo/rjkthgowertgoiwe.zip","offline","malware_download","Dridex","properties.igpublica.com.br","191.252.140.91","27715","BR" "2020-09-08 05:59:11","https://igpublica.com.br/asset/zxc.zip","offline","malware_download","Dridex","igpublica.com.br","191.252.140.91","27715","BR" "2020-09-06 09:46:14","https://datacentertecnologia.com.br/model/ULr/","offline","malware_download","emotet|epoch3|exe|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR" "2020-09-05 06:15:05","http://191.252.205.120/Spoofed/RebornGang.spc","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:28:04","http://191.252.205.120/Spoofed/RebornGang.mpsl","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.arm5","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.m68k","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.ppc","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.sh4","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:24:05","http://191.252.205.120/Spoofed/RebornGang.arm6","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:24:05","http://191.252.205.120/Spoofed/RebornGang.mips","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:23:04","http://191.252.205.120/Spoofed/RebornGang.arm7","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:23:03","http://191.252.205.120/Pemex.sh","offline","malware_download","shellscript","191.252.205.120","191.252.205.120","27715","BR" "2020-09-05 05:23:03","http://191.252.205.120/Spoofed/RebornGang.x86","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR" "2020-09-03 21:41:09","https://www.revvcorpus.com.br/wp-includes/http:/Documentation/3xqf9LFZtaixb4L98/","offline","malware_download","doc|emotet|epoch1|Heodo","www.revvcorpus.com.br","186.202.153.161","27715","BR" "2020-09-03 18:44:11","https://www.revvcorpus.com.br/wp-includes/http://Documentation/3xqf9LFZtaixb4L98/","offline","malware_download","doc|emotet|epoch1|heodo","www.revvcorpus.com.br","186.202.153.161","27715","BR" "2020-09-03 11:36:10","http://www.toplevel.com.br/medico/paclm/84hq2v9n7e/c170jb26950023468861styt4xcog3uhfcglvq/","offline","malware_download","doc|emotet|epoch2|heodo","www.toplevel.com.br","191.252.149.28","27715","BR" "2020-09-02 21:40:42","http://datacentertecnologia.com.br/model/ULr/","offline","malware_download","emotet|epoch3|exe|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR" "2020-08-28 18:42:06","http://r257.com.br/wp-snapshots/lm/dijigv-0007161/","offline","malware_download","doc|Emotet|epoch3|Heodo","r257.com.br","187.45.195.13","27715","BR" "2020-08-28 15:01:27","http://pontualpromocoes.com.br/SITE_OLD/attach/WJUj/","offline","malware_download","emotet|epoch3|exe|Heodo","pontualpromocoes.com.br","187.45.240.11","27715","BR" "2020-08-28 10:54:15","http://t2aclube.com.br/wp-includes/report/","offline","malware_download","doc|emotet|epoch2|Heodo","t2aclube.com.br","186.202.153.71","27715","BR" "2020-08-28 08:14:06","http://apolu.com.br/DESATIVADOcentersystemch/Overview/33916391/ut8qm0yzm-0072/","offline","malware_download","doc|emotet|epoch3|Heodo","apolu.com.br","186.202.153.6","27715","BR" "2020-08-28 00:11:05","http://somadil.com.br/wp/balance/","offline","malware_download","doc|emotet|epoch2|heodo","somadil.com.br","191.252.37.10","27715","BR" "2020-08-28 00:11:05","http://somadil.com.br/wp/balance/","offline","malware_download","doc|emotet|epoch2|heodo","somadil.com.br","191.252.37.11","27715","BR" "2020-08-28 00:11:05","http://somadil.com.br/wp/balance/","offline","malware_download","doc|emotet|epoch2|heodo","somadil.com.br","191.252.37.9","27715","BR" "2020-08-27 22:32:36","http://totemcomunicacao.com.br/logs/CK7A39SRCOB/s3woi3acugu/abpeq092729279sopne584ojk5wo/","offline","malware_download","doc|emotet|epoch2|heodo","totemcomunicacao.com.br","186.202.153.72","27715","BR" "2020-08-27 09:46:13","https://vagtachobrasil.com/wp-admin/9sm9tp5z6o3t/","offline","malware_download","doc|emotet|epoch2|heodo","vagtachobrasil.com","186.202.153.93","27715","BR" "2020-08-27 02:30:26","http://coqueirospraiahotel.com.br/blogs/Document/6337/ALUQC/","offline","malware_download","doc|emotet|epoch3|Heodo","coqueirospraiahotel.com.br","186.202.119.206","27715","BR" "2020-08-26 04:45:41","http://idesigns.com.br/templates/idesigns/html/com_contact/contact/2c.jpg","offline","malware_download","exe|Troldesh","idesigns.com.br","191.252.51.59","27715","BR" "2020-08-26 04:45:10","http://idesigns.com.br/templates/idesigns/lib/2c.jpg","offline","malware_download","exe|GandCrab","idesigns.com.br","191.252.51.59","27715","BR" "2020-08-26 02:36:11","http://www.trololo.com.br/system/INC/","offline","malware_download","doc|emotet|epoch2","www.trololo.com.br","191.252.51.59","27715","BR" "2020-08-25 21:41:13","http://eduvalebr1.hospedagemdesites.ws/teste/Overview/paf6zm/","offline","malware_download","doc|emotet|epoch2|Heodo","eduvalebr1.hospedagemdesites.ws","187.45.193.166","27715","BR" "2020-08-25 19:13:16","http://testes.sbpcnet.org.br/p4a/esp/z05hq0ww/","offline","malware_download","doc|emotet|epoch2|Heodo","testes.sbpcnet.org.br","186.202.123.166","27715","BR" "2020-08-25 18:54:26","https://www.trololo.com.br/system/INC/","offline","malware_download","doc|emotet|epoch2|heodo","www.trololo.com.br","191.252.51.59","27715","BR" "2020-08-18 10:11:04","http://lupusalimentos.com.br/assinatura/ooJNJihAvv/","offline","malware_download","emotet|epoch1|exe|heodo","lupusalimentos.com.br","187.45.195.184","27715","BR" "2020-08-17 18:57:10","http://cookie.com.br/jutoledo/ULHH5VKFc-WTr100bVV-section/interior-1747302-WBZOAZ/1hrCvP-vhIy046mhturqy/","offline","malware_download","doc|emotet|epoch1|heodo","cookie.com.br","187.45.195.27","27715","BR" "2020-08-14 09:53:03","http://profatos.com.br/wp-includes/multifunctional_resource/test_space/D8psh_ojnuwgr2G/","offline","malware_download","doc|emotet|epoch1|heodo","profatos.com.br","186.202.153.49","27715","BR" "2020-08-13 14:49:05","http://casaagricolaportugal.com/temp/protected_array/1666394639_eQP7EJJDF2zOf_cloud/c1wng45_ww22w6730yusw/","offline","malware_download","doc|emotet|epoch1|Heodo","casaagricolaportugal.com","186.202.153.35","27715","BR" "2020-08-12 10:37:15","http://cookie.com.br/supleforma/9_j08_39f4phvj/","offline","malware_download","emotet|epoch2|exe|Heodo","cookie.com.br","187.45.195.27","27715","BR" "2020-08-11 14:12:27","http://cefeqsc.com.br/jmbwqbkgwkrb/1597158476.png","offline","malware_download","exe|Qakbot|qbot|spx152","cefeqsc.com.br","191.252.126.166","27715","BR" "2020-08-11 14:09:07","http://docenciacriativa.hospedagemdesites.ws/online/private_disk/individual_space/wm6p5w2zfaaq8_0x7151w48/","offline","malware_download","doc|emotet|epoch1|Heodo","docenciacriativa.hospedagemdesites.ws","191.252.51.245","27715","BR" "2020-08-11 06:33:09","https://sariweb.com.br/vendor/njw/","offline","malware_download","emotet|epoch1|exe|Heodo","sariweb.com.br","191.252.95.120","27715","BR" "2020-08-11 06:08:26","http://humbertoavila.com.br/photos/common_box/163345781_XD7cNVtcZty8_cloud/40252167180682_ntyzKKTUd285l2Du/","offline","malware_download","doc|emotet|epoch1|Heodo","humbertoavila.com.br","187.45.193.176","27715","BR" "2020-08-10 23:18:18","http://ipolymer.com.br/wp-admin/zirl02193/","offline","malware_download","emotet|epoch3|exe|Heodo","ipolymer.com.br","186.202.153.5","27715","BR" "2020-08-10 23:18:13","http://kalulu.com.br/wp-content/f9jp11mf09787216/","offline","malware_download","emotet|epoch3|exe|Heodo","kalulu.com.br","191.252.140.91","27715","BR" "2020-08-10 22:08:06","http://gelatoboutique.com.br/tempImages/INC/8gsi3agfd/7c2810959043341ipjww6ove2sad12oy/","offline","malware_download","doc|emotet|epoch2|heodo","gelatoboutique.com.br","191.252.51.242","27715","BR" "2020-08-10 18:10:23","https://www.easyyourlife.com/termo/open_sector/43314643818_n9ebQUAd1p_fthiljdzjphqq_wft1z9kx/qgsbipr3orlcmk_27750sx/","offline","malware_download","doc|emotet|epoch1|Heodo","www.easyyourlife.com","186.202.153.64","27715","BR" "2020-08-10 15:59:35","http://cianeconsultoria.com.br/wp-includes/invoice/0cx689m/v3055409309502415wu2yf0s1imuhfh17/","offline","malware_download","doc|emotet|epoch2|Heodo","cianeconsultoria.com.br","187.45.240.105","27715","BR" "2020-08-10 15:14:06","http://dafabrasivos.com.br/filmes-protecao/docs/7jwgq5/","offline","malware_download","doc|emotet|epoch2|heodo","dafabrasivos.com.br","191.252.51.2","27715","BR" "2020-08-07 16:19:35","http://capitaladm.com.br/SGQ/oAiXdtl/","offline","malware_download","doc|emotet|epoch3|Heodo|QuakBot","capitaladm.com.br","187.45.193.176","27715","BR" "2020-08-07 05:40:12","http://lupusalimentos.com.br/assinatura/report/331h20919336351xlh56yl2o3tlseb6h9/","offline","malware_download","doc|emotet|epoch2|Heodo","lupusalimentos.com.br","187.45.195.184","27715","BR" "2020-08-06 15:35:05","http://sanydobrasil.com/newimages/browse/3y81932/eerp4246367xpz0fy4f2l0sw/","offline","malware_download","doc|emotet|epoch2|heodo","sanydobrasil.com","187.45.195.137","27715","BR" "2020-08-06 04:42:05","http://www.sauna-saunas.com.br/wp-includes/lm/","offline","malware_download","doc|emotet|epoch2|heodo","www.sauna-saunas.com.br","187.45.195.19","27715","BR" "2020-08-06 04:37:07","http://www.sauna-saunas.com.br/wp-includes/lm//","offline","malware_download","doc|emotet|epoch2|Heodo","www.sauna-saunas.com.br","187.45.195.19","27715","BR" "2020-07-31 02:01:33","http://capitaladm.com.br/SGQ/closed-array/close-939248135-95XI9XURc3/ekny2m-19589zsstt9y/","offline","malware_download","doc|emotet|epoch1","capitaladm.com.br","187.45.193.176","27715","BR" "2020-07-30 17:11:07","http://capitaladm.com.br/SGQ/nDMepQ/","offline","malware_download","doc|emotet|epoch3|Heodo","capitaladm.com.br","187.45.193.176","27715","BR" "2020-07-29 21:17:07","http://revistajanelavip.com.br/cgi-bin/private-qVMCIDG-5wbYNXnp6voU/test-m0d8qa-ud5gq/AHl6WKOR-npisjcfNLoel32/","offline","malware_download","doc|Emotet|epoch1|Heodo","revistajanelavip.com.br","191.252.144.126","27715","BR" "2020-07-29 18:35:07","http://lupusalimentos.com.br/assinatura/lgswgttc-flpkz-93501/","offline","malware_download","doc|emotet|epoch3|Heodo","lupusalimentos.com.br","187.45.195.184","27715","BR" "2020-07-29 07:44:09","http://uniaoabc.com.br/protegido/oy3-806-65/","offline","malware_download","doc|emotet|epoch3|Heodo","uniaoabc.com.br","186.202.161.66","27715","BR" "2020-07-28 22:38:16","http://embark.com.br/arquivos/hQELz-SJHVBNKKyM-sector/open-7864820164-tYdihvKKBjC/g89nWLgLKP-dGeIisKoc7b/","offline","malware_download","doc|emotet|epoch1|Heodo","embark.com.br","191.252.51.68","27715","BR" "2020-07-28 01:27:38","http://rough.ag/images/f6f5gbbr-uqq-99/","offline","malware_download","doc|emotet|epoch3|Heodo","rough.ag","186.202.153.3","27715","BR" "2020-07-27 22:31:36","http://satyrodesign.com.br/satyro2018/wp-snapshots/personal_disk/security_portal/qJjpgKCt_graf1f0rGKcmv/","offline","malware_download","doc|emotet|epoch1|Heodo","satyrodesign.com.br","187.45.240.68","27715","BR" "2020-07-27 14:33:05","http://uplevel.com.br/wp-includes/lm/","offline","malware_download","doc|emotet|epoch2|heodo","uplevel.com.br","186.202.153.140","27715","BR" "2020-07-27 12:32:07","http://fabiosbarros.com.br/wp-includes/paclm/mnewt7zzs/q7160052980119607xxz9yqd1rn/","offline","malware_download","doc|emotet|epoch2|heodo","fabiosbarros.com.br","186.202.153.178","27715","BR" "2020-07-24 02:07:51","http://i9agenciadigital.com.br/winnersite/paclm/8h7u5d/","offline","malware_download","doc|emotet|epoch2|Heodo","i9agenciadigital.com.br","186.202.153.69","27715","BR" "2020-07-24 01:59:08","http://criaresports.com.br/simulador/common_module/test_portal/0snli7japc5i_8w282/","offline","malware_download","doc|emotet|epoch1|Heodo","criaresports.com.br","186.202.135.240","27715","BR" "2020-07-23 11:15:08","https://criaresports.com.br/simulador/common_module/test_portal/0snli7japc5i_8w282/","offline","malware_download","doc|Emotet|epoch1|Heodo","criaresports.com.br","186.202.135.240","27715","BR" "2020-07-22 19:59:14","http://ibaviva.com.br/ead/balance/62792lu213656963333q89f7ta84bkb9qhq/","offline","malware_download","doc|emotet|epoch2|Heodo","ibaviva.com.br","187.45.195.184","27715","BR" "2020-07-22 19:27:05","http://ditadesign.com.br/wp-admin/public/","offline","malware_download","doc|emotet|epoch2|heodo","ditadesign.com.br","186.202.153.179","27715","BR" "2020-07-22 19:21:07","http://ditadesign.com.br/wp-admin/report/r1yo1cn7/13123824843y9dozinwcrw479/","offline","malware_download","doc|emotet|epoch2|Heodo","ditadesign.com.br","186.202.153.179","27715","BR" "2020-07-22 04:56:09","http://www.findrs.com.br/cgi-bin/FyWO/","offline","malware_download","doc|Emotet|epoch3|Heodo|ZLoader","www.findrs.com.br","191.252.126.79","27715","BR" "2020-07-21 20:26:06","http://findrs.com.br/cgi-bin/FyWO/","offline","malware_download","doc|emotet|epoch3|Heodo|ZLoader","findrs.com.br","191.252.126.79","27715","BR" "2020-07-17 15:28:11","http://www.carloni.com.br/wp-includes/closed-module/corporate-090menkn8gyh0v-flesu2z9rvhj/xzus-294v8y/","offline","malware_download","doc|emotet|epoch1|heodo","www.carloni.com.br","186.202.153.169","27715","BR" "2020-07-17 15:26:09","https://construtoraaguiar.com.br/wp-includes/available-ph1S-smmNI7wAUDV42iB/special-portal/528912442-bGAY3pyBEmP/","offline","malware_download","doc|emotet|epoch1|heodo","construtoraaguiar.com.br","186.202.153.108","27715","BR" "2020-07-04 05:54:11","http://tekcorp.net/wp-includes/msr.exe","offline","malware_download","exe|quasar|QuasarRAT","tekcorp.net","186.202.153.33","27715","BR" "2020-06-17 17:00:35","http://exclusivedobrasil.com.br/ddyontbh/iYCYIBRYjD.zip","offline","malware_download","Qakbot|qbot|spx142|zip","exclusivedobrasil.com.br","187.45.239.158","27715","BR" "2020-06-17 13:12:20","http://exclusivedobrasil.com.br/umpdjqljj/y9BLazMA3U.zip","offline","malware_download","Qakbot|Quakbot|zip","exclusivedobrasil.com.br","187.45.239.158","27715","BR" "2020-06-17 12:30:00","http://exclusivedobrasil.com.br/umpdjqljj/w7Pwu8vc3Y.zip","offline","malware_download","Qakbot|Quakbot|zip","exclusivedobrasil.com.br","187.45.239.158","27715","BR" "2020-06-17 11:10:46","http://exclusivedobrasil.com.br/umpdjqljj/6/8JD7Mykxl.zip","offline","malware_download","Qakbot|Quakbot|zip","exclusivedobrasil.com.br","187.45.239.158","27715","BR" "2020-05-27 08:23:03","http://www.grupopanorama.net/bot_LKVqMwCgtK195.bin","offline","malware_download","encrypted|GuLoader","www.grupopanorama.net","187.45.195.184","27715","BR" "2020-05-22 14:19:59","https://www.transcordeiro.com.br/wp-content/plugins/apikey/tatftwfkao/Kaufvertrag_210_21052020.zip","offline","malware_download","Qakbot|qbot|spx125|zip","www.transcordeiro.com.br","186.202.153.29","27715","BR" "2020-05-22 11:13:01","https://www.glacial.com.br/wp-content/uploads/2020/05/lrwezndof/Kaufvertrag_100980869_20052020.zip","offline","malware_download","Qakbot","www.glacial.com.br","191.252.51.22","27715","BR" "2020-05-22 11:12:49","https://www.duarterufino.com.br/wp-content/uploads/2020/05/uuyblsr/Kaufvertrag_6621_20052020.zip","offline","malware_download","Qakbot","www.duarterufino.com.br","186.202.153.84","27715","BR" "2020-04-28 07:01:10","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/27448/Buy-Sell%20Agreement_27448_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-28 06:35:38","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_60314_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-28 06:35:32","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_87809_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-28 06:33:23","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/161641/Buy-Sell%20Agreement_161641_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-28 06:32:30","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_46042922_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-28 06:16:10","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/5018360/Buy-Sell%20Agreement_5018360_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-28 05:52:04","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_566310_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 20:28:56","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/27043/Buy-Sell%20Agreement_27043_04242020.zip","offline","malware_download","Qakbot|qbot|spx105|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 19:26:50","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_1702_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 19:17:07","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_21077122_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 18:07:07","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/701620/Buy-Sell%20Agreement_701620_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 17:32:10","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_7631102_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 16:33:37","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/4031/Buy-Sell%20Agreement_4031_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-27 16:33:08","https://www.vagtachobrasil.com/wp-content/uploads/2020/04/docs_w7f/Buy-Sell%20Agreement_2686679_04242020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","www.vagtachobrasil.com","186.202.153.93","27715","BR" "2020-04-22 13:05:36","http://cloud.wmsinfo.com.br/wordpress/wp-content/themes/mapro/pump/55555.png","offline","malware_download","exe|Qakbot|Quakbot|spx102","cloud.wmsinfo.com.br","191.252.185.106","27715","BR" "2020-04-14 20:22:35","http://maluna.com.br/string/9323831.zip","offline","malware_download","Qakbot|qbot|spx96|zip","maluna.com.br","186.202.153.104","27715","BR" "2020-04-14 20:22:28","http://maluna.com.br/string/689305.zip","offline","malware_download","Qakbot|qbot|spx96|zip","maluna.com.br","186.202.153.104","27715","BR" "2020-04-14 20:22:23","http://maluna.com.br/string/604291/604291.zip","offline","malware_download","Qakbot|qbot|spx96|zip","maluna.com.br","186.202.153.104","27715","BR" "2020-04-08 15:10:28","http://kaiut.esser.cnt.br/wp-content/uploads/2020/04/cursors/6530599.zip","offline","malware_download",".vbs|.zip|qakbot|qbot","kaiut.esser.cnt.br","187.45.195.27","27715","BR" "2020-02-06 17:30:07","http://sepi.org.br/admin/assets/uploads/parts_service/61ywox9d8/","offline","malware_download","doc|emotet|epoch2|Heodo","sepi.org.br","186.202.123.5","27715","BR" "2020-02-06 14:19:19","http://barbearialumber.tempsite.ws/5qbqm/ebg8cepo9f-wwnt-39398/","offline","malware_download","emotet|epoch3|exe|heodo","barbearialumber.tempsite.ws","186.202.153.38","27715","BR" "2020-02-05 19:06:08","http://blog.cs-integra.com.br/wp-includes/Document/tdjfrvs7qu9/","offline","malware_download","doc|emotet|epoch2|heodo","blog.cs-integra.com.br","201.76.51.228","27715","BR" "2020-02-05 19:02:08","http://blog.cs-integra.com.br/wp-includes/sites/","offline","malware_download","doc|emotet|epoch2|heodo","blog.cs-integra.com.br","201.76.51.228","27715","BR" "2020-02-05 13:59:36","http://em2websolution.com.br/wp-content/closed_sector/open_948577_lpO3FDRZhWuLw/SpRMxF17msFo_ln7l2H47fbNcp/","offline","malware_download","doc|emotet|epoch1|Heodo","em2websolution.com.br","191.252.51.61","27715","BR" "2020-02-05 