##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-18 18:47:51 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS34788
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-04-20 11:14:09","http://f.wummi.at/files/ReR.exe","offline","malware_download","10pluspositivesinVT|RustyStealer","f.wummi.at","85.13.157.97","34788","DE"
"2023-09-08 06:19:13","https://heldenfutter.de/blog.php","offline","malware_download","gating|gootloader","heldenfutter.de","85.13.152.148","34788","DE"
"2022-11-02 08:19:11","https://geringer-muehle.de/wp-admin/G/","offline","malware_download","dll|emotet|epoch4|heodo","geringer-muehle.de","85.13.153.253","34788","DE"
"2022-06-29 15:16:05","https://www.mobiles-photostudio.com/MPS/uYUKsZhII1qQ1/","offline","malware_download","dll|emotet|epoch4|heodo","www.mobiles-photostudio.com","85.13.136.91","34788","DE"
"2022-03-29 14:46:10","https://hoffmeyer-waagen.de/Bilder/rvogZCHOaypQgHRvdcT5rBcD7/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","hoffmeyer-waagen.de","85.13.139.237","34788","DE"
"2022-03-29 14:46:06","https://hoffmeyer-waagen.de/Bilder/rvogZCHOaypQgHRvdcT5rBcD7/","offline","malware_download","emotet|epoch4|redir-doc|xls","hoffmeyer-waagen.de","85.13.139.237","34788","DE"
"2021-12-24 17:11:10","http://hausdorthe.de/ecmt2hu/iorVJFoXg/","offline","malware_download","emotet|epoch4|redir-doc|xls","hausdorthe.de","85.13.142.5","34788","DE"
"2021-12-16 17:41:12","https://dsv-vt.de/resident.php","offline","malware_download","doc|hancitor|html","dsv-vt.de","85.13.145.217","34788","DE"
"2021-12-16 17:41:12","https://dsv-vt.de/wp-content/ngg/modules/photocrati-nextgen_basic_singlepic/templates/sublime.php","offline","malware_download","doc|hancitor|html","dsv-vt.de","85.13.145.217","34788","DE"
"2021-12-16 17:41:10","https://dsv-vt.de/miller.php","offline","malware_download","doc|hancitor|html","dsv-vt.de","85.13.145.217","34788","DE"
"2021-12-16 17:41:09","https://dsv-vt.de/conceivably.php","offline","malware_download","doc|hancitor|html","dsv-vt.de","85.13.145.217","34788","DE"
"2021-12-16 17:41:09","https://dsv-vt.de/described.php","offline","malware_download","doc|hancitor|html","dsv-vt.de","85.13.145.217","34788","DE"
"2021-12-08 23:59:09","https://xingular.io/chardet/zHHuD5Si2N8qZOiLnTvkwvTHNFam2/","offline","malware_download","doc|emotet|epoch4|Heodo","xingular.io","85.13.150.203","34788","DE"
"2021-12-04 07:28:07","http://xingular.io/chardet/KCxgnClw3gqTzXev/PlZG5ALhfeeoGZ8pk/","offline","malware_download","doc|emotet|epoch4","xingular.io","85.13.150.203","34788","DE"
"2021-12-04 05:29:03","https://xingular.io/chardet/KCxgnClw3gqTzXev/PlZG5ALhfeeoGZ8pk/","offline","malware_download","doc|emotet|epoch4|Heodo","xingular.io","85.13.150.203","34788","DE"
"2021-12-01 11:33:09","http://xingular.io/p9xb/4IIdkVmma94/","offline","malware_download","emotet|epoch4|redir-appinstaller","xingular.io","85.13.150.203","34788","DE"
"2021-07-22 15:28:08","https://kitchenup.de/predesigned.php","offline","malware_download","doc|hancitor|html","kitchenup.de","85.13.150.158","34788","DE"
"2021-07-01 16:07:16","http://insolvenzthemen.de/shadowboxing.php","offline","malware_download","hancitor","insolvenzthemen.de","85.13.164.127","34788","DE"
"2021-07-01 16:07:10","http://insolvenzthemen.de/conciliator.php","offline","malware_download","hancitor","insolvenzthemen.de","85.13.164.127","34788","DE"
