##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-07-11 10:25:27 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS27715
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-06-04 13:56:09","https://www.messias.org.br/tmp/ll/hta/f.het","offline","malware_download","","www.messias.org.br","186.202.153.146","27715","BR"
"2025-04-30 08:18:07","https://localbusineess.com.br/images/calculators.jpg","offline","malware_download","","localbusineess.com.br","186.202.157.79","27715","BR"
"2025-02-19 19:08:08","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1Framework.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:08","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1runpe.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:07","http://paradisoprovisor1.hospedagemdesites.ws/injcpa.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1invoke.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1load.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1method.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1msg.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1tronps1.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1type.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:06","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1xx.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:05","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1Execute.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:05","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1tronbat.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2025-02-19 19:08:05","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/1tronvbs.pdf","offline","malware_download","ascii","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2024-11-08 11:43:12","http://mail.drdanfe.com/clientela/Atualizador_Fiscal_NFe.msi","offline","malware_download","AteraAgent|msi","mail.drdanfe.com","201.76.51.228","27715","BR"
"2024-11-08 11:41:19","https://mail.drdanfe.com/clientela/Atualizador_Fiscal_NFe.msi","offline","malware_download","AteraAgent|msi","mail.drdanfe.com","201.76.51.228","27715","BR"
"2024-11-03 06:24:17","http://paradisoprovisor1.hospedagemdesites.ws/cpa.pdf","offline","malware_download","AsyncRAT|RAT","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2024-11-03 06:24:15","http://paradisoprovisor1.hospedagemdesites.ws/wp-admin/images/about-heade-about.svg","offline","malware_download","XWorm","paradisoprovisor1.hospedagemdesites.ws","186.202.153.185","27715","BR"
"2024-10-16 15:24:37","http://www.providence.net.br/arquivos/chat_suporte/update.zip","offline","malware_download","FlawedAmmyRAT","www.providence.net.br","187.45.193.168","27715","BR"
"2024-09-21 06:19:07","https://belapornatureza.com.br/wp-content/plugins/z-downloads/","offline","malware_download","BruteRatel","belapornatureza.com.br","187.45.240.64","27715","BR"
"2024-07-30 15:15:13","http://177.153.60.249/medium","offline","malware_download","exe|extracted|IDATDropper|lnk-commandline|LummaStealer","177.153.60.249","177.153.60.249","27715","BR"
"2024-07-05 12:08:11","http://l11196s.vps-kinghost.net/bot.arm7","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:11","http://l11196s.vps-kinghost.net/bot.mips","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:11","http://l11196s.vps-kinghost.net/bot.x86","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:11","http://l11196s.vps-kinghost.net/bot.x86_64","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:10","http://l11196s.vps-kinghost.net/bot.arm","offline","malware_download","elf|Mirai","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:10","http://l11196s.vps-kinghost.net/bot.arm5","offline","malware_download","elf|Mirai","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:10","http://l11196s.vps-kinghost.net/bot.arm6","offline","malware_download","elf|Mirai","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:09","http://l11196s.vps-kinghost.net/bot.m68k","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:09","http://l11196s.vps-kinghost.net/bot.mpsl","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:09","http://l11196s.vps-kinghost.net/bot.ppc","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-05 12:08:08","http://l11196s.vps-kinghost.net/bot.sh4","offline","malware_download","elf","l11196s.vps-kinghost.net","189.126.106.199","27715","BR"
"2024-07-03 05:24:13","http://189.126.106.199/bot.arm5","offline","malware_download","elf|Mirai","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:24:12","http://189.126.106.199/bot.arm","offline","malware_download","elf|Mirai","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:24:12","http://189.126.106.199/bot.arm6","offline","malware_download","elf|Mirai","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:25","http://189.126.106.199/bot.mips","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:21","http://189.126.106.199/bot.x86_64","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:20","http://189.126.106.199/bot.x86","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:18","http://189.126.106.199/bot.arm7","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:14","http://189.126.106.199/bot.m68k","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:14","http://189.126.106.199/bot.mpsl","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:14","http://189.126.106.199/bot.ppc","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-07-03 05:23:14","http://189.126.106.199/bot.sh4","offline","malware_download","elf","189.126.106.199","189.126.106.199","27715","BR"
"2024-02-19 10:18:10","https://icemail.com.br/ft/febx.txt","offline","malware_download","ascii|encoded|Xworm","icemail.com.br","191.252.4.62","27715","BR"
"2023-12-14 12:20:13","https://focussci.com.br/temp/Drop-Icons-Installer.rar","offline","malware_download","","focussci.com.br","186.202.153.107","27715","BR"
"2023-12-07 13:06:40","https://assetsjava1.websiteseguro.com/ngloar/globsarg.png","offline","malware_download","BRA|geo|zip","assetsjava1.websiteseguro.com","186.202.153.146","27715","BR"
"2023-11-27 05:56:11","http://elevecosmeticos.com.br/attivita/index.php","offline","malware_download","agenziaentrate|geo|geofenced|ITA|redir-302","elevecosmeticos.com.br","189.126.122.128","27715","BR"
"2023-11-17 19:17:05","https://luterlab.com.br/utim/","offline","malware_download","PikaBot|TR","luterlab.com.br","191.252.139.0","27715","BR"
"2023-11-17 19:16:38","http://gnettecnologia.com.br/san/","offline","malware_download","PikaBot|TR","gnettecnologia.com.br","191.252.107.127","27715","BR"
"2023-11-17 19:15:39","https://gnettecnologia.com.br/san/","offline","malware_download","PikaBot|TR","gnettecnologia.com.br","191.252.107.127","27715","BR"
"2023-11-06 14:56:20","https://softlink.com.br/cuts/","offline","malware_download","Pikabot|TA577|TR","softlink.com.br","191.252.132.168","27715","BR"
"2023-10-24 10:02:12","https://emailmarketing.locaweb.com.br/accounts/188466/messages/7/clicks/53979/31?envelope_id=6","offline","malware_download","","emailmarketing.locaweb.com.br","186.202.135.207","27715","BR"
"2023-10-24 10:01:16","https://emailmarketing.locaweb.com.br/accounts/188466/messages/7/clicks/3734/31?envelope_id=6","offline","malware_download","","emailmarketing.locaweb.com.br","186.202.135.207","27715","BR"
"2023-10-22 15:22:31","https://pitt.com.br/news.php","offline","malware_download","","pitt.com.br","191.252.52.228","27715","BR"
"2023-10-18 06:37:22","https://mpvip.com.br/docs.php","offline","malware_download","gating|gootloader","mpvip.com.br","186.202.153.204","27715","BR"
"2023-10-09 14:12:07","http://srsorvete.com.br/centro/index.php","offline","malware_download","agenziaentrate|geo|geofenced|gozi|isfb|ITA|redir-302|ursnif","srsorvete.com.br","191.252.51.217","27715","BR"
"2023-09-26 15:12:14","https://agenciarays.com.br/epo/","offline","malware_download","IcedID|pdf|pw341|tr","agenciarays.com.br","191.252.148.44","27715","BR"
"2023-09-26 15:09:10","https://gplataforma.com.br/ii/","offline","malware_download","IcedID|pdf|pw341|tr","gplataforma.com.br","191.252.148.44","27715","BR"
"2023-09-26 10:44:07","https://agenciarays.com.br/ai/","offline","malware_download","darkgate|IcedID|xll","agenciarays.com.br","191.252.148.44","27715","BR"
"2023-09-26 10:04:10","https://gplataforma.com.br/var/","offline","malware_download","Darkgate|USA|xll|zip","gplataforma.com.br","191.252.148.44","27715","BR"
"2023-08-25 18:22:35","https://dozecomunicacao.com.br/download.php","offline","malware_download","gating|gootloader","dozecomunicacao.com.br","187.45.193.215","27715","BR"
"2023-06-22 05:57:45","https://sindimov-mg.com.br/oe/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","sindimov-mg.com.br","191.252.83.184","27715","BR"
"2023-06-20 11:48:57","https://sindimov-mg.com.br/uihi/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","sindimov-mg.com.br","191.252.83.184","27715","BR"
"2023-06-16 15:22:44","https://aapm.com.br/oeai/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","aapm.com.br","187.45.193.134","27715","BR"
"2023-06-15 16:15:38","https://aapm.com.br/em/?1","offline","malware_download","BB32|geofenced|js|Qakbot|USA","aapm.com.br","187.45.193.134","27715","BR"
"2023-06-13 17:52:41","https://beve.com.br/reo/","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","beve.com.br","191.252.106.160","27715","BR"
"2023-05-04 13:40:17","https://jufestlocacoes.com.br/gnome2/rentfree.zip","offline","malware_download","geofenced|obama260|Qakbot|Qbot|Quakbot|USA|wsf|zip","jufestlocacoes.com.br","191.252.131.66","27715","BR"
"2023-04-23 13:31:08","https://beautifulqueen.com.br/Documentos.jpg","offline","malware_download","AsyncRAT|DCRat|exe","beautifulqueen.com.br","191.252.83.241","27715","BR"
"2023-04-12 18:45:27","https://floraprodutosnaturais.com.br/imu/officiiscupiditate.php","offline","malware_download","921|BB23|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","floraprodutosnaturais.com.br","200.234.194.173","27715","BR"
"2023-04-12 18:44:23","http://intimapassion.com.br/mimo/quaspraesentium.php","offline","malware_download","921|BB23|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","intimapassion.com.br","191.252.126.162","27715","BR"
"2023-04-11 13:48:33","https://lojadaslojas.com.br/amoe/amoe.php","offline","malware_download","BB23|geofenced|Qakbot|Qbot|Quakbot|R89|tr|USA|wsf|zip","lojadaslojas.com.br","191.252.116.129","27715","BR"
"2023-04-11 13:48:20","https://llenergia.com.br/se/se.php","offline","malware_download","BB23|geofenced|Qakbot|Qbot|Quakbot|R89|tr|USA|wsf|zip","llenergia.com.br","191.252.142.243","27715","BR"
"2023-04-06 15:41:43","https://apollologistics.com.br/ca/ca.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","apollologistics.com.br","191.252.129.251","27715","BR"
"2023-04-05 15:40:28","https://drjoaquimneves.com.br/queu/queu.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","drjoaquimneves.com.br","191.252.105.78","27715","BR"
"2023-03-24 04:04:07","https://graficacanelaverde.com.br/rmru/rmru.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","graficacanelaverde.com.br","191.252.118.106","27715","BR"
"2023-03-24 03:59:26","https://anjosrosa.com.br/emei/emei.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","anjosrosa.com.br","191.252.118.106","27715","BR"
"2023-03-22 17:35:14","http://toiaagrosciences1.hospedagemdesites.ws/grupotoia/CPKU5ZE/","offline","malware_download","dll|emotet|epoch4|Heodo|zip","toiaagrosciences1.hospedagemdesites.ws","187.45.193.168","27715","BR"
"2023-03-21 21:17:10","https://www.gomespontes.com.br/logs/OnULNYFQXXvsnhbeWvV/","offline","malware_download","dll|emotet|epoch4|Heodo|zip","www.gomespontes.com.br","191.252.83.184","27715","BR"
"2023-03-15 21:51:08","https://www.gomespontes.com.br/logs/pd/","offline","malware_download","dll|emotet|epoch4|heodo|one","www.gomespontes.com.br","191.252.83.184","27715","BR"
"2023-03-14 19:03:51","https://facilite.profissional.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilite.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:03:43","https://institutozoe.empresarial.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","institutozoe.empresarial.ws","186.202.157.79","27715","BR"
"2023-03-14 19:03:32","https://cliqueebr1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR"
"2023-03-14 19:03:27","https://facilitaterceiri1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilitaterceiri1.hospedagemdesites.ws","187.45.239.121","27715","BR"
"2023-03-14 19:03:17","https://institutozoe.empresarial.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","institutozoe.empresarial.ws","186.202.157.79","27715","BR"
"2023-03-14 19:03:03","https://granadoemurahara1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","granadoemurahara1.hospedagemdesites.ws","177.153.57.197","27715","BR"
"2023-03-14 19:02:59","https://somautomotivorj.com.br/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR"
"2023-03-14 19:02:52","https://srsorvete.com.br/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","srsorvete.com.br","191.252.51.217","27715","BR"
"2023-03-14 19:02:42","https://elevecosmeticos.com.br/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","elevecosmeticos.com.br","189.126.122.128","27715","BR"
"2023-03-14 19:02:24","https://weltenergia1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","weltenergia1.hospedagemdesites.ws","186.202.153.83","27715","BR"
"2023-03-14 19:02:17","https://somautomotivorj.com.br/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR"
"2023-03-14 19:02:13","https://elevecosmeticos.com.br/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","elevecosmeticos.com.br","189.126.122.128","27715","BR"
"2023-03-14 19:02:12","https://weltenergia1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","weltenergia1.hospedagemdesites.ws","186.202.153.83","27715","BR"
"2023-03-14 19:02:02","https://emprestimo.profissional.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","emprestimo.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:02:02","https://hscor.saude.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","hscor.saude.ws","186.202.157.79","27715","BR"
"2023-03-14 19:01:48","https://cliqueebr1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR"
"2023-03-14 19:01:38","https://emprestimo.profissional.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","emprestimo.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:01:37","https://facilitaterceiri1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilitaterceiri1.hospedagemdesites.ws","187.45.239.121","27715","BR"
"2023-03-14 19:01:37","https://projecto.profissional.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","projecto.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:01:36","https://granadoemurahara1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","granadoemurahara1.hospedagemdesites.ws","177.153.57.197","27715","BR"
"2023-03-14 19:01:11","https://portosegurosafet1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","portosegurosafet1.hospedagemdesites.ws","187.45.239.121","27715","BR"
"2023-03-14 19:01:10","https://somautomotivorj.com.br/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR"
"2023-03-14 19:01:09","https://portosegurosafet1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","portosegurosafet1.hospedagemdesites.ws","187.45.239.121","27715","BR"
"2023-03-14 19:01:05","https://institutozoe.empresarial.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","institutozoe.empresarial.ws","186.202.157.79","27715","BR"
"2023-03-14 19:00:59","https://cliqueebr1.hospedagemdesites.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR"
"2023-03-14 19:00:57","https://facilite.profissional.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilite.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:00:53","https://projecto.profissional.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","projecto.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:00:53","https://weltenergia1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","weltenergia1.hospedagemdesites.ws","186.202.153.83","27715","BR"
"2023-03-14 19:00:47","https://srsorvete.com.br/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","srsorvete.com.br","191.252.51.217","27715","BR"