13:54:19","http://em2websolution.com.br/wp-content/private-box/verifiable-space/ZgDvogc-L0Kqd7koi/","offline","malware_download","doc|emotet|epoch1|Heodo","em2websolution.com.br","191.252.51.61","27715","BR" "2020-02-04 23:06:08","http://brmobile.institucional.ws/antigo/attachments/h180263033gojgdgem1apzo/","offline","malware_download","doc|emotet|epoch2|Heodo","brmobile.institucional.ws","201.76.51.228","27715","BR" "2020-02-03 21:36:05","http://barbearialumber.tempsite.ws/5qbqm/payment/qu7cblkms/z6345030ofdbpx281x3ji1/","offline","malware_download","doc|emotet|epoch2|heodo","barbearialumber.tempsite.ws","186.202.153.38","27715","BR" "2020-02-03 21:18:16","http://barbearialumber.tempsite.ws/5qbqm/open-section/special-area/0364830393-lnL4Z/","offline","malware_download","doc|emotet|epoch1|Heodo","barbearialumber.tempsite.ws","186.202.153.38","27715","BR" "2020-02-03 17:20:11","http://www.ecodetect.com.br/wp-admin/buRtJkLsC/","offline","malware_download","emotet|epoch2|exe|Heodo","www.ecodetect.com.br","186.202.153.149","27715","BR" "2020-02-03 17:09:14","http://mamutefotoevideo.com/wp-includes/Documentation/","offline","malware_download","doc|emotet|epoch2|heodo","mamutefotoevideo.com","186.202.153.15","27715","BR" "2020-02-03 16:15:36","http://escoladeeducadores.com.br/wp-includes/available_disk/verifiable_e5yphx21_aljauimdu7/yqe2kT6b9R_6g84x9dnd8ghd/","offline","malware_download","doc|emotet|epoch1|Heodo","escoladeeducadores.com.br","187.45.193.223","27715","BR" "2020-02-03 13:59:15","http://www.alugueconsultoriomedico.com.br/opal-logs/i66o-ffm4-3734/","offline","malware_download","doc|emotet|epoch3|Heodo","www.alugueconsultoriomedico.com.br","186.202.153.5","27715","BR" "2020-01-28 12:23:09","http://www.integralcs.com.br/BKP/JiXSNkm/","offline","malware_download","doc|emotet|epoch3|heodo","www.integralcs.com.br","187.45.193.166","27715","BR" "2020-01-24 19:10:07","http://www.locomotivaparavenda.com.br/wp-content/Overview/","offline","malware_download","doc|emotet|epoch2|heodo","www.locomotivaparavenda.com.br","187.45.240.63","27715","BR" "2020-01-23 09:11:06","http://indumig.com.br/blog/FILE/l6ghm2/","offline","malware_download","doc|emotet|epoch2|heodo","indumig.com.br","187.45.240.115","27715","BR" "2020-01-22 12:01:09","http://fabionunesdigital.com.br/images/uiZbANkb/","offline","malware_download","doc|emotet|epoch3|heodo","fabionunesdigital.com.br","191.252.51.4","27715","BR" "2020-01-21 08:46:08","http://sabinoplacas.com.br/logs/OCT/","offline","malware_download","doc|emotet|epoch2|heodo","sabinoplacas.com.br","187.45.193.203","27715","BR" "2020-01-20 18:41:07","http://www.holandaadvocacia.adv.br/wp-includes/dt5drmh-qkv-350726/","offline","malware_download","doc|emotet|epoch3|Heodo","www.holandaadvocacia.adv.br","186.202.153.100","27715","BR" "2020-01-17 06:35:17","http://credigas.com.br/banner/IuYPUc/","offline","malware_download","doc|emotet|epoch3|Heodo","credigas.com.br","187.45.195.175","27715","BR" "2020-01-16 19:55:10","http://raquelstrutz.edutrovao.com.br/wp-includes/mhj4x/","offline","malware_download","emotet|epoch2|exe|Heodo","raquelstrutz.edutrovao.com.br","187.45.195.16","27715","BR" "2020-01-16 14:46:07","http://drbaterias.com/wp-content/DOC/hfrulx/","offline","malware_download","doc|emotet|epoch2|heodo","drbaterias.com","186.202.153.162","27715","BR" "2020-01-16 14:41:04","http://drbaterias.com/wp-content/Scan/f21ar5hw/s0hy-451116509-382830-2zdx-vtlyh2yis/","offline","malware_download","doc|emotet|epoch2|heodo","drbaterias.com","186.202.153.162","27715","BR" "2020-01-16 14:08:09","http://www.iguatemycontainers.hospedagemdesites.ws/wp-includes/sites/9oqkdnv-442160231-7008-derhy4058k-s4mth04hp/","offline","malware_download","doc|emotet|epoch2|heodo","www.iguatemycontainers.hospedagemdesites.ws","187.45.240.115","27715","BR" "2020-01-16 10:11:09","http://www.liberare.com.br/wp-includes/zNaegiGLR/","offline","malware_download","doc|emotet|epoch3|heodo","www.liberare.com.br","187.45.240.72","27715","BR" "2020-01-14 23:45:07","http://jesaweb.com.br/Named/payment/cu50d-659416021-2376-bwhkyh-vfhlw/","offline","malware_download","doc|emotet|epoch2|heodo","jesaweb.com.br","186.202.153.98","27715","BR" "2019-12-20 13:52:38","http://joaoleobarbieri.adv.br/test/l4d6638v6l-fotnu5m-867027278/","offline","malware_download","emotet|epoch3|exe","joaoleobarbieri.adv.br","186.202.161.7","27715","BR" "2019-12-20 10:49:05","http://embalageral.hospedagemdesites.ws/wp-snapshots/sites/gxagnw43b99/","offline","malware_download","doc|emotet|epoch2|heodo","embalageral.hospedagemdesites.ws","186.202.153.68","27715","BR" "2019-12-20 09:24:10","http://placi.com.br/wp-content/uploads/2019/12/ppspcoebc.rar","offline","malware_download","DEU|Dreambot|encoded|exe|Task","placi.com.br","186.202.95.164","27715","BR" "2019-12-19 21:19:04","http://apesc.com.br/wp-admin/sites/f7qapy1-77524-1560-rrkxyd32f-t3lyj4691/","offline","malware_download","doc|emotet|epoch2|Heodo","apesc.com.br","201.76.51.228","27715","BR" "2019-12-19 17:01:05","http://analisesfarma.com.br/wp-includes/swift/e-648-38128-qqew-hxrig8/","offline","malware_download","doc|emotet|epoch2|heodo","analisesfarma.com.br","186.202.153.38","27715","BR" "2019-12-19 14:39:08","http://drbaterias.com/wp-content/languages/private_resource/IZNmbC98k_sfdNL88b_space/40355872_nbVw2CYPh/","offline","malware_download","doc|emotet|epoch1|Heodo","drbaterias.com","186.202.153.162","27715","BR" "2019-12-19 02:57:04","http://teletaxiexecutivo.com.br/wp-includes/private_zone/verifiable_warehouse/ej7wi8c5yv2mxt_z583v543y9/","offline","malware_download","doc|emotet|epoch1|Heodo","teletaxiexecutivo.com.br","191.252.51.68","27715","BR" "2019-12-19 02:52:05","http://teletaxiexecutivo.com.br/wp-includes/common-resource/individual-profile/256400249861-XZ3suQAV/","offline","malware_download","doc|emotet|epoch1","teletaxiexecutivo.com.br","191.252.51.68","27715","BR" "2019-12-19 00:17:09","http://franquiaexata.com.br/private_sector/additional_cloud/u7XE4qazI9_0NLidjghLsyooq/","offline","malware_download","doc|emotet|epoch1|Heodo","franquiaexata.com.br","186.202.153.9","27715","BR" "2019-12-18 19:42:05","http://senapassessoria.com.br/lm/gfg-698-139196-33hb8-yzstlu/","offline","malware_download","doc|emotet|epoch2|heodo","senapassessoria.com.br","187.45.240.105","27715","BR" "2019-12-18 18:56:04","http://suportenaweb.com/gallery/available-zone/open-Hml13l3v-rbRlYSYB/gp2jfa706dpmbu1v-6ttxzwu64/","offline","malware_download","doc|emotet|epoch1|Heodo","suportenaweb.com","187.45.240.108","27715","BR" "2019-12-18 15:23:13","https://dupol.com.br/usytm/j9of-ilc5qrlq-706/","offline","malware_download","emotet|epoch3|exe|Heodo","dupol.com.br","186.202.153.95","27715","BR" "2019-12-17 20:58:06","http://apesc.com.br/wp-admin/available-box/additional-UkJm-VDUZ4DCrI8ko6/wnbZyZYUse-L0tbobnmr3p/","offline","malware_download","doc|emotet|epoch1|Heodo","apesc.com.br","201.76.51.228","27715","BR" "2019-12-17 15:38:05","http://megasft.com.br/File/protected_disk/individual_8nwr9_2orboc0x7a4aahj/4x426tjhy_u8007262/","offline","malware_download","doc|emotet|epoch1|Heodo","megasft.com.br","186.202.153.177","27715","BR" "2019-12-17 15:34:07","http://merceariacampos.com.br/reveillon/multifunctional_disk/guarded_profile/dz39v5y5d49_t4782z/","offline","malware_download","doc|emotet|epoch1|Heodo","merceariacampos.com.br","186.202.153.214","27715","BR" "2019-12-17 12:01:09","http://mwsorval.com.br/wp-snapshots/common_module/test_0058954230_QHnVjODT/0375842877_hgJDow49kFEhCR/","offline","malware_download","doc|emotet|epoch1|Heodo","mwsorval.com.br","187.45.195.34","27715","BR" "2019-12-17 10:05:41","https://jsantosconsultores.com.br/newsite/common_module/additional_841924697_HuTLnGEgwJdWF5m/9357764825_CiGGx1gBSWr/","offline","malware_download","doc|emotet|epoch1|Heodo","jsantosconsultores.com.br","186.202.153.105","27715","BR" "2019-12-17 04:01:04","http://davincitec.com.br/vendor/FILE/1zcjhqm/","offline","malware_download","doc|emotet|epoch2|heodo","davincitec.com.br","186.202.153.41","27715","BR" "2019-12-17 03:57:05","http://davincitec.com.br/vendor/sites/140nuzt9/","offline","malware_download","doc|emotet|epoch2|heodo","davincitec.com.br","186.202.153.41","27715","BR" "2019-12-17 00:52:06","https://zeialimentos.com.br/wp-content/gbwo9gr-h6gxzi-005/","offline","malware_download","doc|emotet|epoch3|heodo","zeialimentos.com.br","200.234.195.171","27715","BR" "2019-12-16 01:25:08","https://zeialimentos.com.br/wp-content/closed-disk/open-area/6bph4riqgw-5s20x6zsyst/","offline","malware_download","doc|emotet|epoch1|Heodo","zeialimentos.com.br","200.234.195.171","27715","BR" "2019-12-16 00:52:09","http://comunimax.com.br/wordpress/Nems-iYTnCQp-array/verified-space/u55NSa93dtm8-gbq9wjlm60i/","offline","malware_download","doc|emotet|epoch1|Heodo","comunimax.com.br","191.252.137.214","27715","BR" "2019-12-13 20:09:05","http://colegiopordosol.com.br/logs/qs9-zqh-45/","offline","malware_download","doc|emotet|epoch3|heodo","colegiopordosol.com.br","186.202.153.85","27715","BR" "2019-12-13 18:15:51","https://glacial.com.br/wp-admin/multifunctional-module/verifiable-space/75648040832-0WdlxGdg5l5/","offline","malware_download","doc|emotet|epoch1|heodo","glacial.com.br","191.252.51.22","27715","BR" "2019-12-13 16:46:07","http://www.metallonet.com.br/wp-includes/14340940963_bUziir20_sector/test_profile/g53yay8_688ys372z0/","offline","malware_download","doc|emotet|epoch1","www.metallonet.com.br","187.45.195.61","27715","BR" "2019-12-13 16:46:04","https://cmpsolutions.com.br/nvk/available_bi_n15haattjr60fqv/external_forum/dn14_y511364s8/","offline","malware_download","doc|emotet|epoch1|Heodo","cmpsolutions.com.br","186.202.153.139","27715","BR" "2019-12-13 14:57:08","https://www.scallatur.com.br/site/5xhq-hw4kk-3291/","offline","malware_download","doc|emotet|epoch3|heodo","www.scallatur.com.br","186.202.153.36","27715","BR" "2019-12-13 09:16:09","http://loja.barano.com.br/wp-admin/qg6nq-9v-445/","offline","malware_download","doc|emotet|epoch3|heodo","loja.barano.com.br","186.202.153.63","27715","BR" "2019-12-13 05:53:05","http://arandaweb.com.br/PagSeguro/coZED/","offline","malware_download","doc|emotet|epoch3|heodo","arandaweb.com.br","191.252.132.170","27715","BR" "2019-12-13 04:20:04","http://bazarin.com/kgz/6654493210692194/","offline","malware_download","doc|emotet|epoch2|heodo","bazarin.com","187.45.193.204","27715","BR" "2019-12-13 02:35:04","http://davincitec.com.br/vendor/gqio8-6jelni0-409992/","offline","malware_download","doc|emotet|epoch3|heodo","davincitec.com.br","186.202.153.41","27715","BR" "2019-12-13 02:13:04","http://davincitec.com.br/vendor/LLC/2pzxhmymzjm/rxbqm1l-285314814-0224-1pu1-0hxz3buj9v/","offline","malware_download","doc|emotet|epoch2|heodo","davincitec.com.br","186.202.153.41","27715","BR" "2019-12-13 00:25:04","http://astraldesign.com.br/content/paclm/qem3dwx/4h1ox-2627004916-96000-ruyx-8jp40ys8/","offline","malware_download","doc|emotet|epoch2|heodo","astraldesign.com.br","186.202.153.5","27715","BR" "2019-12-12 22:34:06","http://ifsolucoescontabeis.com.br/cgi-bin/1ku4q-cse0-40155/","offline","malware_download","doc|emotet|epoch3|heodo","ifsolucoescontabeis.com.br","191.252.132.251","27715","BR" "2019-12-12 16:37:08","http://www.clinicacorpusmacae.com.br/picture_library/jfli-6il-39593/","offline","malware_download","doc|emotet|epoch3|heodo","www.clinicacorpusmacae.com.br","187.45.210.125","27715","BR" "2019-12-11 01:37:05","http://update15.hospedagemdesites.ws/wp-includes/YzXlKIk/","offline","malware_download","doc|emotet|epoch3|Heodo","update15.hospedagemdesites.ws","187.45.240.69","27715","BR" "2019-12-10 17:12:21","http://covm.icom.com.br/4hq9/961253046199-xXCkzlBtMMDg7GBo-disk/external-area/mt20djeir-t30s98y4s35/","offline","malware_download","doc|emotet|epoch1","covm.icom.com.br","186.202.157.79","27715","BR" "2019-12-10 09:09:37","http://congresso4c.ifc-riodosul.edu.br/palestras2014/open_disk/additional_space/664tvzyxcd8q_y130sv6/","offline","malware_download","doc|emotet|epoch1|Heodo","congresso4c.ifc-riodosul.edu.br","186.202.157.79","27715","BR" "2019-12-09 23:54:06","http://actionvr.com.br/class.differ/999672883_072gg9_zone/open_cloud/dc2qdj6fte_tyz29095u7/","offline","malware_download","doc|emotet|epoch1|Heodo","actionvr.com.br","179.188.11.32","27715","BR" "2019-12-09 19:12:05","http://consultoriaseven.com.br/wp-admin/jb29-95-1022/","offline","malware_download","doc|emotet|epoch3|Heodo","consultoriaseven.com.br","191.252.51.2","27715","BR" "2019-12-09 17:01:07","http://www.saastec-servicos.com.br/wp-includes/cazo4-8cb8c-33/","offline","malware_download","doc|emotet|epoch3|Heodo","www.saastec-servicos.com.br","191.252.51.56","27715","BR" "2019-12-09 14:36:09","http://portalsamauma.com.br/cgi-local/personal-dkkjoRWoII-FvC2p2hWdE/security-profile/je0nMBsnn-Ief3MpqlwL2/","offline","malware_download","doc|emotet|epoch1|Heodo","portalsamauma.com.br","186.202.153.62","27715","BR" "2019-12-09 14:27:06","https://www.retrofiteng.com.br/img/z8s8kf0l9wm-nmk0hoja4-risorsa/verificato-spazio/teohi05o-ztv178v/","offline","malware_download","emotet|epoch1|Heodo","www.retrofiteng.com.br","186.202.153.62","27715","BR" "2019-12-09 13:27:14","http://fabioribeiroadvogados.com.br/wp-includes/9zoy3-qjd-00377/","offline","malware_download","doc|emotet|epoch3|Heodo","fabioribeiroadvogados.com.br","186.202.153.33","27715","BR" "2019-12-09 12:35:11","http://www.hospitalveredas.com.br/v2016/aperto_fzcizjh3j286wh_kds35o1k/esterno_magazzino/yleii1om_09s4x749/","offline","malware_download","doc|emotet|epoch1|Heodo","www.hospitalveredas.com.br","187.45.193.155","27715","BR" "2019-12-06 23:08:02","https://sadecar.com.br/wp-includes/7085090402/q49feawf/","offline","malware_download","doc|emotet|epoch2|Heodo","sadecar.com.br","186.202.153.129","27715","BR" "2019-12-06 19:30:25","http://adrianoogushi.com.br/blogs/g7e-3o-15/","offline","malware_download","doc|emotet|epoch3|Heodo","adrianoogushi.com.br","186.202.161.190","27715","BR" "2019-12-06 19:29:12","http://adrianoogushi.com.br/blogs/available-resource/test-forum/CO37HIcUG-4KiqqruHlj9/","offline","malware_download","doc|emotet|epoch1|Heodo","adrianoogushi.com.br","186.202.161.190","27715","BR" "2019-11-26 07:53:17","http://tesla.rec.br/novo/wKuEDz/","offline","malware_download","emotet|epoch2|exe|Heodo","tesla.rec.br","191.252.51.122","27715","BR" "2019-11-22 15:57:18","http://valormax.profissional.ws/nflnjk2/jbcOjCo/","offline","malware_download","emotet|epoch3|exe|Heodo","valormax.profissional.ws","186.202.153.48","27715","BR" "2019-11-16 00:41:25","http://hidrojatobrasil.com.br/wp-content/EhH0ngeHo7/","offline","malware_download","emotet|epoch2|exe|Heodo","hidrojatobrasil.com.br","186.202.54.185","27715","BR" "2019-11-15 22:41:11","http://www.centrocultural.ifaaje.com.br/1nwr3ul/6l1/","offline","malware_download","emotet|epoch2|exe|Heodo","www.centrocultural.ifaaje.com.br","187.45.240.50","27715","BR" "2019-11-06 09:40:10","http://mecatronica.ifc-riodosul.edu.br/wp-content/uploads/2019/08/FergKLrS.bin","offline","malware_download","CZE|Dreambot|exe","mecatronica.ifc-riodosul.edu.br","187.45.240.103","27715","BR" "2019-11-06 09:39:16","http://spot.com.br/fct.php","offline","malware_download","CZE|DOC|Dreambot","spot.com.br","187.45.195.185","27715","BR" "2019-10-31 21:14:04","http://www.uniodontopg.com.br/wp-includes/4fty/","offline","malware_download","emotet|epoch2|exe|Heodo","www.uniodontopg.com.br","187.45.195.19","27715","BR" "2019-10-17 19:11:18","http://www.4ssss.com.br/repr.exe","offline","malware_download","exe","www.4ssss.com.br","187.45.193.177","27715","BR" "2019-10-17 19:07:13","http://4ssss.com.br/repr.exe","offline","malware_download","exe","4ssss.com.br","187.45.193.177","27715","BR" "2019-10-17 05:06:49","http://www.michelsoares.com.br/wp-content/themes/optimizePressTheme/languages/docs/","offline","malware_download","","www.michelsoares.com.br","187.45.193.177","27715","BR" "2019-10-17 05:06:26","http://www.plastimax.com.br/wp-content/themes/industrial/woocommerce-legacy/cart/xl/","offline","malware_download","","www.plastimax.com.br","187.45.240.111","27715","BR" "2019-10-17 05:06:21","http://solucoeseinformatica.com.br/templates/rt_gantry_j15/css/xl/","offline","malware_download","","solucoeseinformatica.com.br","186.202.153.166","27715","BR" "2019-10-17 05:06:09","http://www.alexandroff.com.br/wp-content/themes/organic_theme_earth/includes/xl/","offline","malware_download","","www.alexandroff.com.br","187.45.193.139","27715","BR" "2019-10-11 22:39:24","http://www.divinosdocesfinos.com.br/wp-content/uploads/iOFfUVEkuAfBDSPtcIZnjRPMZU/","offline","malware_download","doc|emotet|epoch2|Heodo","www.divinosdocesfinos.com.br","186.202.189.146","27715","BR" "2019-10-11 16:13:07","http://martinsebessi.com.br/wp-includes/REXyKidSNpD/","offline","malware_download","doc|emotet|epoch2|Heodo","martinsebessi.com.br","186.202.157.79","27715","BR" "2019-10-11 07:19:04","http://mecatronica.ifc-riodosul.edu.br/wp-content/uploads/2019/08/Rahunok.php","offline","malware_download","Gozi","mecatronica.ifc-riodosul.edu.br","187.45.240.103","27715","BR" "2019-10-10 10:31:50","http://www.luzevida.com.br/catalogos/banco-imagens/esp/jpPeetTBslFMYbMWyoyfrHZTA/","offline","malware_download","doc|emotet|epoch2|Heodo","www.luzevida.com.br","186.202.157.79","27715","BR" "2019-10-09 11:09:02","https://educacao.toptraders.com.br/m3wx4/parts_service/SZSxVCHPcMEMMrmyNfCcghGtWz/","offline","malware_download","doc|emotet|epoch2|Heodo","educacao.toptraders.com.br","186.202.153.121","27715","BR" "2019-10-03 00:17:12","https://www.unidadejardins.maislaser.com.br/politica-de-privacidade/5s5-fxq4k-26612745/","offline","malware_download","emotet|epoch3|exe|Heodo","www.unidadejardins.maislaser.com.br","186.202.153.17","27715","BR" "2019-09-24 18:02:05","https://umpcsp.com.br/wp-content/uploads/2019/09/testtor2.png","offline","malware_download","exe|IcedID","umpcsp.com.br","191.252.106.84","27715","BR" "2019-09-24 14:31:47","http://lucioflaubert.com.br/admin_site/xa2w6dyrjqj2j976wcx_sndx1xvpi-99480801402/","offline","malware_download","emotet|epoch2|Heodo","lucioflaubert.com.br","191.252.133.115","27715","BR" "2019-09-23 20:44:06","http://update.com.br/wp-includes/DOC/vjKASPpYIffHDZrglcf/","offline","malware_download","doc|emotet|epoch2","update.com.br","201.76.51.228","27715","BR" "2019-09-17 01:25:07","http://riobrasa.com.br/bn/lt/concetp2.zip","offline","malware_download","zip","riobrasa.com.br","186.202.153.12","27715","BR" "2019-07-01 11:54:06","http://pizzariajennifer.com.br/libraries/joomla/salescrypted.exe","offline","malware_download","AgentTesla|exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 16:01:38","http://pizzariajennifer.com.br/libraries/pear/WALLCBN.exe","offline","malware_download","exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 16:01:24","http://pizzariajennifer.com.br/libraries/pear/mhydugo.exe","offline","malware_download","exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 15:57:06","http://pizzariajennifer.com.br/tmp/efeoutputf.exe","offline","malware_download","exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 15:52:10","http://pizzariajennifer.com.br/xmlrpc/ugoinfo123.exe","offline","malware_download","AgentTesla|exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 15:52:07","http://pizzariajennifer.com.br/includes/js/ugmhyd.exe","offline","malware_download","exe|Loki","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 15:48:07","http://pizzariajennifer.com.br/includes/js/uginfo.exe","offline","malware_download","AgentTesla|exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 15:44:09","http://pizzariajennifer.com.br/xmlrpc/ugosale123.exe","offline","malware_download","AgentTesla|exe","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-21 12:01:05","http://pizzariajennifer.com.br/media/com_akeeba/DARLOK.exe","offline","malware_download","exe|Loki","pizzariajennifer.com.br","186.202.161.13","27715","BR" "2019-06-19 12:45:23","http://hotelpremier.com.br/imagens/j.