"2021-07-01 15:06:14","http://insolvenzthemen.de/tacit.php","offline","malware_download","doc|hancitor|html","insolvenzthemen.de","85.13.164.127","34788","DE"
"2021-07-01 15:06:09","http://insolvenzthemen.de/testes.php","offline","malware_download","doc|hancitor|html","insolvenzthemen.de","85.13.164.127","34788","DE"
"2021-07-01 15:06:08","http://insolvenzthemen.de/skittish.php","offline","malware_download","doc|hancitor|html","insolvenzthemen.de","85.13.164.127","34788","DE"
"2021-06-18 00:29:32","https://waschschuesseln.de/inadequate.php","offline","malware_download","doc|hancitor|html","waschschuesseln.de","85.13.136.79","34788","DE"
"2021-06-17 16:15:06","https://waschschuesseln.de/latched.php","offline","malware_download","doc|hancitor|html","waschschuesseln.de","85.13.136.79","34788","DE"
"2021-03-29 14:59:08","https://spenglerei-froehlich.de/hhy8ken.tar","offline","malware_download","Dridex","spenglerei-froehlich.de","85.13.157.188","34788","DE"
"2021-03-29 14:58:04","https://botschaftvielfalt.de/fa8vyq.zip","offline","malware_download","Dridex","botschaftvielfalt.de","85.13.167.21","34788","DE"
"2021-03-25 09:15:04","http://drohnenscout.de/wp-includes/css/char.exe","offline","malware_download","exe|Formbook","drohnenscout.de","85.13.167.225","34788","DE"
"2021-03-25 09:11:03","http://drohnenscout.de/wp-includes/css/igbo.exe","offline","malware_download","exe|Formbook|opendir","drohnenscout.de","85.13.167.225","34788","DE"
"2021-03-24 15:18:04","http://drohnenscout.de/wp-includes/css/igb.exe","offline","malware_download","formbook","drohnenscout.de","85.13.167.225","34788","DE"
"2021-03-24 15:07:32","https://kaleido-winkels.de/fynpji.rar","offline","malware_download","Dridex","kaleido-winkels.de","85.13.132.36","34788","DE"
"2021-03-24 15:07:10","https://roomservicelive.de/h7j38u3.tar","offline","malware_download","Dridex","roomservicelive.de","85.13.157.188","34788","DE"
"2021-03-19 18:28:04","http://drohnenscout.de/igb.exe","offline","malware_download","exe|Formbook","drohnenscout.de","85.13.167.225","34788","DE"
"2021-03-11 15:01:05","http://drohnenscout.de/wp-admin/char.exe","offline","malware_download","exe|Formbook","drohnenscout.de","85.13.167.225","34788","DE"
"2021-03-11 13:56:04","http://drohnenscout.de/wp-admin/igbo.exe","offline","malware_download","formbook","drohnenscout.de","85.13.167.225","34788","DE"
"2021-02-10 14:10:25","http://zukunftslotse.hamburg/b5d04ls.tar","offline","malware_download","Dridex","zukunftslotse.hamburg","85.13.154.203","34788","DE"
"2021-02-10 13:16:38","https://zukunftslotse.hamburg/b5d04ls.tar","offline","malware_download","Dridex","zukunftslotse.hamburg","85.13.154.203","34788","DE"
"2021-01-13 15:46:04","http://it.webseite-programmierung.de/l0pzf7jhz.zip","offline","malware_download","Dridex","it.webseite-programmierung.de","85.13.162.234","34788","DE"
"2021-01-13 15:00:18","http://personalexperten.webseite-programmierung.de/m0rvr1gj8.zip","offline","malware_download","dll|Dridex","personalexperten.webseite-programmierung.de","85.13.162.234","34788","DE"
"2020-12-09 12:33:14","http://principles.webseite-programmierung.de/wp7njg6e.zip","offline","malware_download","dll|Dridex","principles.webseite-programmierung.de","85.13.162.234","34788","DE"