"2023-03-14 19:00:46","https://elevecosmeticos.com.br/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","elevecosmeticos.com.br","189.126.122.128","27715","BR"
"2023-03-14 19:00:44","https://emprestimo.profissional.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","emprestimo.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:00:43","https://projecto.profissional.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","projecto.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:00:39","https://facilite.profissional.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilite.profissional.ws","186.202.157.79","27715","BR"
"2023-03-14 19:00:29","https://facilitaterceiri1.hospedagemdesites.ws/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","facilitaterceiri1.hospedagemdesites.ws","187.45.239.121","27715","BR"
"2023-03-14 18:59:59","https://granadoemurahara1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","granadoemurahara1.hospedagemdesites.ws","177.153.57.197","27715","BR"
"2023-03-14 18:59:55","https://hscor.saude.ws/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","hscor.saude.ws","186.202.157.79","27715","BR"
"2023-03-14 18:59:33","https://portosegurosafet1.hospedagemdesites.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","portosegurosafet1.hospedagemdesites.ws","187.45.239.121","27715","BR"
"2023-03-14 18:59:19","https://hscor.saude.ws/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","hscor.saude.ws","186.202.157.79","27715","BR"
"2023-03-14 18:59:17","https://srsorvete.com.br/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","srsorvete.com.br","191.252.51.217","27715","BR"
"2023-03-14 12:02:11","http://cliqueebr1.hospedagemdesites.ws/connect/index.php","offline","malware_download","agenziaentrate|geofenced|gozi|isfb|ITA|mef|mise|ursnif","cliqueebr1.hospedagemdesites.ws","186.202.153.66","27715","BR"
"2023-03-14 08:10:21","http://somautomotivorj.com.br/connect/index.php","offline","malware_download","7713|agenziaentrate|geofenced|gozi|isfb|ita|mef|mise|redir-302|ursnif","somautomotivorj.com.br","191.252.143.25","27715","BR"
"2023-03-13 17:50:24","https://hotelvillamaior.com.br/pi/pi.js","offline","malware_download","BB19|geofenced|js|Qakbot|Qbot|Quakbot|USA","hotelvillamaior.com.br","177.153.209.193","27715","BR"
"2023-02-27 20:05:30","https://clinicasilviarocha.com.br/POE.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","clinicasilviarocha.com.br","191.252.143.158","27715","BR"
"2023-02-27 19:37:22","https://affectnet.com.br/END.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","affectnet.com.br","191.252.136.201","27715","BR"
"2023-02-09 17:08:16","https://suprimax.vet.br/css/fonts/OneCleanerInst942914.exe","offline","malware_download","drop-by-malware|PrivateLoader","suprimax.vet.br","191.252.4.45","27715","BR"
"2023-02-02 23:17:54","https://santorres.com.br/SEEA.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","santorres.com.br","191.252.140.88","27715","BR"
"2023-02-02 23:15:31","https://oliverservice.com.br/EOLD.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","oliverservice.com.br","191.252.143.158","27715","BR"
"2022-12-19 21:51:31","https://spnoticias.tv.br/iu/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","spnoticias.tv.br","191.252.139.122","27715","BR"
"2022-12-19 21:43:25","https://labproexame.com.br/ip/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","labproexame.com.br","191.252.139.0","27715","BR"
"2022-12-19 21:31:49","https://aspsupermercados.com.br/unia/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","aspsupermercados.com.br","191.252.123.72","27715","BR"
"2022-12-19 16:35:50","https://laza.bio.br/vla/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","laza.bio.br","191.252.140.70","27715","BR"
"2022-12-15 16:16:32","https://jmbanheiras.com.br/onet/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","jmbanheiras.com.br","191.252.132.168","27715","BR"
"2022-12-15 16:15:35","https://dfrlimeira.com.br/ms/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","dfrlimeira.com.br","191.252.128.237","27715","BR"
"2022-12-14 16:16:16","https://trespassos.com.br/utrp/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","trespassos.com.br","191.252.132.168","27715","BR"
"2022-12-14 16:08:48","https://mjbbrokers.com.br/iqa/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","mjbbrokers.com.br","191.252.132.168","27715","BR"
"2022-12-13 21:51:49","https://trespassos.com.br/itse/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","trespassos.com.br","191.252.132.168","27715","BR"
"2022-12-13 21:50:43","https://softlink.com.br/lor/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","softlink.com.br","191.252.132.168","27715","BR"
"2022-12-13 21:48:49","https://simonlaboratorio.com.br/tn/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","simonlaboratorio.com.br","191.252.139.0","27715","BR"
"2022-12-13 20:37:46","https://revestik.com.br/lo/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","revestik.com.br","191.252.135.206","27715","BR"
"2022-12-13 20:32:13","https://lefdigital.com.br/teus/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","lefdigital.com.br","200.234.194.177","27715","BR"
"2022-12-13 20:29:52","https://legalconsulting.com.br/uol/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","legalconsulting.com.br","191.252.132.230","27715","BR"
"2022-12-13 20:26:59","https://globalplanning.com.br/duta/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","globalplanning.com.br","191.252.137.174","27715","BR"
"2022-12-13 20:25:31","https://dimatex.com.br/ls/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","dimatex.com.br","191.252.130.249","27715","BR"
"2022-12-13 20:24:32","https://ergocenter.med.br/tu/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","ergocenter.med.br","191.252.144.153","27715","BR"
"2022-12-13 20:18:12","https://candongadaserra.com.br/et/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","candongadaserra.com.br","191.252.138.251","27715","BR"
"2022-12-11 08:31:10","http://186.202.137.23/SGL.exe","offline","malware_download","exe","186.202.137.23","186.202.137.23","27715","BR"
"2022-11-30 18:18:15","http://premiumspecialists.com.br/pc4ji57s0.exe","offline","malware_download","exe","premiumspecialists.com.br","191.252.51.68","27715","BR"
"2022-11-28 21:41:21","https://beautifulqueen.com.br/mqs/index.php?qakbot.zip","offline","malware_download","BB08|iso|P32M|qakbot|qbot|quakbot|TR|zip","beautifulqueen.com.br","191.252.83.241","27715","BR"
"2022-11-25 01:29:13","http://batalhaocrazy1.hospedagemdesites.ws/vendas/imagem.jpg","offline","malware_download","32|exe|RustyStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR"
"2022-11-25 01:12:17","http://batalhaocrazy1.hospedagemdesites.ws/jpg/test.exe","offline","malware_download","exe|LucaStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR"
"2022-11-25 01:12:13","http://batalhaocrazy1.hospedagemdesites.ws/vendas/imagem2.jpg","offline","malware_download","msi|RustyStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR"
"2022-11-23 12:31:20","http://batalhaocrazy1.hospedagemdesites.ws/vendas/imagem64.jpg","offline","malware_download","RustyStealer","batalhaocrazy1.hospedagemdesites.ws","191.252.51.213","27715","BR"
"2022-11-17 19:19:56","https://lavaville.com.br/ae/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","lavaville.com.br","200.234.194.177","27715","BR"
"2022-11-14 17:03:12","https://beautifulqueen.com.br/uq/index.php?qbot.zip","offline","malware_download","BB06|HK57|iso|qakbot|qbot|quakbot|TR|zip","beautifulqueen.com.br","191.252.83.241","27715","BR"
"2022-11-04 11:11:12","http://cursosinterativos.com.br/semprichickoff2/pEl/","offline","malware_download","emotet|epoch4|exe|heodo","cursosinterativos.com.br","187.45.193.166","27715","BR"
"2022-11-02 01:53:44","https://candongadaserra.com.br/io/qbot.zip","offline","malware_download","BB05|BV1|iso|qakbot|qbot|quakbot|TR|zip","candongadaserra.com.br","191.252.138.251","27715","BR"
"2022-11-01 13:08:47","https://candongadaserra.com.br/io/qakbot.zip","offline","malware_download","qbot","candongadaserra.com.br","191.252.138.251","27715","BR"
"2022-11-01 10:06:49","https://candongadaserra.com.br/io/vonovia","offline","malware_download","bb|qbot|tr","candongadaserra.com.br","191.252.138.251","27715","BR"
"2022-11-01 10:06:26","https://candongadaserra.com.br/io/gruenbeck","offline","malware_download","bb|qbot|tr","candongadaserra.com.br","191.252.138.251","27715","BR"
"2022-10-21 01:19:27","http://euajudoaciencia.com.br/ai/offermontfils","offline","malware_download","BB04|iso|NH833|qakbot|qbot|quakbot|TR|zip","euajudoaciencia.com.br","200.234.195.82","27715","BR"
"2022-10-19 01:09:21","https://euajudoaciencia.com.br/ai/offerAlateeki","offline","malware_download","BB03|FYN09|iso|qakbot|qbot|quakbot|TR|zip","euajudoaciencia.com.br","200.234.195.82","27715","BR"
"2022-06-22 21:22:12","http://contabilidadeplenus.com.br/ebooks/dIA4V2AnYEnQL/","offline","malware_download","emotet|exe|heodo","contabilidadeplenus.com.br","186.202.153.165","27715","BR"
"2022-06-22 16:24:12","https://contabilidadeplenus.com.br/ebooks/dIA4Vv2AnYEnQL/","offline","malware_download","dll|emotet|epoch4","contabilidadeplenus.com.br","186.202.153.165","27715","BR"
"2022-06-08 19:26:08","http://wehx.com.br/wp-snapshots/ds37LVL/","offline","malware_download","dll|emotet|epoch5|Heodo","wehx.com.br","179.188.11.44","27715","BR"
"2022-05-19 10:54:11","https://zanardini.com.br/tne/uqnieueq","offline","malware_download","TR","zanardini.com.br","191.252.138.17","27715","BR"
"2022-05-18 17:26:06","http://perlasmarinhas.com.br/wp-includes/ywMovPUTPlTzd6c/","offline","malware_download","dll|emotet|epoch5|heodo","perlasmarinhas.com.br","186.202.153.104","27715","BR"
"2022-05-16 14:50:34","http://casamartins.com.br/pll/pjptxdbtzv.zip","offline","malware_download","b-TDS|obama183|Qakbot|qbot|Quakbot|zip","casamartins.com.br","191.252.51.54","27715","BR"
"2022-05-13 17:21:41","https://casamartins.com.br/pll/PJPTxDBtzV.zip","offline","malware_download","b-TDS|obama183|Qakbot|qbot|Quakbot|zip","casamartins.com.br","191.252.51.54","27715","BR"
"2022-03-31 22:24:07","http://flexaviationcenter.com/bin/mvd4h6/","offline","malware_download","dll|emotet|epoch5|Heodo","flexaviationcenter.com","186.202.153.148","27715","BR"
"2022-03-30 20:43:05","http://globallogistica1.hospedagemdesites.ws/Download/3iwSKW3RWhVbzdhN987MlCQEOVwO/","offline","malware_download","emotet|epoch4|Heodo|SilentBuilder|xls","globallogistica1.hospedagemdesites.ws","186.202.153.89","27715","BR"
"2022-03-29 15:18:08","http://formulamedica.com.br/aspnet_client/KXEdUDsW8Q/","offline","malware_download","emotet|epoch4|redir-doc|xls","formulamedica.com.br","186.202.153.96","27715","BR"
"2022-03-29 15:18:08","http://formulamedica.com.br/aspnet_client/KXEdUDsW8Q/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo","formulamedica.com.br","186.202.153.96","27715","BR"
"2022-03-28 21:42:05","http://fribeiro.com.br/siteAntigo/o/?i=1","offline","malware_download","doc|emotet|epoch4|SilentBuilder","fribeiro.com.br","187.45.193.226","27715","BR"
"2022-03-28 21:26:06","http://fribeiro.com.br/siteAntigo/o/","offline","malware_download","emotet|epoch4|redir-doc|xls","fribeiro.com.br","187.45.193.226","27715","BR"
"2022-02-25 10:57:08","https://advb.org/zDRcRDl2Ck/56.png","offline","malware_download","dll|Qakbot|qbot|Quakbot","advb.org","186.202.157.79","27715","BR"
"2022-02-23 03:56:11","http://wvfsbrasil.com.br/Acrasieae/LIYNOqCthfZuCWQz3/","offline","malware_download","dll|emotet|epoch5|Heodo","wvfsbrasil.com.br","191.252.137.51","27715","BR"
"2022-02-01 17:57:07","https://megacriacoes.com/system/neighboring.php","offline","malware_download","doc|hancitor|html","megacriacoes.com","191.252.129.230","27715","BR"
"2022-02-01 17:57:05","https://megacriacoes.com/system/squirrelled.php","offline","malware_download","doc|hancitor|html","megacriacoes.com","191.252.129.230","27715","BR"
"2022-02-01 17:57:05","https://megacriacoes.com/system/trigram.php","offline","malware_download","doc|hancitor|html","megacriacoes.com","191.252.129.230","27715","BR"
"2022-01-11 10:29:06","http://lumiereesquadrias.com.br/chardet/3tjUh1/","offline","malware_download","emotet|epoch4|redir-doc","lumiereesquadrias.com.br","186.202.153.104","27715","BR"
"2022-01-11 10:29:06","http://lumiereesquadrias.com.br/chardet/3tjUh1/?i=1","offline","malware_download","emotet|epoch4|Heodo|SilentBuilder|xls","lumiereesquadrias.com.br","186.202.153.104","27715","BR"
"2021-12-09 11:56:22","https://brindesdesipat.com.br/blog/x/","offline","malware_download","emotet|epoch4|redir-doc","brindesdesipat.com.br","191.252.51.202","27715","BR"
"2021-11-05 16:32:05","http://villaggioverde.com.br/etprovident/quaeratrerum-2741376","offline","malware_download","qbot|tr","villaggioverde.com.br","191.252.100.250","27715","BR"
"2021-11-04 13:57:09","https://villaggioverde.com.br/etprovident/gerebatphosphorus-251393","offline","malware_download","ChaserLdr|SilentBuilder|TR|zip","villaggioverde.com.br","191.252.100.250","27715","BR"
"2021-11-03 17:08:08","https://haraszonadamata.com.br/fitful.php","offline","malware_download","doc|hancitor|html","haraszonadamata.com.br","191.252.133.208","27715","BR"
"2021-11-03 15:56:12","https://haraszonadamata.com.br/chronology.php","offline","malware_download","doc|hancitor|html","haraszonadamata.com.br","191.252.133.208","27715","BR"
"2021-11-03 15:56:12","https://haraszonadamata.com.br/vulcanized.php","offline","malware_download","doc|hancitor|html","haraszonadamata.com.br","191.252.133.208","27715","BR"
"2021-11-03 15:56:07","https://ondulato.com.br/cadenza.php","offline","malware_download","doc|hancitor|html","ondulato.com.br","191.252.104.182","27715","BR"
"2021-10-28 18:08:04","http://191.252.142.137/~dirtbike/loja/223.exe","offline","malware_download","32|exe|RedLineStealer","191.252.142.137","191.252.142.137","27715","BR"
"2021-10-28 18:08:04","http://191.252.142.137/~dirtbike/loja/new.exe","offline","malware_download","32|exe|LimeRAT","191.252.142.137","191.252.142.137","27715","BR"
"2021-10-28 17:27:04","http://191.252.142.137/~dirtbike/loja/101.exe","offline","malware_download","32|exe","191.252.142.137","191.252.142.137","27715","BR"
"2021-10-28 17:06:05","http://191.252.142.137/~dirtbike/loja/star.exe","offline","malware_download","32|exe","191.252.142.137","191.252.142.137","27715","BR"
"2021-06-22 14:21:09","https://sierraimoveis.com.br/ager/bower_ponsotstrap/l7/mixn/BpZbPd8mY0.php","offline","malware_download","Dridex","sierraimoveis.com.br","191.252.83.234","27715","BR"
"2021-06-21 19:46:24","https://sierraimoveis.com.br/manager/bower_components/bootstrap/less/mixins/BpZbPd8mY0.php","offline","malware_download","Dridex","sierraimoveis.com.br","191.252.83.234","27715","BR"
"2021-06-09 17:14:10","https://rogersmatrizes.com.br/wp-includes/js/tinymce/skins/lightgray/OywfppLsJ8j.php","offline","malware_download","22201|dll|dridex","rogersmatrizes.com.br","177.153.57.17","27715","BR"
"2021-05-26 12:59:20","https://mottanet.com.br/dr--una-leffler-ii/Liam.Smith-67.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","mottanet.com.br","187.45.240.104","27715","BR"
"2021-04-26 14:58:10","https://sistemasvip.com.br/profmobile/vendor/doctrine/annotations/docs/yN6mOpJ1jmbI.php","offline","malware_download","40111|dll|dridex","sistemasvip.com.br","191.252.63.85","27715","BR"
"2021-04-21 18:03:21","https://mundodelas.sistemasvip.com.br/new/full/imagens/R0UtGyWd.php","offline","malware_download","Dridex","mundodelas.sistemasvip.com.br","191.252.63.85","27715","BR"
"2021-04-21 18:03:21","https://sisprofamilia.sistemasvip.com.br/profmobile/vendor/doctrine/collections/docs/E6owcrdAVifHpML.php","offline","malware_download","Dridex","sisprofamilia.sistemasvip.com.br","191.252.63.85","27715","BR"
"2021-04-19 20:33:12","https://pnspsocorro.sistemasvip.com.br/autocomplete2/img/_notes/mANaBBNQfE1d.php","offline","malware_download","Dridex","pnspsocorro.sistemasvip.com.br","191.252.63.85","27715","BR"
"2021-04-13 13:52:17","https://www.srsousaerocha.com.br/servicos/bueno-netto/qeUerctujN.php","offline","malware_download","Dridex","www.srsousaerocha.com.br","191.252.129.230","27715","BR"