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:21","http://hotelpremier.com.br/imagens/i.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:20","http://hotelpremier.com.br/imagens/h.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:18","http://hotelpremier.com.br/imagens/g.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:16","http://hotelpremier.com.br/imagens/f.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:14","http://hotelpremier.com.br/imagens/e.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:12","http://hotelpremier.com.br/imagens/d.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:10","http://hotelpremier.com.br/imagens/c.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:08","http://hotelpremier.com.br/imagens/b.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-19 12:45:07","http://hotelpremier.com.br/imagens/a.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR" "2019-06-01 05:04:08","http://jaquelinevale.com.br/wp-content/plugins/wp-mail-smtp/system.exe","offline","malware_download","exe","jaquelinevale.com.br","186.202.161.93","27715","BR" "2019-06-01 00:40:06","http://viamaoshopping.com.br/language/FILE/lLRYpdeUAOoIcZcNsPGMbk/","offline","malware_download","doc|emotet|epoch2|Heodo","viamaoshopping.com.br","186.202.161.93","27715","BR" "2019-05-31 23:14:05","http://agavea.com.br/font/tMfyxzMEnQ/","offline","malware_download","emotet|epoch2|exe|Heodo","agavea.com.br","187.45.193.132","27715","BR" "2019-05-31 15:30:07","http://replaex.com.br/wp-includes/INC/hzn8fn9t_ilv781g7d-28707114150/","offline","malware_download","doc|emotet|epoch2|Heodo","replaex.com.br","186.202.153.82","27715","BR" "2019-05-30 21:44:05","http://tsukasa.com.br/wp-admin/ho0zr4a30c6r18nbbzb224_g9dupkacu-40594964493/","offline","malware_download","doc|emotet|epoch2|Heodo","tsukasa.com.br","187.45.195.140","27715","BR" "2019-05-30 11:12:05","https://oempreendedordigital.com/wp-includes/FILE/CIDbLJEWqmAzffz/","offline","malware_download","doc|emotet|epoch2|Heodo","oempreendedordigital.com","201.76.51.228","27715","BR" "2019-05-29 19:33:04","http://supercardoso.com.br/wp-includes/paclm/xsOHcbQBUOi/","offline","malware_download","doc|emotet|epoch2|Heodo","supercardoso.com.br","201.76.51.228","27715","BR" "2019-05-28 08:44:04","http://mhlsistemas.com.br/00mhl/782u0-ncqy14-jqnb/","offline","malware_download","doc|emotet|epoch2|Heodo","mhlsistemas.com.br","186.202.153.13","27715","BR" "2019-05-26 17:43:02","http://softnew.com.br/nova_versao/sfmodial/Instala.EXE","offline","malware_download","exe","softnew.com.br","187.45.193.155","27715","BR" "2019-05-26 16:10:32","http://www.softnew.com.br/softnew/SFTELMAR-SITE/Demo/Instala.EXE","offline","malware_download","exe","www.softnew.com.br","187.45.193.155","27715","BR" "2019-05-26 16:02:03","http://www.softnew.com.br/Sfatalho.exe","offline","malware_download","exe","www.softnew.com.br","187.45.193.155","27715","BR" "2019-05-26 16:01:33","http://www.softnew.com.br/nova_versao/sfmodial/Instala.EXE","offline","malware_download","exe","www.softnew.com.br","187.45.193.155","27715","BR" "2019-05-26 11:22:33","http://softnew.com.br/Sfatalho.exe","offline","malware_download","exe","softnew.com.br","187.45.193.155","27715","BR" "2019-05-24 22:37:08","http://farmax.far.br/download/FarmaxRefresher.exe","offline","malware_download","exe","farmax.far.br","186.202.151.36","27715","BR" "2019-05-24 22:20:15","http://www.farmax.far.br/download/exporterclientquick.exe","offline","malware_download","exe|QuakBot","www.farmax.far.br","186.202.151.36","27715","BR" "2019-05-24 16:04:08","http://farmax.far.br/download/exporterclientquick.exe","offline","malware_download","Downloader.Upatre|exe|QuakBot","farmax.far.br","186.202.151.36","27715","BR" "2019-05-22 12:03:05","http://nullscar.com.br/omie/b52m-u6ot4mf-tuqwlx/","offline","malware_download","doc|Emotet|epoch2|Heodo","nullscar.com.br","186.202.153.76","27715","BR" "2019-05-16 23:53:07","http://blog.orbi-imoveis.com.br/kjbgta/acmreyaa40e_ps0whshh1b-198803276009/","offline","malware_download","doc|Emotet|epoch2|Heodo","blog.orbi-imoveis.com.br","191.252.122.215","27715","BR" "2019-05-10 19:22:07","http://cooperminio.com.br/emanager/conteudo/gercont/fotos/US/Documents/052019/","offline","malware_download","","cooperminio.com.br","186.202.87.72","27715","BR" "2019-05-10 15:54:13","http://petsol.com.br/wp-includes/EN_US/Details/2019-05/","offline","malware_download","emotet|epoch1","petsol.com.br","186.202.153.178","27715","BR" "2019-05-09 14:50:27","http://simarhotel.com.br/backupinvade/enhn-zil6sry-oxeflzw/","offline","malware_download","epoch2","simarhotel.com.br","186.202.161.154","27715","BR" "2019-05-09 11:09:05","http://vianna.edu.br/wp-content/uploads/2019/05/eze0c-l1mex-xiyal/","offline","malware_download","epoch2","vianna.edu.br","191.252.59.105","27715","BR" "2019-05-08 23:27:05","http://fenixgruas.com.br/fancybox/lm/LoYNKouWBvXGN/","offline","malware_download","doc|emotet|epoch2","fenixgruas.com.br","187.45.240.33","27715","BR" "2019-05-08 22:20:09","http://g20digital.com.br/js/DOC/pjsxb8tbnkfc1dpq409_hacrnhwt2-371512951390/","offline","malware_download","doc|emotet|epoch2","g20digital.com.br","191.252.132.165","27715","BR" "2019-05-08 21:37:15","http://gemabrasil.com/mcassab/lm/agq1s6z9rc_s81x7c5yo-90976268/","offline","malware_download","doc|emotet|epoch2","gemabrasil.com","186.202.135.240","27715","BR" "2019-05-08 13:58:08","http://credigas.com.br/banner/gy7r_septedp8a2-535832/","offline","malware_download","emotet|epoch2|exe|Heodo","credigas.com.br","187.45.195.175","27715","BR" "2019-05-08 12:43:07","http://bragarover.com.br/ww4w/fufh-5yqgc5d-dfftyaf/","offline","malware_download","Emotet|epoch2|Heodo","bragarover.com.br","187.45.210.99","27715","BR" "2019-05-06 22:59:08","http://anisgastronomia.com.br/wvvw/open.Eng.anyone.resourses./","offline","malware_download","Emotet|epoch1|Heodo","anisgastronomia.com.br","187.45.193.211","27715","BR" "2019-05-03 11:59:15","http://simonenogueira.com.br/oqazl/esp/a0q7d48zmsntgqf_q3n0lr5a8-794080952/","offline","malware_download","Emotet|Heodo","simonenogueira.com.br","187.45.195.15","27715","BR" "2019-05-03 11:15:05","http://chalesmontanha.com/doc/En_us/Payment-and-address/Past-Due-invoice","offline","malware_download","doc","chalesmontanha.com","191.252.116.193","27715","BR" "2019-05-03 08:38:07","http://museubispodorosario.com/wp-includes/6r21947/","offline","malware_download","emotet|epoch1|exe|Heodo","museubispodorosario.com","186.202.153.85","27715","BR" "2019-05-03 06:25:21","http://chalesmontanha.com/newsletter/En/Client/Customer-Invoice-EY-0944105/","offline","malware_download","doc|Emotet|Heodo","chalesmontanha.com","191.252.116.193","27715","BR" "2019-05-03 06:01:15","http://www.chalesmontanha.com/doc/En_us/Payment-and-address/Past-Due-invoice/","offline","malware_download","doc|Emotet|Heodo","www.chalesmontanha.com","191.252.116.193","27715","BR" "2019-04-26 16:50:04","http://espacobelmonte.com.br/wp-admin/nzyN-L0ye2rablkgfpHG_zFdGfevW-9h/","offline","malware_download","doc|emotet|epoch1","espacobelmonte.com.br","191.252.123.181","27715","BR" "2019-04-26 14:51:04","http://pessoasdenegocios.com.br/img/Document/iRIbbwCi520/","offline","malware_download","Emotet|Heodo","pessoasdenegocios.com.br","187.45.195.34","27715","BR" "2019-04-24 06:10:23","http://riskcare.com.br/view-report-invoice-00001951/j6ugg-p6zr5x-asypxg/","offline","malware_download","doc|emotet|epoch2","riskcare.com.br","186.202.153.24","27715","BR" "2019-04-23 20:54:05","http://pessoasdenegocios.com.br/img/kHWn-AsIn9Tyk2CdFXX_topPGrCS-zAD/","offline","malware_download","doc|emotet|epoch1|Heodo","pessoasdenegocios.com.br","187.45.195.34","27715","BR" "2019-04-23 19:08:05","http://santoconselho.com.br/logssite/Scan/l2iEmUkT/","offline","malware_download","","santoconselho.com.br","187.45.195.188","27715","BR" "2019-04-23 12:33:10","http://espacobelmonte.com.br/wp-admin/jf92d9-79vp5-deyymak/","offline","malware_download","Emotet|Heodo","espacobelmonte.com.br","191.252.123.181","27715","BR" "2019-04-23 12:10:07","http://douti.com.br/wp-includes/nachrichten/Nachprufung/201904/","offline","malware_download","doc|emotet|epoch1|Heodo","douti.com.br","191.252.51.204","27715","BR" "2019-04-22 17:37:10","http://mateada.com.br/conteudo/Scan/bDiTa7FbEv/","offline","malware_download","Emotet|Heodo","mateada.com.br","200.234.195.213","27715","BR" "2019-04-22 16:17:08","http://nsrosamistica.com.br/doc/FILE/KmX00dZwwNi/","offline","malware_download","Emotet|Heodo","nsrosamistica.com.br","187.45.240.3","27715","BR" "2019-04-21 01:10:20","http://191.252.191.65/kara.ntpd","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:10:16","http://191.252.191.65/kara.cron","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:10:06","http://191.252.191.65/kara.wget","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:09:24","http://191.252.191.65/kara.ftp","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:09:21","http://191.252.191.65/kara.tftp","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:09:17","http://191.252.191.65/kara.sh","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:09:12","http://191.252.191.65/kara.sshd","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:09:05","http://191.252.191.65/kara.bash","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:05:13","http://191.252.191.65/kara.apache2","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-21 01:05:10","http://191.252.191.65/kara.nut","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR" "2019-04-18 09:10:06","https://mendesmiguel.com.br/restrito/rPvm-6dM0lRZiLb8V6Hq_ElYGVwza-n3X/","offline","malware_download","doc|emotet|epoch1","mendesmiguel.com.br","187.45.195.184","27715","BR" "2019-04-18 09:01:03","http://micromaxinformatica.com.br/wp-includes/CPkbo-DEtVOC5M5GzbUww_ejpLTRID-rJ/","offline","malware_download","doc|emotet|epoch1","micromaxinformatica.com.br","191.252.51.24","27715","BR" "2019-04-18 07:41:05","http://maxilink.com.br/contato/kyvaC-RVLCdhz5rT8ZZi_ecMyHBzwh-b22/","offline","malware_download","doc|emotet|epoch1","maxilink.com.br","186.202.126.16","27715","BR" "2019-04-18 07:37:31","http://mateada.com.br/conteudo/ViYk-bgxtmiVYOJn5D8o_yqvfmxJnp-GqK/","offline","malware_download","doc|emotet|epoch1","mateada.com.br","200.234.195.213","27715","BR" "2019-04-17 21:44:04","http://marabelle.com.br/sfDoctrinePlugin/RAGLP-XOuVFd42pIgO3s2_cgFRlbnTZ-7Ou/","offline","malware_download","doc|emotet|epoch1","marabelle.com.br","186.202.153.34","27715","BR" "2019-04-17 21:38:08","http://markagrupo.com.br/IMG/DOC/CKKwW0RexP/","offline","malware_download","","markagrupo.com.br","187.45.195.175","27715","BR" "2019-04-17 21:35:04","http://markagrupo.com.br/IMG/uNYBB-k5PghWPeak4WJp_IIGLvvOBV-wO/","offline","malware_download","doc|emotet|epoch1","markagrupo.com.br","187.45.195.175","27715","BR" "2019-04-17 20:57:07","http://multivacinas.com.br/sesi/sNcaH-0RvjKLp63FdxbZr_kqfhQrxw-p8t/","offline","malware_download","doc|emotet|epoch1","multivacinas.com.br","187.45.193.206","27715","BR" "2019-04-17 19:56:06","http://pafferreira.com.br/phpmyfaq/images/INC/F1D8xygzc3P/","offline","malware_download","","pafferreira.com.br","187.45.210.119","27715","BR" "2019-04-17 19:47:05","http://mjwap.com.br/catalog/DOC/53PZyg51TH/","offline","malware_download","doc|emotet|epoch2","mjwap.com.br","187.45.240.67","27715","BR" "2019-04-17 19:43:05","http://maodireita.com.br/files/oxlHw-vZpJ5JarmjWyzs_crSwbgzLm-xXc/","offline","malware_download","doc|emotet|epoch1","maodireita.com.br","187.45.240.75","27715","BR" "2019-04-17 19:39:05","http://nsrosamistica.com.br/doc/ZEIp-MDjUzPSpe9IPb7_JycQluzrh-fUd/","offline","malware_download","doc|emotet|epoch1","nsrosamistica.com.br","187.45.240.3","27715","BR" "2019-04-17 19:36:05","http://mensageirosdorei.com.br/SiteNovo/metsF-Jbh4yuvigapiLD_PHxitHOoS-90/","offline","malware_download","doc|emotet|epoch1","mensageirosdorei.com.br","186.202.153.140","27715","BR" "2019-04-17 14:39:05","http://flymartins.com/wp-content/AcjKu-cWiHA9XWtNNdcm_PfMOnUpeE-ax/","offline","malware_download","Emotet|Heodo","flymartins.com","179.188.11.240","27715","BR" "2019-04-16 21:26:05","http://acosalpha.com.br/wp-content/CrAZk-0p2sw5v0xGiSL6y_BRmGfpDv-1tp/","offline","malware_download","doc|emotet|epoch1|Heodo","acosalpha.com.br","186.202.153.4","27715","BR" "2019-04-16 21:22:05","http://acosalpha.com.br/wp-content/HVlrK-YjMMwFdMjflj551_sGpgChvNO-T0/","offline","malware_download","doc|emotet|epoch1|Heodo","acosalpha.com.br","186.202.153.4","27715","BR" "2019-04-15 08:29:16","http://cliner.com.br/antigo/9uk8v1s-x46hg-xsrrjdr/","offline","malware_download","doc|emotet|epoch2|Heodo","cliner.com.br","191.252.46.14","27715","BR" "2019-04-12 17:49:08","http://lede.com.br/images/uJWZ-7EaubhP1CJcgzp8_cPXNTCWcF-hk/","offline","malware_download","doc|emotet|epoch1|Heodo","lede.com.br","201.76.51.228","27715","BR" "2019-04-12 09:22:05","http://acosalpha.com.br/wp-content/WmHlZ-oTWHyzEv3cFQsZZ_YhBljrqFL-cQ/","offline","malware_download","Emotet|Heodo","acosalpha.com.br","186.202.153.4","27715","BR" "2019-04-11 23:28:05","http://g20digital.com.br/cloud/bVZY-7eXY1u5CcsbS4n_YPTMLIRC-dZF/","offline","malware_download","doc|emotet|epoch1|Heodo","g20digital.com.br","191.252.132.165","27715","BR" "2019-04-11 17:52:09","http://gemabrasil.com/mcassab/Mqdz-QwuZNxvQgLRoOo_eSRzhaPG-TEQ/","offline","malware_download","Emotet|Heodo","gemabrasil.com","186.202.135.240","27715","BR" "2019-04-11 16:41:15","http://cliner.com.br/antigo/2tmle2-x6mb8e-fwbyu/","offline","malware_download","Emotet|Heodo","cliner.com.br","191.252.46.14","27715","BR" "2019-04-10 22:56:04","http://cantinhodobaby.com.br/img/HntFD-g4hhkOJmZg7Uo9_mRThXFoxS-ln9/","offline","malware_download","doc|emotet|epoch1|Heodo","cantinhodobaby.com.br","187.45.193.139","27715","BR" "2019-04-10 20:30:10","http://californiamotors.com.br/site/aZBQq-ZXfw2tPwlEi9lC_jpuUYsgH-XBp/","offline","malware_download","doc|emotet|epoch2|Heodo","californiamotors.com.br","187.45.193.157","27715","BR" "2019-04-10 19:41:06","http://cooperminio.com.br/emanager/conteudo/gercont/fotos/ILjdo-hLtOkixhexz9fGJ_XYBpYBkU-Ux/","offline","malware_download","doc|emotet|epoch1|Heodo","cooperminio.com.br","186.202.87.72","27715","BR" "2019-04-09 16:42:25","http://acosalpha.com.br/wp-content/j423-307cn-dtkq/","offline","malware_download","Emotet|Heodo","acosalpha.com.br","186.202.153.4","27715","BR" "2019-04-08 23:34:07","http://cliner.com.br/antigo/DLpE-MrsJENGul7O2TI6_hbqgoiQR-1g/","offline","malware_download","doc|emotet|epoch1|Heodo","cliner.com.br","191.252.46.14","27715","BR" "2019-04-08 22:09:10","http://acessocriativo.com.br/wp-admin/zDdgO-CKkY7BGTBTOpoJ7_zzQgaBTBk-HvO/","offline","malware_download","","acessocriativo.com.br","186.202.153.96","27715","BR" "2019-04-08 20:40:06","http://belamater.com.br/wp-includes/ddJnc-NwpK3YzSgbXmdE_uwVHSAvCl-K0/","offline","malware_download","Emotet|Heodo","belamater.com.br","201.76.51.228","27715","BR" "2019-04-08 19:51:05","http://aftelecom.com.br/programas1/UlDqi-I7Q4VMdrQzVbBg_qjUhGzkB-Vr2/","offline","malware_download","doc|emotet|epoch1|Heodo","aftelecom.com.br","186.202.153.38","27715","BR" "2019-04-08 19:00:06","http://tsukasa.com.br/wp-admin/elbd-MQPxsLp6ERbaaz_mnGnZLtB-MTI/","offline","malware_download","doc|emotet|epoch1|Heodo","tsukasa.com.br","187.45.195.140","27715","BR" "2019-04-08 14:20:17","http://micromaxinformatica.com.br/bkp/auxE-gFmTISzoG0iOsB_lAqgbDUaI-pp/","offline","malware_download","doc|emotet|epoch2|Heodo","micromaxinformatica.com.br","191.252.51.24","27715","BR" "2019-04-08 11:11:07","http://micromaxinformatica.com.br/bkp/lif6n0-3ak1k-jfrvvh/","offline","malware_download","Emotet|Heodo","micromaxinformatica.com.br","191.252.51.24","27715","BR" "2019-04-06 06:44:16","http://microbs.com.br/logssite/DvAU-LmJxUOSUMRZ6Kuv_kYYqSSltF-kN/","offline","malware_download","Emotet|Heodo","microbs.com.br","186.202.153.146","27715","BR" "2019-04-06 01:46:26","http://maodireita.com.br/files/CnXP-2qeu9RLKiSBqH4f_AfLxOKiFO-W3u/","offline","malware_download","Emotet|Heodo","maodireita.com.br","187.45.240.75","27715","BR" "2019-04-06 01:46:25","http://maodireita.com.br/files/QNddk-hC0EljBURgZhziE_relOntxry-GCW/","offline","malware_download","Emotet|Heodo","maodireita.com.br","187.45.240.75","27715","BR" "2019-04-06 00:56:54","http://ivenzengenharia.com.br/2016/MKRJJ-7jmORr3PhJDyRew_GGlVQPDq-zI8/","offline","malware_download","emotet|epoch1|Heodo","ivenzengenharia.com.br","186.202.153.171","27715","BR" "2019-04-05 22:46:41","http://origemsbrazil.com/extranet_new/GgsMS-1IJrAKADwq9Rtj_CwFeRAuvg-Ioe/","offline","malware_download","doc|emotet|epoch1|Heodo","origemsbrazil.com","186.202.153.3","27715","BR" "2019-04-05 20:13:15","http://placelogistics.com/wp-includes/lKBXy-JpDMTeYPlmwYiBV_lNgoSVMaB-Ww6/","offline","malware_download","Emotet|Heodo","placelogistics.com","187.45.195.26","27715","BR" "2019-04-04 20:12:05","http://belamater.com.br/wp-includes/verif.accounts.docs.net/","offline","malware_download","doc|emotet|epoch1|Heodo","belamater.com.br","201.76.51.228","27715","BR" "2019-04-03 11:16:05","http://tridiumcosmeticos.com.br/class.hed/verif.myacc.docs.net/","offline","malware_download","Emotet|Heodo","tridiumcosmeticos.com.br","191.252.51.36","27715","BR" "2019-04-03 09:00:13","http://especializacaosexologia.com.br/3hzmuew/sec.myaccount.docs.com/","offline","malware_download","emotet|epoch1|Heodo","especializacaosexologia.com.br","186.202.157.79","27715","BR" "2019-04-02 21:00:35","http://evosel.com.br/fichaseguranca/trust.accounts.docs.com/","offline","malware_download","emotet|epoch1|Heodo","evosel.com.br","179.188.11.244","27715","BR" "2019-04-02 17:39:13","http://credigas.com.br/conf/secure.myacc.send.net/","offline","malware_download","Emotet|Heodo","credigas.com.br","187.45.195.175","27715","BR" "2019-04-02 16:57:09","http://www.especializacaosexologia.com.br/3hzmuew/sec.myaccount.docs.com/","offline","malware_download","emotet|epoch1|Heodo","www.especializacaosexologia.com.br","186.202.157.79","27715","BR" "2019-04-02 13:01:11","http://a2aluminio.com.br/benchmark-master/verif.myacc.docs.com/","offline","malware_download","emotet|epoch1|Heodo","a2aluminio.com.br","186.202.153.138","27715","BR" "2019-04-02 06:30:50","http://belamater.com.br/wp-includes/verif.myaccount.resourses.com/","offline","malware_download","Emotet|Heodo","belamater.com.br","201.76.51.228","27715","BR" "2019-04-02 06:30:07","http://burgertable.com.br/zfqvut2/secure.accs.docs.biz/","offline","malware_download","Emotet|Heodo","burgertable.com.br","186.202.153.146","27715","BR" "2019-04-02 02:43:04","http://acessocriativo.com.br/wp-admin/verif.myacc.send.net/","offline","malware_download","Emotet|Heodo","acessocriativo.com.br","186.202.153.96","27715","BR" "2019-04-01 19:51:12","http://acosalpha.com.br/wp-content/sec.myaccount.docs.