"2020-12-09 12:33:08","http://personalexperten.webseite-programmierung.de/dwdhjed8i.rar","offline","malware_download","dll|Dridex","personalexperten.webseite-programmierung.de","85.13.162.234","34788","DE"
"2020-12-09 12:32:08","http://bludau.webseite-programmierung.de/kubyzus.rar","offline","malware_download","dll|Dridex","bludau.webseite-programmierung.de","85.13.162.234","34788","DE"
"2020-10-21 22:10:05","https://www.frey-schrauben.de/wp-includes__/INC/S3aYNSv0SYLo5QTJah60/","offline","malware_download","doc|emotet|epoch1|Heodo","www.frey-schrauben.de","85.13.131.217","34788","DE"
"2020-10-20 08:29:05","http://praxis-leimbacher.ch/wp-content/LLC/A2cRQJZIogvveGZBo/","offline","malware_download","doc|emotet|epoch1|Heodo","praxis-leimbacher.ch","85.13.130.88","34788","DE"
"2020-10-16 21:42:04","http://praxis-leimbacher.ch/wp-content/Document/","offline","malware_download","doc|Emotet|epoch2|Heodo","praxis-leimbacher.ch","85.13.130.88","34788","DE"
"2020-09-28 20:50:14","http://dachzeltnomaden.de/bpzaf/Reporting/SgAvZuBcrR/","offline","malware_download","doc|emotet|epoch1|Heodo","dachzeltnomaden.de","85.13.142.171","34788","DE"
"2020-09-17 06:29:08","http://reinigung-paul.de/er/AVRQC8VFTUGOC/wo6Bjqlxrv/","offline","malware_download","doc|emotet|epoch1|Heodo","reinigung-paul.de","85.13.153.193","34788","DE"
"2020-09-05 01:57:05","https://headdesign.com/2007_head_website/file/YFrAP/","offline","malware_download","emotet|epoch3|exe|Heodo","headdesign.com","85.13.149.40","34788","DE"
"2020-09-04 14:30:08","http://reinigung-paul.de/er/http:/nIU9npqsMYww50a/","offline","malware_download","doc|emotet|epoch1|Heodo","reinigung-paul.de","85.13.153.193","34788","DE"
"2020-09-04 13:55:03","http://reinigung-paul.de/er/http://nIU9npqsMYww50a/","offline","malware_download","doc|emotet|epoch1|Heodo","reinigung-paul.de","85.13.153.193","34788","DE"
"2020-09-03 18:30:06","https://kunstefan.de/cgi-bin/docs/8lhhilwxq/","offline","malware_download","doc|Emotet|epoch2|Heodo","kunstefan.de","85.13.157.93","34788","DE"
"2020-09-03 12:12:33","https://www.kunstefan.de/cgi-bin/docs/8lhhilwxq/","offline","malware_download","doc|emotet|epoch2|heodo","www.kunstefan.de","85.13.157.93","34788","DE"
"2020-09-02 20:41:39","http://headdesign.com/2007_head_website/file/YFrAP/","offline","malware_download","emotet|epoch3|exe|Heodo","headdesign.com","85.13.149.40","34788","DE"
"2020-09-01 05:02:06","https://www.kunstefan.de/cgi-bin/ZwGV/","offline","malware_download","emotet|epoch3|exe|Heodo","www.kunstefan.de","85.13.157.93","34788","DE"
"2020-08-31 20:27:03","https://innovationsstarter.com/cgi-bin/iq/","offline","malware_download","emotet|epoch1|exe|Heodo","innovationsstarter.com","85.13.145.58","34788","DE"
"2020-08-26 06:32:36","http://reinigung-paul.de/er/invoice/adlb5r2w2d-000602/","offline","malware_download","doc|emotet|epoch3|Heodo","reinigung-paul.de","85.13.153.193","34788","DE"
"2020-08-06 15:40:06","http://soho.at/wi/images/phnffv_26yrgebxcs4y0j8_box/special_2445924_hauzpyurdv1y/179408622340_slWJn3lKUuTX/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","soho.at","85.13.129.88","34788","DE"
"2020-08-06 13:16:04","http://shootie.de/djchristaffa.de/common_sector/verifiable_396250047_L5AtTwqpNVqd/q49wspdl9ney2j2f_362wy791t/","offline","malware_download","doc|emotet|epoch1|heodo","shootie.de","85.13.152.160","34788","DE"