"2021-03-22 18:07:09","http://cartoriomachado.com.br/wp-includes/js/tinymce/plugins/charmap/e1.exe","offline","malware_download","BazarCall|exe|openfield","cartoriomachado.com.br","186.202.153.165","27715","BR"
"2021-03-22 18:07:09","http://cartoriomachado.com.br/wp-includes/js/tinymce/plugins/charmap/e3.exe","offline","malware_download","exe|openfield","cartoriomachado.com.br","186.202.153.165","27715","BR"
"2021-03-17 17:12:15","https://plusval.com.br/js/vendor/GfHHOKjuN.php","offline","malware_download","Dridex","plusval.com.br","191.252.139.196","27715","BR"
"2021-03-12 00:13:07","https://connect.rio.br/cop.php","offline","malware_download","hancitor","connect.rio.br","186.202.153.79","27715","BR"
"2021-03-12 00:13:07","https://connect.rio.br/stumper.php","offline","malware_download","hancitor","connect.rio.br","186.202.153.79","27715","BR"
"2021-03-03 18:51:17","https://expressoquiririm.com.br/wp-content/plugins/contact-form-7/includes/DUmXYk6VPMo.php","offline","malware_download","Dridex","expressoquiririm.com.br","191.252.143.234","27715","BR"
"2021-02-17 21:46:12","https://controleautomacao.com.br/xb1dsw.tar","offline","malware_download","Dridex","controleautomacao.com.br","177.153.208.224","27715","BR"
"2021-01-26 16:50:14","https://arcadistribuidorasc.com.br/nrrz2i0qs.rar","offline","malware_download","dridex|payload","arcadistribuidorasc.com.br","186.202.153.79","27715","BR"
"2021-01-22 16:42:06","http://resioleo.com.br/wp-includes/SqxIiERmulWWnHXE2AFezka394KNxcSSNcgKWgGZM71YyrkS8RfeLfVXAARsKspnn/","offline","malware_download","doc|Emotet|epoch2|Heodo","resioleo.com.br","187.45.240.5","27715","BR"
"2021-01-21 15:22:15","http://stellarum.com.br/hknmwj.zip","offline","malware_download","Dridex","stellarum.com.br","191.252.83.251","27715","BR"
"2021-01-13 15:00:41","http://lojacondo.com.br/dv9cdermu.zip","offline","malware_download","dll|Dridex","lojacondo.com.br","191.252.113.188","27715","BR"
"2020-12-29 15:00:08","http://www.atemto.com.br/arquivos/qt9mZsdOWxheAArVJL5hbvpRueGJ41AAkvWeJeziYKsY0rPd/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.atemto.com.br","187.45.195.34","27715","BR"
"2020-12-21 23:25:08","http://braam.com.br/c/oaA7YWWX/","offline","malware_download","dll|emotet|epoch3|exe|Heodo","braam.com.br","186.202.153.152","27715","BR"
"2020-12-12 06:49:06","http://republicaconteudo.com.br/wp-content/tn/69Ji0BWHpYnFp51.exe","offline","malware_download","AgentTesla|exe","republicaconteudo.com.br","187.45.195.10","27715","BR"
"2020-12-12 06:46:07","http://republicaconteudo.com.br/wp-content/tn/USnKpMNxeTAkbKy.exe","offline","malware_download","AgentTesla|exe","republicaconteudo.com.br","187.45.195.10","27715","BR"
"2020-10-28 21:35:06","http://mobaviation.com.br/wp-content/PhDYRnvcUlnAQaKF79LC6b6XC1sx6IfVLuNVMTPELTQIwItaQZGT6iQm/","offline","malware_download","doc|emotet|epoch2","mobaviation.com.br","191.252.131.85","27715","BR"
"2020-10-28 21:28:04","http://lvl.com.br/wp-admin/lFr/","offline","malware_download","doc|emotet|epoch3","lvl.com.br","187.45.240.105","27715","BR"
"2020-10-28 15:29:07","https://mobaviation.com.br/wp-content/PhDYRnvcUlnAQaKF79LC6b6XC1sx6IfVLuNVMTPELTQIwItaQZGT6iQm/","offline","malware_download","doc|emotet|epoch2|Heodo","mobaviation.com.br","191.252.131.85","27715","BR"
"2020-10-28 15:17:09","https://www.apeduti.com.br/wp-includes/XN2wg26v/","offline","malware_download","emotet|epoch3|exe|Heodo","www.apeduti.com.br","187.45.193.174","27715","BR"
"2020-10-27 23:34:08","https://lvl.com.br/wp-admin/lFr/","offline","malware_download","doc|emotet|epoch3|Heodo","lvl.com.br","187.45.240.105","27715","BR"
"2020-10-27 14:24:04","https://millenium-rj.com/mapsz/komyydor_hJPlWqlmjO162.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-27 13:21:07","https://www.lvl.com.br/wp-admin/lFr/","offline","malware_download","doc|emotet|epoch3|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-10-26 14:58:06","https://todosaqui.com.br/wp-admin/report/6896953422/cmuwpyz-14/","offline","malware_download","doc|emotet|epoch3|Heodo","todosaqui.com.br","191.252.86.218","27715","BR"
"2020-10-26 08:47:06","https://millenium-rj.com/ozil/kton2_kPBWvHU138.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-26 08:47:05","https://millenium-rj.com//mapsz/Adc_iFoOuijC244.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-26 08:47:05","https://millenium-rj.com/ozil/floow_HQaIKx54.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-22 11:52:06","http://datacentertecnologia.com.br/model/Reporting/zxze/","offline","malware_download","doc|emotet|epoch2|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR"
"2020-10-22 06:18:05","https://www.lvl.com.br/wp-admin/paclm/yDwl/","offline","malware_download","doc|emotet|epoch3|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-10-22 04:19:04","http://quepasa.live/brimfully/OCT/5429/bzRWt/","offline","malware_download","doc|emotet|epoch3|Heodo","quepasa.live","189.126.121.93","27715","BR"
"2020-10-20 09:22:10","https://www.lvl.com.br/wp-admin/FILE/zc6k6bsf/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-10-19 16:35:08","http://fcsl.com.br/wp-content/form/004417/ecjl/","offline","malware_download","doc|emotet|epoch3|Heodo","fcsl.com.br","191.252.51.53","27715","BR"
"2020-10-17 05:42:06","http://bgm.com.br/site/browse/c20pgrahcqb/","offline","malware_download","doc|emotet|epoch2|Heodo","bgm.com.br","187.45.195.139","27715","BR"
"2020-10-15 01:14:07","https://www.lvl.com.br/wp-admin/INC/lr9pldlk3kv/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-10-13 05:06:05","https://millenium-rj.com/nuevo/komyydor_szLQeR11.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-09 08:34:05","https://millenium-rj.com/seeyou/anyiba_SqLCK129.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-09 05:46:04","https://millenium-rj.com/seeyou/Edog_sFLYV207.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-10-08 12:12:06","https://millenium-rj.com/nuevo/kaycee_dcyrKA186.bin","offline","malware_download","encrypted|GuLoader","millenium-rj.com","191.252.83.13","27715","BR"
"2020-09-29 12:43:23","http://datacentertecnologia.com.br/model/Scan/THTwl4SSR3wi/","offline","malware_download","doc|emotet|epoch1|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR"
"2020-09-29 00:43:15","http://menegotto.com.br/wp-content/esp/u6XJNrNlenkgi/","offline","malware_download","doc|emotet|epoch1|Heodo","menegotto.com.br","191.252.51.12","27715","BR"
"2020-09-28 20:08:04","https://www.lvl.com.br/wp-admin/3720676320/tjZfmm0UuVu/","offline","malware_download","doc|emotet|epoch1|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-09-23 23:42:05","http://menegotto.com.br/wp-content/516810928934/jCcwmXkc27WMcwOTW1o/","offline","malware_download","doc|emotet|epoch1|Heodo","menegotto.com.br","191.252.51.12","27715","BR"
"2020-09-23 23:27:14","https://www.zlocker.com.br/wp-admin/browse/AKgA5Hcd3dB/","offline","malware_download","doc|emotet|epoch1|Heodo","www.zlocker.com.br","191.252.195.33","27715","BR"
"2020-09-22 09:50:09","http://sollis.ind.br/js/attachments/FFjLSuEGSoCAU4/","offline","malware_download","doc|emotet|epoch1|Heodo","sollis.ind.br","191.252.80.184","27715","BR"
"2020-09-21 22:50:08","https://mukah.com.br/anjosdaguarda/wp-includes/balance/","offline","malware_download","doc|Emotet|epoch2|Heodo","mukah.com.br","177.153.58.234","27715","BR"
"2020-09-21 17:22:35","https://www.lvl.com.br/wp-admin/esp/RyydmgV4MDEtFHQnbXZ/","offline","malware_download","doc|emotet|epoch1|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-09-18 20:27:08","http://datacentertecnologia.com.br/model/DOC/XBQDEpYqaPxkONnlnc/","offline","malware_download","doc|emotet|epoch1|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR"
"2020-09-18 12:32:08","http://sollis.ind.br/js/INC/5j8JpgYgfOmfrmlz/","offline","malware_download","doc|emotet|epoch1|Heodo","sollis.ind.br","191.252.80.184","27715","BR"
"2020-09-18 00:15:35","https://www.lvl.com.br/wp-admin/invoice/oyxzv2o7ry9/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-09-16 15:16:10","http://datacentertecnologia.com.br/model/attachments/","offline","malware_download","doc|emotet|epoch2|heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR"
"2020-09-15 06:59:26","https://www.lvl.com.br/wp-admin/U2nZ6FNU5G/","offline","malware_download","emotet|epoch3|exe|heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-09-10 07:08:04","http://191.252.205.120/lmaoWTF/loligang.x86","offline","malware_download","","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-08 16:50:19","http://lojacorpoemente.com.br/beuefuqpd/55555555.png","offline","malware_download","abc001|exe|Qakbot|qbot|QuakBot","lojacorpoemente.com.br","186.202.157.79","27715","BR"
"2020-09-06 09:46:14","https://datacentertecnologia.com.br/model/ULr/","offline","malware_download","emotet|epoch3|exe|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR"
"2020-09-05 06:15:05","http://191.252.205.120/Spoofed/RebornGang.spc","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:28:04","http://191.252.205.120/Spoofed/RebornGang.mpsl","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.arm5","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.m68k","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.ppc","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:28:03","http://191.252.205.120/Spoofed/RebornGang.sh4","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:24:05","http://191.252.205.120/Spoofed/RebornGang.arm6","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:24:05","http://191.252.205.120/Spoofed/RebornGang.mips","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:23:04","http://191.252.205.120/Spoofed/RebornGang.arm7","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:23:03","http://191.252.205.120/Pemex.sh","offline","malware_download","shellscript","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-05 05:23:03","http://191.252.205.120/Spoofed/RebornGang.x86","offline","malware_download","elf|mirai","191.252.205.120","191.252.205.120","27715","BR"
"2020-09-02 21:40:42","http://datacentertecnologia.com.br/model/ULr/","offline","malware_download","emotet|epoch3|exe|Heodo","datacentertecnologia.com.br","179.188.51.152","27715","BR"
"2020-08-28 20:51:10","http://iscon.com.br/logos/parts_service/klj2w8073do/4a04598627931yt43jyxdyqe7/","offline","malware_download","doc|emotet|epoch2|heodo","iscon.com.br","186.202.157.79","27715","BR"
"2020-08-28 10:54:15","http://t2aclube.com.br/wp-includes/report/","offline","malware_download","doc|emotet|epoch2|Heodo","t2aclube.com.br","186.202.153.71","27715","BR"
"2020-08-28 08:14:06","http://apolu.com.br/DESATIVADOcentersystemch/Overview/33916391/ut8qm0yzm-0072/","offline","malware_download","doc|emotet|epoch3|Heodo","apolu.com.br","186.202.153.6","27715","BR"
"2020-08-28 00:56:05","http://sollis.ind.br/js/Documentation/HTNjV/","offline","malware_download","doc|emotet|epoch3|Heodo","sollis.ind.br","191.252.80.184","27715","BR"
"2020-08-28 00:11:05","http://somadil.com.br/wp/balance/","offline","malware_download","doc|emotet|epoch2|heodo","somadil.com.br","191.252.37.10","27715","BR"
"2020-08-28 00:11:05","http://somadil.com.br/wp/balance/","offline","malware_download","doc|emotet|epoch2|heodo","somadil.com.br","191.252.37.11","27715","BR"
"2020-08-28 00:11:05","http://somadil.com.br/wp/balance/","offline","malware_download","doc|emotet|epoch2|heodo","somadil.com.br","191.252.37.9","27715","BR"
"2020-08-27 22:32:36","http://totemcomunicacao.com.br/logs/CK7A39SRCOB/s3woi3acugu/abpeq092729279sopne584ojk5wo/","offline","malware_download","doc|emotet|epoch2|heodo","totemcomunicacao.com.br","186.202.153.183","27715","BR"
"2020-08-26 02:36:11","http://www.trololo.com.br/system/INC/","offline","malware_download","doc|emotet|epoch2","www.trololo.com.br","191.252.51.59","27715","BR"
"2020-08-25 21:41:13","http://eduvalebr1.hospedagemdesites.ws/teste/Overview/paf6zm/","offline","malware_download","doc|emotet|epoch2|Heodo","eduvalebr1.hospedagemdesites.ws","187.45.193.166","27715","BR"
"2020-08-25 18:54:26","https://www.trololo.com.br/system/INC/","offline","malware_download","doc|emotet|epoch2|heodo","www.trololo.com.br","191.252.51.59","27715","BR"
"2020-08-24 10:13:06","https://www.lvl.com.br/wp-includes/payment/20657897730822784/8dlv-00575/","offline","malware_download","doc|emotet|epoch3|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-08-21 16:52:35","https://www.lvl.com.br/wp-includes/932521-fK9juuZQ7T-resource/individual-area/ideilkbukrtr3-x336u15yzy8w5s/","offline","malware_download","doc|emotet|epoch1|heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-08-18 06:56:14","http://labonni.com.br/pCG/","offline","malware_download","emotet|epoch3|exe|heodo","labonni.com.br","191.252.128.138","27715","BR"
"2020-08-17 08:55:11","https://www.lvl.com.br/wp-includes/balance/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-08-17 01:25:47","http://fritisco.com.br/autenticacao/SLjCqkG/","offline","malware_download","doc|emotet|epoch3|Heodo","fritisco.com.br","186.202.135.240","27715","BR"
"2020-08-14 20:04:09","http://kndesign.com.br/wwvv2/wPxxj0v53027676/","offline","malware_download","emotet|epoch3|exe|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2020-08-14 12:01:08","http://www.kndesign.com.br/wwvv2/esp/fjzwx48859938787hyrc070ri6/","offline","malware_download","doc|emotet|epoch2|heodo","www.kndesign.com.br","191.252.83.230","27715","BR"
"2020-08-14 11:34:31","http://fritisco.com.br/autenticacao/5ql-ufmy-353/","offline","malware_download","doc|emotet|epoch3|Heodo","fritisco.com.br","186.202.135.240","27715","BR"
"2020-08-13 08:03:48","https://www.lvl.com.br/wp-includes/i211929/","offline","malware_download","emotet|epoch1|exe|heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-08-11 14:09:07","http://docenciacriativa.hospedagemdesites.ws/online/private_disk/individual_space/wm6p5w2zfaaq8_0x7151w48/","offline","malware_download","doc|emotet|epoch1|Heodo","docenciacriativa.hospedagemdesites.ws","191.252.51.245","27715","BR"
"2020-08-11 06:33:09","https://sariweb.com.br/vendor/njw/","offline","malware_download","emotet|epoch1|exe|Heodo","sariweb.com.br","191.252.141.195","27715","BR"
"2020-08-11 06:08:26","http://humbertoavila.com.br/photos/common_box/163345781_XD7cNVtcZty8_cloud/40252167180682_ntyzKKTUd285l2Du/","offline","malware_download","doc|emotet|epoch1|Heodo","humbertoavila.com.br","187.45.193.176","27715","BR"
"2020-08-10 21:49:07","http://tecnoservicebrasil.com.br/erros/public/i41i2gr410013540437scbf3j1z20h24ib/","offline","malware_download","doc|emotet|epoch2|heodo","tecnoservicebrasil.com.br","191.252.81.231","27715","BR"
"2020-08-10 15:06:09","http://fritisco.com.br/autenticacao/open_resource/individual_6qje5_86d/3565113_Q4RADtAy/","offline","malware_download","doc|emotet|epoch1|heodo","fritisco.com.br","186.202.135.240","27715","BR"
"2020-08-07 16:19:35","http://capitaladm.com.br/SGQ/oAiXdtl/","offline","malware_download","doc|emotet|epoch3|Heodo|QuakBot","capitaladm.com.br","187.45.193.176","27715","BR"
"2020-08-06 05:21:06","https://lvl.com.br/wp-includes/1961016819661btogcee1fpajs6/","offline","malware_download","doc|emotet|epoch2|Heodo","lvl.com.br","187.45.240.105","27715","BR"
"2020-08-06 04:45:09","https://www.lvl.com.br/wp-includes/1961016819661btogcee1fpajs6/","offline","malware_download","doc|emotet|epoch2|heodo","www.lvl.com.br","187.45.240.105","27715","BR"
"2020-07-31 02:01:33","http://capitaladm.com.br/SGQ/closed-array/close-939248135-95XI9XURc3/ekny2m-19589zsstt9y/","offline","malware_download","doc|emotet|epoch1","capitaladm.com.br","187.45.193.176","27715","BR"
"2020-07-30 17:11:07","http://capitaladm.com.br/SGQ/nDMepQ/","offline","malware_download","doc|emotet|epoch3|Heodo","capitaladm.com.br","187.45.193.176","27715","BR"
"2020-07-29 21:28:35","http://bosisio.net/www/multifunctional_9iockb49o0_80xmr2i2/test_warehouse/4113079484_V6MiZI4xbl/","offline","malware_download","doc|emotet|epoch1|heodo","bosisio.net","187.45.240.111","27715","BR"
"2020-07-29 15:49:05","http://labonni.com.br/v_2018./qb9f9cijl/","offline","malware_download","doc|emotet|epoch2|Heodo","labonni.com.br","191.252.128.138","27715","BR"
"2020-07-27 19:33:35","http://bosisio.net/www/789303519-eawBkzrZfm-resource/interior-portal/9jle-syu6/","offline","malware_download","doc|emotet|epoch1|heodo","bosisio.net","187.45.240.111","27715","BR"