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","acosalpha.com.br","186.202.153.4","27715","BR" "2019-03-28 05:34:23","http://sinaldigital.com/SOFTSD/PLAYER/ARQUIVOS/031549990843210/vDLVy-sI_KqFGY-Oj/","offline","malware_download","Emotet|Heodo","sinaldigital.com","191.252.47.249","27715","BR" "2019-03-28 05:33:34","http://prudence.com.br/album/PBziJ-zCs_p-bl1/","offline","malware_download","Emotet|Heodo","prudence.com.br","186.202.53.209","27715","BR" "2019-03-27 02:31:33","http://globalera.com.br/arquivos/secure.accounts.docs.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","globalera.com.br","191.252.47.92","27715","BR" "2019-03-26 12:48:10","http://imageflex.com.br/loja/Imagens/Produtos/trust.myacc.resourses.net/","offline","malware_download","doc|emotet|epoch1|Heodo","imageflex.com.br","191.252.47.183","27715","BR" "2019-03-25 22:14:03","http://191.252.102.167/wp-content/uploads/2017/12/UPS-US/Mar-26-19-12-51-06/","offline","malware_download","","191.252.102.167","191.252.102.167","27715","BR" "2019-03-21 20:58:19","http://aartista.com.br/UploadedImages/htft-bgecxn-qswhxe/","offline","malware_download","Emotet|Heodo","aartista.com.br","186.202.54.239","27715","BR" "2019-03-21 13:23:07","http://cooperminio.com.br/emanager/conteudo/gercont/fotos/sec.myacc.send.com/","offline","malware_download","doc|emotet|epoch1|Heodo","cooperminio.com.br","186.202.87.72","27715","BR" "2019-03-21 00:24:39","http://bragarover.com.br/ww4w/sendincsec/service/secure/EN/2019-03/","offline","malware_download","doc|emotet|heodo","bragarover.com.br","187.45.210.99","27715","BR" "2019-03-20 09:34:10","http://alarmline.com.br/artluz/produtos/sendincsec/support/sec/EN_en/03-2019/","offline","malware_download","doc|emotet|heodo","alarmline.com.br","191.252.45.249","27715","BR" "2019-03-20 05:08:18","http://velassantos.com.br/antigo/sendincverif/legal/ios/En/032019/","offline","malware_download","doc|emotet|epoch1|Heodo","velassantos.com.br","186.202.153.138","27715","BR" "2019-03-19 20:35:17","http://aartista.com.br/UploadedImages/ay7a-sxa5x9-udofdo/","offline","malware_download","doc|emotet|epoch2|Heodo","aartista.com.br","186.202.54.239","27715","BR" "2019-03-19 06:30:42","http://stellaar.com.br/Msn/9dh4-sb5ep-gqvlyi/","offline","malware_download","","stellaar.com.br","191.252.136.63","27715","BR" "2019-03-18 19:11:05","http://opequenoprincipe.com/pdf_pages_lepetitprince/f0h5s-au2k1-lzcwh/","offline","malware_download","doc|emotet|epoch2|Heodo","opequenoprincipe.com","187.45.195.175","27715","BR" "2019-03-16 01:00:05","http://rodoservengenharia.com.br/site1/xdcs-15vnh5-uibgooxe/","offline","malware_download","doc|emotet|epoch2|Heodo","rodoservengenharia.com.br","186.202.153.213","27715","BR" "2019-03-16 00:36:04","http://simbratec.com.br/language/1bjq-zex3u-tgqt/","offline","malware_download","doc|emotet|epoch2|Heodo","simbratec.com.br","186.202.153.56","27715","BR" "2019-03-15 22:50:06","http://puglicarlog.com.br/wp-content/aqlme-f08en9-byadqqc/","offline","malware_download","Emotet|Heodo","puglicarlog.com.br","187.45.195.139","27715","BR" "2019-03-15 22:46:04","http://puglicarlog.com.br/wp-content/si0c3-sc1c5-iptdkwqne/","offline","malware_download","Emotet|Heodo","puglicarlog.com.br","187.45.195.139","27715","BR" "2019-03-15 22:12:08","http://placelogistics.com/app_grid_log/f3h2-g4khlz-soxi/","offline","malware_download","Emotet|Heodo","placelogistics.com","187.45.195.26","27715","BR" "2019-03-15 22:09:04","http://placelogistics.com/app_grid_log/6f4xi-za6vf-jnswcqu/","offline","malware_download","doc|emotet|epoch2|Heodo","placelogistics.com","187.45.195.26","27715","BR" "2019-03-15 21:20:46","http://opequenoprincipe.com/pdf_pages_lepetitprince/fA/","offline","malware_download","emotet|epoch1|exe|Heodo","opequenoprincipe.com","187.45.195.175","27715","BR" "2019-03-15 21:09:08","http://nsrosamistica.com.br/doc/ehh3-47vrn-rxumlpdkd/","offline","malware_download","Emotet|Heodo","nsrosamistica.com.br","187.45.240.3","27715","BR" "2019-03-15 16:16:04","http://mateada.com.br/conteudo/verif.myaccount.docs.com/","offline","malware_download","emotet|epoch1|Heodo","mateada.com.br","200.234.195.213","27715","BR" "2019-03-14 22:09:09","http://g20digital.com.br/SN/verif.accs.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","g20digital.com.br","191.252.132.165","27715","BR" "2019-03-13 07:00:19","http://californiamotors.com.br/site/ffsi-ckg5x-hqphz/","offline","malware_download","Emotet|Heodo","californiamotors.com.br","187.45.193.157","27715","BR" "2019-03-13 06:57:11","http://hpbio.com.br/logon/4b28-bals6-txsb/","offline","malware_download","Emotet|Heodo","hpbio.com.br","187.45.193.223","27715","BR" "2019-03-13 01:15:07","http://cantinhodobaby.com.br/img/Intuit_EN/download/Redebit_operation/xQxo-ssFW_xl-ysx/","offline","malware_download","emotet|epoch1|Heodo","cantinhodobaby.com.br","187.45.193.139","27715","BR" "2019-03-12 21:15:56","http://g20digital.com.br/SN/Intuit_US_CA/company/Redebit_Transactions/terms/VQnk-MZ_e-GW/","offline","malware_download","emotet|epoch1|Heodo","g20digital.com.br","191.252.132.165","27715","BR" "2019-03-12 21:15:36","http://fenixgruas.com.br/fancybox/US_CA/scan/Redebit_Transactions/Operations/8729756/meANa-znHs_Vtqkq-w2I/","offline","malware_download","emotet|epoch1|Heodo","fenixgruas.com.br","187.45.240.33","27715","BR" "2019-03-12 19:38:48","http://geoartbrasil.com/images/bwf2-zybhik-jonx/","offline","malware_download","Emotet|Heodo","geoartbrasil.com","191.252.51.3","27715","BR" "2019-03-12 19:38:32","http://fiscosaudepe.com.br/ftp/4mndj-dofp3u-ougnoyfjl/","offline","malware_download","Emotet|Heodo","fiscosaudepe.com.br","186.202.153.85","27715","BR" "2019-03-12 18:58:05","http://elzinhaeogarfo.com.br/aguarde/Intuit_US_CA/RD/Redebit_op/50672474/xaDV-Fe1_UxQlU-on7/","offline","malware_download","doc|Emotet|Heodo","elzinhaeogarfo.com.br","179.188.11.244","27715","BR" "2019-03-12 18:51:10","http://fiscosaudepe.com.br/ftp/scan/Operations/ikmY-H4_P-t9h/","offline","malware_download","doc|emotet|epoch1|Heodo","fiscosaudepe.com.br","186.202.153.85","27715","BR" "2019-03-12 17:32:11","http://enaax.com/img/ws2cm-082qwi-igdlghc/","offline","malware_download","Emotet|Heodo","enaax.com","187.45.240.114","27715","BR" "2019-03-12 17:22:13","http://empcservicos.com.br/cgi-bin/ubmc-m38dh-ctsi/","offline","malware_download","","empcservicos.com.br","191.252.117.84","27715","BR" "2019-03-12 09:39:13","http://dcarvalho.net/wp-admin/PPk5Y/","offline","malware_download","emotet|epoch1|exe|Heodo","dcarvalho.net","186.202.153.39","27715","BR" "2019-03-12 09:12:21","http://carlafurtado.com.br/gerenciador/94fqg-2z70k1-atgmm.view/","offline","malware_download","doc|emotet|heodo","carlafurtado.com.br","187.45.240.110","27715","BR" "2019-03-11 23:08:03","http://bonattiholding.com/SugarCRM/sv22f-f1f80-bocly.view/","offline","malware_download","emotet|epoch1|Heodo","bonattiholding.com","187.45.193.203","27715","BR" "2019-03-11 20:40:04","http://dbtools.com.br/mailer/ezsvr-mqo7i-zgysfrmwr/","offline","malware_download","Emotet|Heodo","dbtools.com.br","187.45.193.140","27715","BR" "2019-03-11 20:34:06","http://ecommercedefinitivo.com.br/cursos/ryyjt-tnxm7-byxukc/","offline","malware_download","Emotet|Heodo","ecommercedefinitivo.com.br","191.252.143.29","27715","BR" "2019-03-11 19:52:10","http://dbtools.com.br/mailer/0fnt-rqxt3-odxsjx/","offline","malware_download","Emotet|Heodo","dbtools.com.br","187.45.193.140","27715","BR" "2019-03-11 19:24:21","http://bobtherm.com.br/assets/tmv8-4cva1-kzwky.view/","offline","malware_download","doc|emotet|epoch1|Heodo","bobtherm.com.br","186.202.153.17","27715","BR" "2019-03-11 19:22:30","http://ceramicasaosebastiao.com.br/dy5ui-afys3-ywrwccfik/0r6j-rqt0kc-vzudnzd/","offline","malware_download","Emotet|Heodo","ceramicasaosebastiao.com.br","186.202.153.76","27715","BR" "2019-03-11 19:22:25","http://ceramicasaosebastiao.com.br/dy5ui-afys3-ywrwccfik/","offline","malware_download","Emotet|Heodo","ceramicasaosebastiao.com.br","186.202.153.76","27715","BR" "2019-03-11 17:37:10","http://blog.clubedocapacete.com.br/wp-admin/2my9z-t8iwf-ckcey/","offline","malware_download","doc|emotet|epoch2|Heodo","blog.clubedocapacete.com.br","191.252.140.231","27715","BR" "2019-03-11 15:16:07","http://wefun.com.br/fonts/xk0bb-pqshf-ixjfr.view/","offline","malware_download","doc|emotet|epoch2|Heodo","wefun.com.br","191.252.136.127","27715","BR" "2019-03-08 17:43:16","http://albus.com.br/src/Ahg/","offline","malware_download","emotet|epoch1|exe|Heodo","albus.com.br","186.202.153.217","27715","BR" "2019-03-08 16:58:10","http://wefun.com.br/fonts/uk03-08kf6h-jlmrm.view/","offline","malware_download","doc|emotet|epoch2|Heodo","wefun.com.br","191.252.136.127","27715","BR" "2019-03-08 16:18:49","http://corsateam.com.br/wp-admin/znlf-3fbae-vgij.view/","offline","malware_download","doc|emotet|epoch1|Heodo","corsateam.com.br","187.45.193.227","27715","BR" "2019-03-08 05:28:45","http://bahauser.com/img/lesr0-mx4tm-syuf.view/","offline","malware_download","Emotet|Heodo","bahauser.com","186.202.153.170","27715","BR" "2019-03-07 20:30:04","http://alteman.com.br/wp-includes/5h723-8xxa8j-qlto.view/","offline","malware_download","Emotet|Heodo","alteman.com.br","186.202.153.151","27715","BR" "2019-03-07 20:20:19","http://alteman.com.br/wp-includes/xkks-73pb1g-lukc.view/","offline","malware_download","Emotet|Heodo","alteman.com.br","186.202.153.151","27715","BR" "2019-03-07 19:43:16","http://acessocriativo.com.br/wp-admin/sagva-11z5cb-vbjsd.view/","offline","malware_download","Emotet|Heodo","acessocriativo.com.br","186.202.153.96","27715","BR" "2019-03-07 19:03:07","http://supercardoso.com.br/banners/verif.myaccount.send.com/","offline","malware_download","doc|emotet|epoch1|Heodo","supercardoso.com.br","201.76.51.228","27715","BR" "2019-03-07 03:02:09","https://usiquimica.com.br/wp-content/y81zm-iksm8-jeynm.view/","offline","malware_download","doc|emotet|epoch2|Heodo","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-07 03:02:05","http://usiquimica.com.br/wp-content/y81zm-iksm8-jeynm.view/","offline","malware_download","doc|emotet|epoch2","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-06 20:44:23","https://usiquimica.com.br/wp-content/sendinc/support/ios/EN/201903/","offline","malware_download","doc|emotet|epoch1|Heodo","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-06 20:44:18","http://usiquimica.com.br/wp-content/sendinc/support/ios/EN/201903/","offline","malware_download","doc|emotet|epoch1","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-06 20:34:04","http://usiquimica.com.br/wp-content/y81zm-iksm8-jeynm.view//","offline","malware_download","","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-06 20:02:11","http://apd2.hospedagemdesites.ws/wp-admin/rpdf2-9o0k7z-dmhfv.view/","offline","malware_download","Emotet|Heodo","apd2.hospedagemdesites.ws","187.45.193.140","27715","BR" "2019-03-06 19:20:38","http://usiquimica.com.br/wp-content/sendincencrypt/legal/sec/En/201903/","offline","malware_download","emotet|epoch1","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-06 19:20:37","https://usiquimica.com.br/wp-content/sendincencrypt/legal/sec/En/201903/","offline","malware_download","emotet|epoch1|Heodo","usiquimica.com.br","191.252.47.78","27715","BR" "2019-03-06 17:19:22","http://www.gruposolution.com/xflri3kf/ftax-2oluf4-rnvdc.view/","offline","malware_download","Emotet|Heodo","www.gruposolution.com","186.202.153.145","27715","BR" "2019-03-06 16:43:05","http://oxfordusa1.tempsite.ws/wp-admin/l5b0-l6l94-vxbt.view/","offline","malware_download","Emotet|Heodo","oxfordusa1.tempsite.ws","186.202.153.75","27715","BR" "2019-03-06 08:02:47","http://servman.ind.br/templates/eggtemplate-servman/images/GKPIK.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","servman.ind.br","191.252.140.192","27715","BR" "2019-03-06 06:30:12","http://ipanemaseguros.com.br/ipanema/88ev2-g4h80-dlnzg.view/","offline","malware_download","","ipanemaseguros.com.br","186.202.153.54","27715","BR" "2019-03-05 21:47:13","http://codedata.tempsite.ws/wp-admin/sendincverif/messages/sec/EN/032019/","offline","malware_download","emotet|epoch1|Heodo","codedata.tempsite.ws","186.202.153.122","27715","BR" "2019-03-05 19:17:07","http://escoteirospa.org.br/ueb/sjhmk-xghxp-wlwgm.view/","offline","malware_download","doc|emotet|epoch2|Heodo","escoteirospa.org.br","191.252.51.8","27715","BR" "2019-03-05 17:03:04","http://antoniomuhana.com.br/lckftgv/u9sym-46nopg-svvmr.view/","offline","malware_download","doc|emotet|epoch2|Heodo","antoniomuhana.com.br","201.76.51.228","27715","BR" "2019-03-04 17:36:07","http://adver.com.br/admin/kegy9-vkn3d7-vjunj.view/","offline","malware_download","Emotet|Heodo","adver.com.br","191.252.45.226","27715","BR" "2019-03-04 10:42:18","http://servman.ind.br/templates/eggtemplate-servman/images/msg.jpg","offline","malware_download","exe|Troldesh","servman.ind.br","191.252.140.192","27715","BR" "2019-02-27 00:10:04","http://oticasvitoria.net/sendincencrypt/service/sec/En/201902/","offline","malware_download","doc|emotet|epoch1","oticasvitoria.net","186.202.153.160","27715","BR" "2019-02-26 18:59:13","http://icebox.hospedagemdesites.ws/NFUvcViiv5/","offline","malware_download","emotet|epoch1|exe","icebox.hospedagemdesites.ws","186.202.153.48","27715","BR" "2019-02-26 18:07:18","http://oreonfoods.com.br/sendinc/messages/verif/en_EN/201902/","offline","malware_download","emotet|epoch1","oreonfoods.com.br","186.202.153.161","27715","BR" "2019-02-26 09:53:53","http://teste.3achieve.com.br/De_de/DDEKYRP3267329/","offline","malware_download","Heodo","teste.3achieve.com.br","186.202.161.213","27715","BR" "2019-02-25 18:46:20","http://adunb.org.br/sendincsecure/service/verif/EN/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","adunb.org.br","186.202.157.79","27715","BR" "2019-02-25 17:30:02","http://191.252.102.167/wp-content/uploads/sendincencrypt/legal/sec/en_EN/02-2019/","offline","malware_download","emotet|epoch1|Heodo","191.252.102.167","191.252.102.167","27715","BR" "2019-02-25 17:16:04","http://robertaayres.com.br/docx/igfxMStcisiPDFdowmsii.jar","offline","malware_download","jar|loader|MetaMorfo|stage1","robertaayres.com.br","186.202.161.18","27715","BR" "2019-02-25 13:59:41","http://fls.eng.br/FR2c2GyqZCr/","offline","malware_download","emotet|epoch2|exe|Heodo","fls.eng.br","186.202.153.26","27715","BR" "2019-02-22 17:57:51","http://pousadadodouro.com.br/flash_player.exe","offline","malware_download","Cybergate","pousadadodouro.com.br","187.45.193.205","27715","BR" "2019-02-22 11:02:17","http://edubiel.com/Februar2019/FMCXQTFYDW5035534/Dokumente/RECH/","offline","malware_download","emotet|epoch1|Heodo","edubiel.com","191.252.51.245","27715","BR" "2019-02-21 13:57:20","http://intranet.neointelligence.com.br/De/DKPSPKXEF2050205/de/Hilfestellung/","offline","malware_download","doc|emotet|epoch1|Heodo","intranet.neointelligence.com.br","191.252.51.245","27715","BR" "2019-02-21 09:42:04","http://lubraperfis.com.br/Februar2019/BNHFDHJ3055032/Scan/Rechnungsanschrift/","offline","malware_download","Emotet|Heodo","lubraperfis.com.br","186.202.153.40","27715","BR" "2019-02-21 03:59:57","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung)/","offline","malware_download","doc|emotet|epoch1","intranet.neointelligence.com.br","191.252.51.245","27715","BR" "2019-02-20 20:51:03","http://laresperanca.com/En_us/xerox/Inv/OFOcG-hh_HuJZ-nH/","offline","malware_download","Emotet|Heodo","laresperanca.com","191.252.96.224","27715","BR" "2019-02-20 07:06:02","http://achoteis.com.br/base.txt","offline","malware_download","base64","achoteis.com.br","187.45.241.211","27715","BR" "2019-02-19 19:24:05","http://lubraperfis.com.br/PMSYGWLX5305438/de/Hilfestellung/","offline","malware_download","doc|emotet|epoch2|Heodo","lubraperfis.com.br","186.202.153.40","27715","BR" "2019-02-19 12:40:00","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet|epoch1|Heodo","intranet.neointelligence.com.br","191.252.51.245","27715","BR" "2019-02-16 03:41:07","http://aterrosanitarioouroverde.com.br/Amazon/Clients_transactions/2019-02/","offline","malware_download","doc|emotet|epoch1|Heodo","aterrosanitarioouroverde.com.br","191.252.83.5","27715","BR" "2019-02-14 15:44:07","http://www.db4serv.com.br/Receipt_Notice/Mdqny-M4Q_Oa-LtJ/","offline","malware_download","emotet|epoch1|Heodo","www.db4serv.com.br","191.252.51.69","27715","BR" "2019-02-14 13:35:43","http://www.osdecs.org.br/Sec_Refund/llc/Receipt_Notice/SnivM-h25_MkQZp-jG/","offline","malware_download","doc|emotet|epoch1|Heodo","www.osdecs.org.br","191.252.144.222","27715","BR" "2019-02-14 13:35:12","http://vencendoodesemprego.com.br/REF/doc/XSep-3W0_FfUeoh-Qh/","offline","malware_download","doc|emotet|epoch1|Heodo","vencendoodesemprego.com.br","186.202.157.79","27715","BR" "2019-02-14 11:48:11","http://aimaproducoes.com.br/Telekom/Rechnungen/012019/","offline","malware_download","emotet|epoch1|Heodo","aimaproducoes.com.br","191.252.136.143","27715","BR" "2019-02-13 22:03:47","http://elshipping.com.br/sec.accounts.resourses.net/","offline","malware_download","doc|emotet|epoch1|Heodo","elshipping.com.br","191.252.143.149","27715","BR" "2019-02-13 20:50:21","http://lightboxweb.com.br/secure.myaccount.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","lightboxweb.com.br","186.202.161.34","27715","BR" "2019-02-13 20:50:21","http://lightboxweb.com.br/secure.myaccount.