"2020-08-06 12:00:06","http://sporttherapie-muenchen.de/STM_WP_Backup/d7fj1625129601367gmix8vl23jdthz/","offline","malware_download","doc|emotet|epoch2|heodo","sporttherapie-muenchen.de","85.13.140.171","34788","DE"
"2020-07-29 21:33:40","http://henseldesign.de/css/report/mbaxq6z535/","offline","malware_download","doc|emotet|epoch2","henseldesign.de","85.13.164.226","34788","DE"
"2020-07-29 12:53:03","http://www.henseldesign.de/css/report/mbaxq6z535/","offline","malware_download","doc|emotet|epoch2|Heodo","www.henseldesign.de","85.13.164.226","34788","DE"
"2020-07-29 10:35:06","http://www.softwarestore24.de/assets/LLC/b5x6hc7/qx56072491005zr2nl7vhavfsgnc38/","offline","malware_download","doc|emotet|epoch2|heodo","www.softwarestore24.de","85.13.164.178","34788","DE"
"2020-05-18 12:14:26","http://magesource.su/pz/pz64","offline","malware_download","Bruteforcer","magesource.su","85.13.149.242","34788","DE"
"2020-05-18 12:14:19","http://magesource.su/pz/pz32","offline","malware_download","Bruteforcer","magesource.su","85.13.149.242","34788","DE"
"2020-05-18 12:14:11","http://magesource.su/pz/pz.exe","offline","malware_download","BruteForcer","magesource.su","85.13.149.242","34788","DE"
"2020-04-29 08:42:02","http://djonur24.de/hdc/Buy-Sell_Agreement_4850_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","djonur24.de","85.13.136.58","34788","DE"
"2020-04-29 08:03:35","http://djonur24.de/hdc/2165/Buy-Sell_Agreement_2165_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","djonur24.de","85.13.136.58","34788","DE"
"2020-04-29 07:56:33","http://djonur24.de/hdc/Buy-Sell_Agreement_5473_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","djonur24.de","85.13.136.58","34788","DE"
"2020-04-29 06:39:02","http://djonur24.de/hdc/Buy-Sell_Agreement_43080784_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","djonur24.de","85.13.136.58","34788","DE"
"2020-04-28 17:45:50","http://djonur24.de/hdc/Buy-Sell_Agreement_6780_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","djonur24.de","85.13.136.58","34788","DE"
"2020-04-28 17:04:06","http://djonur24.de/hdc/Buy-Sell_Agreement_5964970_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","djonur24.de","85.13.136.58","34788","DE"
"2020-04-28 14:19:20","http://can-media.de/e/88888.png","offline","malware_download","exe|Qakbot|Quakbot|spx107","can-media.de","85.13.136.58","34788","DE"
"2020-04-16 17:00:57","http://ashtangayoga-goch.de/feature/096697/096697.zip","offline","malware_download","Qakbot|qbot|spx98|zip","ashtangayoga-goch.de","85.13.163.140","34788","DE"
"2020-04-14 20:28:23","https://waterosmo.com/string/72745.zip","offline","malware_download","Qakbot|qbot|spx96|zip","waterosmo.com","85.13.140.168","34788","DE"
"2020-04-14 20:28:10","https://waterosmo.com/string/606793.zip","offline","malware_download","Qakbot|qbot|spx96|zip","waterosmo.com","85.13.140.168","34788","DE"
"2020-04-14 20:28:03","https://waterosmo.com/string/07879.zip","offline","malware_download","Qakbot|qbot|spx96|zip","waterosmo.com","85.13.140.168","34788","DE"
"2020-02-05 09:23:14","https://mmedia.network/wp-includes/bbok3s-4viy5-96/","offline","malware_download","doc|emotet|epoch3|Heodo","mmedia.network","85.13.135.232","34788","DE"
"2020-01-29 05:18:08","https://mmedia.network/wp-includes/v6wea9tpi/","offline","malware_download","doc|emotet|epoch2|heodo","mmedia.network","85.13.135.232","34788","DE"