"2020-07-23 20:13:36","http://bosisio.net/www/protected_array/additional_D6JRYsB_BMt5t0VGP9Dk/43952736661012_dQZ7rqEf/","offline","malware_download","doc|emotet|epoch1|heodo","bosisio.net","187.45.240.111","27715","BR"
"2020-05-22 11:13:01","https://www.glacial.com.br/wp-content/uploads/2020/05/lrwezndof/Kaufvertrag_100980869_20052020.zip","offline","malware_download","Qakbot","www.glacial.com.br","191.252.51.22","27715","BR"
"2020-04-14 20:22:35","http://maluna.com.br/string/9323831.zip","offline","malware_download","Qakbot|qbot|spx96|zip","maluna.com.br","186.202.153.104","27715","BR"
"2020-04-14 20:22:28","http://maluna.com.br/string/689305.zip","offline","malware_download","Qakbot|qbot|spx96|zip","maluna.com.br","186.202.153.104","27715","BR"
"2020-04-14 20:22:23","http://maluna.com.br/string/604291/604291.zip","offline","malware_download","Qakbot|qbot|spx96|zip","maluna.com.br","186.202.153.104","27715","BR"
"2020-04-08 15:10:28","http://kaiut.esser.cnt.br/wp-content/uploads/2020/04/cursors/6530599.zip","offline","malware_download",".vbs|.zip|qakbot|qbot","kaiut.esser.cnt.br","186.202.157.79","27715","BR"
"2020-02-06 14:19:19","http://barbearialumber.tempsite.ws/5qbqm/ebg8cepo9f-wwnt-39398/","offline","malware_download","emotet|epoch3|exe|heodo","barbearialumber.tempsite.ws","186.202.153.38","27715","BR"
"2020-02-05 19:06:08","http://blog.cs-integra.com.br/wp-includes/Document/tdjfrvs7qu9/","offline","malware_download","doc|emotet|epoch2|heodo","blog.cs-integra.com.br","201.76.51.228","27715","BR"
"2020-02-05 19:02:08","http://blog.cs-integra.com.br/wp-includes/sites/","offline","malware_download","doc|emotet|epoch2|heodo","blog.cs-integra.com.br","201.76.51.228","27715","BR"
"2020-02-03 21:36:05","http://barbearialumber.tempsite.ws/5qbqm/payment/qu7cblkms/z6345030ofdbpx281x3ji1/","offline","malware_download","doc|emotet|epoch2|heodo","barbearialumber.tempsite.ws","186.202.153.38","27715","BR"
"2020-02-03 21:18:16","http://barbearialumber.tempsite.ws/5qbqm/open-section/special-area/0364830393-lnL4Z/","offline","malware_download","doc|emotet|epoch1|Heodo","barbearialumber.tempsite.ws","186.202.153.38","27715","BR"
"2020-02-03 16:15:36","http://escoladeeducadores.com.br/wp-includes/available_disk/verifiable_e5yphx21_aljauimdu7/yqe2kT6b9R_6g84x9dnd8ghd/","offline","malware_download","doc|emotet|epoch1|Heodo","escoladeeducadores.com.br","187.45.193.223","27715","BR"
"2020-01-31 21:50:04","http://trefiart.com.br/wp-content/FILE/","offline","malware_download","doc|emotet|epoch2|Heodo","trefiart.com.br","186.202.153.56","27715","BR"
"2020-01-29 18:40:05","http://trefiart.com.br/js/common-section/close-ssxebvx27ca7eb-jx0/o3dm6p45yp-uy17s/","offline","malware_download","doc|emotet|epoch1|Heodo","trefiart.com.br","186.202.153.56","27715","BR"
"2020-01-28 13:39:10","http://olhaavaga.com.br/wp-admin/Documentation/625e5sduc/","offline","malware_download","doc|emotet|epoch2|heodo","olhaavaga.com.br","191.252.192.39","27715","BR"
"2020-01-28 12:23:09","http://www.integralcs.com.br/BKP/JiXSNkm/","offline","malware_download","doc|emotet|epoch3|heodo","www.integralcs.com.br","186.202.135.240","27715","BR"
"2020-01-22 13:34:04","http://olhaavaga.com.br/wp-admin/pd1tb-nwju7-9762/","offline","malware_download","doc|emotet|epoch3|heodo","olhaavaga.com.br","191.252.192.39","27715","BR"
"2020-01-21 08:46:08","http://sabinoplacas.com.br/logs/OCT/","offline","malware_download","doc|emotet|epoch2|heodo","sabinoplacas.com.br","187.45.193.203","27715","BR"
"2020-01-20 18:41:07","http://www.holandaadvocacia.adv.br/wp-includes/dt5drmh-qkv-350726/","offline","malware_download","doc|emotet|epoch3|Heodo","www.holandaadvocacia.adv.br","186.202.153.100","27715","BR"
"2020-01-15 18:25:10","http://openarts.com.br/ngt/0sjhd/","offline","malware_download","emotet|epoch2|exe|Heodo","openarts.com.br","179.188.12.48","27715","BR"
"2020-01-15 14:11:15","http://openarts.com.br/ngt/5719/y12rof4ie7d/yj3dps-567994663-253984-09fhr502jnf-exzrpncde/","offline","malware_download","doc|emotet|epoch2|Heodo","openarts.com.br","179.188.12.48","27715","BR"
"2020-01-14 23:45:07","http://jesaweb.com.br/Named/payment/cu50d-659416021-2376-bwhkyh-vfhlw/","offline","malware_download","doc|emotet|epoch2|heodo","jesaweb.com.br","186.202.157.79","27715","BR"
"2019-12-20 10:49:05","http://embalageral.hospedagemdesites.ws/wp-snapshots/sites/gxagnw43b99/","offline","malware_download","doc|emotet|epoch2|heodo","embalageral.hospedagemdesites.ws","186.202.153.68","27715","BR"
"2019-12-19 17:01:05","http://analisesfarma.com.br/wp-includes/swift/e-648-38128-qqew-hxrig8/","offline","malware_download","doc|emotet|epoch2|heodo","analisesfarma.com.br","186.202.153.38","27715","BR"
"2019-12-19 02:57:04","http://teletaxiexecutivo.com.br/wp-includes/private_zone/verifiable_warehouse/ej7wi8c5yv2mxt_z583v543y9/","offline","malware_download","doc|emotet|epoch1|Heodo","teletaxiexecutivo.com.br","191.252.81.167","27715","BR"
"2019-12-19 02:52:05","http://teletaxiexecutivo.com.br/wp-includes/common-resource/individual-profile/256400249861-XZ3suQAV/","offline","malware_download","doc|emotet|epoch1","teletaxiexecutivo.com.br","191.252.81.167","27715","BR"
"2019-12-17 22:52:03","https://garbomais.com.br/wp-content/closed_An9gucV_ICJygppi/open_uww_gbmc0/2bpua8655hqr_y81268y/","offline","malware_download","doc|emotet|epoch1|Heodo","garbomais.com.br","186.202.135.240","27715","BR"
"2019-12-17 12:06:06","http://modalnetworks.com/wp-includes/closed-section/37DZUx8sA-qrTSXyXCB-cloud/63408265576472-ComWS/","offline","malware_download","doc|emotet|epoch1|Heodo","modalnetworks.com","187.45.195.176","27715","BR"
"2019-12-17 04:01:04","http://davincitec.com.br/vendor/FILE/1zcjhqm/","offline","malware_download","doc|emotet|epoch2|heodo","davincitec.com.br","186.202.153.41","27715","BR"
"2019-12-17 03:57:05","http://davincitec.com.br/vendor/sites/140nuzt9/","offline","malware_download","doc|emotet|epoch2|heodo","davincitec.com.br","186.202.153.41","27715","BR"
"2019-12-16 00:52:09","http://comunimax.com.br/wordpress/Nems-iYTnCQp-array/verified-space/u55NSa93dtm8-gbq9wjlm60i/","offline","malware_download","doc|emotet|epoch1|Heodo","comunimax.com.br","191.252.137.214","27715","BR"
"2019-12-13 18:15:51","https://glacial.com.br/wp-admin/multifunctional-module/verifiable-space/75648040832-0WdlxGdg5l5/","offline","malware_download","doc|emotet|epoch1|heodo","glacial.com.br","191.252.51.22","27715","BR"
"2019-12-13 16:46:07","http://www.metallonet.com.br/wp-includes/14340940963_bUziir20_sector/test_profile/g53yay8_688ys372z0/","offline","malware_download","doc|emotet|epoch1","www.metallonet.com.br","187.45.195.61","27715","BR"
"2019-12-13 16:46:04","https://cmpsolutions.com.br/nvk/available_bi_n15haattjr60fqv/external_forum/dn14_y511364s8/","offline","malware_download","doc|emotet|epoch1|Heodo","cmpsolutions.com.br","186.202.153.139","27715","BR"
"2019-12-13 14:57:08","https://www.scallatur.com.br/site/5xhq-hw4kk-3291/","offline","malware_download","doc|emotet|epoch3|heodo","www.scallatur.com.br","186.202.153.36","27715","BR"
"2019-12-13 10:15:04","http://garbomais.com.br/wp-content/docs/bt4l-2997134-40899832-aiorpdu3-cw7g/","offline","malware_download","doc|emotet|epoch2|Heodo","garbomais.com.br","186.202.135.240","27715","BR"
"2019-12-13 09:26:09","https://garbomais.com.br/wp-content/docs/bt4l-2997134-40899832-aiorpdu3-cw7g/","offline","malware_download","doc|emotet|epoch2|heodo","garbomais.com.br","186.202.135.240","27715","BR"
"2019-12-13 09:16:09","http://loja.barano.com.br/wp-admin/qg6nq-9v-445/","offline","malware_download","doc|emotet|epoch3|heodo","loja.barano.com.br","186.202.153.63","27715","BR"
"2019-12-13 04:20:04","http://bazarin.com/kgz/6654493210692194/","offline","malware_download","doc|emotet|epoch2|heodo","bazarin.com","191.252.83.198","27715","BR"
"2019-12-13 02:35:04","http://davincitec.com.br/vendor/gqio8-6jelni0-409992/","offline","malware_download","doc|emotet|epoch3|heodo","davincitec.com.br","186.202.153.41","27715","BR"
"2019-12-13 02:13:04","http://davincitec.com.br/vendor/LLC/2pzxhmymzjm/rxbqm1l-285314814-0224-1pu1-0hxz3buj9v/","offline","malware_download","doc|emotet|epoch2|heodo","davincitec.com.br","186.202.153.41","27715","BR"
"2019-12-13 00:25:04","http://astraldesign.com.br/content/paclm/qem3dwx/4h1ox-2627004916-96000-ruyx-8jp40ys8/","offline","malware_download","doc|emotet|epoch2|heodo","astraldesign.com.br","186.202.153.5","27715","BR"
"2019-12-12 04:34:02","https://idogoiania.com.br/wp-admin/attachments/opuk4352y5-627565169-462777-xkb8h-vhy1s","offline","malware_download","doc","idogoiania.com.br","191.252.83.204","27715","BR"
"2019-12-11 22:06:05","https://idogoiania.com.br/wp-admin/lm/4vnfb-2693431-9308-zqdgei8-3k87ys/","offline","malware_download","doc|emotet|epoch2|heodo","idogoiania.com.br","191.252.83.204","27715","BR"
"2019-12-10 17:12:21","http://covm.icom.com.br/4hq9/961253046199-xXCkzlBtMMDg7GBo-disk/external-area/mt20djeir-t30s98y4s35/","offline","malware_download","doc|emotet|epoch1","covm.icom.com.br","186.202.157.79","27715","BR"
"2019-12-09 21:40:23","https://idogoiania.com.br/wp-admin/Overview/d3qdecncf-3082065-259490434-ca6nj8qy-78gnhnzo4p/","offline","malware_download","doc|emotet|epoch2|Heodo","idogoiania.com.br","191.252.83.204","27715","BR"
"2019-12-09 19:12:05","http://consultoriaseven.com.br/wp-admin/jb29-95-1022/","offline","malware_download","doc|emotet|epoch3|Heodo","consultoriaseven.com.br","191.252.51.2","27715","BR"
"2019-12-09 12:35:11","http://www.hospitalveredas.com.br/v2016/aperto_fzcizjh3j286wh_kds35o1k/esterno_magazzino/yleii1om_09s4x749/","offline","malware_download","doc|emotet|epoch1|Heodo","www.hospitalveredas.com.br","187.45.193.155","27715","BR"
"2019-12-06 23:08:02","https://sadecar.com.br/wp-includes/7085090402/q49feawf/","offline","malware_download","doc|emotet|epoch2|Heodo","sadecar.com.br","186.202.153.129","27715","BR"
"2019-12-06 22:24:54","https://idogoiania.com.br/wp-admin/attachments/opuk4352y5-627565169-462777-xkb8h-vhy1s/","offline","malware_download","doc|emotet|epoch2|Heodo","idogoiania.com.br","191.252.83.204","27715","BR"
"2019-11-22 15:57:18","http://valormax.profissional.ws/nflnjk2/jbcOjCo/","offline","malware_download","emotet|epoch3|exe|Heodo","valormax.profissional.ws","186.202.153.48","27715","BR"
"2019-11-15 22:41:11","http://www.centrocultural.ifaaje.com.br/1nwr3ul/6l1/","offline","malware_download","emotet|epoch2|exe|Heodo","www.centrocultural.ifaaje.com.br","187.45.240.50","27715","BR"
"2019-11-06 09:40:10","http://mecatronica.ifc-riodosul.edu.br/wp-content/uploads/2019/08/FergKLrS.bin","offline","malware_download","CZE|Dreambot|exe","mecatronica.ifc-riodosul.edu.br","187.45.240.103","27715","BR"
"2019-10-17 19:11:18","http://www.4ssss.com.br/repr.exe","offline","malware_download","exe","www.4ssss.com.br","187.45.193.177","27715","BR"
"2019-10-17 19:07:13","http://4ssss.com.br/repr.exe","offline","malware_download","exe","4ssss.com.br","187.45.193.177","27715","BR"
"2019-10-17 05:06:21","http://solucoeseinformatica.com.br/templates/rt_gantry_j15/css/xl/","offline","malware_download","","solucoeseinformatica.com.br","186.202.153.166","27715","BR"
"2019-10-11 22:39:24","http://www.divinosdocesfinos.com.br/wp-content/uploads/iOFfUVEkuAfBDSPtcIZnjRPMZU/","offline","malware_download","doc|emotet|epoch2|Heodo","www.divinosdocesfinos.com.br","186.202.189.146","27715","BR"
"2019-10-11 16:13:07","http://martinsebessi.com.br/wp-includes/REXyKidSNpD/","offline","malware_download","doc|emotet|epoch2|Heodo","martinsebessi.com.br","186.202.153.76","27715","BR"
"2019-10-11 07:19:04","http://mecatronica.ifc-riodosul.edu.br/wp-content/uploads/2019/08/Rahunok.php","offline","malware_download","Gozi","mecatronica.ifc-riodosul.edu.br","187.45.240.103","27715","BR"
"2019-10-03 22:08:08","http://retenflex.com.br/wordpress/wp-includes/ID3/fonts/as.exe","offline","malware_download","exe","retenflex.com.br","191.252.141.236","27715","BR"
"2019-09-17 01:25:07","http://riobrasa.com.br/bn/lt/concetp2.zip","offline","malware_download","zip","riobrasa.com.br","186.202.153.12","27715","BR"
"2019-08-21 15:02:08","https://idogoiania.com.br/wp-content/uploads/2019/08/3antifreeze.rar","offline","malware_download","encoded|exe|task|Trickbot","idogoiania.com.br","191.252.83.204","27715","BR"
"2019-06-19 12:45:23","http://hotelpremier.com.br/imagens/j.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:21","http://hotelpremier.com.br/imagens/i.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:20","http://hotelpremier.com.br/imagens/h.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:18","http://hotelpremier.com.br/imagens/g.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:16","http://hotelpremier.com.br/imagens/f.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:14","http://hotelpremier.com.br/imagens/e.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:12","http://hotelpremier.com.br/imagens/d.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:10","http://hotelpremier.com.br/imagens/c.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:08","http://hotelpremier.com.br/imagens/b.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-19 12:45:07","http://hotelpremier.com.br/imagens/a.doc","offline","malware_download","","hotelpremier.com.br","191.252.51.35","27715","BR"
"2019-06-13 18:28:03","http://ricardonogueira.com/wp-content/uploads/2015/10/idx_config/obi.exe","offline","malware_download","exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 18:27:04","http://ricardonogueira.com/wp-content/uploads/2015/10/idx_config/solo.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 18:27:03","http://ricardonogueira.com/wp-content/uploads/2015/10/idx_config/ari.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 18:23:08","http://ricardonogueira.com/wp-content/uploads/2015/10/idx_config/whe4.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 18:23:07","http://ricardonogueira.com/wp-content/uploads/2015/10/idx_config/obi9.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 18:23:04","http://ricardonogueira.com/wp-content/uploads/2015/10/idx_config/mama.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:04:04","http://ricardonogueira.com/wp-content/uploads/2015/05/ww.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:04:04","http://ricardonogueira.com/wp-content/uploads/2015/05/wwe.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:04:03","http://ricardonogueira.com/wp-content/uploads/2015/05/whe.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:04:03","http://ricardonogueira.com/wp-content/uploads/2015/05/whe7.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:03:05","http://ricardonogueira.com/wp-content/uploads/2015/05/obi.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:03:04","http://ricardonogueira.com/wp-content/uploads/2015/05/mole.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:03:03","http://ricardonogueira.com/wp-content/uploads/2015/05/ari.exe","offline","malware_download","exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:03:02","http://ricardonogueira.com/wp-content/uploads/2015/05/ap.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-06-13 17:02:03","http://ricardonogueira.com/wp-content/uploads/2015/05/pted.exe","offline","malware_download","AgentTesla|exe","ricardonogueira.com","191.252.83.46","27715","BR"
"2019-05-30 21:44:05","http://tsukasa.com.br/wp-admin/ho0zr4a30c6r18nbbzb224_g9dupkacu-40594964493/","offline","malware_download","doc|emotet|epoch2|Heodo","tsukasa.com.br","187.45.195.140","27715","BR"
"2019-05-29 13:27:05","http://produtosangelica.com.br/novo/nfjb55u-saqw8c-gzori/","offline","malware_download","doc|emotet|epoch2|Heodo","produtosangelica.com.br","191.252.83.4","27715","BR"
"2019-05-28 08:44:04","http://mhlsistemas.com.br/00mhl/782u0-ncqy14-jqnb/","offline","malware_download","doc|emotet|epoch2|Heodo","mhlsistemas.com.br","186.202.157.79","27715","BR"
"2019-05-27 15:36:06","http://hennfort.com.br/install/INC/x500k2dhhhbwj3nce7_m2azj32-120971439204/","offline","malware_download","doc|emotet|epoch2|Heodo","hennfort.com.br","186.202.153.80","27715","BR"
"2019-05-26 17:43:02","http://softnew.com.br/nova_versao/sfmodial/Instala.EXE","offline","malware_download","exe","softnew.com.br","187.45.193.155","27715","BR"