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","lightboxweb.com.br","186.202.161.35","27715","BR" "2019-02-13 20:15:12","http://lubraperfis.com.br/En_us/company/New_invoice/NqJst-IOh_BURkbxF-oM/","offline","malware_download","Emotet|Heodo","lubraperfis.com.br","186.202.153.40","27715","BR" "2019-02-13 14:22:45","http://monalisacabeleireiros.com.br/Telekom/Rechnung/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","monalisacabeleireiros.com.br","187.45.240.6","27715","BR" "2019-02-13 09:27:47","http://antarestur.com.br/Telekom/Transaktion/01_19/","offline","malware_download","doc|emotet|heodo","antarestur.com.br","191.252.51.183","27715","BR" "2019-02-13 09:27:40","http://aterrosanitarioouroverde.com.br/Telekom/Rechnungen/012019/","offline","malware_download","doc|Dyre|emotet|heodo","aterrosanitarioouroverde.com.br","191.252.83.5","27715","BR" "2019-02-13 00:35:03","http://villarouca.com.br/trust.accounts.send.net/","offline","malware_download","doc|emotet|epoch1|Heodo","villarouca.com.br","186.202.161.190","27715","BR" "2019-02-13 00:10:16","http://coacig.com.br/secure.accounts.resourses.biz/","offline","malware_download","emotet|epoch1|Heodo","coacig.com.br","186.202.135.240","27715","BR" "2019-02-12 11:32:08","http://encontrodesolteiros.com.br/Februar2019/TTWTUEY4380127/Rechnung/Zahlung/","offline","malware_download","Emotet|Heodo","encontrodesolteiros.com.br","186.202.153.84","27715","BR" "2019-02-12 09:23:11","http://advocaciafreitas.com.br/DE_de/SIHDKA3817248/GER/Fakturierung/","offline","malware_download","Emotet|Heodo","advocaciafreitas.com.br","186.202.153.13","27715","BR" "2019-02-11 20:57:06","http://191.252.102.167/wp-content/uploads/sec.accs.send.biz/","offline","malware_download","emotet|Heodo","191.252.102.167","191.252.102.167","27715","BR" "2019-02-08 14:24:00","http://rcreciclagem.com.br/kzrmD_a1X5E-ca/D5Z/Documents/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","rcreciclagem.com.br","186.202.161.80","27715","BR" "2019-02-07 23:52:11","http://teste.3achieve.com.br/ylRhH_lf2-ZrstOeX/tY/Details/2019-02/","offline","malware_download","doc|emotet|epoch1|Heodo","teste.3achieve.com.br","186.202.161.213","27715","BR" "2019-02-07 23:50:54","http://mahler.com.br/zMli_kd-YAeKN/EE/Documents/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","mahler.com.br","187.45.240.68","27715","BR" "2019-02-07 16:28:07","http://blog.chefbrunaavila.com.br/En/New_invoice/3367758871706/DHtI-ZE_wK-zE/","offline","malware_download","Emotet|Heodo","blog.chefbrunaavila.com.br","186.202.153.128","27715","BR" "2019-02-07 15:45:04","http://muk.nu/US_us/download/Copy_Invoice/nKgSJ-gSPW4_NU-BW/","offline","malware_download","Emotet|Heodo","muk.nu","187.45.193.226","27715","BR" "2019-02-07 09:18:15","http://silvabrancoconstrutora.com.br/DE_de/FXXOLSYLAH1954873/de/Zahlung/","offline","malware_download","Emotet|Heodo","silvabrancoconstrutora.com.br","187.45.240.110","27715","BR" "2019-02-07 08:42:05","http://mateada.com.br/Telekom/Transaktion/01_19/","offline","malware_download","Andromeda|doc|emotet|heodo","mateada.com.br","200.234.195.213","27715","BR" "2019-02-06 23:52:21","http://madeireiraecologica.com.br/En_us/llc/New_invoice/Loay-tc_czqE-UIk/","offline","malware_download","doc|emotet|epoch2|Heodo","madeireiraecologica.com.br","186.202.153.55","27715","BR" "2019-02-05 13:44:30","http://agenciacoruja.com/xerox/Copy_Invoice/vyWK-yCWya_reA-fbf/","offline","malware_download","emotet|epoch2|Heodo","agenciacoruja.com","186.202.153.158","27715","BR" "2019-02-04 20:23:09","http://msgestaopublica.com.br/suyfh_ogx-FhwagJ/Yyh/Transactions_details/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","msgestaopublica.com.br","186.202.153.89","27715","BR" "2019-01-31 19:52:29","http://ifaro.net.br/xerox/Invoice/hqcr-fo_bzRtqz-fm/","offline","malware_download","emotet|epoch2|Heodo","ifaro.net.br","191.252.51.10","27715","BR" "2019-01-30 10:55:25","http://regue.com.br/Rechnungen/01_19/","offline","malware_download","emotet|epoch1|Heodo|Quakbot","regue.com.br","201.76.51.228","27715","BR" "2019-01-30 10:55:07","http://www.vivaochoro.com.br/Rechnungen/01_19/","offline","malware_download","emotet|epoch1|Heodo","www.vivaochoro.com.br","186.202.153.144","27715","BR" "2019-01-29 13:54:18","http://mahler.com.br/yDnJ_fK-DSiNB/ss/Clients_transactions/012019/","offline","malware_download","doc|emotet|epoch1|Heodo","mahler.com.br","187.45.240.68","27715","BR" "2019-01-29 02:55:16","http://bbcescritoriosvirtuais.com.br/mNIBX-9J09_vjFhKkrx-pHK/B261/invoicing/US/Past-Due-Invoices/","offline","malware_download","emotet|epoch1|Heodo","bbcescritoriosvirtuais.com.br","191.252.122.79","27715","BR" "2019-01-28 15:50:10","http://www.vkn.net.br/weQaoFpWl/","offline","malware_download","emotet|epoch2|exe|Heodo","www.vkn.net.br","186.202.153.99","27715","BR" "2019-01-24 23:45:27","http://motoprimerj.com.br/nciR-Jhq_XpfJYYh-aUQ/Ref/34880099En/Invoice-receipt/","offline","malware_download","doc|emotet|epoch2|Heodo","motoprimerj.com.br","186.202.153.34","27715","BR" "2019-01-24 11:32:06","http://p4man.com.br/Rechnungen/01_19/","offline","malware_download","emotet|epoch1|Heodo","p4man.com.br","186.202.153.93","27715","BR" "2019-01-23 14:25:07","http://ipspac.org.br/Payment_details/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","ipspac.org.br","187.45.240.72","27715","BR" "2019-01-22 19:31:09","http://souzabianco.com.br/Details/012019/","offline","malware_download","emotet|epoch1|Heodo","souzabianco.com.br","191.252.51.56","27715","BR" "2019-01-19 01:30:22","http://sasecuritygroup.com.br/Clients_information/2019-01/","offline","malware_download","emotet|epoch1|Heodo","sasecuritygroup.com.br","191.252.51.23","27715","BR" "2019-01-18 15:31:10","http://loadtest.com.br/ckQAt-cI5_Emd-r8/En/Invoice/","offline","malware_download","doc|Emotet|Heodo","loadtest.com.br","191.252.139.117","27715","BR" "2019-01-18 15:30:35","http://loadtest.com.br/ckQAt-cI5_Emd-r8/En/Invoice","offline","malware_download","","loadtest.com.br","191.252.139.117","27715","BR" "2019-01-18 00:51:09","http://fhclinica.com.br/DBhN-lVqao_nErXwPzxA-R4Q/EN_en/Document-needed/","offline","malware_download","doc|emotet|epoch2|Heodo","fhclinica.com.br","186.202.153.191","27715","BR" "2019-01-17 03:22:54","http://ferramentasubra.com.br/LTBiV-JzNNu_xHtPo-kC/INVOICE/US/Invoice-for-a/t-01/17/2019/","offline","malware_download","emotet|epoch2|Heodo","ferramentasubra.com.br","187.45.195.34","27715","BR" "2019-01-17 03:22:47","http://tec-auto.org/lbypS-tQ_ZnLTk-yT/Inv/64718210754/US_us/Outstanding-Invoices/","offline","malware_download","emotet|epoch2|Heodo","tec-auto.org","191.252.51.7","27715","BR" "2019-01-16 23:20:34","http://digen.com.br/Amazon/Clients_Messages/012019/","offline","malware_download","emotet|epoch1|Heodo","digen.com.br","187.45.240.68","27715","BR" "2019-01-16 21:39:11","http://economiadigital.biz/NKq5eOZ/","offline","malware_download","emotet|epoch1|exe|Heodo","economiadigital.biz","201.76.51.228","27715","BR" "2019-01-16 19:22:09","http://www.ganache.com.br/cArwR-cZUml_RB-olM/ACH/PaymentAdvice/US_us/Companies-Invoice-7507672/","offline","malware_download","emotet|epoch2|Heodo","www.ganache.com.br","191.252.51.57","27715","BR" "2019-01-16 13:38:37","http://camisariaalianca.com.br/qTwM-FAVH_vjOSz-Xu/Southwire/KWP644293513/US/Scan/","offline","malware_download","doc|Emotet|Heodo","camisariaalianca.com.br","186.202.153.148","27715","BR" "2019-01-15 21:00:33","http://casa7mares.com.br/cNLXJ-X8zS_Lx-kd/VV40/invoicing/En/Open-Past-Due-Orders/","offline","malware_download","emotet|epoch2|Heodo","casa7mares.com.br","191.252.51.103","27715","BR" "2019-01-15 20:48:08","http://guiavestindoabeca.com.br/Documents/2019-01/","offline","malware_download","emotet|epoch1|Heodo","guiavestindoabeca.com.br","191.252.132.64","27715","BR" "2019-01-15 14:58:04","http://assicom.org.br/iLFk-ZAB_LCbLfy-NZo/EXT/PaymentStatus/En_us/Service-Invoice/","offline","malware_download","emotet|epoch2|Heodo","assicom.org.br","187.45.240.63","27715","BR" "2018-12-20 22:20:09","http://mateada.com.br/QhfFhFQ_zNExADgg5_Mu/","offline","malware_download","emotet|epoch2|exe|Heodo","mateada.com.br","200.234.195.213","27715","BR" "2018-12-20 20:42:12","http://www.cesut.com/KjbBy-i0_CwNeIhJT-io/Invoice/0733771/En_us/Invoice-receipt/","offline","malware_download","doc|emotet|heodo","www.cesut.com","191.252.4.67","27715","BR" "2018-12-20 19:45:17","http://durax.com.br/Amazon/Information/12_18/","offline","malware_download","emotet|epoch1|Heodo","durax.com.br","191.252.136.31","27715","BR" "2018-12-20 17:25:10","http://inhresidence.com.br/0Chd1V_7l1Vw4p_DgVM63/","offline","malware_download","emotet|epoch2|exe|Heodo","inhresidence.com.br","191.252.123.100","27715","BR" "2018-12-20 15:46:50","http://feitoamao.com/De/BOMYWFIZ0584076/Rech/Fakturierung/","offline","malware_download","emotet|epoch2|Heodo","feitoamao.com","191.252.135.160","27715","BR" "2018-12-20 11:46:30","http://abiauto2.hospedagemdesites.ws/DE/FJALBOMYA8679199/Rechnungs/Fakturierung/","offline","malware_download","emotet|epoch2|Heodo","abiauto2.hospedagemdesites.ws","191.252.51.52","27715","BR" "2018-12-20 07:45:12","http://casanarducci.com.br/Amazon/Documents/12_18/","offline","malware_download","emotet|epoch1|Heodo","casanarducci.com.br","191.252.51.32","27715","BR" "2018-12-20 03:45:08","http://sulminaslaticinios.com.br/Amazon/EN_US/Orders-details/12_18/","offline","malware_download","emotet|epoch1|Heodo","sulminaslaticinios.com.br","186.202.153.170","27715","BR" "2018-12-19 21:09:08","http://www.sulminaslaticinios.com.br/Amazon/EN_US/Orders-details/12_18/","offline","malware_download","emotet|epoch1|Heodo","www.sulminaslaticinios.com.br","186.202.153.170","27715","BR" "2018-12-19 14:42:09","http://wilsonfreitas.com/tHnz-KvedPJ3P_xlpwZ-2NI/InvoiceCodeChanges/sites/EN_en/Document-needed/","offline","malware_download","doc|emotet|heodo","wilsonfreitas.com","201.76.51.228","27715","BR" "2018-12-19 09:00:08","http://maxilink.com.br/Ialc-5tnhXx5540iLkG5_UySsONwy-Y8S/","offline","malware_download","doc|Heodo","maxilink.com.br","186.202.126.16","27715","BR" "2018-12-19 00:41:47","http://www.casanarducci.com.br/Amazon/Documents/12_18/","offline","malware_download","doc|emotet|epoch1|Heodo","www.casanarducci.com.br","191.252.51.32","27715","BR" "2018-12-19 00:39:39","http://mentesdigitais.com.br/mNhM-1uEkEuXaYN3Fvg_dHEyiuRF-GW/","offline","malware_download","doc|emotet|epoch1|Heodo","mentesdigitais.com.br","186.202.153.31","27715","BR" "2018-12-19 00:28:40","http://cesut.com/images/QtjZ-wwb1Jd2QiHCQrjr_taZmGcblD-eM/SS043/invoicing/FILE/US_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet|epoch2|Heodo","cesut.com","191.252.4.67","27715","BR" "2018-12-19 00:23:06","http://sinopnet.com.br/FYHv-FAhJjW9X_EtywEK-z9u/Invoice/132187675/Document/US/7-Past-Due-Invoices/","offline","malware_download","emotet|epoch2|Heodo","sinopnet.com.br","186.202.183.16","27715","BR" "2018-12-19 00:08:10","http://mateada.com.br/nhlr-sXvqNv4nl_dQwBL-9b/Southwire/BQZ9792131687/default/En_us/Need-to-send-the-attachment/","offline","malware_download","emotet|epoch2|Heodo","mateada.com.br","200.234.195.213","27715","BR" "2018-12-18 23:49:13","http://plcopen.com.br/nzCIo-FdP37pSyGO8fte_udwJPyhVL-ooh/","offline","malware_download","emotet|epoch1|Heodo","plcopen.com.br","186.202.153.5","27715","BR" "2018-12-18 22:24:31","http://anconaeventos.com.br/Amazon/EN_US/Transaction_details/122018/","offline","malware_download","doc","anconaeventos.com.br","179.188.11.71","27715","BR" "2018-12-18 21:50:33","http://sindsef-ro.org.br/Amazon/En_us/Clients/12_18","offline","malware_download","doc","sindsef-ro.org.br","186.202.153.228","27715","BR" "2018-12-18 19:43:33","http://www.zenvet.com.br/cGWSt-SWYJJt4jUfEAOh_hVjEBxlU-Cqo/","offline","malware_download","emotet|epoch1|Heodo","www.zenvet.com.br","186.202.153.13","27715","BR" "2018-12-18 17:00:08","http://www.anconaeventos.com.br/Amazon/EN_US/Transaction_details/122018/","offline","malware_download","emotet|epoch1|Heodo","www.anconaeventos.com.br","179.188.11.71","27715","BR" "2018-12-18 16:59:48","http://www.sindsef-ro.org.br/Amazon/En_us/Clients/12_18/","offline","malware_download","emotet|epoch1|Heodo","www.sindsef-ro.org.br","186.202.153.228","27715","BR" "2018-12-18 13:51:17","http://www.cesut.com/images/QtjZ-wwb1Jd2QiHCQrjr_taZmGcblD-eM/SS043/invoicing/FILE/US_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","doc|emotet|heodo","www.cesut.com","191.252.4.67","27715","BR" "2018-12-14 16:24:52","http://www.ldxquimica.com.br/KPHa-5mBs6E89ijjzCB_mBvftWvR-rG/","offline","malware_download","emotet|epoch1|Heodo","www.ldxquimica.com.br","191.252.132.112","27715","BR" "2018-12-14 12:23:06","http://wazzah.com.br/8sXLyJa4NZMccI6/de/Service-Center/","offline","malware_download","emotet|epoch2|Heodo","wazzah.com.br","187.45.193.210","27715","BR" "2018-12-13 20:36:21","http://german.com.br/En_us/Documents/12_18/","offline","malware_download","doc|emotet|heodo","german.com.br","187.45.193.215","27715","BR" "2018-12-13 20:23:58","http://ccilogistica.com.br/Southwire/910459143107617649/LLC/US/Summit-Companies-Invoice-33396595/","offline","malware_download","emotet|epoch2|Heodo","ccilogistica.com.br","187.45.195.62","27715","BR" "2018-12-13 16:02:50","http://draanaalice.com.br/US/Clients_transactions/12_18/","offline","malware_download","emotet|epoch1|Heodo","draanaalice.com.br","191.252.130.104","27715","BR" "2018-12-11 18:35:12","http://wazzah.com.br/Telekom/Rechnungen/112018/","offline","malware_download","doc|emotet|Heodo","wazzah.com.br","187.45.193.210","27715","BR" "2018-12-11 13:05:06","http://wazzah.com.br/doc/En_us/Sales-Invoice","offline","malware_download","doc","wazzah.com.br","187.45.193.210","27715","BR" "2018-12-11 10:13:05","http://agenciamarche.com.br/wp-content/themes/sketch/nvc12.exe","offline","malware_download","exe","agenciamarche.com.br","191.252.134.70","27715","BR" "2018-12-11 08:00:04","http://wazzah.com.br/Telekom/Rechnungen/112018","offline","malware_download","emotet|epoch1","wazzah.com.br","187.45.193.210","27715","BR" "2018-12-10 20:24:04","http://verdandiseguros.com.br/IRS/IRS.gov/Wage-and-Income-Transcript/December-06-2018/","offline","malware_download","Emotet|Heodo","verdandiseguros.com.br","186.202.153.168","27715","BR" "2018-12-07 23:55:19","http://welldesigner.com/files/US_us/Need-to-send-the-attachment/","offline","malware_download","doc|emotet|epoch2","welldesigner.com","191.252.141.125","27715","BR" "2018-12-07 23:55:11","http://unoautomation.com.br/IRS.GOV/IRS-irsonline-treasury-gov/Tax-Return-Transcript/December-06-2018/","offline","malware_download","doc|emotet|epoch2","unoautomation.com.br","191.252.143.29","27715","BR" "2018-12-07 14:43:34","http://welldesigner.com/files/US_us/Need-to-send-the-attachment","offline","malware_download","emotet|epoch2|Heodo","welldesigner.com","191.252.141.125","27715","BR" "2018-12-07 11:45:33","http://zippe.com.br/IRS/Internal-Revenue-Service/Tax-Account-Transcript/December-06-2018","offline","malware_download","emotet|epoch2|Heodo","zippe.com.br","187.45.195.138","27715","BR" "2018-12-07 02:58:31","http://tacoar.com.br/IRS/IRS.gov/Verification-of-Non-filing-Letter/December-06-2018/","offline","malware_download","doc|emotet|epoch2|Heodo","tacoar.com.br","187.45.193.169","27715","BR" "2018-12-07 00:53:09","http://usinadramatica.com.br/INFO/US/Outstanding-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","usinadramatica.com.br","186.202.153.151","27715","BR" "2018-12-06 23:45:12","http://unoautomation.com.br/IRS.GOV/IRS-irsonline-treasury-gov/Tax-Return-Transcript/December-06-2018","offline","malware_download","emotet|epoch2|Heodo","unoautomation.com.br","191.252.143.29","27715","BR" "2018-12-06 21:41:06","http://tacoar.com.br/IRS/IRS.gov/Verification-of-Non-filing-Letter/December-06-2018","offline","malware_download","emotet|epoch2|Heodo","tacoar.com.br","187.45.193.169","27715","BR" "2018-12-06 01:17:11","http://ipeuna.com/DHMSTC8158249/Rechnung/DETAILS/","offline","malware_download","doc|emotet|epoch2","ipeuna.com","186.202.153.4","27715","BR" "2018-12-06 01:16:22","http://criabrasilmoda.com.br/Document/US_us/Question/","offline","malware_download","doc|emotet|epoch2","criabrasilmoda.com.br","186.202.153.41","27715","BR" "2018-12-05 19:44:04","http://qd1.com.br/US/Documents/2018-12","offline","malware_download","emotet|epoch1|Heodo","qd1.com.br","186.202.153.51","27715","BR" "2018-12-05 19:42:05","http://qd1.com.br/US/Documents/2018-12/","offline","malware_download","doc|Heodo","qd1.com.br","186.202.153.51","27715","BR" "2018-12-05 19:38:32","http://paulofodra.com.br/t9Nf","offline","malware_download","emotet|epoch2|exe|Heodo","paulofodra.com.br","201.76.51.228","27715","BR" "2018-12-05 12:59:05","http://ipeuna.com/DHMSTC8158249/Rechnung/DETAILS","offline","malware_download","emotet|epoch2|Heodo","ipeuna.com","186.202.153.4","27715","BR" "2018-12-05 06:28:22","http://ecoplast.com.br/PxM20gzmmTA/DE/IhreSparkasse/","offline","malware_download","doc|emotet|epoch2","ecoplast.com.br","187.45.193.161","27715","BR" "2018-12-05 06:28:05","http://caprius.com.br/INFO/US_us/Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","caprius.com.br","186.202.153.22","27715","BR" "2018-12-05 04:12:24","http://criabrasilmoda.com.br/Document/US_us/Question","offline","malware_download","emotet|epoch2|Heodo","criabrasilmoda.com.br","186.202.153.41","27715","BR" "2018-12-05 04:12:17","http://caprius.com.br/INFO/US_us/Past-Due-Invoices","offline","malware_download","emotet|epoch2|Heodo","caprius.com.br","186.202.153.22","27715","BR" "2018-12-04 12:33:14","http://ecoplast.com.br/PxM20gzmmTA/DE/IhreSparkasse","offline","malware_download","emotet|epoch2|Heodo","ecoplast.com.br","187.45.193.161","27715","BR" "2018-12-01 01:27:43","http://colegiosantanna.com.br/756045DVIUPI/WIRE/Commercial/","offline","malware_download","doc|emotet|epoch2","colegiosantanna.com.br","186.202.153.151","27715","BR" "2018-11-30 18:49:05","http://wazzah.com.br/files/EN_en/Open-Past-Due-Orders","offline","malware_download","emotet|epoch2","wazzah.com.br","187.45.193.210","27715","BR" "2018-11-30 16:17:07","http://paulofodra.com.br/xerox/EN_en/Important-Please-Read","offline","malware_download","emotet|epoch2|Heodo","paulofodra.com.br","201.76.51.228","27715","BR" "2018-11-30 15:28:53","http://wazzah.com.br/files/EN_en/Open-Past-Due-Orders/","offline","malware_download","emotet|Heodo|Word doc","wazzah.com.br","187.45.193.210","27715","BR" "2018-11-30 15:28:43","http://paulofodra.com.br/xerox/EN_en/Important-Please-Read/","offline","malware_download","emotet|Heodo|Word doc","paulofodra.com.br","201.76.51.228","27715","BR" "2018-11-30 11:40:36","http://qd1.com.br/En/Clients_CM_Coupons","offline","malware_download","doc|emotet|Heodo","qd1.com.br","186.202.153.51","27715","BR" "2018-11-30 11:33:27","http://colegiosantanna.com.br/756045DVIUPI/WIRE/Commercial","offline","malware_download","doc|Heodo","colegiosantanna.com.br","186.202.153.151","27715","BR" "2018-11-30 06:05:38","http://poows.com.br/Nov2018/En_us/Outstanding-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","poows.com.br","187.45.195.32","27715","BR" "2018-11-30 06:05:36","http://poows.com.br/Nov2018/En_us/Outstanding-Invoices","offline","malware_download","doc|emotet|epoch2|Heodo","poows.com.br","187.45.195.32","27715","BR" "2018-11-30 06:05:29","http://narin.com.br/default/US_us/Need-to-send-the-attachment/","offline","malware_download","doc|emotet|epoch2","narin.com.br","187.45.195.65","27715","BR" "2018-11-30 03:48:44","http://racorp.com.br/EN/Clients_CM_Coupons/","offline","malware_download","doc|emotet|epoch1","racorp.com.br","187.45.195.12","27715","BR" "2018-11-30 00:02:08","http://letraeimagem.com.br/zmDH","offline","malware_download","emotet|epoch2|exe|Heodo","letraeimagem.com.br","187.45.193.204","27715","BR" "2018-11-29 21:33:04","http://xadrezgigante.com.br/EN/CM2018/","offline","malware_download","doc|Heodo","xadrezgigante.com.br","186.202.153.119","27715","BR" "2018-11-29 20:13:04","http://xadrezgigante.com.br/EN/CM2018","offline","malware_download","emotet|epoch1|Heodo","xadrezgigante.com.br","186.202.153.119","27715","BR" "2018-11-29 16:35:04","http://supercardoso.com.br/aOHFp/","offline","malware_download","exe","supercardoso.com.br","201.76.51.228","27715","BR" "2018-11-29 16:07:10","http://supercardoso.com.br/aOHFp","offline","malware_download","emotet|epoch2|exe","supercardoso.com.br","201.76.51.228","27715","BR" "2018-11-29 