"2020-01-24 09:01:37","https://ena-office.com/cgi-bin/ubaz-4lw4-018188/","offline","malware_download","doc|emotet|epoch3|Heodo","ena-office.com","85.13.164.72","34788","DE"
"2020-01-23 23:14:10","https://neustadt-kosmetik.de/cli/LLC/nz4hcux/zj8-966148335-5821-adkw4xpti73-os4u6hjpt8w/","offline","malware_download","doc|emotet|epoch2|heodo","neustadt-kosmetik.de","85.13.156.237","34788","DE"
"2020-01-23 18:40:36","http://sonamu-ffm.de/app.php","offline","malware_download","CHE|Dridex|exe|geofenced|USA|vbs|zip","sonamu-ffm.de","85.13.167.230","34788","DE"
"2020-01-23 02:50:09","https://mmedia.network/wp-includes/sites/","offline","malware_download","doc|emotet|epoch2|heodo","mmedia.network","85.13.135.232","34788","DE"
"2020-01-22 12:08:05","http://rhoenzahn.de/media/r1c3e000-aw-01969/","offline","malware_download","doc|emotet|epoch3|Heodo","rhoenzahn.de","85.13.145.52","34788","DE"
"2020-01-22 10:02:05","http://nxtcloud.dittmer.at/themes/INC/hia6mnj5/7y59m7k-15371-2003799-qr71z-e6l1g/","offline","malware_download","doc|emotet|epoch2|Heodo","nxtcloud.dittmer.at","85.13.137.145","34788","DE"
"2020-01-22 09:57:13","http://jtestfw.sitereisen.de/layouts/invoice/kjokm57/","offline","malware_download","doc|emotet|epoch2|heodo","jtestfw.sitereisen.de","85.13.137.145","34788","DE"
"2020-01-22 09:53:04","http://tsv-update.sitereisen.de/layouts/sites/","offline","malware_download","doc|emotet|epoch2|heodo","tsv-update.sitereisen.de","85.13.137.145","34788","DE"
"2020-01-22 09:32:05","https://zontaclub-salzburg.at/modules/FILE/3dof0n4oq/gbuq-360810084-54619-yrotts-epznzsj48g/","offline","malware_download","doc|emotet|epoch2|heodo","zontaclub-salzburg.at","85.13.134.43","34788","DE"
"2020-01-22 09:23:04","https://nemayer-arbeitskleidung.de/modules/INC/","offline","malware_download","doc|emotet|epoch2|heodo","nemayer-arbeitskleidung.de","85.13.136.95","34788","DE"
"2020-01-22 09:21:05","https://neu.kw-farchant.com/modules/vd1g3-8w-067154/","offline","malware_download","doc|emotet|epoch3","neu.kw-farchant.com","85.13.161.84","34788","DE"
"2020-01-21 02:29:08","https://mmedia.network/wp-includes/Overview/6fw7bg53k3oq/fi-16546559-370-ab7b-hkh5r/","offline","malware_download","doc|emotet|epoch2|heodo","mmedia.network","85.13.135.232","34788","DE"
"2020-01-17 09:13:27","https://mmedia.network/wp-includes/lRCzo/","offline","malware_download","doc|emotet|epoch3|Heodo","mmedia.network","85.13.135.232","34788","DE"
"2020-01-15 02:05:05","https://airtrack-matten.de/wp-includes/common_zone/interior_portal/of6flmxz5ey_085z8923xs45/","offline","malware_download","doc|emotet|epoch1|Heodo","airtrack-matten.de","85.13.133.237","34788","DE"
"2020-01-13 22:20:33","http://wg2010.de/wp-includes/report/ptqzlf6j/","offline","malware_download","doc|emotet|epoch2|heodo","wg2010.de","85.13.163.98","34788","DE"
"2019-12-19 21:57:03","https://schluesseldienst-aufsperrdienst.at/wp-content/Document/c95zw7piobo/","offline","malware_download","doc|emotet|epoch2|heodo","schluesseldienst-aufsperrdienst.at","85.13.145.41","34788","DE"
"2019-12-19 08:45:03","http://www.kalolimano.de/framework.frighten/DOC/","offline","malware_download","doc|emotet|epoch2|Heodo","www.kalolimano.de","85.13.153.100","34788","DE"