"2019-05-26 16:10:32","http://www.softnew.com.br/softnew/SFTELMAR-SITE/Demo/Instala.EXE","offline","malware_download","exe","www.softnew.com.br","187.45.193.155","27715","BR"
"2019-05-26 16:02:03","http://www.softnew.com.br/Sfatalho.exe","offline","malware_download","exe","www.softnew.com.br","187.45.193.155","27715","BR"
"2019-05-26 16:01:33","http://www.softnew.com.br/nova_versao/sfmodial/Instala.EXE","offline","malware_download","exe","www.softnew.com.br","187.45.193.155","27715","BR"
"2019-05-26 11:22:33","http://softnew.com.br/Sfatalho.exe","offline","malware_download","exe","softnew.com.br","187.45.193.155","27715","BR"
"2019-05-20 12:22:09","http://kauzar.com.br/wp-admin/9naj-wg0geu-jvhkq/","offline","malware_download","doc|emotet|epoch2|Heodo","kauzar.com.br","186.202.153.36","27715","BR"
"2019-05-17 20:30:09","http://cantaros.com.br/cgi-bin/LLC/cyUKxsPapH/","offline","malware_download","doc|Emotet|epoch2|Heodo","cantaros.com.br","186.202.135.240","27715","BR"
"2019-05-16 23:53:07","http://blog.orbi-imoveis.com.br/kjbgta/acmreyaa40e_ps0whshh1b-198803276009/","offline","malware_download","doc|Emotet|epoch2|Heodo","blog.orbi-imoveis.com.br","191.252.122.215","27715","BR"
"2019-05-13 22:15:07","http://kndesign.com.br/alarme_files/DOC/CMaBzJzQQmzlagoVZdgFCEGHDaDZo/","offline","malware_download","doc|emotet|epoch2|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2019-05-09 11:09:05","http://vianna.edu.br/wp-content/uploads/2019/05/eze0c-l1mex-xiyal/","offline","malware_download","epoch2","vianna.edu.br","191.252.59.105","27715","BR"
"2019-05-08 21:37:15","http://gemabrasil.com/mcassab/lm/agq1s6z9rc_s81x7c5yo-90976268/","offline","malware_download","doc|emotet|epoch2","gemabrasil.com","186.202.135.240","27715","BR"
"2019-05-03 08:38:07","http://museubispodorosario.com/wp-includes/6r21947/","offline","malware_download","emotet|epoch1|exe|Heodo","museubispodorosario.com","186.202.153.85","27715","BR"
"2019-05-02 16:44:06","http://uberveiculos.com.br/wp-includes/6b2hgaij5nwk4jyksy7l_zftgygk-538562898836565/","offline","malware_download","Emotet|Heodo","uberveiculos.com.br","186.202.57.116","27715","BR"
"2019-04-26 16:50:04","http://espacobelmonte.com.br/wp-admin/nzyN-L0ye2rablkgfpHG_zFdGfevW-9h/","offline","malware_download","doc|emotet|epoch1","espacobelmonte.com.br","191.252.149.46","27715","BR"
"2019-04-26 14:51:04","http://pessoasdenegocios.com.br/img/Document/iRIbbwCi520/","offline","malware_download","Emotet|Heodo","pessoasdenegocios.com.br","187.45.195.34","27715","BR"
"2019-04-24 06:10:23","http://riskcare.com.br/view-report-invoice-00001951/j6ugg-p6zr5x-asypxg/","offline","malware_download","doc|emotet|epoch2","riskcare.com.br","186.202.153.24","27715","BR"
"2019-04-23 20:54:05","http://pessoasdenegocios.com.br/img/kHWn-AsIn9Tyk2CdFXX_topPGrCS-zAD/","offline","malware_download","doc|emotet|epoch1|Heodo","pessoasdenegocios.com.br","187.45.195.34","27715","BR"
"2019-04-23 12:33:10","http://espacobelmonte.com.br/wp-admin/jf92d9-79vp5-deyymak/","offline","malware_download","Emotet|Heodo","espacobelmonte.com.br","191.252.149.46","27715","BR"
"2019-04-22 16:17:08","http://nsrosamistica.com.br/doc/FILE/KmX00dZwwNi/","offline","malware_download","Emotet|Heodo","nsrosamistica.com.br","187.45.193.166","27715","BR"
"2019-04-21 01:10:20","http://191.252.191.65/kara.ntpd","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:10:16","http://191.252.191.65/kara.cron","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:10:06","http://191.252.191.65/kara.wget","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:09:24","http://191.252.191.65/kara.ftp","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:09:21","http://191.252.191.65/kara.tftp","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:09:17","http://191.252.191.65/kara.sh","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:09:12","http://191.252.191.65/kara.sshd","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:09:05","http://191.252.191.65/kara.bash","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:05:13","http://191.252.191.65/kara.apache2","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-21 01:05:10","http://191.252.191.65/kara.nut","offline","malware_download","bashlite|elf|gafgyt","191.252.191.65","191.252.191.65","27715","BR"
"2019-04-18 09:01:03","http://micromaxinformatica.com.br/wp-includes/CPkbo-DEtVOC5M5GzbUww_ejpLTRID-rJ/","offline","malware_download","doc|emotet|epoch1","micromaxinformatica.com.br","191.252.51.24","27715","BR"
"2019-04-17 19:47:05","http://mjwap.com.br/catalog/DOC/53PZyg51TH/","offline","malware_download","doc|emotet|epoch2","mjwap.com.br","187.45.240.67","27715","BR"
"2019-04-17 19:43:05","http://maodireita.com.br/files/oxlHw-vZpJ5JarmjWyzs_crSwbgzLm-xXc/","offline","malware_download","doc|emotet|epoch1","maodireita.com.br","186.202.157.79","27715","BR"
"2019-04-17 19:39:05","http://nsrosamistica.com.br/doc/ZEIp-MDjUzPSpe9IPb7_JycQluzrh-fUd/","offline","malware_download","doc|emotet|epoch1","nsrosamistica.com.br","187.45.193.166","27715","BR"
"2019-04-17 19:36:05","http://mensageirosdorei.com.br/SiteNovo/metsF-Jbh4yuvigapiLD_PHxitHOoS-90/","offline","malware_download","doc|emotet|epoch1","mensageirosdorei.com.br","191.252.83.226","27715","BR"
"2019-04-16 21:26:05","http://acosalpha.com.br/wp-content/CrAZk-0p2sw5v0xGiSL6y_BRmGfpDv-1tp/","offline","malware_download","doc|emotet|epoch1|Heodo","acosalpha.com.br","186.202.153.4","27715","BR"
"2019-04-16 21:22:05","http://acosalpha.com.br/wp-content/HVlrK-YjMMwFdMjflj551_sGpgChvNO-T0/","offline","malware_download","doc|emotet|epoch1|Heodo","acosalpha.com.br","186.202.153.4","27715","BR"
"2019-04-16 21:05:06","http://pibplanalto.com.br/gestao/plugins/thread.init/FXdL-BoeAM0Qd7ntZBKk_aPQChCfRf-ldz/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.10","27715","BR"
"2019-04-16 21:05:06","http://pibplanalto.com.br/gestao/plugins/thread.init/FXdL-BoeAM0Qd7ntZBKk_aPQChCfRf-ldz/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.11","27715","BR"
"2019-04-16 21:05:06","http://pibplanalto.com.br/gestao/plugins/thread.init/FXdL-BoeAM0Qd7ntZBKk_aPQChCfRf-ldz/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.9","27715","BR"
"2019-04-15 08:29:16","http://cliner.com.br/antigo/9uk8v1s-x46hg-xsrrjdr/","offline","malware_download","doc|emotet|epoch2|Heodo","cliner.com.br","191.252.46.14","27715","BR"
"2019-04-12 18:17:32","http://kndesign.com.br/images/JGcY-R3No9rnMk50xfkw_WKamZDTV-lG5/","offline","malware_download","doc|emotet|epoch1","kndesign.com.br","191.252.83.230","27715","BR"
"2019-04-12 09:22:05","http://acosalpha.com.br/wp-content/WmHlZ-oTWHyzEv3cFQsZZ_YhBljrqFL-cQ/","offline","malware_download","Emotet|Heodo","acosalpha.com.br","186.202.153.4","27715","BR"
"2019-04-11 17:52:09","http://gemabrasil.com/mcassab/Mqdz-QwuZNxvQgLRoOo_eSRzhaPG-TEQ/","offline","malware_download","Emotet|Heodo","gemabrasil.com","186.202.135.240","27715","BR"
"2019-04-11 16:41:15","http://cliner.com.br/antigo/2tmle2-x6mb8e-fwbyu/","offline","malware_download","Emotet|Heodo","cliner.com.br","191.252.46.14","27715","BR"
"2019-04-10 18:01:16","http://pibplanalto.com.br/gestao/plugins/thread.init/nnsP-WP6m7KAjZTqkI5_vehwfOAE-O7S/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.10","27715","BR"
"2019-04-10 18:01:16","http://pibplanalto.com.br/gestao/plugins/thread.init/nnsP-WP6m7KAjZTqkI5_vehwfOAE-O7S/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.11","27715","BR"
"2019-04-10 18:01:16","http://pibplanalto.com.br/gestao/plugins/thread.init/nnsP-WP6m7KAjZTqkI5_vehwfOAE-O7S/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.9","27715","BR"
"2019-04-09 16:42:25","http://acosalpha.com.br/wp-content/j423-307cn-dtkq/","offline","malware_download","Emotet|Heodo","acosalpha.com.br","186.202.153.4","27715","BR"
"2019-04-08 23:34:07","http://cliner.com.br/antigo/DLpE-MrsJENGul7O2TI6_hbqgoiQR-1g/","offline","malware_download","doc|emotet|epoch1|Heodo","cliner.com.br","191.252.46.14","27715","BR"
"2019-04-08 19:51:05","http://aftelecom.com.br/programas1/UlDqi-I7Q4VMdrQzVbBg_qjUhGzkB-Vr2/","offline","malware_download","doc|emotet|epoch1|Heodo","aftelecom.com.br","186.202.153.38","27715","BR"
"2019-04-08 19:00:06","http://tsukasa.com.br/wp-admin/elbd-MQPxsLp6ERbaaz_mnGnZLtB-MTI/","offline","malware_download","doc|emotet|epoch1|Heodo","tsukasa.com.br","187.45.195.140","27715","BR"
"2019-04-08 18:05:54","http://pibplanalto.com.br/gestao/plugins/thread.init/uiKo-xrb6AKFzFB29Swz_VZBUUviY-du9/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.10","27715","BR"
"2019-04-08 18:05:54","http://pibplanalto.com.br/gestao/plugins/thread.init/uiKo-xrb6AKFzFB29Swz_VZBUUviY-du9/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.11","27715","BR"
"2019-04-08 18:05:54","http://pibplanalto.com.br/gestao/plugins/thread.init/uiKo-xrb6AKFzFB29Swz_VZBUUviY-du9/","offline","malware_download","Emotet|Heodo","pibplanalto.com.br","191.252.37.9","27715","BR"
"2019-04-08 14:20:17","http://micromaxinformatica.com.br/bkp/auxE-gFmTISzoG0iOsB_lAqgbDUaI-pp/","offline","malware_download","doc|emotet|epoch2|Heodo","micromaxinformatica.com.br","191.252.51.24","27715","BR"
"2019-04-08 11:11:07","http://micromaxinformatica.com.br/bkp/lif6n0-3ak1k-jfrvvh/","offline","malware_download","Emotet|Heodo","micromaxinformatica.com.br","191.252.51.24","27715","BR"
"2019-04-06 06:44:16","http://microbs.com.br/logssite/DvAU-LmJxUOSUMRZ6Kuv_kYYqSSltF-kN/","offline","malware_download","Emotet|Heodo","microbs.com.br","186.202.153.146","27715","BR"
"2019-04-06 04:56:51","http://kndesign.com.br/images/AnlGE-TFU9VxnS5XxRhp_LvNSazQs-8n/","offline","malware_download","emotet|epoch1","kndesign.com.br","191.252.83.230","27715","BR"
"2019-04-06 01:46:26","http://maodireita.com.br/files/CnXP-2qeu9RLKiSBqH4f_AfLxOKiFO-W3u/","offline","malware_download","Emotet|Heodo","maodireita.com.br","186.202.157.79","27715","BR"
"2019-04-06 01:46:25","http://maodireita.com.br/files/QNddk-hC0EljBURgZhziE_relOntxry-GCW/","offline","malware_download","Emotet|Heodo","maodireita.com.br","186.202.157.79","27715","BR"
"2019-04-01 19:51:12","http://acosalpha.com.br/wp-content/sec.myaccount.docs.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","acosalpha.com.br","186.202.153.4","27715","BR"
"2019-03-29 21:02:04","http://sato7.com.br/nova/rCmak-Stn_aZwV-wY/","offline","malware_download","doc|emotet|epoch2|Heodo","sato7.com.br","177.153.51.219","27715","BR"
"2019-03-28 05:34:23","http://sinaldigital.com/SOFTSD/PLAYER/ARQUIVOS/031549990843210/vDLVy-sI_KqFGY-Oj/","offline","malware_download","Emotet|Heodo","sinaldigital.com","186.202.157.79","27715","BR"
"2019-03-27 21:35:54","http://sato7.com.br/nova/sec.myacc.docs.net/","offline","malware_download","doc|emotet|epoch1|Heodo","sato7.com.br","177.153.51.219","27715","BR"
"2019-03-27 09:10:07","http://malalai.com.br/site/kX_z/","offline","malware_download","emotet|epoch2|exe|Heodo|TrickBot","malalai.com.br","191.252.92.130","27715","BR"
"2019-03-26 23:51:04","http://andrezinhoinfo.com.br/sistemas/instala_emanager.exe","offline","malware_download","exe","andrezinhoinfo.com.br","186.202.157.79","27715","BR"
"2019-03-26 12:48:10","http://imageflex.com.br/loja/Imagens/Produtos/trust.myacc.resourses.net/","offline","malware_download","doc|emotet|epoch1|Heodo","imageflex.com.br","186.202.157.79","27715","BR"
"2019-03-25 22:14:03","http://191.252.102.167/wp-content/uploads/2017/12/UPS-US/Mar-26-19-12-51-06/","offline","malware_download","","191.252.102.167","191.252.102.167","27715","BR"
"2019-03-20 09:34:10","http://alarmline.com.br/artluz/produtos/sendincsec/support/sec/EN_en/03-2019/","online","malware_download","doc|emotet|heodo","alarmline.com.br","191.252.45.249","27715","BR"
"2019-03-20 05:08:18","http://velassantos.com.br/antigo/sendincverif/legal/ios/En/032019/","offline","malware_download","doc|emotet|epoch1|Heodo","velassantos.com.br","186.202.153.138","27715","BR"
"2019-03-18 19:11:05","http://opequenoprincipe.com/pdf_pages_lepetitprince/f0h5s-au2k1-lzcwh/","offline","malware_download","doc|emotet|epoch2|Heodo","opequenoprincipe.com","187.45.195.175","27715","BR"
"2019-03-16 00:36:04","http://simbratec.com.br/language/1bjq-zex3u-tgqt/","offline","malware_download","doc|emotet|epoch2|Heodo","simbratec.com.br","179.188.47.157","27715","BR"
"2019-03-15 22:50:06","http://puglicarlog.com.br/wp-content/aqlme-f08en9-byadqqc/","offline","malware_download","Emotet|Heodo","puglicarlog.com.br","187.45.195.139","27715","BR"
"2019-03-15 22:46:04","http://puglicarlog.com.br/wp-content/si0c3-sc1c5-iptdkwqne/","offline","malware_download","Emotet|Heodo","puglicarlog.com.br","187.45.195.139","27715","BR"
"2019-03-15 21:20:46","http://opequenoprincipe.com/pdf_pages_lepetitprince/fA/","offline","malware_download","emotet|epoch1|exe|Heodo","opequenoprincipe.com","187.45.195.175","27715","BR"
"2019-03-15 21:09:08","http://nsrosamistica.com.br/doc/ehh3-47vrn-rxumlpdkd/","offline","malware_download","Emotet|Heodo","nsrosamistica.com.br","187.45.193.166","27715","BR"
"2019-03-14 18:04:07","http://kndesign.com.br/css/gpji-gkxndz-ldzz/","offline","malware_download","Emotet|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2019-03-13 06:57:11","http://hpbio.com.br/logon/4b28-bals6-txsb/","offline","malware_download","Emotet|Heodo","hpbio.com.br","187.45.193.223","27715","BR"
"2019-03-12 19:38:32","http://fiscosaudepe.com.br/ftp/4mndj-dofp3u-ougnoyfjl/","offline","malware_download","Emotet|Heodo","fiscosaudepe.com.br","186.202.153.85","27715","BR"
"2019-03-12 18:51:10","http://fiscosaudepe.com.br/ftp/scan/Operations/ikmY-H4_P-t9h/","offline","malware_download","doc|emotet|epoch1|Heodo","fiscosaudepe.com.br","186.202.153.85","27715","BR"
"2019-03-12 09:12:21","http://carlafurtado.com.br/gerenciador/94fqg-2z70k1-atgmm.view/","offline","malware_download","doc|emotet|heodo","carlafurtado.com.br","187.45.240.110","27715","BR"
"2019-03-11 23:08:03","http://bonattiholding.com/SugarCRM/sv22f-f1f80-bocly.view/","offline","malware_download","emotet|epoch1|Heodo","bonattiholding.com","187.45.193.203","27715","BR"
"2019-03-11 20:40:04","http://dbtools.com.br/mailer/ezsvr-mqo7i-zgysfrmwr/","offline","malware_download","Emotet|Heodo","dbtools.com.br","187.45.193.140","27715","BR"
"2019-03-11 19:52:10","http://dbtools.com.br/mailer/0fnt-rqxt3-odxsjx/","offline","malware_download","Emotet|Heodo","dbtools.com.br","187.45.193.140","27715","BR"
"2019-03-11 19:22:30","http://ceramicasaosebastiao.com.br/dy5ui-afys3-ywrwccfik/0r6j-rqt0kc-vzudnzd/","offline","malware_download","Emotet|Heodo","ceramicasaosebastiao.com.br","186.202.153.76","27715","BR"
"2019-03-11 19:22:25","http://ceramicasaosebastiao.com.br/dy5ui-afys3-ywrwccfik/","offline","malware_download","Emotet|Heodo","ceramicasaosebastiao.com.br","186.202.153.76","27715","BR"
"2019-03-11 17:37:10","http://blog.clubedocapacete.com.br/wp-admin/2my9z-t8iwf-ckcey/","offline","malware_download","doc|emotet|epoch2|Heodo","blog.clubedocapacete.com.br","191.252.140.231","27715","BR"
"2019-03-08 17:43:16","http://albus.com.br/src/Ahg/","offline","malware_download","emotet|epoch1|exe|Heodo","albus.com.br","186.202.153.217","27715","BR"
"2019-03-07 20:30:04","http://alteman.com.br/wp-includes/5h723-8xxa8j-qlto.view/","offline","malware_download","Emotet|Heodo","alteman.com.br","186.202.153.151","27715","BR"
"2019-03-07 20:20:19","http://alteman.com.br/wp-includes/xkks-73pb1g-lukc.view/","offline","malware_download","Emotet|Heodo","alteman.com.br","186.202.153.151","27715","BR"
"2019-03-07 03:02:09","https://usiquimica.com.br/wp-content/y81zm-iksm8-jeynm.view/","offline","malware_download","doc|emotet|epoch2|Heodo","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-07 03:02:05","http://usiquimica.com.br/wp-content/y81zm-iksm8-jeynm.view/","offline","malware_download","doc|emotet|epoch2","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-06 20:44:23","https://usiquimica.com.br/wp-content/sendinc/support/ios/EN/201903/","offline","malware_download","doc|emotet|epoch1|Heodo","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-06 20:44:18","http://usiquimica.com.br/wp-content/sendinc/support/ios/EN/201903/","offline","malware_download","doc|emotet|epoch1","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-06 20:34:04","http://usiquimica.com.br/wp-content/y81zm-iksm8-jeynm.view//","offline","malware_download","","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-06 19:20:38","http://usiquimica.com.br/wp-content/sendincencrypt/legal/sec/En/201903/","offline","malware_download","emotet|epoch1","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-06 19:20:37","https://usiquimica.com.br/wp-content/sendincencrypt/legal/sec/En/201903/","offline","malware_download","emotet|epoch1|Heodo","usiquimica.com.br","177.153.54.179","27715","BR"