14:38:39","http://rebobine.com.br/Download/US_us/Service-Report-88539","offline","malware_download","emotet|epoch2|Heodo","rebobine.com.br","191.252.51.206","27715","BR" "2018-11-29 14:38:12","http://narin.com.br/default/US_us/Need-to-send-the-attachment","offline","malware_download","emotet|epoch2|Heodo","narin.com.br","187.45.195.65","27715","BR" "2018-11-29 10:38:09","http://racorp.com.br/EN/Clients_CM_Coupons","offline","malware_download","emotet|epoch1|Heodo","racorp.com.br","187.45.195.12","27715","BR" "2018-11-29 01:25:15","http://ceatnet.com.br/0I/ACH/Personal/","offline","malware_download","doc|emotet|epoch2|Heodo","ceatnet.com.br","187.45.195.136","27715","BR" "2018-11-29 00:59:05","http://digamaria.com.br/En/Clients_Coupons/","offline","malware_download","doc|emotet|epoch1","digamaria.com.br","186.202.153.14","27715","BR" "2018-11-28 18:09:47","http://buffetartfesta.com.br/8FPfupiez6koNxWU/SWIFT/PrivateBanking","offline","malware_download","doc|emotet|heodo","buffetartfesta.com.br","186.202.153.91","27715","BR" "2018-11-28 18:09:39","http://ceatnet.com.br/0I/ACH/Personal","offline","malware_download","doc|emotet|heodo","ceatnet.com.br","187.45.195.136","27715","BR" "2018-11-28 18:05:11","http://colegiosantanna.com.br/037EYDNEKX/SEP/US","offline","malware_download","doc|emotet|heodo","colegiosantanna.com.br","186.202.153.151","27715","BR" "2018-11-28 14:22:15","http://digamaria.com.br/En/Clients_Coupons","offline","malware_download","emotet|epoch1|Heodo","digamaria.com.br","186.202.153.14","27715","BR" "2018-11-28 10:39:30","http://martinbaum.com.br/p2zH4CnjXR78/SEP/Service-Center","offline","malware_download","emotet|epoch2|Gozi","martinbaum.com.br","186.202.153.119","27715","BR" "2018-11-28 04:10:59","http://portalmegazap.com.br/124847XK/identity/Smallbusiness/","offline","malware_download","doc|emotet|epoch2","portalmegazap.com.br","201.76.51.228","27715","BR" "2018-11-27 18:57:09","http://portalmegazap.com.br/124847XK/identity/Smallbusiness","offline","malware_download","doc|emotet|Heodo","portalmegazap.com.br","201.76.51.228","27715","BR" "2018-11-26 15:44:32","http://trattoriatoscana.com.br/nztTCphn9xjX4MGLVh/DE/Firmenkunden/","offline","malware_download","doc|emotet|epoch2|Heodo","trattoriatoscana.com.br","179.188.11.33","27715","BR" "2018-11-26 15:43:55","http://malupieng.com.br/73321ALNWYY/PAYROLL/Business/","offline","malware_download","doc|emotet|epoch2|Heodo","malupieng.com.br","187.45.195.185","27715","BR" "2018-11-26 15:40:06","http://nkap.com.br/Nov2018/Rechnung/Hilfestellung/Rech-IPY-66-85638/","offline","malware_download","emotet|macro|word doc","nkap.com.br","186.202.153.11","27715","BR" "2018-11-26 12:32:13","http://nkap.com.br/Nov2018/Rechnung/Hilfestellung/Rech-IPY-66-85638","offline","malware_download","doc|emotet|heodo","nkap.com.br","186.202.153.11","27715","BR" "2018-11-26 12:32:08","http://gvasconcelosconsultoria.com.br/doc/de/RECH/Zahlung-bequem-per-Rechnung-QM-79-27875","offline","malware_download","doc|emotet|heodo","gvasconcelosconsultoria.com.br","191.252.51.55","27715","BR" "2018-11-26 12:29:46","http://trattoriatoscana.com.br/nztTCphn9xjX4MGLVh/DE/Firmenkunden","offline","malware_download","doc|emotet|heodo","trattoriatoscana.com.br","179.188.11.33","27715","BR" "2018-11-26 09:58:17","http://malupieng.com.br/73321ALNWYY/PAYROLL/Business","offline","malware_download","doc|emotet|Heodo","malupieng.com.br","187.45.195.185","27715","BR" "2018-11-23 21:17:08","http://blog.doutorresolve.com.br/EN_US/BlackFriday2018/","offline","malware_download","doc|emotet|epoch1|Heodo","blog.doutorresolve.com.br","191.252.62.188","27715","BR" "2018-11-23 21:17:06","http://blog.doutorresolve.com.br/EN_US/BlackFriday2018","offline","malware_download","doc|emotet|epoch1|Heodo","blog.doutorresolve.com.br","191.252.62.188","27715","BR" "2018-11-20 21:13:04","http://palmeirais.pi.gov.br/F/","offline","malware_download","exe|Heodo","palmeirais.pi.gov.br","186.202.153.85","27715","BR" "2018-11-20 20:57:07","http://palmeirais.pi.gov.br/F","offline","malware_download","emotet|epoch2|Heodo","palmeirais.pi.gov.br","186.202.153.85","27715","BR" "2018-11-19 20:03:32","http://www.eccor.com.br/US/Clients/092018/","offline","malware_download","emotet|heodo","www.eccor.com.br","187.45.195.185","27715","BR" "2018-11-19 20:01:54","http://tvacaradabahia.com.br/scan/En_us/Open-invoices/","offline","malware_download","emotet|heodo","tvacaradabahia.com.br","187.45.240.3","27715","BR" "2018-11-19 19:58:26","http://sp3.com.br/LLC/EQFY547003744IJDR/15992133/GOS-RVL/","offline","malware_download","emotet|heodo","sp3.com.br","191.252.51.23","27715","BR" "2018-11-19 19:58:15","http://silvabranco.com.br/420996WWHEADHE/SEP/US/","offline","malware_download","emotet|heodo","silvabranco.com.br","187.45.240.110","27715","BR" "2018-11-19 19:55:58","http://perfilpesquisas.com.br/DOC/En/Invoice-0086009/","offline","malware_download","emotet|heodo","perfilpesquisas.com.br","186.202.59.82","27715","BR" "2018-11-19 19:55:15","http://nk2.com.br/9GRBUXIYD/PAYMENT/Personal/","offline","malware_download","emotet|heodo","nk2.com.br","187.45.240.34","27715","BR" "2018-11-19 19:45:25","http://czartransporte.com.br/7614GJ/com/US/","offline","malware_download","emotet|heodo","czartransporte.com.br","187.45.195.15","27715","BR" "2018-11-16 02:04:24","http://blog.doutorresolve.com.br/070FIQPZCAF/identity/Commercial/","offline","malware_download","doc|emotet|epoch2","blog.doutorresolve.com.br","191.252.62.188","27715","BR" "2018-11-15 20:49:24","http://aperegrina.com.br/j7EVTRv48k","offline","malware_download","emotet|epoch1|exe|Heodo","aperegrina.com.br","191.252.51.4","27715","BR" "2018-11-15 17:32:13","http://blog.doutorresolve.com.br/070FIQPZCAF/identity/Commercial","offline","malware_download","doc|emotet|heodo","blog.doutorresolve.com.br","191.252.62.188","27715","BR" "2018-11-14 17:48:06","http://panelapreta.com.br/b0kQ7Q8","offline","malware_download","emotet|exe|Heodo","panelapreta.com.br","191.252.143.121","27715","BR" "2018-11-09 20:50:48","http://seadi2.hospedagemdesites.ws/Document/En_us/186-11-789737-486-186-11-789737-929/","offline","malware_download","doc|emotet|epoch2","seadi2.hospedagemdesites.ws","191.252.51.208","27715","BR" "2018-11-09 16:01:07","http://seadi2.hospedagemdesites.ws/Document/En_us/186-11-789737-486-186-11-789737-929","offline","malware_download","doc|emotet|Heodo","seadi2.hospedagemdesites.ws","191.252.51.208","27715","BR" "2018-11-09 13:21:11","http://seadi2.hospedagemdesites.ws/Document/En_us/186-11-789737-486-186-11-789737-929)","offline","malware_download","doc|emotet|Heodo","seadi2.hospedagemdesites.ws","191.252.51.208","27715","BR" "2018-11-09 06:26:09","http://rcaconstrutora.com.br/EN_US/Details/2018-11/","offline","malware_download","","rcaconstrutora.com.br","200.234.194.251","27715","BR" "2018-11-09 06:24:41","http://modernizar.com.br/062OFLNJWG/PAY/Commercial/","offline","malware_download","","modernizar.com.br","186.202.161.96","27715","BR" "2018-11-09 06:22:13","http://busparty.com.br/91XMGVTTTC/PAYROLL/Personal/","offline","malware_download","","busparty.com.br","191.252.51.234","27715","BR" "2018-11-09 00:22:44","http://www.rcaconstrutora.com.br/EN_US/Details/2018-11/","offline","malware_download","doc|emotet|epoch1","www.rcaconstrutora.com.br","200.234.194.251","27715","BR" "2018-11-09 00:21:05","http://bimonti.com.br/US/Clients/2018-11/","offline","malware_download","doc|emotet|epoch1","bimonti.com.br","186.202.153.53","27715","BR" "2018-11-08 23:54:09","http://fglab.com.br/US/Details/112018/","offline","malware_download","doc|emotet|epoch1|Heodo","fglab.com.br","191.252.137.26","27715","BR" "2018-11-08 23:50:06","http://busparty.com.br/91XMGVTTTC/PAYROLL/Personal","offline","malware_download","","busparty.com.br","191.252.51.234","27715","BR" "2018-11-08 23:23:07","http://fglab.com.br/US/Details/112018","offline","malware_download","doc|emotet|Heodo","fglab.com.br","191.252.137.26","27715","BR" "2018-11-08 20:19:14","http://rcaconstrutora.com.br/67665REOL/PAYROLL/US/","offline","malware_download","doc|emotet|epoch2","rcaconstrutora.com.br","200.234.194.251","27715","BR" "2018-11-08 20:19:13","http://rcaconstrutora.com.br/67665REOL/PAYROLL/US","offline","malware_download","doc|emotet|epoch2","rcaconstrutora.com.br","200.234.194.251","27715","BR" "2018-11-08 16:00:04","http://www.modernizar.com.br/062OFLNJWG/PAY/Commercial/","offline","malware_download","doc|Heodo","www.modernizar.com.br","186.202.161.96","27715","BR" "2018-11-08 14:42:46","http://www.modernizar.com.br/062OFLNJWG/PAY/Commercial","offline","malware_download","doc|emotet|heodo","www.modernizar.com.br","186.202.161.96","27715","BR" "2018-11-08 14:37:21","http://www.rcaconstrutora.com.br/EN_US/Details/2018-11","offline","malware_download","doc|emotet|heodo","www.rcaconstrutora.com.br","200.234.194.251","27715","BR" "2018-11-08 14:36:45","http://bimonti.com.br/US/Clients/2018-11","offline","malware_download","doc|emotet|heodo","bimonti.com.br","186.202.153.53","27715","BR" "2018-11-08 11:58:05","http://www.busparty.com.br/91XMGVTTTC/PAYROLL/Personal/","offline","malware_download","doc|Heodo","www.busparty.com.br","191.252.51.234","27715","BR" "2018-11-08 11:05:42","http://www.busparty.com.br/91XMGVTTTC/PAYROLL/Personal","offline","malware_download","doc|emotet|Heodo","www.busparty.com.br","191.252.51.234","27715","BR" "2018-11-06 17:01:03","http://fglab.com.br/LLC/En_us/New-order/","offline","malware_download","doc|emotet|epoch2|Heodo","fglab.com.br","191.252.137.26","27715","BR" "2018-11-06 16:39:18","http://fglab.com.br/LLC/En_us/New-order","offline","malware_download","doc|emotet|Heodo","fglab.com.br","191.252.137.26","27715","BR" "2018-10-17 07:50:04","http://www.ceobusiness.com.br/7345492LRUOI/com/Personal/","offline","malware_download","doc|Heodo","www.ceobusiness.com.br","201.76.51.228","27715","BR" "2018-10-08 15:47:38","http://sp3.com.br/DOC/OJJG18440748079AVKPG/Aug-03-2018-597474456/FIC-YFAFC","offline","malware_download","doc|emotet","sp3.com.br","191.252.51.23","27715","BR" "2018-10-08 06:28:29","http://nk2.com.br/9GRBUXIYD/PAYMENT/Personal","offline","malware_download","doc|emotet|heodo","nk2.com.br","187.45.240.34","27715","BR" "2018-10-07 12:39:05","http://lejoliedoces.com.br/Client/New-Invoice-YC65240-DO-2015","offline","malware_download","doc|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-10-07 12:34:04","http://lejoliedoces.com.br/FILE/Pay-Invoice","offline","malware_download","doc|Emotet|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-10-06 07:28:20","http://iabrj.org.br/8902775T/oamo/Smallbusiness/","offline","malware_download","doc|emotet|heodo","iabrj.org.br","187.45.193.174","27715","BR" "2018-10-04 23:09:13","http://conecta.aliz.com.br/gqbsu/LLC/US_us/Invoice-receipt/","offline","malware_download","doc|Emotet|Heodo","conecta.aliz.com.br","187.45.240.50","27715","BR" "2018-10-04 22:12:37","http://conecta.aliz.com.br/gqbsu/LLC/US_us/Invoice-receipt","offline","malware_download","doc|emotet|Heodo","conecta.aliz.com.br","187.45.240.50","27715","BR" "2018-10-04 22:12:09","http://hsja.com.br/EN_US/Documents/102018","offline","malware_download","doc|emotet|Heodo","hsja.com.br","187.45.195.134","27715","BR" "2018-10-04 17:41:16","http://www.hsja.com.br/EN_US/Documents/102018","offline","malware_download","doc|emotet|Heodo","www.hsja.com.br","187.45.195.134","27715","BR" "2018-10-04 17:41:06","http://www.quallityprosaude.com.br/En_us/Attachments/10_18","offline","malware_download","doc|emotet|Heodo","www.quallityprosaude.com.br","187.45.240.72","27715","BR" "2018-10-04 14:18:39","http://gayporacaso.com.br/520235UJ/com/US","offline","malware_download","doc|emotet|Heodo","gayporacaso.com.br","191.252.51.217","27715","BR" "2018-10-04 08:50:49","http://www.charrua.agr.br/040Z/PAYROLL/Personal","offline","malware_download","doc|emotet|heodo","www.charrua.agr.br","187.45.195.132","27715","BR" "2018-10-04 08:46:43","http://parametros.com.br/8523092GQXNIB/BIZ/Smallbusiness","offline","malware_download","doc|emotet|heodo","parametros.com.br","186.202.153.129","27715","BR" "2018-10-04 08:46:37","http://www.iabrj.org.br/8902775T/oamo/Smallbusiness","offline","malware_download","doc|emotet|heodo","www.iabrj.org.br","187.45.193.174","27715","BR" "2018-10-04 08:46:11","http://www.lifefisio.com.br/9159669EDVOE/PAY/Personal","offline","malware_download","doc|emotet|heodo","www.lifefisio.com.br","187.45.193.170","27715","BR" "2018-10-04 08:45:07","http://pontoduplo.com.br/default/En/Open-invoices","offline","malware_download","doc|emotet|heodo","pontoduplo.com.br","179.188.11.240","27715","BR" "2018-10-04 08:15:37","http://conesulbebidas.com/2267748CIGDMYC/identity/US","offline","malware_download","doc|emotet|Heodo","conesulbebidas.com","201.76.51.228","27715","BR" "2018-10-04 08:15:17","http://www.reusa.com.br/457XEBF/WIRE/Personal","offline","malware_download","doc|emotet|Heodo","www.reusa.com.br","186.202.153.161","27715","BR" "2018-10-03 21:22:10","http://silvabranco.com.br/420996WWHEADHE/SEP/US","offline","malware_download","doc|emotet|Heodo","silvabranco.com.br","187.45.240.110","27715","BR" "2018-10-03 18:43:54","http://gtminas.com.br/En_us/Clients/10_18","offline","malware_download","doc|emotet|heodo","gtminas.com.br","187.45.195.189","27715","BR" "2018-10-03 15:23:27","http://renatogosling.com.br/669DPOMRHJL/SEP/Commercial","offline","malware_download","doc|emotet|Heodo","renatogosling.com.br","186.202.157.79","27715","BR" "2018-10-03 06:34:46","http://observatoriocristao.com/doc/En/Invoice-56387225-October","offline","malware_download","doc|emotet|heodo","observatoriocristao.com","187.45.193.221","27715","BR" "2018-10-03 04:53:31","http://newlinealarmes.com.br/EN_US/Attachments/10_18","offline","malware_download","doc|emotet|heodo","newlinealarmes.com.br","187.45.193.223","27715","BR" "2018-10-02 23:13:17","http://franbella.com.br/L2LoyRE3","offline","malware_download","emotet|exe|Heodo","franbella.com.br","187.45.195.12","27715","BR" "2018-10-02 11:21:05","http://www.drogariateixeira.com.br/1932JBP/PAYROLL/Business/","offline","malware_download","doc|Heodo","www.drogariateixeira.com.br","201.76.51.228","27715","BR" "2018-10-02 11:01:54","http://www.drogariateixeira.com.br/1932JBP/PAYROLL/Business","offline","malware_download","doc|emotet|Heodo","www.drogariateixeira.com.br","201.76.51.228","27715","BR" "2018-10-01 22:03:47","http://strom.com.br/6ZQYVFHP/PAYROLL/Business","offline","malware_download","doc|emotet|Heodo","strom.com.br","191.252.51.36","27715","BR" "2018-10-01 22:03:22","http://abiauto2.hospedagemdesites.ws/Document/En_us/Outstanding-Invoices","offline","malware_download","doc|emotet|Heodo","abiauto2.hospedagemdesites.ws","191.252.51.52","27715","BR" "2018-10-01 14:41:06","http://www.eccor.com.br/US/Clients/092018","offline","malware_download","doc|emotet|Heodo","www.eccor.com.br","187.45.195.185","27715","BR" "2018-09-28 22:17:19","http://www.blog.pitangawear.com.br/Cy0mcje4f","offline","malware_download","emotet|exe|Heodo","www.blog.pitangawear.com.br","201.76.51.228","27715","BR" "2018-09-28 09:19:05","http://registermedicalgroup.com/CLQJu1x","offline","malware_download","emotet|exe|Heodo","registermedicalgroup.com","187.45.193.173","27715","BR" "2018-09-28 09:14:30","http://www.modernizar.com.br/US/Documents/092018","offline","malware_download","doc|emotet|Heodo","www.modernizar.com.br","186.202.161.96","27715","BR" "2018-09-28 09:14:18","http://tvacaradabahia.com.br/scan/En_us/Open-invoices","offline","malware_download","doc|emotet|Heodo","tvacaradabahia.com.br","187.45.240.3","27715","BR" "2018-09-27 23:08:19","http://philomenabar.com.br/OJkcv","offline","malware_download","emotet|exe|Heodo","philomenabar.com.br","187.45.193.209","27715","BR" "2018-09-27 17:05:37","http://www.clinicacirurgiaplasticasp.com.br/Jmz","offline","malware_download","emotet|exe|Heodo","www.clinicacirurgiaplasticasp.com.br","201.76.51.228","27715","BR" "2018-09-26 05:08:33","http://kasamia.com.br/185TLNGKH/com/Smallbusiness","offline","malware_download","doc|emotet|Heodo","kasamia.com.br","186.202.153.11","27715","BR" "2018-09-25 21:03:18","http://rallysafra.com/wp-content/plugins/googleanalytics/3","offline","malware_download","","rallysafra.com","201.76.51.228","27715","BR" "2018-09-25 21:02:54","http://rallysafra.com/wp-content/plugins/googleanalytics/2","offline","malware_download","","rallysafra.com","201.76.51.228","27715","BR" "2018-09-25 21:02:36","http://rallysafra.com/wp-content/plugins/googleanalytics/1","offline","malware_download","","rallysafra.com","201.76.51.228","27715","BR" "2018-09-24 13:33:14","http://canevazzi.com.br/4360694QNQQGG/SEP/Commercial","offline","malware_download","doc|emotet|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-09-24 13:33:09","http://czartransporte.com.br/7614GJ/com/US","offline","malware_download","doc|emotet|Heodo","czartransporte.com.br","187.45.195.15","27715","BR" "2018-09-24 05:45:11","http://cuidartododia.com.br/293ISFIEBQH/SEP/Personal/","offline","malware_download","doc|Emotet|Heodo","cuidartododia.com.br","187.45.240.63","27715","BR" "2018-09-24 05:39:06","http://canevazzi.com.br/32OP/com/US/","offline","malware_download","doc|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-09-24 04:51:45","http://cuidartododia.com.br/293ISFIEBQH/SEP/Personal","offline","malware_download","doc|emotet|Heodo","cuidartododia.com.br","187.45.240.63","27715","BR" "2018-09-24 04:47:42","http://canevazzi.com.br/32OP/com/US","offline","malware_download","doc|emotet|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-09-19 23:21:18","http://luzconsulting.com.br/PwYHUNre","offline","malware_download","emotet|exe|Heodo","luzconsulting.com.br","187.45.240.112","27715","BR" "2018-09-19 04:28:12","http://jpcaudio.com.br/INFO/En/4-Past-Due-Invoices","offline","malware_download","doc|emotet|epoch2|Heodo","jpcaudio.com.br","187.45.193.219","27715","BR" "2018-09-15 13:15:49","http://medcomerce.com.br/525UEEK/SWIFT/Smallbusiness","offline","malware_download","doc|emotet|heodo","medcomerce.com.br","187.45.240.74","27715","BR" "2018-09-14 11:58:40","http://www.toflyaviacao.com.br/includes/assets/imkesoso.bmp","offline","malware_download","doc|emotet","www.toflyaviacao.com.br","179.188.11.34","27715","BR" "2018-09-13 07:33:04","http://parubrasil.com.br/modules/ID.2314942267734319574126.php","offline","malware_download","DEU|Nymaim|zipped-MZ","parubrasil.com.br","187.45.240.115","27715","BR" "2018-09-13 07:27:34","http://fabriciomarcondes.com.br/NR.223331243110926307297.php","offline","malware_download","DEU|Nymaim|zipped-MZ","fabriciomarcondes.com.br","191.252.132.43","27715","BR" "2018-09-12 02:08:16","http://cdoconsult.com.br/4314WNYRN/SWIFT/US/","offline","malware_download","doc|emotet|epoch2|Heodo","cdoconsult.com.br","191.252.106.86","27715","BR" "2018-09-11 15:44:05","http://cdoconsult.com.br/4314WNYRN/SWIFT/US","offline","malware_download","doc|emotet|Heodo","cdoconsult.com.br","191.252.106.86","27715","BR" "2018-09-01 12:07:41","http://equilibriummedical.com.br/2260294-5659-34328-BILL.zip","offline","malware_download","DEU|Nymaim","equilibriummedical.com.br","179.188.11.47","27715","BR" "2018-08-30 