"2019-12-18 13:15:49","https://iru-bw.de/wp-includes/6848092_R4sODUG_disk/guarded_6898962_ISMIiDuEgkNw/76796551378_iNUIrHPkY/","offline","malware_download","doc|emotet|epoch1|Heodo","iru-bw.de","85.13.146.218","34788","DE"
"2019-12-18 09:46:08","https://xn--sehglser-4za.de/ol5z/mWT89791/","offline","malware_download","doc|emotet|epoch3|heodo","xn--sehglser-4za.de","85.13.136.35","34788","DE"
"2019-12-09 23:23:22","http://dennis-roth.de/phpmaill/75073574955173640/koi8cb2gpik7/","offline","malware_download","doc|emotet|epoch2|Heodo","dennis-roth.de","85.13.144.124","34788","DE"
"2019-11-26 08:10:22","http://dennis-roth.de/phpmaill/nvub-2hfx8k0-3184595/","offline","malware_download","emotet|epoch3|exe|Heodo","dennis-roth.de","85.13.144.124","34788","DE"
"2019-10-30 14:12:11","https://bajwa-kollegen.de/wp-content/2rmzd-obk-69/","offline","malware_download","emotet|epoch3|exe|Heodo","bajwa-kollegen.de","85.13.150.48","34788","DE"
"2019-10-04 04:07:04","http://www.taron.de/Storage/Verve/Verve_painter.exe","offline","malware_download","exe","www.taron.de","85.13.144.121","34788","DE"
"2019-10-04 03:58:09","http://taron.de/Storage/Verve/Verve_painter.exe","offline","malware_download","exe","taron.de","85.13.144.121","34788","DE"
"2019-10-02 01:21:10","https://xn--karins-schnelle-kche-5ec.de/wp-admin/DOC/2pbdlf27_ug4vogcjdv-08893867/","offline","malware_download","doc|emotet|epoch2|Heodo","xn--karins-schnelle-kche-5ec.de","85.13.153.17","34788","DE"
"2019-10-01 20:50:04","https://xn--karins-schnelle-kche-5ec.de/wp-admin/DOC/2pbdlf27_ug4vogcjdv-08893867","offline","malware_download","doc","xn--karins-schnelle-kche-5ec.de","85.13.153.17","34788","DE"
"2019-09-20 10:40:29","http://dental2.falk-engelhardt.de/wp-content/languages/plugins/2c.jpg","offline","malware_download","ransomware|shade|Troldesh","dental2.falk-engelhardt.de","85.13.137.18","34788","DE"
"2019-09-11 07:22:15","http://mtbplus.de/wp-content/themes/treville/images/2c.jpg","offline","malware_download","ransomware|shade|Troldesh","mtbplus.de","85.13.154.242","34788","DE"
"2019-09-11 07:22:12","http://mtbplus.de/wp-content/themes/treville/images/1c.jpg","offline","malware_download","ransomware|shade|Troldesh","mtbplus.de","85.13.154.242","34788","DE"
"2019-08-28 09:54:04","https://beatrice-roeder.de/GL_EVENTS%20PROPOSAL.exe","offline","malware_download","exe|NanoCore","beatrice-roeder.de","85.13.131.214","34788","DE"
"2019-08-13 16:13:19","http://reisekaufhaus.de/wp-content/themes/soledad/images/1c.jpg","offline","malware_download","exe|Troldesh","reisekaufhaus.de","85.13.130.25","34788","DE"
"2019-05-31 22:37:02","http://akarsu.de/cgi-bin/Document/42p8qle1n9gvz34ol_sithqp9f-84124569/","offline","malware_download","doc|emotet|epoch2|Heodo","akarsu.de","85.13.163.180","34788","DE"
"2019-05-29 22:03:02","http://s-schwarz.de/LLC/DWVNXqowurLxxSJXjM/","offline","malware_download","doc|emotet|epoch2|Heodo","s-schwarz.de","85.13.143.65","34788","DE"
"2019-05-28 03:45:03","http://k4ci.de/blog/wp-content/themes/classic/oko9913kasl.exe","offline","malware_download","Asprox|exe","k4ci.de","85.13.152.243","34788","DE"
"2019-05-27 21:58:03","http://k4ci.de/blog/wp-content/themes/quusp3qq.exe","offline","malware_download","Asprox|exe","k4ci.de","85.13.152.243","34788","DE"
"2019-05-26 08:04:32","http://marc.miltenberger.info/svchost.exe","offline","malware_download","exe","marc.miltenberger.info","85.13.140.33","34788","DE"