"2019-03-06 17:19:22","http://www.gruposolution.com/xflri3kf/ftax-2oluf4-rnvdc.view/","offline","malware_download","Emotet|Heodo","www.gruposolution.com","186.202.153.145","27715","BR"
"2019-03-06 16:43:05","http://oxfordusa1.tempsite.ws/wp-admin/l5b0-l6l94-vxbt.view/","offline","malware_download","Emotet|Heodo","oxfordusa1.tempsite.ws","186.202.153.75","27715","BR"
"2019-03-06 06:30:12","http://ipanemaseguros.com.br/ipanema/88ev2-g4h80-dlnzg.view/","offline","malware_download","","ipanemaseguros.com.br","186.202.153.54","27715","BR"
"2019-03-05 21:47:13","http://codedata.tempsite.ws/wp-admin/sendincverif/messages/sec/EN/032019/","offline","malware_download","emotet|epoch1|Heodo","codedata.tempsite.ws","186.202.153.122","27715","BR"
"2019-03-04 17:36:07","http://adver.com.br/admin/kegy9-vkn3d7-vjunj.view/","offline","malware_download","Emotet|Heodo","adver.com.br","191.252.45.226","27715","BR"
"2019-02-26 18:59:13","http://icebox.hospedagemdesites.ws/NFUvcViiv5/","offline","malware_download","emotet|epoch1|exe","icebox.hospedagemdesites.ws","186.202.153.48","27715","BR"
"2019-02-25 18:46:20","http://adunb.org.br/sendincsecure/service/verif/EN/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","adunb.org.br","186.202.157.79","27715","BR"
"2019-02-25 17:30:02","http://191.252.102.167/wp-content/uploads/sendincencrypt/legal/sec/en_EN/02-2019/","offline","malware_download","emotet|epoch1|Heodo","191.252.102.167","191.252.102.167","27715","BR"
"2019-02-22 17:57:51","http://pousadadodouro.com.br/flash_player.exe","offline","malware_download","Cybergate","pousadadodouro.com.br","186.202.157.79","27715","BR"
"2019-02-21 23:46:04","http://kndesign.com.br/EN_en/info/Invoice/QiRv-Cn_B-rwx/","offline","malware_download","Emotet|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2019-02-21 13:57:20","http://intranet.neointelligence.com.br/De/DKPSPKXEF2050205/de/Hilfestellung/","offline","malware_download","doc|emotet|epoch1|Heodo","intranet.neointelligence.com.br","186.202.157.79","27715","BR"
"2019-02-21 09:42:04","http://lubraperfis.com.br/Februar2019/BNHFDHJ3055032/Scan/Rechnungsanschrift/","offline","malware_download","Emotet|Heodo","lubraperfis.com.br","186.202.153.40","27715","BR"
"2019-02-21 03:59:57","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung)/","offline","malware_download","doc|emotet|epoch1","intranet.neointelligence.com.br","186.202.157.79","27715","BR"
"2019-02-20 20:51:03","http://laresperanca.com/En_us/xerox/Inv/OFOcG-hh_HuJZ-nH/","offline","malware_download","Emotet|Heodo","laresperanca.com","200.234.217.183","27715","BR"
"2019-02-20 07:06:02","http://achoteis.com.br/base.txt","offline","malware_download","base64","achoteis.com.br","187.45.241.211","27715","BR"
"2019-02-19 19:24:05","http://lubraperfis.com.br/PMSYGWLX5305438/de/Hilfestellung/","offline","malware_download","doc|emotet|epoch2|Heodo","lubraperfis.com.br","186.202.153.40","27715","BR"
"2019-02-19 12:40:00","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet|epoch1|Heodo","intranet.neointelligence.com.br","186.202.157.79","27715","BR"
"2019-02-16 03:41:07","http://aterrosanitarioouroverde.com.br/Amazon/Clients_transactions/2019-02/","offline","malware_download","doc|emotet|epoch1|Heodo","aterrosanitarioouroverde.com.br","191.252.83.5","27715","BR"
"2019-02-14 15:44:07","http://www.db4serv.com.br/Receipt_Notice/Mdqny-M4Q_Oa-LtJ/","offline","malware_download","emotet|epoch1|Heodo","www.db4serv.com.br","191.252.51.69","27715","BR"
"2019-02-14 13:35:07","http://uniquehiramatsu.com.br/Ref_operation/transaction/Receipts/ndvP-tXg_HPsOJsyT-eim/","offline","malware_download","doc|emotet|epoch1|Heodo","uniquehiramatsu.com.br","177.153.48.25","27715","BR"
"2019-02-13 20:50:21","http://lightboxweb.com.br/secure.myaccount.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","lightboxweb.com.br","177.153.208.162","27715","BR"
"2019-02-13 20:15:12","http://lubraperfis.com.br/En_us/company/New_invoice/NqJst-IOh_BURkbxF-oM/","offline","malware_download","Emotet|Heodo","lubraperfis.com.br","186.202.153.40","27715","BR"
"2019-02-13 14:22:45","http://monalisacabeleireiros.com.br/Telekom/Rechnung/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","monalisacabeleireiros.com.br","186.202.153.66","27715","BR"
"2019-02-13 14:22:37","http://kndesign.com.br/Telekom/Transaktion/012019/","offline","malware_download","Adware.Adload|doc|emotet|epoch1|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2019-02-13 09:27:40","http://aterrosanitarioouroverde.com.br/Telekom/Rechnungen/012019/","offline","malware_download","doc|Dyre|emotet|heodo","aterrosanitarioouroverde.com.br","191.252.83.5","27715","BR"
"2019-02-11 20:57:06","http://191.252.102.167/wp-content/uploads/sec.accs.send.biz/","offline","malware_download","emotet|Heodo","191.252.102.167","191.252.102.167","27715","BR"
"2019-02-08 23:22:11","http://kndesign.com.br/VKeN-rW_cDzV-iFv/","offline","malware_download","doc|emotet|epoch1|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2019-02-07 23:50:54","http://mahler.com.br/zMli_kd-YAeKN/EE/Documents/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","mahler.com.br","186.202.157.79","27715","BR"
"2019-02-07 15:45:04","http://muk.nu/US_us/download/Copy_Invoice/nKgSJ-gSPW4_NU-BW/","offline","malware_download","Emotet|Heodo","muk.nu","187.45.193.226","27715","BR"
"2019-02-07 12:01:07","http://www.peneirafc.com.br/skjK-nKx4_QyysT-DX/","offline","malware_download","Emotet|Heodo","www.peneirafc.com.br","186.202.135.240","27715","BR"
"2019-02-07 09:18:15","http://silvabrancoconstrutora.com.br/DE_de/FXXOLSYLAH1954873/de/Zahlung/","offline","malware_download","Emotet|Heodo","silvabrancoconstrutora.com.br","187.45.240.110","27715","BR"
"2019-02-06 23:52:21","http://madeireiraecologica.com.br/En_us/llc/New_invoice/Loay-tc_czqE-UIk/","offline","malware_download","doc|emotet|epoch2|Heodo","madeireiraecologica.com.br","186.202.153.55","27715","BR"
"2019-02-06 22:39:26","http://kndesign.com.br/ATT/DqPJkyGb_mwGXgWTTK_hwipq/","offline","malware_download","doc|emotet|epoch1|Heodo","kndesign.com.br","191.252.83.230","27715","BR"
"2019-02-05 13:44:30","http://agenciacoruja.com/xerox/Copy_Invoice/vyWK-yCWya_reA-fbf/","offline","malware_download","emotet|epoch2|Heodo","agenciacoruja.com","186.202.153.158","27715","BR"
"2019-01-29 13:54:18","http://mahler.com.br/yDnJ_fK-DSiNB/ss/Clients_transactions/012019/","offline","malware_download","doc|emotet|epoch1|Heodo","mahler.com.br","186.202.157.79","27715","BR"
"2019-01-28 15:50:10","http://www.vkn.net.br/weQaoFpWl/","offline","malware_download","emotet|epoch2|exe|Heodo","www.vkn.net.br","186.202.153.99","27715","BR"
"2019-01-24 11:32:06","http://p4man.com.br/Rechnungen/01_19/","online","malware_download","emotet|epoch1|Heodo","p4man.com.br","186.202.153.93","27715","BR"
"2019-01-23 14:25:07","http://ipspac.org.br/Payment_details/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","ipspac.org.br","186.202.157.79","27715","BR"
"2019-01-22 19:31:09","http://souzabianco.com.br/Details/012019/","offline","malware_download","emotet|epoch1|Heodo","souzabianco.com.br","191.252.81.149","27715","BR"
"2019-01-17 03:22:54","http://ferramentasubra.com.br/LTBiV-JzNNu_xHtPo-kC/INVOICE/US/Invoice-for-a/t-01/17/2019/","offline","malware_download","emotet|epoch2|Heodo","ferramentasubra.com.br","186.202.157.79","27715","BR"
"2019-01-16 23:20:34","http://digen.com.br/Amazon/Clients_Messages/012019/","offline","malware_download","emotet|epoch1|Heodo","digen.com.br","186.202.157.79","27715","BR"
"2019-01-16 19:22:09","http://www.ganache.com.br/cArwR-cZUml_RB-olM/ACH/PaymentAdvice/US_us/Companies-Invoice-7507672/","offline","malware_download","emotet|epoch2|Heodo","www.ganache.com.br","186.202.153.123","27715","BR"
"2018-12-20 20:42:12","http://www.cesut.com/KjbBy-i0_CwNeIhJT-io/Invoice/0733771/En_us/Invoice-receipt/","offline","malware_download","doc|emotet|heodo","www.cesut.com","191.252.4.67","27715","BR"
"2018-12-20 07:45:12","http://casanarducci.com.br/Amazon/Documents/12_18/","offline","malware_download","emotet|epoch1|Heodo","casanarducci.com.br","191.252.51.32","27715","BR"
"2018-12-19 00:41:47","http://www.casanarducci.com.br/Amazon/Documents/12_18/","offline","malware_download","doc|emotet|epoch1|Heodo","www.casanarducci.com.br","191.252.51.32","27715","BR"
"2018-12-19 00:28:40","http://cesut.com/images/QtjZ-wwb1Jd2QiHCQrjr_taZmGcblD-eM/SS043/invoicing/FILE/US_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet|epoch2|Heodo","cesut.com","191.252.4.67","27715","BR"
"2018-12-19 00:23:06","http://sinopnet.com.br/FYHv-FAhJjW9X_EtywEK-z9u/Invoice/132187675/Document/US/7-Past-Due-Invoices/","offline","malware_download","emotet|epoch2|Heodo","sinopnet.com.br","186.202.183.22","27715","BR"
"2018-12-18 23:49:13","http://plcopen.com.br/nzCIo-FdP37pSyGO8fte_udwJPyhVL-ooh/","offline","malware_download","emotet|epoch1|Heodo","plcopen.com.br","186.202.135.240","27715","BR"
"2018-12-18 21:50:33","http://sindsef-ro.org.br/Amazon/En_us/Clients/12_18","offline","malware_download","doc","sindsef-ro.org.br","186.202.153.228","27715","BR"
"2018-12-18 16:59:48","http://www.sindsef-ro.org.br/Amazon/En_us/Clients/12_18/","offline","malware_download","emotet|epoch1|Heodo","www.sindsef-ro.org.br","186.202.153.228","27715","BR"
"2018-12-18 13:51:17","http://www.cesut.com/images/QtjZ-wwb1Jd2QiHCQrjr_taZmGcblD-eM/SS043/invoicing/FILE/US_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","doc|emotet|heodo","www.cesut.com","191.252.4.67","27715","BR"
"2018-12-14 16:24:52","http://www.ldxquimica.com.br/KPHa-5mBs6E89ijjzCB_mBvftWvR-rG/","offline","malware_download","emotet|epoch1|Heodo","www.ldxquimica.com.br","191.252.132.112","27715","BR"
"2018-12-14 12:23:06","http://wazzah.com.br/8sXLyJa4NZMccI6/de/Service-Center/","offline","malware_download","emotet|epoch2|Heodo","wazzah.com.br","187.45.193.210","27715","BR"
"2018-12-13 20:23:58","http://ccilogistica.com.br/Southwire/910459143107617649/LLC/US/Summit-Companies-Invoice-33396595/","online","malware_download","emotet|epoch2|Heodo","ccilogistica.com.br","187.45.195.62","27715","BR"
"2018-12-13 16:02:50","http://draanaalice.com.br/US/Clients_transactions/12_18/","offline","malware_download","emotet|epoch1|Heodo","draanaalice.com.br","191.252.130.104","27715","BR"
"2018-12-13 05:01:54","http://www.ludere.com.br/Invoice/12425311/Download/En_us/Outstanding-Invoices/","offline","malware_download","doc|emotet|epoch2","www.ludere.com.br","186.202.153.226","27715","BR"
"2018-12-12 19:15:44","http://sato7.com.br/873150038392/invoicing/INFO/US/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet|epoch2|Heodo","sato7.com.br","177.153.51.219","27715","BR"
"2018-12-11 18:35:12","http://wazzah.com.br/Telekom/Rechnungen/112018/","offline","malware_download","doc|emotet|Heodo","wazzah.com.br","187.45.193.210","27715","BR"
"2018-12-11 13:05:06","http://wazzah.com.br/doc/En_us/Sales-Invoice","offline","malware_download","doc","wazzah.com.br","187.45.193.210","27715","BR"
"2018-12-11 08:00:04","http://wazzah.com.br/Telekom/Rechnungen/112018","offline","malware_download","emotet|epoch1","wazzah.com.br","187.45.193.210","27715","BR"
"2018-12-10 20:24:04","http://verdandiseguros.com.br/IRS/IRS.gov/Wage-and-Income-Transcript/December-06-2018/","offline","malware_download","Emotet|Heodo","verdandiseguros.com.br","186.202.157.79","27715","BR"
"2018-12-10 18:08:06","http://sato7.com.br/ACH/PaymentInfo/LLC/US_us/Invoices-attached/","offline","malware_download","doc|emotet|Heodo","sato7.com.br","177.153.51.219","27715","BR"
"2018-12-10 17:34:55","http://sato7.com.br/ACH/PaymentInfo/LLC/US_us/Invoices-attached","offline","malware_download","emotet|epoch2","sato7.com.br","177.153.51.219","27715","BR"
"2018-12-07 23:45:19","http://sato7.com.br/EN_US/ACH/2018-12","offline","malware_download","emotet|epoch1","sato7.com.br","177.153.51.219","27715","BR"
"2018-12-07 11:45:33","http://zippe.com.br/IRS/Internal-Revenue-Service/Tax-Account-Transcript/December-06-2018","offline","malware_download","emotet|epoch2|Heodo","zippe.com.br","186.202.135.240","27715","BR"
"2018-12-07 03:34:10","http://brazmogu.com.br/EN_US/Information/12_18","offline","malware_download","doc|emotet|epoch1","brazmogu.com.br","191.252.83.193","27715","BR"
"2018-12-07 02:58:31","http://tacoar.com.br/IRS/IRS.gov/Verification-of-Non-filing-Letter/December-06-2018/","offline","malware_download","doc|emotet|epoch2|Heodo","tacoar.com.br","187.45.193.169","27715","BR"
"2018-12-07 00:40:12","http://brazmogu.com.br/EN_US/Information/12_18/","offline","malware_download","doc|Heodo","brazmogu.com.br","191.252.83.193","27715","BR"
"2018-12-06 22:15:05","http://rcbengenharia.com.br/US/Transactions-details/122018/","offline","malware_download","doc|Heodo","rcbengenharia.com.br","186.202.153.205","27715","BR"
"2018-12-06 21:41:06","http://tacoar.com.br/IRS/IRS.gov/Verification-of-Non-filing-Letter/December-06-2018","offline","malware_download","emotet|epoch2|Heodo","tacoar.com.br","187.45.193.169","27715","BR"
"2018-12-06 21:23:21","http://rcbengenharia.com.br/US/Transactions-details/122018","offline","malware_download","emotet|epoch1|Heodo","rcbengenharia.com.br","186.202.153.205","27715","BR"
"2018-12-06 01:35:42","http://sato7.com.br/EN_US/Clients/2018-12/","offline","malware_download","doc|emotet|epoch1|Heodo","sato7.com.br","177.153.51.219","27715","BR"
"2018-12-05 23:43:15","http://sato7.com.br/EN_US/Clients/2018-12","offline","malware_download","emotet|epoch1|Heodo","sato7.com.br","177.153.51.219","27715","BR"
"2018-12-05 19:44:04","http://qd1.com.br/US/Documents/2018-12","offline","malware_download","emotet|epoch1|Heodo","qd1.com.br","177.153.208.50","27715","BR"
"2018-12-05 19:42:05","http://qd1.com.br/US/Documents/2018-12/","offline","malware_download","doc|Heodo","qd1.com.br","177.153.208.50","27715","BR"
"2018-12-01 01:27:43","http://colegiosantanna.com.br/756045DVIUPI/WIRE/Commercial/","offline","malware_download","doc|emotet|epoch2","colegiosantanna.com.br","179.188.52.100","27715","BR"
"2018-11-30 18:49:05","http://wazzah.com.br/files/EN_en/Open-Past-Due-Orders","offline","malware_download","emotet|epoch2","wazzah.com.br","187.45.193.210","27715","BR"
"2018-11-30 15:28:53","http://wazzah.com.br/files/EN_en/Open-Past-Due-Orders/","offline","malware_download","emotet|Heodo|Word doc","wazzah.com.br","187.45.193.210","27715","BR"
"2018-11-30 11:44:20","http://xplorar.com.br/VP4vdxIq/","offline","malware_download","Emotet|exe|Heodo","xplorar.com.br","186.202.135.240","27715","BR"
"2018-11-30 11:40:36","http://qd1.com.br/En/Clients_CM_Coupons","offline","malware_download","doc|emotet|Heodo","qd1.com.br","177.153.208.50","27715","BR"
"2018-11-30 11:33:27","http://colegiosantanna.com.br/756045DVIUPI/WIRE/Commercial","offline","malware_download","doc|Heodo","colegiosantanna.com.br","179.188.52.100","27715","BR"
"2018-11-30 08:57:57","http://xplorar.com.br/VP4vdxIq","offline","malware_download","emotet|exe|heodo","xplorar.com.br","186.202.135.240","27715","BR"
"2018-11-30 00:02:08","http://letraeimagem.com.br/zmDH","offline","malware_download","emotet|epoch2|exe|Heodo","letraeimagem.com.br","187.45.193.204","27715","BR"
"2018-11-29 21:33:04","http://xadrezgigante.com.br/EN/CM2018/","offline","malware_download","doc|Heodo","xadrezgigante.com.br","186.202.153.18","27715","BR"
"2018-11-29 20:13:04","http://xadrezgigante.com.br/EN/CM2018","offline","malware_download","emotet|epoch1|Heodo","xadrezgigante.com.br","186.202.153.18","27715","BR"
"2018-11-29 14:38:39","http://rebobine.com.br/Download/US_us/Service-Report-88539","offline","malware_download","emotet|epoch2|Heodo","rebobine.com.br","191.252.51.206","27715","BR"
"2018-11-29 01:25:15","http://ceatnet.com.br/0I/ACH/Personal/","offline","malware_download","doc|emotet|epoch2|Heodo","ceatnet.com.br","187.45.195.136","27715","BR"