06:37:52","http://perfilpesquisas.com.br/DOC/En/Invoice-0086009","offline","malware_download","doc|emotet|epoch2","perfilpesquisas.com.br","186.202.59.82","27715","BR" "2018-08-30 06:35:21","http://cref19.org.br/4079904H/WIRE/US/","offline","malware_download","doc|emotet|epoch2","cref19.org.br","191.252.140.11","27715","BR" "2018-08-29 15:27:10","http://showbigproducts.com/Aug2018/US/Document-needed","offline","malware_download","doc|emotet|Heodo","showbigproducts.com","191.252.143.29","27715","BR" "2018-08-29 09:12:16","http://perfilpesquisas.com.br/8oKnqiidQy/","offline","malware_download","exe|Heodo","perfilpesquisas.com.br","186.202.59.82","27715","BR" "2018-08-29 05:16:00","http://cref19.org.br/4079904H/WIRE/US","offline","malware_download","doc|emotet|epoch2|Heodo","cref19.org.br","191.252.140.11","27715","BR" "2018-08-27 15:57:10","http://perfilpesquisas.com.br/8oKnqiidQy","offline","malware_download","emotet|epoch1|exe|Heodo","perfilpesquisas.com.br","186.202.59.82","27715","BR" "2018-08-24 10:19:31","http://imprep.org/peru/newsletter/US_us/Open-invoices","offline","malware_download","doc|emotet|heodo","imprep.org","186.202.153.34","27715","BR" "2018-08-18 04:49:32","http://ftflogistica.com.br/Wellsfargo/Business/Aug-15-2018/","offline","malware_download","doc","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-17 18:55:32","http://sobrasa.com.br/5936WW/identity/Business","offline","malware_download","doc|emotet|Heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-08-17 18:54:16","http://ftflogistica.com.br/Wellsfargo/Business/Aug-15-2018","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-17 05:44:06","http://assoaresadvocacia.com.br/hNY/","offline","malware_download","Emotet|exe|Heodo","assoaresadvocacia.com.br","191.252.139.245","27715","BR" "2018-08-17 03:34:33","http://construindo2016.com/30PERWOLQ/biz/Personal","offline","malware_download","doc|emotet|Heodo","construindo2016.com","186.202.161.30","27715","BR" "2018-08-17 03:34:02","http://belvedereplantas.com.br/Wellsfargo/US/Aug-14-2018/","offline","malware_download","doc|emotet|Heodo","belvedereplantas.com.br","186.202.161.167","27715","BR" "2018-08-16 23:22:11","http://musicalchorus.com.br/6Ez","offline","malware_download","emotet|exe|Heodo","musicalchorus.com.br","191.252.140.88","27715","BR" "2018-08-16 08:55:13","http://assoaresadvocacia.com.br/hNY","offline","malware_download","emotet|exe|Heodo","assoaresadvocacia.com.br","191.252.139.245","27715","BR" "2018-08-16 08:24:12","http://191.252.201.120/uiosdfoiusdffs/lg1msizbff.zip","offline","malware_download","banker|bxor0x91|exe|zip","191.252.201.120","191.252.201.120","27715","BR" "2018-08-16 08:24:05","http://191.252.201.120/uiosdfoiusdffs/NqN5X.php?jDKI=j7jS3vQ46CgJ2VUBuxFWbgfmJ2WSFHeZhbvVUhlbcOddNfcTQ","offline","malware_download","downloader|ps","191.252.201.120","191.252.201.120","27715","BR" "2018-08-15 04:23:08","http://ajaelias.com.br/doc/US_us/OVERDUE-ACCOUNT/Invoice-020691/","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","191.252.134.85","27715","BR" "2018-08-15 02:34:26","http://sinavia.com/WellsFargo/Commercial/Aug-13-2018/","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR" "2018-08-15 02:30:37","http://ebrats.com.br/WellsFargo/Commercial/Aug-14-2018/","offline","malware_download","doc|emotet|Heodo","ebrats.com.br","186.202.153.87","27715","BR" "2018-08-15 02:29:29","http://casulotecidos.com.br/WellsFargo/Smallbusiness/Aug-13-2018/","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR" "2018-08-14 20:18:33","http://ajaelias.com.br/doc/US_us/OVERDUE-ACCOUNT/Invoice-020691","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","191.252.134.85","27715","BR" "2018-08-14 20:18:17","http://ebrats.com.br/WellsFargo/Commercial/Aug-14-2018","offline","malware_download","doc|emotet|Heodo","ebrats.com.br","186.202.153.87","27715","BR" "2018-08-14 08:01:14","http://casulotecidos.com.br/WellsFargo/Smallbusiness/Aug-13-2018","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR" "2018-08-14 08:01:07","http://sinavia.com/WellsFargo/Commercial/Aug-13-2018","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR" "2018-08-14 04:29:02","http://sinavia.com/5TWWDOC/VMV86483751DJQ/Aug-09-2018-256475/READ-TOCX-Aug-09-2018/","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR" "2018-08-14 04:23:46","http://houselight.com.br/626GACH/ZRN300754657BY/Aug-10-2018-29141182/KH-WYNW/","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-08-14 04:22:56","http://ftflogistica.com.br/doc/EN_en/Invoice/ACCOUNT50682788/","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-14 04:21:01","http://casulotecidos.com.br/2TNWPAYMENT/RWO41379704995FSO/0671153094/GFG-NJHUP-Aug-10-2018/","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR" "2018-08-14 04:19:34","http://belvedereplantas.com.br/2NRINFO/XAKO9261484012KIJ/46070955/GSR-CVHJ-Aug-11-2018/","offline","malware_download","doc|emotet|Heodo","belvedereplantas.com.br","186.202.161.167","27715","BR" "2018-08-14 04:18:33","http://ajaelias.com.br/5QRFILE/GYD35103839192LBQ/Aug-08-2018-6412271/PT-VYCZO-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","191.252.134.85","27715","BR" "2018-08-13 22:22:37","http://www.sindquimsuzano.com.br/doc/En_us/INVOICES/INV87898981571/","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR" "2018-08-13 22:22:35","http://www.sindquimsuzano.com.br/default/EN_en/OVERDUE-ACCOUNT/Invoice-08-13-18/","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR" "2018-08-13 22:13:52","http://ftflogistica.com.br/sites/En/Open-invoices/Invoice-732806/","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-13 22:11:20","http://celestemodas.com.br/7JWKDownload/VP33800210738ORQBI/7553573/CZF-SQBI-Aug-10-2018/","offline","malware_download","doc|emotet|Heodo","celestemodas.com.br","186.202.153.197","27715","BR" "2018-08-13 22:11:12","http://casulotecidos.com.br/68XCARD/ONYJ81715765VLSGZG/07924528/MVKU-QDU-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR" "2018-08-13 22:11:10","http://casulotecidos.com.br/2TNWPAYMENT/RWO41379704995FSO/0671153094/GFG-NJHUP-Aug-10-2018","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR" "2018-08-13 19:31:54","http://ftflogistica.com.br/doc/EN_en/Invoice/ACCOUNT50682788","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-13 19:31:45","http://www.sindquimsuzano.com.br/default/EN_en/OVERDUE-ACCOUNT/Invoice-08-13-18","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR" "2018-08-13 12:48:44","http://belvedereplantas.com.br/2NRINFO/XAKO9261484012KIJ/46070955/GSR-CVHJ-Aug-11-2018","offline","malware_download","doc|emotet|Heodo","belvedereplantas.com.br","186.202.161.167","27715","BR" "2018-08-10 12:26:35","http://ftflogistica.com.br/sites/En/Open-invoices/Invoice-732806","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-10 09:45:36","http://celestemodas.com.br/7JWKDownload/VP33800210738ORQBI/7553573/CZF-SQBI-Aug-10-2018","offline","malware_download","doc|emotet|Heodo","celestemodas.com.br","186.202.153.197","27715","BR" "2018-08-10 04:24:36","http://www.sindquimsuzano.com.br/doc/En_us/INVOICES/INV87898981571","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR" "2018-08-10 04:23:21","http://vitoriaregiagarden.com.br/wp-content/uploads/ACH/YWV39231303VRWMBO/Aug-08-2018-8421203576/ZFBK-PJFZ/","offline","malware_download","doc|emotet|Heodo","vitoriaregiagarden.com.br","191.252.127.4","27715","BR" "2018-08-10 04:23:00","http://uniaomaster.com.br/files/En/Aug2018/INV0541193329768","offline","malware_download","doc|emotet|Heodo","uniaomaster.com.br","186.202.153.139","27715","BR" "2018-08-10 04:23:00","http://uniaomaster.com.br/files/En/Aug2018/INV0541193329768/","offline","malware_download","doc|emotet|Heodo","uniaomaster.com.br","186.202.153.139","27715","BR" "2018-08-10 04:21:32","http://sinavia.com/5TWWDOC/VMV86483751DJQ/Aug-09-2018-256475/READ-TOCX-Aug-09-2018","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR" "2018-08-10 04:18:52","http://houselight.com.br/Download/MI04719206570OPCDBO/2200829/BTYG-PTKST/","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-08-10 04:18:49","http://houselight.com.br/626GACH/ZRN300754657BY/Aug-10-2018-29141182/KH-WYNW","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-08-10 04:14:38","http://ajaelias.com.br/5QRFILE/GYD35103839192LBQ/Aug-08-2018-6412271/PT-VYCZO-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","191.252.134.85","27715","BR" "2018-08-09 10:07:14","http://ftflogistica.com.br/482","offline","malware_download","emotet|exe|heodo","ftflogistica.com.br","186.202.153.6","27715","BR" "2018-08-09 05:49:20","http://sobrasa.com.br/3KACH/ZF216808ZJT/Aug-08-2018-30305149552/TJGW-SNFG","offline","malware_download","doc|emotet|Heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-08-09 05:47:46","http://vitoriaregiagarden.com.br/wp-content/uploads/ACH/YWV39231303VRWMBO/Aug-08-2018-8421203576/ZFBK-PJFZ","offline","malware_download","doc|emotet|Heodo","vitoriaregiagarden.com.br","191.252.127.4","27715","BR" "2018-08-09 05:46:42","http://sobrasa.com.br/Aug2018/US/Change-of-Address/","offline","malware_download","Heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-08-09 05:17:37","http://sinavia.com/PAYMENT/XFVC1065269365TELI/Aug-07-2018-9035450631/BET-IMXLR/","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR" "2018-08-08 16:30:52","http://casulotecidos.com.br/68XCARD/ONYJ81715765VLSGZG/07924528/MVKU-QDU-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR" "2018-08-08 10:20:12","http://sinavia.com/PAYMENT/XFVC1065269365TELI/Aug-07-2018-9035450631/BET-IMXLR","offline","malware_download","doc|emotet|heodo","sinavia.com","186.202.153.43","27715","BR" "2018-08-08 07:31:33","http://www.sindquimsuzano.com.br/PAYMENT/ZZN34252G/Aug-07-2018-4493466/HUL-GSMU","offline","malware_download","doc|emotet|heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR" "2018-08-08 07:31:12","http://www.antenasartori.com.br/Download/MOP5109377PPFB/Aug-07-2018-7094725027/PY-YBHU-Aug-07-2018","offline","malware_download","doc|emotet|heodo","www.antenasartori.com.br","187.45.193.203","27715","BR" "2018-08-08 05:54:24","http://www.antenasartori.com.br:7080/Download/MOP5109377PPFB/Aug-07-2018-7094725027/PY-YBHU-Aug-07-2018/","offline","malware_download","doc|emotet|Heodo","www.antenasartori.com.br","187.45.193.203","27715","BR" "2018-08-08 05:51:00","http://piramidehotel.com.br/Corporation/KSCX337324WTFUXG/4271439677/LPV-HLNSJ/","offline","malware_download","doc|emotet|Heodo","piramidehotel.com.br","186.202.153.12","27715","BR" "2018-08-08 05:49:54","http://houselight.com.br/Download/MI04719206570OPCDBO/2200829/BTYG-PTKST","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-08-08 05:07:24","http://www.sindquimsuzano.com.br/PAYMENT/ZZN34252G/Aug-07-2018-4493466/HUL-GSMU/","offline","malware_download","doc|emotet|heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR" "2018-08-07 10:26:09","http://suzyvieira.com.br/PAYMENT/OG02513570082Z/19616/IWQS-VQXU","offline","malware_download","doc|emotet|heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-08-07 06:06:07","http://sobrasa.com.br/Aug2018/US/Change-of-Address","offline","malware_download","doc|emotet|Heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-08-07 06:05:48","http://sp3.com.br/LLC/EQFY547003744IJDR/15992133/GOS-RVL","offline","malware_download","doc|emotet|Heodo","sp3.com.br","191.252.51.23","27715","BR" "2018-08-06 14:39:16","http://piramidehotel.com.br/DHL-Tracking/En/","offline","malware_download","doc|emotet|heodo","piramidehotel.com.br","186.202.153.12","27715","BR" "2018-08-03 05:14:35","http://houselight.com.br/default/EN_en/Payment-enclosed","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-08-03 05:14:25","http://ccsweb.com.br/default/EN_en/Change-of-Address","offline","malware_download","doc|emotet|Heodo","ccsweb.com.br","191.252.141.226","27715","BR" "2018-08-03 04:24:06","http://ccsweb.com.br/default/EN_en/Change-of-Address/","offline","malware_download","doc|emotet|Heodo","ccsweb.com.br","191.252.141.226","27715","BR" "2018-08-02 03:31:55","http://houselight.com.br/default/EN_en/Payment-enclosed/","offline","malware_download","doc|emotet|epoch2|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-08-01 17:38:55","http://suzyvieira.com.br/qkI5","offline","malware_download","emotet|exe|Fuery|Heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-08-01 16:11:30","http://fabriciomarcondes.com.br/default/Rech/DETAILS/RechnungScan-QIF-46-25314/","offline","malware_download","doc|emotet|epoch2|Heodo","fabriciomarcondes.com.br","191.252.132.43","27715","BR" "2018-08-01 04:05:12","http://vitoriaregiagarden.com.br/wp-content/uploads/files/US/New-Address/","offline","malware_download","doc|emotet|epoch2|Heodo","vitoriaregiagarden.com.br","191.252.127.4","27715","BR" "2018-07-31 19:19:39","http://www.antenasartori.com.br:7080/sites/EN_en/Address-Changed/","offline","malware_download","doc|emotet|epoch2|Heodo","www.antenasartori.com.br","187.45.193.203","27715","BR" "2018-07-31 12:14:04","http://canevazzi.com.br/R7v/","offline","malware_download","Emotet|exe|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-31 09:20:06","http://canevazzi.com.br/R7v","offline","malware_download","cloxer|exe|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-30 17:52:10","http://sobrasa.com.br/DHL-Express/EN_en/","offline","malware_download","doc|emotet|epoch2|Heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-07-30 17:51:04","http://ccsweb.com.br/sites/US_us/INVOICES/Invoice-7727366/","offline","malware_download","doc|emotet|epoch2|Heodo","ccsweb.com.br","191.252.141.226","27715","BR" "2018-07-30 15:32:19","http://sp3.com.br/jmkeiuuid/doc/En_us/INVOICE-STATUS/Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","sp3.com.br","191.252.51.23","27715","BR" "2018-07-27 04:08:14","http://sobrasa.com.br/DHL-Express/US_us/","offline","malware_download","doc|emotet|epoch2|Heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-07-26 03:56:44","http://sp3.com.br/doc/En/Open-invoices/Invoice-05569/","offline","malware_download","doc|emotet|epoch2|Heodo","sp3.com.br","191.252.51.23","27715","BR" "2018-07-24 05:30:01","http://canevazzi.com.br/Jul2018/US_us/Purchase/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-21 08:09:41","http://sobrasa.com.br/files/US_us/ACCOUNT/HRI-Monthly-Invoice","offline","malware_download","doc|emotet|heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-07-21 08:05:54","http://canevazzi.com.br/Jul2018/En/STATUS/invoice","offline","malware_download","doc|emotet|heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-20 03:45:16","http://www.chalesmontanha.com/newsletter/En/Client/Customer-Invoice-EY-0944105/","offline","malware_download","doc|emotet|epoch2|Heodo","www.chalesmontanha.com","191.252.116.193","27715","BR" "2018-07-20 03:42:53","http://ccsweb.com.br/newsletter/US/DOC/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|epoch2|Heodo","ccsweb.com.br","191.252.141.226","27715","BR" "2018-07-20 03:00:25","http://suzyvieira.com.br/Facturas-documentos/","offline","malware_download","doc|emotet|epoch1|Heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-07-19 14:11:26","http://assoaresadvocacia.com.br/pdf/En_us/FILE/Account-65320/","offline","malware_download","Heodo","assoaresadvocacia.com.br","191.252.139.245","27715","BR" "2018-07-19 08:33:05","http://ernandesoliveira.adv.br/ds/nowdone.exe","offline","malware_download","AgentTesla|exe","ernandesoliveira.adv.br","191.252.140.213","27715","BR" "2018-07-19 07:10:35","http://assoaresadvocacia.com.br/pdf/En_us/FILE/Account-65320","offline","malware_download","doc|emotet|heodo","assoaresadvocacia.com.br","191.252.139.245","27715","BR" "2018-07-18 13:13:30","http://assoaresadvocacia.com.br/sites/En/OVERDUE-ACCOUNT/Services-07-18-18-New-Customer-CH/","offline","malware_download","doc|emotet|heodo","assoaresadvocacia.com.br","191.252.139.245","27715","BR" "2018-07-17 23:13:08","http://canevazzi.com.br/Facturation/","offline","malware_download","doc|emotet|epoch1|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-17 21:39:10","http://sobrasa.com.br/newsletter/En/DOC/Order-21655369588/","offline","malware_download","doc|emotet|heodo","sobrasa.com.br","191.252.51.61","27715","BR" "2018-07-17 13:50:09","http://suzyvieira.com.br/sites/US/Purchase/Invoices/","offline","malware_download","doc|emotet|heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-07-17 00:27:29","http://canevazzi.com.br/sites/En/Client/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-16 21:32:43","http://www.coimbragarcia.adv.br/Borradores-documentos-07/","offline","malware_download","doc|emotet|epoch1|Heodo","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-07-16 20:29:09","http://canevazzi.com.br/sites/En/Client/Auditor-of-State-Notification-of-EFT-Deposit","offline","malware_download","doc|emotet|heodo","canevazzi.com.br","191.252.137.134","27715","BR" "2018-07-15 03:47:09","http://coimbragarcia.adv.br/d3E9hBv/","offline","malware_download","","coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-07-13 13:26:38","http://habicamp.com.br/newsletter/US/Client/Invoice-3720552/","offline","malware_download","doc|emotet|heodo","habicamp.com.br","191.252.122.29","27715","BR" "2018-07-13 12:09:16","http://antenasartori.com.br/pdf/US/Order/Account-97528/","offline","malware_download","Heodo","antenasartori.com.br","187.45.193.203","27715","BR" "2018-07-13 10:00:12","http://assoaresadvocacia.com.br/newsletter/En_us/Statement/Please-pull-invoice-345836/","offline","malware_download","doc|emotet|Heodo","assoaresadvocacia.com.br","191.252.139.245","27715","BR" "2018-07-13 07:13:53","http://www.antenasartori.com.br/pdf/US/Order/Account-97528/","offline","malware_download","doc|emotet|heodo","www.antenasartori.com.br","187.45.193.203","27715","BR" "2018-07-13 02:50:44","http://www.neoluz.com.br/Nuevos-acuerdos-07/","offline","malware_download","doc|emotet|epoch1|Heodo","www.neoluz.com.br","179.188.11.37","27715","BR" "2018-07-12 23:48:06","http://www.coimbragarcia.adv.br/d3E9hBv/","offline","malware_download","emotet|epoch1|Heodo|payload","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-07-12 02:38:59","http://www.stocusservices.com.br/pdf/EN_en/ACCOUNT/HRI-Monthly-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.stocusservices.com.br","191.252.4.25","27715","BR" "2018-07-12 02:36:15","http://stocusservices.com.br/pdf/EN_en/ACCOUNT/HRI-Monthly-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","stocusservices.com.br","191.252.4.25","27715","BR" "2018-07-11 22:04:04","http://aanima.com.br/Invoice-for-sent/","offline","malware_download","doc|emotet|epoch1|Heodo","aanima.com.br","191.252.134.32","27715","BR" "2018-07-11 15:35:34","http://ecomidias.com.br/sites/DE_de/RECH/Rechnung-fur-Dienstleistungen-GPO-28-60550/","offline","malware_download","doc|emotet|heodo","ecomidias.com.br","201.76.51.228","27715","BR" "2018-07-11 12:47:29","http://www.rafatelles.com/doc/En_us/DOC/Invoice-0994427/","offline","malware_download","doc|emotet|Heodo","www.rafatelles.com","191.252.51.217","27715","BR" "2018-07-11 04:17:21","http://www.trja.org.br/doc/En/FILE/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|epoch2","www.trja.org.br","191.252.107.7","27715","BR" "2018-07-11 