"2018-11-29 00:59:05","http://digamaria.com.br/En/Clients_Coupons/","offline","malware_download","doc|emotet|epoch1","digamaria.com.br","186.202.157.79","27715","BR"
"2018-11-28 18:09:39","http://ceatnet.com.br/0I/ACH/Personal","offline","malware_download","doc|emotet|heodo","ceatnet.com.br","187.45.195.136","27715","BR"
"2018-11-28 18:05:11","http://colegiosantanna.com.br/037EYDNEKX/SEP/US","offline","malware_download","doc|emotet|heodo","colegiosantanna.com.br","179.188.52.100","27715","BR"
"2018-11-28 14:22:15","http://digamaria.com.br/En/Clients_Coupons","offline","malware_download","emotet|epoch1|Heodo","digamaria.com.br","186.202.157.79","27715","BR"
"2018-11-26 15:43:55","http://malupieng.com.br/73321ALNWYY/PAYROLL/Business/","online","malware_download","doc|emotet|epoch2|Heodo","malupieng.com.br","187.45.195.185","27715","BR"
"2018-11-26 12:32:08","http://gvasconcelosconsultoria.com.br/doc/de/RECH/Zahlung-bequem-per-Rechnung-QM-79-27875","offline","malware_download","doc|emotet|heodo","gvasconcelosconsultoria.com.br","191.252.51.55","27715","BR"
"2018-11-26 09:58:17","http://malupieng.com.br/73321ALNWYY/PAYROLL/Business","offline","malware_download","doc|emotet|Heodo","malupieng.com.br","187.45.195.185","27715","BR"
"2018-11-23 21:17:08","http://blog.doutorresolve.com.br/EN_US/BlackFriday2018/","offline","malware_download","doc|emotet|epoch1|Heodo","blog.doutorresolve.com.br","191.252.64.55","27715","BR"
"2018-11-23 21:17:06","http://blog.doutorresolve.com.br/EN_US/BlackFriday2018","offline","malware_download","doc|emotet|epoch1|Heodo","blog.doutorresolve.com.br","191.252.64.55","27715","BR"
"2018-11-19 20:03:32","http://www.eccor.com.br/US/Clients/092018/","offline","malware_download","emotet|heodo","www.eccor.com.br","187.45.195.185","27715","BR"
"2018-11-19 20:01:54","http://tvacaradabahia.com.br/scan/En_us/Open-invoices/","offline","malware_download","emotet|heodo","tvacaradabahia.com.br","187.45.240.3","27715","BR"
"2018-11-19 19:58:26","http://sp3.com.br/LLC/EQFY547003744IJDR/15992133/GOS-RVL/","offline","malware_download","emotet|heodo","sp3.com.br","191.252.51.23","27715","BR"
"2018-11-19 19:55:58","http://perfilpesquisas.com.br/DOC/En/Invoice-0086009/","offline","malware_download","emotet|heodo","perfilpesquisas.com.br","186.202.59.82","27715","BR"
"2018-11-19 19:55:38","http://optiart.com.br/default/EN_en/Invoices-attached/","offline","malware_download","emotet|heodo","optiart.com.br","189.126.105.210","27715","BR"
"2018-11-19 19:55:15","http://nk2.com.br/9GRBUXIYD/PAYMENT/Personal/","offline","malware_download","emotet|heodo","nk2.com.br","187.45.240.34","27715","BR"
"2018-11-19 19:45:25","http://czartransporte.com.br/7614GJ/com/US/","offline","malware_download","emotet|heodo","czartransporte.com.br","187.45.195.15","27715","BR"
"2018-11-16 02:04:24","http://blog.doutorresolve.com.br/070FIQPZCAF/identity/Commercial/","offline","malware_download","doc|emotet|epoch2","blog.doutorresolve.com.br","191.252.64.55","27715","BR"
"2018-11-16 00:16:13","http://kammello.com.br/US/Clients_Messages/112018/","offline","malware_download","doc|emotet|epoch1|Heodo","kammello.com.br","186.202.153.141","27715","BR"
"2018-11-15 17:32:13","http://blog.doutorresolve.com.br/070FIQPZCAF/identity/Commercial","offline","malware_download","doc|emotet|heodo","blog.doutorresolve.com.br","191.252.64.55","27715","BR"
"2018-11-15 08:18:20","http://kammello.com.br/US/Clients_Messages/112018","offline","malware_download","emotet|Heodo","kammello.com.br","186.202.153.141","27715","BR"
"2018-11-13 22:35:11","http://assisdornelesadvogados.com.br/INFO/En/Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","assisdornelesadvogados.com.br","191.252.132.43","27715","BR"
"2018-11-13 20:12:25","http://assisdornelesadvogados.com.br/INFO/En/Past-Due-Invoices","offline","malware_download","emotet|Heodo","assisdornelesadvogados.com.br","191.252.132.43","27715","BR"
"2018-11-09 20:50:48","http://seadi2.hospedagemdesites.ws/Document/En_us/186-11-789737-486-186-11-789737-929/","offline","malware_download","doc|emotet|epoch2","seadi2.hospedagemdesites.ws","191.252.51.208","27715","BR"
"2018-11-09 16:01:07","http://seadi2.hospedagemdesites.ws/Document/En_us/186-11-789737-486-186-11-789737-929","offline","malware_download","doc|emotet|Heodo","seadi2.hospedagemdesites.ws","191.252.51.208","27715","BR"
"2018-11-09 13:21:11","http://seadi2.hospedagemdesites.ws/Document/En_us/186-11-789737-486-186-11-789737-929)","offline","malware_download","doc|emotet|Heodo","seadi2.hospedagemdesites.ws","191.252.51.208","27715","BR"
"2018-11-09 06:24:41","http://modernizar.com.br/062OFLNJWG/PAY/Commercial/","offline","malware_download","","modernizar.com.br","191.252.123.239","27715","BR"
"2018-11-09 00:21:05","http://bimonti.com.br/US/Clients/2018-11/","offline","malware_download","doc|emotet|epoch1","bimonti.com.br","186.202.153.53","27715","BR"
"2018-11-08 16:00:04","http://www.modernizar.com.br/062OFLNJWG/PAY/Commercial/","offline","malware_download","doc|Heodo","www.modernizar.com.br","191.252.123.239","27715","BR"
"2018-11-08 14:42:46","http://www.modernizar.com.br/062OFLNJWG/PAY/Commercial","offline","malware_download","doc|emotet|heodo","www.modernizar.com.br","191.252.123.239","27715","BR"
"2018-11-08 14:36:45","http://bimonti.com.br/US/Clients/2018-11","offline","malware_download","doc|emotet|heodo","bimonti.com.br","186.202.153.53","27715","BR"
"2018-10-08 15:47:38","http://sp3.com.br/DOC/OJJG18440748079AVKPG/Aug-03-2018-597474456/FIC-YFAFC","offline","malware_download","doc|emotet","sp3.com.br","191.252.51.23","27715","BR"
"2018-10-08 06:28:29","http://nk2.com.br/9GRBUXIYD/PAYMENT/Personal","offline","malware_download","doc|emotet|heodo","nk2.com.br","187.45.240.34","27715","BR"
"2018-10-06 07:28:20","http://iabrj.org.br/8902775T/oamo/Smallbusiness/","offline","malware_download","doc|emotet|heodo","iabrj.org.br","187.45.193.174","27715","BR"
"2018-10-04 22:12:09","http://hsja.com.br/EN_US/Documents/102018","offline","malware_download","doc|emotet|Heodo","hsja.com.br","187.45.195.134","27715","BR"
"2018-10-04 17:41:16","http://www.hsja.com.br/EN_US/Documents/102018","offline","malware_download","doc|emotet|Heodo","www.hsja.com.br","187.45.195.134","27715","BR"
"2018-10-04 08:50:49","http://www.charrua.agr.br/040Z/PAYROLL/Personal","offline","malware_download","doc|emotet|heodo","www.charrua.agr.br","187.45.195.132","27715","BR"
"2018-10-04 08:46:43","http://parametros.com.br/8523092GQXNIB/BIZ/Smallbusiness","offline","malware_download","doc|emotet|heodo","parametros.com.br","186.202.153.129","27715","BR"
"2018-10-04 08:46:37","http://www.iabrj.org.br/8902775T/oamo/Smallbusiness","offline","malware_download","doc|emotet|heodo","www.iabrj.org.br","187.45.193.174","27715","BR"
"2018-10-04 08:46:11","http://www.lifefisio.com.br/9159669EDVOE/PAY/Personal","offline","malware_download","doc|emotet|heodo","www.lifefisio.com.br","187.45.193.170","27715","BR"
"2018-10-04 08:45:07","http://pontoduplo.com.br/default/En/Open-invoices","offline","malware_download","doc|emotet|heodo","pontoduplo.com.br","179.188.11.240","27715","BR"
"2018-10-03 04:53:31","http://newlinealarmes.com.br/EN_US/Attachments/10_18","offline","malware_download","doc|emotet|heodo","newlinealarmes.com.br","187.45.193.223","27715","BR"
"2018-10-02 14:01:06","http://www.expressarsetelagoas.com.br/8tr1wP/","offline","malware_download","Emotet|exe|Heodo","www.expressarsetelagoas.com.br","191.252.130.106","27715","BR"
"2018-10-01 22:03:47","http://strom.com.br/6ZQYVFHP/PAYROLL/Business","offline","malware_download","doc|emotet|Heodo","strom.com.br","191.252.51.36","27715","BR"
"2018-10-01 14:41:06","http://www.eccor.com.br/US/Clients/092018","offline","malware_download","doc|emotet|Heodo","www.eccor.com.br","187.45.195.185","27715","BR"
"2018-10-01 12:26:31","http://www.expressarsetelagoas.com.br/8tr1wP","offline","malware_download","emotet|exe|Heodo","www.expressarsetelagoas.com.br","191.252.130.106","27715","BR"
"2018-09-28 22:17:19","http://www.blog.pitangawear.com.br/Cy0mcje4f","offline","malware_download","emotet|exe|Heodo","www.blog.pitangawear.com.br","201.76.51.228","27715","BR"
"2018-09-28 09:14:30","http://www.modernizar.com.br/US/Documents/092018","offline","malware_download","doc|emotet|Heodo","www.modernizar.com.br","191.252.123.239","27715","BR"
"2018-09-28 09:14:18","http://tvacaradabahia.com.br/scan/En_us/Open-invoices","offline","malware_download","doc|emotet|Heodo","tvacaradabahia.com.br","187.45.240.3","27715","BR"
"2018-09-27 23:08:19","http://philomenabar.com.br/OJkcv","offline","malware_download","emotet|exe|Heodo","philomenabar.com.br","187.45.193.209","27715","BR"
"2018-09-25 21:03:18","http://rallysafra.com/wp-content/plugins/googleanalytics/3","offline","malware_download","","rallysafra.com","201.76.51.228","27715","BR"
"2018-09-25 21:02:54","http://rallysafra.com/wp-content/plugins/googleanalytics/2","offline","malware_download","","rallysafra.com","201.76.51.228","27715","BR"
"2018-09-25 21:02:36","http://rallysafra.com/wp-content/plugins/googleanalytics/1","offline","malware_download","","rallysafra.com","201.76.51.228","27715","BR"
"2018-09-24 13:33:09","http://czartransporte.com.br/7614GJ/com/US","offline","malware_download","doc|emotet|Heodo","czartransporte.com.br","187.45.195.15","27715","BR"
"2018-09-24 05:45:11","http://cuidartododia.com.br/293ISFIEBQH/SEP/Personal/","offline","malware_download","doc|Emotet|Heodo","cuidartododia.com.br","187.45.240.63","27715","BR"
"2018-09-24 04:51:45","http://cuidartododia.com.br/293ISFIEBQH/SEP/Personal","offline","malware_download","doc|emotet|Heodo","cuidartododia.com.br","187.45.240.63","27715","BR"
"2018-09-19 04:28:12","http://jpcaudio.com.br/INFO/En/4-Past-Due-Invoices","offline","malware_download","doc|emotet|epoch2|Heodo","jpcaudio.com.br","187.45.193.219","27715","BR"
"2018-09-19 04:26:17","http://f3distribuicao.com.br/LLC/US/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","doc|emotet|epoch2","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-09-18 06:21:20","http://f3distribuicao.com.br/LLC/US/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","doc|emotet|heodo","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-09-17 09:11:22","http://optiart.com.br/BpR2a7AlgA","offline","malware_download","emotet|exe|Heodo","optiart.com.br","189.126.105.210","27715","BR"
"2018-09-15 13:15:49","http://medcomerce.com.br/525UEEK/SWIFT/Smallbusiness","offline","malware_download","doc|emotet|heodo","medcomerce.com.br","186.202.157.79","27715","BR"
"2018-09-13 07:27:34","http://fabriciomarcondes.com.br/NR.223331243110926307297.php","offline","malware_download","DEU|Nymaim|zipped-MZ","fabriciomarcondes.com.br","191.252.132.43","27715","BR"
"2018-09-06 17:56:22","http://f3distribuicao.com.br/64","offline","malware_download","emotet|exe|Heodo","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-09-06 01:59:45","http://f3distribuicao.com.br/Invoice-09-18/","offline","malware_download","doc|emotet|epoch1|Heodo","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-09-04 14:27:46","http://f3distribuicao.com.br/Invoice-09-18","offline","malware_download","doc|emotet|Heodo","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-08-30 06:37:52","http://perfilpesquisas.com.br/DOC/En/Invoice-0086009","offline","malware_download","doc|emotet|epoch2","perfilpesquisas.com.br","186.202.59.82","27715","BR"
"2018-08-30 06:35:21","http://cref19.org.br/4079904H/WIRE/US/","offline","malware_download","doc|emotet|epoch2","cref19.org.br","179.188.23.85","27715","BR"
"2018-08-29 15:26:51","http://f3distribuicao.com.br/Download/US/Invoice-receipt","offline","malware_download","doc|emotet|Heodo","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-08-29 14:39:22","http://f3distribuicao.com.br/Download/US/Invoice-receipt/","offline","malware_download","doc|Emotet|Heodo","f3distribuicao.com.br","191.252.137.77","27715","BR"
"2018-08-29 09:12:16","http://perfilpesquisas.com.br/8oKnqiidQy/","offline","malware_download","exe|Heodo","perfilpesquisas.com.br","186.202.59.82","27715","BR"
"2018-08-29 05:16:00","http://cref19.org.br/4079904H/WIRE/US","offline","malware_download","doc|emotet|epoch2|Heodo","cref19.org.br","179.188.23.85","27715","BR"
"2018-08-27 15:57:10","http://perfilpesquisas.com.br/8oKnqiidQy","offline","malware_download","emotet|epoch1|exe|Heodo","perfilpesquisas.com.br","186.202.59.82","27715","BR"
"2018-08-24 10:19:31","http://imprep.org/peru/newsletter/US_us/Open-invoices","offline","malware_download","doc|emotet|heodo","imprep.org","186.202.153.34","27715","BR"
"2018-08-18 04:49:32","http://ftflogistica.com.br/Wellsfargo/Business/Aug-15-2018/","offline","malware_download","doc","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-17 18:54:16","http://ftflogistica.com.br/Wellsfargo/Business/Aug-15-2018","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-16 08:24:12","http://191.252.201.120/uiosdfoiusdffs/lg1msizbff.zip","offline","malware_download","banker|bxor0x91|exe|zip","191.252.201.120","191.252.201.120","27715","BR"
"2018-08-16 08:24:05","http://191.252.201.120/uiosdfoiusdffs/NqN5X.php?jDKI=j7jS3vQ46CgJ2VUBuxFWbgfmJ2WSFHeZhbvVUhlbcOddNfcTQ","offline","malware_download","downloader|ps","191.252.201.120","191.252.201.120","27715","BR"
"2018-08-15 04:23:08","http://ajaelias.com.br/doc/US_us/OVERDUE-ACCOUNT/Invoice-020691/","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","177.153.208.30","27715","BR"
"2018-08-15 02:34:35","http://skubspereira.com.br/Aug2018/US/Open-invoices/Past-Due-invoice/","offline","malware_download","doc|emotet|Heodo","skubspereira.com.br","186.202.153.173","27715","BR"
"2018-08-15 02:34:26","http://sinavia.com/WellsFargo/Commercial/Aug-13-2018/","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR"
"2018-08-15 02:29:29","http://casulotecidos.com.br/WellsFargo/Smallbusiness/Aug-13-2018/","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR"
"2018-08-14 20:18:33","http://ajaelias.com.br/doc/US_us/OVERDUE-ACCOUNT/Invoice-020691","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","177.153.208.30","27715","BR"
"2018-08-14 20:16:31","http://skubspereira.com.br/Aug2018/US/Open-invoices/Past-Due-invoice","offline","malware_download","doc|emotet|Heodo","skubspereira.com.br","186.202.153.173","27715","BR"
"2018-08-14 08:01:14","http://casulotecidos.com.br/WellsFargo/Smallbusiness/Aug-13-2018","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR"
"2018-08-14 08:01:07","http://sinavia.com/WellsFargo/Commercial/Aug-13-2018","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR"
"2018-08-14 04:29:02","http://sinavia.com/5TWWDOC/VMV86483751DJQ/Aug-09-2018-256475/READ-TOCX-Aug-09-2018/","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR"
"2018-08-14 04:28:07","http://quebrangulo.al.gov.br/25HDOC/RWOA604638UC/44473478018/RG-ZNVKG/","offline","malware_download","doc|emotet","quebrangulo.al.gov.br","179.188.12.48","27715","BR"
"2018-08-14 04:22:56","http://ftflogistica.com.br/doc/EN_en/Invoice/ACCOUNT50682788/","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-14 04:21:01","http://casulotecidos.com.br/2TNWPAYMENT/RWO41379704995FSO/0671153094/GFG-NJHUP-Aug-10-2018/","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR"
"2018-08-14 04:18:33","http://ajaelias.com.br/5QRFILE/GYD35103839192LBQ/Aug-08-2018-6412271/PT-VYCZO-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","177.153.208.30","27715","BR"
"2018-08-13 22:22:37","http://www.sindquimsuzano.com.br/doc/En_us/INVOICES/INV87898981571/","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR"
"2018-08-13 22:22:35","http://www.sindquimsuzano.com.br/default/EN_en/OVERDUE-ACCOUNT/Invoice-08-13-18/","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR"
"2018-08-13 22:13:52","http://ftflogistica.com.br/sites/En/Open-invoices/Invoice-732806/","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-13 22:11:20","http://celestemodas.com.br/7JWKDownload/VP33800210738ORQBI/7553573/CZF-SQBI-Aug-10-2018/","offline","malware_download","doc|emotet|Heodo","celestemodas.com.br","186.202.153.197","27715","BR"
"2018-08-13 22:11:12","http://casulotecidos.com.br/68XCARD/ONYJ81715765VLSGZG/07924528/MVKU-QDU-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR"
"2018-08-13 22:11:10","http://casulotecidos.com.br/2TNWPAYMENT/RWO41379704995FSO/0671153094/GFG-NJHUP-Aug-10-2018","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR"
"2018-08-13 19:31:54","http://ftflogistica.com.br/doc/EN_en/Invoice/ACCOUNT50682788","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-13 19:31:45","http://www.sindquimsuzano.com.br/default/EN_en/OVERDUE-ACCOUNT/Invoice-08-13-18","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR"
"2018-08-10 12:26:35","http://ftflogistica.com.br/sites/En/Open-invoices/Invoice-732806","offline","malware_download","doc|emotet|Heodo","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-10 09:45:36","http://celestemodas.com.br/7JWKDownload/VP33800210738ORQBI/7553573/CZF-SQBI-Aug-10-2018","offline","malware_download","doc|emotet|Heodo","celestemodas.com.br","186.202.153.197","27715","BR"
"2018-08-10 04:46:30","http://skubspereira.com.br/PAYMENT/JJ971334008SYA/Aug-08-2018-685049612/JB-QMWL/","offline","malware_download","Heodo","skubspereira.com.br","186.202.153.173","27715","BR"
"2018-08-10 04:24:36","http://www.sindquimsuzano.com.br/doc/En_us/INVOICES/INV87898981571","offline","malware_download","doc|emotet|Heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR"
"2018-08-10 04:23:21","http://vitoriaregiagarden.com.br/wp-content/uploads/ACH/YWV39231303VRWMBO/Aug-08-2018-8421203576/ZFBK-PJFZ/","offline","malware_download","doc|emotet|Heodo","vitoriaregiagarden.com.br","186.202.135.240","27715","BR"
"2018-08-10 04:23:00","http://uniaomaster.com.br/files/En/Aug2018/INV0541193329768","offline","malware_download","doc|emotet|Heodo","uniaomaster.com.br","186.202.153.139","27715","BR"
"2018-08-10 04:23:00","http://uniaomaster.com.br/files/En/Aug2018/INV0541193329768/","offline","malware_download","doc|emotet|Heodo","uniaomaster.com.br","186.202.153.139","27715","BR"
"2018-08-10 04:21:32","http://sinavia.com/5TWWDOC/VMV86483751DJQ/Aug-09-2018-256475/READ-TOCX-Aug-09-2018","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR"
"2018-08-10 04:20:46","http://quebrangulo.al.gov.br/PAY/EWT733078222SYLF/Aug-07-2018-606654/SJ-RSG","offline","malware_download","doc|emotet","quebrangulo.al.gov.br","179.188.12.48","27715","BR"
"2018-08-10 04:20:45","http://quebrangulo.al.gov.br/25HDOC/RWOA604638UC/44473478018/RG-ZNVKG","offline","malware_download","doc|emotet|Heodo","quebrangulo.al.gov.br","179.188.12.48","27715","BR"
"2018-08-10 04:14:38","http://ajaelias.com.br/5QRFILE/GYD35103839192LBQ/Aug-08-2018-6412271/PT-VYCZO-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","ajaelias.com.br","177.153.208.30","27715","BR"
"2018-08-09 10:07:14","http://ftflogistica.com.br/482","offline","malware_download","emotet|exe|heodo","ftflogistica.com.br","186.202.157.79","27715","BR"
"2018-08-09 05:47:46","http://vitoriaregiagarden.com.br/wp-content/uploads/ACH/YWV39231303VRWMBO/Aug-08-2018-8421203576/ZFBK-PJFZ","offline","malware_download","doc|emotet|Heodo","vitoriaregiagarden.com.br","186.202.135.240","27715","BR"
"2018-08-09 05:17:37","http://sinavia.com/PAYMENT/XFVC1065269365TELI/Aug-07-2018-9035450631/BET-IMXLR/","offline","malware_download","doc|emotet|Heodo","sinavia.com","186.202.153.43","27715","BR"
"2018-08-08 16:30:52","http://casulotecidos.com.br/68XCARD/ONYJ81715765VLSGZG/07924528/MVKU-QDU-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","casulotecidos.com.br","186.202.135.240","27715","BR"
"2018-08-08 10:20:12","http://sinavia.com/PAYMENT/XFVC1065269365TELI/Aug-07-2018-9035450631/BET-IMXLR","offline","malware_download","doc|emotet|heodo","sinavia.com","186.202.153.43","27715","BR"
"2018-08-08 07:31:33","http://www.sindquimsuzano.com.br/PAYMENT/ZZN34252G/Aug-07-2018-4493466/HUL-GSMU","offline","malware_download","doc|emotet|heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR"
"2018-08-08 07:31:12","http://www.antenasartori.com.br/Download/MOP5109377PPFB/Aug-07-2018-7094725027/PY-YBHU-Aug-07-2018","offline","malware_download","doc|emotet|heodo","www.antenasartori.com.br","187.45.193.203","27715","BR"
"2018-08-08 05:54:24","http://www.antenasartori.com.br:7080/Download/MOP5109377PPFB/Aug-07-2018-7094725027/PY-YBHU-Aug-07-2018/","offline","malware_download","doc|emotet|Heodo","www.antenasartori.com.br","187.45.193.203","27715","BR"
"2018-08-08 05:51:34","http://skubspereira.com.br/PAYMENT/JJ971334008SYA/Aug-08-2018-685049612/JB-QMWL","offline","malware_download","doc|emotet|Heodo","skubspereira.com.br","186.202.153.173","27715","BR"
"2018-08-08 05:51:00","http://piramidehotel.com.br/Corporation/KSCX337324WTFUXG/4271439677/LPV-HLNSJ/","offline","malware_download","doc|emotet|Heodo","piramidehotel.com.br","186.202.153.12","27715","BR"
"2018-08-08 05:07:24","http://www.sindquimsuzano.com.br/PAYMENT/ZZN34252G/Aug-07-2018-4493466/HUL-GSMU/","offline","malware_download","doc|emotet|heodo","www.sindquimsuzano.com.br","187.45.195.182","27715","BR"
"2018-08-07 06:05:48","http://sp3.com.br/LLC/EQFY547003744IJDR/15992133/GOS-RVL","offline","malware_download","doc|emotet|Heodo","sp3.com.br","191.252.51.23","27715","BR"
"2018-08-06 14:39:16","http://piramidehotel.com.br/DHL-Tracking/En/","offline","malware_download","doc|emotet|heodo","piramidehotel.com.br","186.202.153.12","27715","BR"
"2018-08-03 05:19:24","http://quebrangulo.al.gov.br/Aug2018/US/Address-Update","offline","malware_download","doc|emotet|Heodo","quebrangulo.al.gov.br","179.188.12.48","27715","BR"
"2018-08-03 04:29:06","http://quebrangulo.al.gov.br/Aug2018/US/Address-Update/","offline","malware_download","doc|emotet|Heodo","quebrangulo.al.gov.br","179.188.12.48","27715","BR"
"2018-08-01 16:11:30","http://fabriciomarcondes.com.br/default/Rech/DETAILS/RechnungScan-QIF-46-25314/","offline","malware_download","doc|emotet|epoch2|Heodo","fabriciomarcondes.com.br","191.252.132.43","27715","BR"
"2018-08-01 04:05:12","http://vitoriaregiagarden.com.br/wp-content/uploads/files/US/New-Address/","offline","malware_download","doc|emotet|epoch2|Heodo","vitoriaregiagarden.com.br","186.202.135.240","27715","BR"
"2018-07-31 19:19:39","http://www.antenasartori.com.br:7080/sites/EN_en/Address-Changed/","offline","malware_download","doc|emotet|epoch2|Heodo","www.antenasartori.com.br","187.45.193.203","27715","BR"
"2018-07-30 15:32:19","http://sp3.com.br/jmkeiuuid/doc/En_us/INVOICE-STATUS/Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","sp3.com.br","191.252.51.23","27715","BR"
"2018-07-26 03:56:44","http://sp3.com.br/doc/En/Open-invoices/Invoice-05569/","offline","malware_download","doc|emotet|epoch2|Heodo","sp3.com.br","191.252.51.23","27715","BR"
"2018-07-17 23:14:25","http://skubspereira.com.br/Notification-de-facture/","offline","malware_download","doc|emotet|epoch1|Heodo","skubspereira.com.br","186.202.153.173","27715","BR"
"2018-07-16 21:32:43","http://www.coimbragarcia.adv.br/Borradores-documentos-07/","offline","malware_download","doc|emotet|epoch1|Heodo","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-07-15 03:47:09","http://coimbragarcia.adv.br/d3E9hBv/","offline","malware_download","","coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-07-13 12:09:16","http://antenasartori.com.br/pdf/US/Order/Account-97528/","offline","malware_download","Heodo","antenasartori.com.br","187.45.193.203","27715","BR"
"2018-07-13 07:13:53","http://www.antenasartori.com.br/pdf/US/Order/Account-97528/","offline","malware_download","doc|emotet|heodo","www.antenasartori.com.br","187.45.193.203","27715","BR"
"2018-07-13 02:50:44","http://www.neoluz.com.br/Nuevos-acuerdos-07/","offline","malware_download","doc|emotet|epoch1|Heodo","www.neoluz.com.br","179.188.11.37","27715","BR"
"2018-07-12 23:48:06","http://www.coimbragarcia.adv.br/d3E9hBv/","offline","malware_download","emotet|epoch1|Heodo|payload","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-07-11 04:17:21","http://www.trja.org.br/doc/En/FILE/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|epoch2","www.trja.org.br","191.252.107.7","27715","BR"
"2018-07-11 04:17:09","http://www.tanker.com.br/newsletter/EN_en/Payment-and-address/Invoice-6644436632-07-09-2018/","offline","malware_download","doc|emotet|epoch2","www.tanker.com.br","186.202.157.79","27715","BR"
"2018-07-11 04:11:28","http://www.antenasartori.com.br/Jul2018/Rechnungs-Details/RECHNUNG/Hilfestellung-zu-Ihrer-Rechnung-Nr091428/","offline","malware_download","doc|emotet|epoch2|Heodo","www.antenasartori.com.br","187.45.193.203","27715","BR"
"2018-07-11 04:04:42","http://antenasartori.com.br:7080/Jul2018/Rechnungs-Details/RECHNUNG/Hilfestellung-zu-Ihrer-Rechnung-Nr091428/","offline","malware_download","doc|emotet|epoch2|Heodo","antenasartori.com.br","187.45.193.203","27715","BR"
"2018-07-11 03:59:34","http://www.floripameuamor.com.br/Open-invoices/","offline","malware_download","doc|emotet|epoch1","www.floripameuamor.com.br","191.252.107.7","27715","BR"
"2018-07-11 03:59:21","http://www.coimbragarcia.adv.br/Available-invoices/","offline","malware_download","doc|emotet|epoch1","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-07-11 03:55:48","http://floripameuamor.com.br/Open-invoices/","offline","malware_download","doc|emotet|epoch1","floripameuamor.com.br","191.252.107.7","27715","BR"
"2018-07-07 04:54:19","http://coimbragarcia.adv.br/ihyXDn3hHe/","offline","malware_download","Heodo","coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-07-06 09:43:05","http://www.coimbragarcia.adv.br/ihyXDn3hHe/","offline","malware_download","emotet|exe|heodo","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-07-06 07:02:19","http://www.tanker.com.br/Independence-Day-Greetings/","offline","malware_download","doc|emotet|heodo","www.tanker.com.br","186.202.157.79","27715","BR"
"2018-07-03 18:51:14","http://www.tanker.com.br/US/Statement/invoice/","offline","malware_download","doc|emotet|heodo","www.tanker.com.br","186.202.157.79","27715","BR"
"2018-07-03 16:45:13","http://hereford.com.br/Skype.exe","offline","malware_download","Emotet|exe","hereford.com.br","186.202.157.79","27715","BR"
"2018-06-26 13:14:33","http://coimbragarcia.adv.br/Facturas-vencidas","offline","malware_download","emotet|Heodo","coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-06-25 15:39:10","http://www.coimbragarcia.adv.br/Facturas-vencidas/","offline","malware_download","doc|emotet|epoch1|Heodo","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-06-20 18:32:38","http://operahaus.com.br/STATUS/Invoices/","offline","malware_download","emotet|Heodo","operahaus.com.br","191.252.83.197","27715","BR"
"2018-06-18 18:33:05","http://operahaus.com.br/Zahlungserinnerung/Ihre-Rechnung/","offline","malware_download","doc|Emotet|Heodo","operahaus.com.br","191.252.83.197","27715","BR"
"2018-06-18 15:08:07","http://betaborrachas.com.br/site/Jun2018/Services-06-18-18-New-Customer-CL/","offline","malware_download","doc|emotet|epoch1|Heodo","betaborrachas.com.br","186.202.135.240","27715","BR"
"2018-06-18 14:03:12","http://www.betaborrachas.com.br/site/Jun2018/Services-06-18-18-New-Customer-CL/","offline","malware_download","doc|emotet|heodo","www.betaborrachas.com.br","186.202.135.240","27715","BR"
"2018-06-15 18:01:34","http://luminanza.com.br/FILE/INV382318060786/","offline","malware_download","Emotet|Heodo","luminanza.com.br","186.202.135.240","27715","BR"
"2018-06-15 15:42:14","http://sp3.com.br/UPS-Ship-Notification/Feb-23-18-06-52-04/","offline","malware_download","Heodo","sp3.com.br","191.252.51.23","27715","BR"
"2018-06-15 15:26:04","http://biagioturbos.com/SSI-95-83392-document-May-04-2017/","offline","malware_download","Emotet|Heodo","biagioturbos.com","191.252.156.151","27715","BR"
"2018-06-15 14:29:09","http://www.coimbragarcia.adv.br/IRS-Tax-Transcipts-June-2018-017/35/","offline","malware_download","doc|emotet|epoch1","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-06-14 14:46:10","http://betaborrachas.com.br/site/STATUS/Invoice-489183/","offline","malware_download","doc|emotet|epoch1|Heodo","betaborrachas.com.br","186.202.135.240","27715","BR"
"2018-06-13 10:54:18","http://www.coimbragarcia.adv.br/Client/Customer-Invoice-IV-35356310/","offline","malware_download","doc|emotet|epoch1|Heodo","www.coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-06-11 19:25:05","http://operahaus.com.br/IRS-TRANSCRIPTS-June-2018-051V/8/","offline","malware_download","doc|emotet|epoch2|Heodo","operahaus.com.br","191.252.83.197","27715","BR"
"2018-06-08 18:16:08","http://drees.com.br/K102wPE/","offline","malware_download","emotet|epoch1|Heodo|payload","drees.com.br","186.202.153.46","27715","BR"
"2018-06-07 20:16:07","http://www.luminanza.com.br/FILE/INV382318060786/","offline","malware_download","doc|emotet|epoch1|Heodo","www.luminanza.com.br","186.202.135.240","27715","BR"
"2018-06-07 14:11:33","http://coimbragarcia.adv.br/RECHNUNG/Fakturierung-Nr022859/","offline","malware_download","Heodo","coimbragarcia.adv.br","186.202.153.183","27715","BR"
"2018-06-06 15:46:07","http://mimhospeda.com/central/STATUS/Pay-Invoice/","offline","malware_download","doc|emotet|Heodo","mimhospeda.com","191.252.111.137","27715","BR"
"2018-06-05 16:40:06","http://operahaus.com.br/Rechnungsanschrift/Rechnungs-Details-Nr077689/","offline","malware_download","doc|emotet|Heodo","operahaus.com.br","191.252.83.197","27715","BR"
"2018-06-01 22:44:09","http://hereford.com.br/Wordpress.exe","offline","malware_download","downloader|exe","hereford.com.br","186.202.157.79","27715","BR"
"2018-06-01 14:51:39","http://mimhospeda.com/Facture/","offline","malware_download","doc|emotet|Heodo","mimhospeda.com","191.252.111.137","27715","BR"
"2018-05-31 14:05:16","http://agenciabeep.com.br/wire-form/cyl-4982514742913","offline","malware_download","doc|emotet|heodo","agenciabeep.com.br","191.252.83.197","27715","BR"
"2018-05-30 13:32:46","http://mimhospeda.com/RnyTv/","offline","malware_download","Emotet|exe|Heodo","mimhospeda.com","191.252.111.137","27715","BR"
"2018-05-29 22:37:39","http://operahaus.com.br/Facturation/","offline","malware_download","doc|emotet|Heodo","operahaus.com.br","191.252.83.197","27715","BR"
"2018-05-28 14:16:47","http://mimhospeda.com/LbvkQppZyd/","offline","malware_download","emotet|Heodo","mimhospeda.com","191.252.111.137","27715","BR"
"2018-05-24 08:08:29","http://drees.com.br/STATUS/Emailing-W391543GL-91423/","offline","malware_download","doc|emotet|heodo","drees.com.br","186.202.153.46","27715","BR"
"2018-05-24 08:04:25","http://bernardesdias.com.br/Client/Please-pull-invoice-65078/","offline","malware_download","doc|emotet|heodo","bernardesdias.com.br","186.202.153.63","27715","BR"
"2018-05-23 06:05:32","http://mimhospeda.com/FILE/Invoice-7549648648-05-22-2018/","offline","malware_download","Heodo","mimhospeda.com","191.252.111.137","27715","BR"
"2018-05-18 10:40:55","http://drees.com.br/5c9BBizts6OXPI/","offline","malware_download","doc|emotet|Heodo","drees.com.br","186.202.153.46","27715","BR"
"2018-05-17 18:52:58","http://bernardesdias.com.br/Tp3pGZcNeFgf/","offline","malware_download","doc|emotet|Heodo","bernardesdias.com.br","186.202.153.63","27715","BR"
"2018-05-16 13:17:38","http://epraja1.com.br/HOkjTw/","offline","malware_download","emotet|Heodo","epraja1.com.br","186.202.153.66","27715","BR"
"2018-05-10 15:48:20","http://bernardesdias.com.br/ePtm5OgdH/","offline","malware_download","doc|emotet|Heodo","bernardesdias.com.br","186.202.153.63","27715","BR"
"2018-04-13 04:40:32","http://epraja1.com.br/Service-Report-21597/","offline","malware_download","emotet doc","epraja1.com.br","186.202.153.66","27715","BR"
"2018-04-09 18:06:16","http://operahaus.com.br/Invoice/","offline","malware_download","doc|emotet|heodo","operahaus.com.br","191.252.83.197","27715","BR"
"2018-04-03 10:41:49","http://bernardesdias.com.br/DM-477489400/","offline","malware_download","doc|emotet|heodo","bernardesdias.com.br","186.202.153.63","27715","BR"
"2018-03-29 15:06:01","http://www.conteudo.acaogerencial.com.br/Document/Invoice/","offline","malware_download","doc|emotet|heodo","www.conteudo.acaogerencial.com.br","186.202.157.79","27715","BR"
"2018-03-27 14:12:28","http://bumbo.com.br/oaoxov/","offline","malware_download","emotet|exe|heodo","bumbo.com.br","201.76.51.228","27715","BR"
"2018-03-27 12:49:29","http://agenciabeep.com.br/WIRE-FORM/CYL-4982514742913/","offline","malware_download","doc|emotet|heodo","agenciabeep.com.br","191.252.83.197","27715","BR"
# of entries: 758