04:17:09","http://www.tanker.com.br/newsletter/EN_en/Payment-and-address/Invoice-6644436632-07-09-2018/","offline","malware_download","doc|emotet|epoch2","www.tanker.com.br","187.45.195.184","27715","BR" "2018-07-11 04:11:28","http://www.antenasartori.com.br/Jul2018/Rechnungs-Details/RECHNUNG/Hilfestellung-zu-Ihrer-Rechnung-Nr091428/","offline","malware_download","doc|emotet|epoch2|Heodo","www.antenasartori.com.br","187.45.193.203","27715","BR" "2018-07-11 04:04:42","http://antenasartori.com.br:7080/Jul2018/Rechnungs-Details/RECHNUNG/Hilfestellung-zu-Ihrer-Rechnung-Nr091428/","offline","malware_download","doc|emotet|epoch2|Heodo","antenasartori.com.br","187.45.193.203","27715","BR" "2018-07-11 04:00:17","http://www.immobrasil.com.br/Pagada-Invocacion-Recibo/","offline","malware_download","doc|emotet|epoch1","www.immobrasil.com.br","191.252.107.7","27715","BR" "2018-07-11 03:59:34","http://www.floripameuamor.com.br/Open-invoices/","offline","malware_download","doc|emotet|epoch1","www.floripameuamor.com.br","191.252.107.7","27715","BR" "2018-07-11 03:59:21","http://www.coimbragarcia.adv.br/Available-invoices/","offline","malware_download","doc|emotet|epoch1","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-07-11 03:55:48","http://floripameuamor.com.br/Open-invoices/","offline","malware_download","doc|emotet|epoch1","floripameuamor.com.br","191.252.107.7","27715","BR" "2018-07-10 05:06:23","http://www.segmaster.pagina-oficial.ws/sites/En/Purchase/Invoice-94754212-070918/","offline","malware_download","doc|emotet|heodo","www.segmaster.pagina-oficial.ws","201.76.51.228","27715","BR" "2018-07-10 05:06:17","http://www.missaost.com.br/files/En_us/FILE/Payment/","offline","malware_download","doc|emotet|heodo","www.missaost.com.br","187.45.195.19","27715","BR" "2018-07-09 20:59:42","http://segmaster.pagina-oficial.ws/sites/En/Purchase/Invoice-94754212-070918/","offline","malware_download","Heodo","segmaster.pagina-oficial.ws","201.76.51.228","27715","BR" "2018-07-09 16:34:59","http://interfrazao.com.br/pdf/En/DOC/Past-Due-invoice/","offline","malware_download","Heodo","interfrazao.com.br","186.202.153.12","27715","BR" "2018-07-09 12:07:53","http://www.interfrazao.com.br/pdf/En/DOC/Past-Due-invoice/","offline","malware_download","doc|emotet|Heodo","www.interfrazao.com.br","186.202.153.12","27715","BR" "2018-07-07 04:54:19","http://coimbragarcia.adv.br/ihyXDn3hHe/","offline","malware_download","Heodo","coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-07-06 09:43:05","http://www.coimbragarcia.adv.br/ihyXDn3hHe/","offline","malware_download","emotet|exe|heodo","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-07-06 07:02:19","http://www.tanker.com.br/Independence-Day-Greetings/","offline","malware_download","doc|emotet|heodo","www.tanker.com.br","187.45.195.184","27715","BR" "2018-07-06 05:11:13","http://www.missaost.com.br/US_us/Jul2018/Payment/","offline","malware_download","doc|emotet|heodo","www.missaost.com.br","187.45.195.19","27715","BR" "2018-07-05 12:51:04","http://interfrazao.com.br/Zgv18b/","offline","malware_download","Heodo","interfrazao.com.br","186.202.153.12","27715","BR" "2018-07-05 11:08:11","http://www.interfrazao.com.br/Zgv18b/","offline","malware_download","Emotet|exe|Heodo","www.interfrazao.com.br","186.202.153.12","27715","BR" "2018-07-05 10:58:00","http://www.rafatelles.com/US/Purchase/INV672618626152552706/","offline","malware_download","doc|emotet|Heodo","www.rafatelles.com","191.252.51.217","27715","BR" "2018-07-05 07:10:19","http://www.ubercentral.com.br/EN_en/Purchase/824318/","offline","malware_download","doc|emotet|heodo","www.ubercentral.com.br","186.202.153.85","27715","BR" "2018-07-04 16:01:38","http://escoladeemagrecimento.com.br/jl/","offline","malware_download","emotet|heodo","escoladeemagrecimento.com.br","186.202.153.154","27715","BR" "2018-07-04 14:18:06","http://www.escoladeemagrecimento.com.br/jl/","offline","malware_download","emotet|exe|Heodo","www.escoladeemagrecimento.com.br","186.202.153.154","27715","BR" "2018-07-04 05:52:23","http://segmaster.pagina-oficial.ws/IndependenceDay2018/","offline","malware_download","doc|emotet|epoch2|Heodo","segmaster.pagina-oficial.ws","201.76.51.228","27715","BR" "2018-07-03 18:51:14","http://www.tanker.com.br/US/Statement/invoice/","offline","malware_download","doc|emotet|heodo","www.tanker.com.br","187.45.195.184","27715","BR" "2018-07-03 16:45:13","http://hereford.com.br/Skype.exe","offline","malware_download","Emotet|exe","hereford.com.br","187.45.193.171","27715","BR" "2018-07-02 22:06:05","http://missaost.com.br/En/Client/Account-98291/","offline","malware_download","doc|emotet|epoch2|Heodo","missaost.com.br","187.45.195.19","27715","BR" "2018-07-02 21:29:54","http://www.ubercentral.com.br/EN_en/Statement/New-Invoice-IA16873-YR-27079/","offline","malware_download","doc|emotet|heodo","www.ubercentral.com.br","186.202.153.85","27715","BR" "2018-07-02 16:26:44","http://houselight.com.br/Greeting-Cards/","offline","malware_download","doc|emotet|heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-07-02 16:13:02","http://aanima.com.br/Factura/","offline","malware_download","doc|emotet|epoch1|Heodo","aanima.com.br","191.252.134.32","27715","BR" "2018-07-02 14:52:08","http://www.sstudio.com.br:7080/STATUS/Invoice-562724/","offline","malware_download","doc|emotet|epoch2|Heodo","www.sstudio.com.br","191.252.51.215","27715","BR" "2018-06-30 06:26:02","http://www.sstudio.com.br/STATUS/Invoice-562724","offline","malware_download","emotet|heodo","www.sstudio.com.br","191.252.51.215","27715","BR" "2018-06-30 06:02:59","http://cnctechservicos.com.br/FILE/HRI-Monthly-Invoice","offline","malware_download","emotet|heodo","cnctechservicos.com.br","191.252.51.15","27715","BR" "2018-06-29 21:57:07","http://aanima.com.br/Formulario-factura/","offline","malware_download","doc|emotet|epoch1|Heodo","aanima.com.br","191.252.134.32","27715","BR" "2018-06-26 13:14:33","http://coimbragarcia.adv.br/Facturas-vencidas","offline","malware_download","emotet|Heodo","coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-06-26 04:47:48","http://cnctechservicos.com.br/FILE/HRI-Monthly-Invoice/","offline","malware_download","emotet|heodo","cnctechservicos.com.br","191.252.51.15","27715","BR" "2018-06-25 15:45:16","http://houselight.com.br/Facturas/","offline","malware_download","doc|emotet|epoch1|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-06-25 15:39:10","http://www.coimbragarcia.adv.br/Facturas-vencidas/","offline","malware_download","doc|emotet|epoch1|Heodo","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-06-23 06:08:09","http://www.robotizando.com.br/images/conteudo/RECH/Rechnung-fur-Zahlung-099=","offline","malware_download","emotet","www.robotizando.com.br","186.202.165.29","27715","BR" "2018-06-22 18:07:05","http://cnctechservicos.com.br/INVOICE-STATUS/Invoice/","offline","malware_download","doc|emotet|Heodo","cnctechservicos.com.br","191.252.51.15","27715","BR" "2018-06-22 07:27:23","http://www.robotizando.com.br/images/conteudo/RECH/Rechnung-fur-Zahlung-09930/","offline","malware_download","","www.robotizando.com.br","186.202.165.29","27715","BR" "2018-06-21 13:02:17","http://lejoliedoces.com.br/Zahlung/Erinnerung-an-die-Rechnungszahlung","offline","malware_download","emotet|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-20 18:32:38","http://operahaus.com.br/STATUS/Invoices/","offline","malware_download","emotet|Heodo","operahaus.com.br","186.202.153.192","27715","BR" "2018-06-20 14:24:13","http://saaeita.mg.gov.br/Rechnungsanschrift-korrigiert/","offline","malware_download","Heodo","saaeita.mg.gov.br","186.202.153.171","27715","BR" "2018-06-20 05:39:09","http://saaeita.mg.gov.br/Rechnungsanschrift-korrigiert","offline","malware_download","emotet|Heodo","saaeita.mg.gov.br","186.202.153.171","27715","BR" "2018-06-20 00:09:27","http://www.saaeita.mg.gov.br/Rechnungsanschrift-korrigiert/","offline","malware_download","doc|emotet|epoch1|Heodo","www.saaeita.mg.gov.br","186.202.153.171","27715","BR" "2018-06-18 18:33:05","http://operahaus.com.br/Zahlungserinnerung/Ihre-Rechnung/","offline","malware_download","doc|Emotet|Heodo","operahaus.com.br","186.202.153.192","27715","BR" "2018-06-18 16:16:21","http://houselight.com.br/Jun2018/Invoice-45490/","offline","malware_download","AgentTesla|doc|emotet|epoch2|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-06-18 15:08:07","http://betaborrachas.com.br/site/Jun2018/Services-06-18-18-New-Customer-CL/","offline","malware_download","doc|emotet|epoch1|Heodo","betaborrachas.com.br","191.252.46.2","27715","BR" "2018-06-18 14:03:12","http://www.betaborrachas.com.br/site/Jun2018/Services-06-18-18-New-Customer-CL/","offline","malware_download","doc|emotet|heodo","www.betaborrachas.com.br","191.252.46.2","27715","BR" "2018-06-18 12:20:03","http://lejoliedoces.com.br/Zahlung/Erinnerung-an-die-Rechnungszahlung/","offline","malware_download","AgentTesla|doc|emotet|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-15 21:58:09","http://lejoliedoces.com.br/oRRLWl4P/","offline","malware_download","emotet|epoch2|Heodo|payload","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-15 18:30:37","http://suzyvieira.com.br/IRS-TRANSCRIPTS-051A/57/","offline","malware_download","Emotet|Heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-06-15 15:42:14","http://sp3.com.br/UPS-Ship-Notification/Feb-23-18-06-52-04/","offline","malware_download","Heodo","sp3.com.br","191.252.51.23","27715","BR" "2018-06-15 15:26:04","http://biagioturbos.com/SSI-95-83392-document-May-04-2017/","offline","malware_download","Emotet|Heodo","biagioturbos.com","191.252.4.20","27715","BR" "2018-06-15 14:29:09","http://www.coimbragarcia.adv.br/IRS-Tax-Transcipts-June-2018-017/35/","offline","malware_download","doc|emotet|epoch1","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-06-15 00:40:53","http://pancristal.com.br/wp-content/INCORRECT-INVOICE/","offline","malware_download","Heodo","pancristal.com.br","186.202.150.223","27715","BR" "2018-06-15 00:40:41","http://ifcc.org.br/wp-content/Mar-15-09-45-02/View/","offline","malware_download","Heodo","ifcc.org.br","191.252.95.130","27715","BR" "2018-06-14 15:42:08","http://tbase.com.br/IRS-Transcripts-June-2018-070U/1/","offline","malware_download","doc|emotet|epoch1|Heodo","tbase.com.br","186.202.153.160","27715","BR" "2018-06-14 14:46:10","http://betaborrachas.com.br/site/STATUS/Invoice-489183/","offline","malware_download","doc|emotet|epoch1|Heodo","betaborrachas.com.br","191.252.46.2","27715","BR" "2018-06-14 11:19:06","http://houselight.com.br/6ROEQfpdJJ/","offline","malware_download","emotet|epoch2|Heodo|payload","houselight.com.br","187.45.193.168","27715","BR" "2018-06-14 06:01:23","http://lejoliedoces.com.br/IRS-Transcripts-2188","offline","malware_download","doc|emotet|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-13 10:54:18","http://www.coimbragarcia.adv.br/Client/Customer-Invoice-IV-35356310/","offline","malware_download","doc|emotet|epoch1|Heodo","www.coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-06-13 10:54:05","http://suzyvieira.com.br/IRS-Transcripts-062018-03/19/","offline","malware_download","doc|emotet|epoch1|Heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-06-12 18:25:14","http://www.adcanudosnh.com.br/IRS-Accounts-Transcipts-430/","offline","malware_download","doc|emotet|epoch1|Formbook|Heodo","www.adcanudosnh.com.br","191.252.96.224","27715","BR" "2018-06-12 13:57:17","http://houselight.com.br/IRS-Accounts-Transcipts-078E/65/","offline","malware_download","doc|emotet|Formbook|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-06-11 22:13:04","http://tbase.com.br/IRS-Letters-09D/34/","offline","malware_download","doc|emotet|epoch1|Formbook|Heodo","tbase.com.br","186.202.153.160","27715","BR" "2018-06-11 19:25:05","http://operahaus.com.br/IRS-TRANSCRIPTS-June-2018-051V/8/","offline","malware_download","doc|emotet|epoch2|Heodo","operahaus.com.br","186.202.153.192","27715","BR" "2018-06-11 19:09:11","http://lejoliedoces.com.br/IRS-Transcripts-032/86/","offline","malware_download","doc|emotet|epoch2|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-08 18:16:08","http://drees.com.br/K102wPE/","offline","malware_download","emotet|epoch1|Heodo|payload","drees.com.br","186.202.153.38","27715","BR" "2018-06-08 15:49:05","http://lejoliedoces.com.br/FILE/Pay-Invoice/","offline","malware_download","doc|emotet|epoch1|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-08 15:10:06","http://suzyvieira.com.br/ACCOUNT/Invoice-77118650-Invoice-date-060818-Order-no-8445261771/","offline","malware_download","doc|emotet|epoch1|Heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-06-07 14:11:33","http://coimbragarcia.adv.br/RECHNUNG/Fakturierung-Nr022859/","offline","malware_download","Heodo","coimbragarcia.adv.br","191.252.136.85","27715","BR" "2018-06-06 14:43:09","http://tbase.com.br/ups.com/WebTracking/HS-69328588545/","offline","malware_download","doc|emotet|Heodo","tbase.com.br","186.202.153.160","27715","BR" "2018-06-05 16:40:06","http://operahaus.com.br/Rechnungsanschrift/Rechnungs-Details-Nr077689/","offline","malware_download","doc|emotet|Heodo","operahaus.com.br","186.202.153.192","27715","BR" "2018-06-05 13:39:05","http://tbase.com.br/Fact/","offline","malware_download","doc|emotet|Heodo","tbase.com.br","186.202.153.160","27715","BR" "2018-06-04 23:09:16","http://lejoliedoces.com.br/Fact/","offline","malware_download","doc|emotet|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-06-01 22:44:09","http://hereford.com.br/Wordpress.exe","offline","malware_download","downloader|exe","hereford.com.br","187.45.193.171","27715","BR" "2018-06-01 21:15:13","http://houselight.com.br/Open-invoices/","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-05-30 16:04:21","http://tbase.com.br/Facture-impayee/","offline","malware_download","doc|emotet|Heodo","tbase.com.br","186.202.153.160","27715","BR" "2018-05-30 15:37:59","http://houselight.com.br/ups.com/WebTracking/ZB-7357228373/","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-05-29 22:37:39","http://operahaus.com.br/Facturation/","offline","malware_download","doc|emotet|Heodo","operahaus.com.br","186.202.153.192","27715","BR" "2018-05-29 16:35:46","http://suzyvieira.com.br/css/Votre-facture/","offline","malware_download","doc|emotet|Heodo","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-05-24 08:08:29","http://drees.com.br/STATUS/Emailing-W391543GL-91423/","offline","malware_download","doc|emotet|heodo","drees.com.br","186.202.153.38","27715","BR" "2018-05-24 08:04:25","http://bernardesdias.com.br/Client/Please-pull-invoice-65078/","offline","malware_download","doc|emotet|heodo","bernardesdias.com.br","186.202.153.179","27715","BR" "2018-05-22 03:44:55","http://houselight.com.br/STATUS/Invoice-67059306-Invoice-date-052118-Order-no-95855818767/","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-05-18 10:43:43","http://houselight.com.br/9aHdtbVcfMn/","offline","malware_download","doc|emotet|Heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-05-18 10:40:55","http://drees.com.br/5c9BBizts6OXPI/","offline","malware_download","doc|emotet|Heodo","drees.com.br","186.202.153.38","27715","BR" "2018-05-18 10:38:51","http://lejoliedoces.com.br/1yiNOnAF3/","offline","malware_download","doc|emotet|Heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-05-17 18:52:58","http://bernardesdias.com.br/Tp3pGZcNeFgf/","offline","malware_download","doc|emotet|Heodo","bernardesdias.com.br","186.202.153.179","27715","BR" "2018-05-16 17:04:52","http://goncalvesguindastes.com.br/wp-content/themes/sketch/images/08e7d52e7a6a4f2cc1e06138e7fb7aa5.zip","offline","malware_download","downloader|zip","goncalvesguindastes.com.br","191.252.51.122","27715","BR" "2018-05-16 13:17:38","http://epraja1.com.br/HOkjTw/","offline","malware_download","emotet|Heodo","epraja1.com.br","186.202.153.66","27715","BR" "2018-05-16 05:07:04","http://dzain.com.br/BNT0qILqikoQ/","offline","malware_download","Heodo","dzain.com.br","186.202.153.66","27715","BR" "2018-05-14 18:40:19","http://ccsweb.com.br/tUMAyip/","offline","malware_download","doc|emotet|Heodo","ccsweb.com.br","191.252.141.226","27715","BR" "2018-05-10 19:32:05","http://canevazzi.com.br/V0Gy6muY8vIu/","offline","malware_download","doc|emotet","canevazzi.com.br","191.252.137.134","27715","BR" "2018-05-10 15:48:20","http://bernardesdias.com.br/ePtm5OgdH/","offline","malware_download","doc|emotet","bernardesdias.com.br","186.202.153.179","27715","BR" "2018-05-08 13:29:15","http://ccsweb.com.br/8PFNndSkq9cIsx/","offline","malware_download","doc|emotet","ccsweb.com.br","191.252.141.226","27715","BR" "2018-05-02 07:10:43","http://newsom.com.br/images/88875448ff3bca8b20674cc701f746bc.zip","offline","malware_download","Hancitor|zip","newsom.com.br","191.252.135.193","27715","BR" "2018-05-02 07:04:54","http://suzyvieira.com.br/images/9582e1b96b93050215aec3d7d5a6a44b.zip","offline","malware_download","Hancitor|zip","suzyvieira.com.br","191.252.139.42","27715","BR" "2018-04-13 04:40:32","http://epraja1.com.br/Service-Report-21597/","offline","malware_download","emotet doc","epraja1.com.br","186.202.153.66","27715","BR" "2018-04-10 18:03:48","http://houselight.com.br/Invoice-receipt/","offline","malware_download","doc|emotet|heodo","houselight.com.br","187.45.193.168","27715","BR" "2018-04-10 18:03:14","http://embark.com.br/Overdue-payment/","offline","malware_download","doc|emotet|heodo","embark.com.br","191.252.51.68","27715","BR" "2018-04-09 18:06:16","http://operahaus.com.br/Invoice/","offline","malware_download","doc|emotet|heodo","operahaus.com.br","186.202.153.192","27715","BR" "2018-04-09 18:04:13","http://lejoliedoces.com.br/Invoice-Number-579705/","offline","malware_download","doc|emotet|heodo","lejoliedoces.com.br","201.76.51.228","27715","BR" "2018-04-07 08:38:25","http://globebrazil.com/ACH-FORM/VP-33800210738603/","offline","malware_download","doc|emotet|heodo","globebrazil.com","186.202.153.46","27715","BR" "2018-04-03 10:41:49","http://bernardesdias.com.br/DM-477489400/","offline","malware_download","doc|emotet|heodo","bernardesdias.com.br","186.202.153.179","27715","BR" "2018-03-29 15:06:01","http://www.conteudo.acaogerencial.com.br/Document/Invoice/","offline","malware_download","doc|emotet|heodo","www.conteudo.acaogerencial.com.br","187.45.195.184","27715","BR" "2018-03-29 15:02:34","http://uvaeverde.com.br/INV/MZD-89990/","offline","malware_download","doc|emotet|heodo","uvaeverde.com.br","186.202.153.11","27715","BR" "2018-03-28 13:38:10","http://arpoar.com.br/INVOICE/KYE-17907458/","offline","malware_download","doc|emotet|heodo","arpoar.com.br","186.202.153.94","27715","BR" "2018-03-27 14:12:28","http://bumbo.com.br/oaoxov/","offline","malware_download","emotet|exe|heodo","bumbo.com.br","201.76.51.228","27715","BR" "2018-03-27 14:04:02","http://www.alfalub.com.br/j8KUUjy/","offline","malware_download","emotet|exe|heodo","www.alfalub.com.br","186.202.132.205","27715","BR" "2018-03-20 09:43:54","http://metasense.com.br/Outstanding-Invoices/","offline","malware_download","doc|emotet|heodo","metasense.com.br","186.202.153.227","27715","BR" # of entries: 1124