"2019-05-06 15:35:07","http://www.mediashack.at/error/verif_seg.en.myaccount.open_res./","offline","malware_download","Emotet|epoch1|Heodo","www.mediashack.at","85.13.163.44","34788","DE"
"2019-04-23 10:11:05","http://valumedia.de/wp-includes/support/sich/2019-04/","offline","malware_download","doc|emotet|epoch1|Heodo","valumedia.de","85.13.144.67","34788","DE"
"2019-03-25 15:05:09","http://www.spdma.de/wp-content/plugins/sqlbasa/y_waywardness_heartland.html/","offline","malware_download","","www.spdma.de","85.13.134.174","34788","DE"
"2019-03-18 07:19:05","https://feamus.de/order_outputE57050.png","offline","malware_download","exe|Formbook","feamus.de","85.13.129.162","34788","DE"
"2019-03-12 01:31:22","https://dato.co.at/templates/dato/images/_notes/major.zip","offline","malware_download","js|RUS|Troldesh|zip","dato.co.at","85.13.128.46","34788","DE"
"2019-03-08 18:19:01","http://kaehlerweb.de/joomla/sw52-g3gwp-kief.view/","offline","malware_download","doc|emotet|epoch2|Heodo","kaehlerweb.de","85.13.162.162","34788","DE"
"2019-03-08 13:12:02","https://wiebe-sanitaer.de/ATTBusiness/2r5TJ6p_Mryr9Zatb_0WAqVWu0i/index.php/","offline","malware_download","doc","wiebe-sanitaer.de","85.13.131.246","34788","DE"
"2019-03-07 16:07:06","https://wiebe-sanitaer.de/ATTBusiness/2r5TJ6p_Mryr9Zatb_0WAqVWu0i/index.php/404","offline","malware_download","doc","wiebe-sanitaer.de","85.13.131.246","34788","DE"
"2019-02-26 09:39:32","http://ablaze-visuals.com/wp-content/themes/kalium/inc/admin-tpls/msg.jpg","offline","malware_download","exe|RUS|Troldesh","ablaze-visuals.com","85.13.163.87","34788","DE"
"2019-02-22 11:03:07","http://guidojoeris.com/0Jq9Kb2Uwa/","offline","malware_download","emotet|epoch1|exe|Heodo","guidojoeris.com","85.13.133.109","34788","DE"
"2019-02-11 14:11:57","http://www.theatergruppe-kortsch.it/llc/Invoice/OOts-Q5wmy_VaFEmVmxq-Nx/","offline","malware_download","emotet|Heodo","www.theatergruppe-kortsch.it","85.13.129.104","34788","DE"
"2019-02-08 09:37:21","http://wiebe-sanitaer.de/IzzV_9x3V8-yh/QtE/Transaction_details/02_19/","offline","malware_download","doc|emotet|epoch1|Heodo","wiebe-sanitaer.de","85.13.131.246","34788","DE"
"2019-02-06 01:16:28","http://wiebe-sanitaer.de/SVPMD_RswvB-riIo/qhc/Payments/02_19/","offline","malware_download","doc|emotet|epoch1|Heodo|Nabucur","wiebe-sanitaer.de","85.13.131.246","34788","DE"
"2019-01-31 23:17:45","http://wiebe-sanitaer.de/ATTBusiness/2r5TJ6p_Mryr9Zatb_0WAqVWu0i/","offline","malware_download","doc|emotet|epoch1|Heodo","wiebe-sanitaer.de","85.13.131.246","34788","DE"
"2019-01-29 16:33:24","http://wiebe-sanitaer.de/XxNTd-zIYaB_wSpHU-kW/Ref/8600058563US/Need-to-send-the-attachment/","offline","malware_download","doc|emotet|epoch2|Heodo","wiebe-sanitaer.de","85.13.131.246","34788","DE"
"2019-01-29 08:39:06","http://kamelot.marketing-pr.biz/ql7XeiqG28//","offline","malware_download","doc|emotet|heodo","kamelot.marketing-pr.biz","85.13.165.224","34788","DE"
"2019-01-28 17:28:13","http://kamelot.marketing-pr.biz/PVtMe-r4MK_o-At/Invoice/0777488/US_us/Paid-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","kamelot.marketing-pr.biz","85.13.165.224","34788","DE"
"2019-01-24 15:20:29","http://kamelot.marketing-pr.biz/ql7XeiqG28/","offline","malware_download","emotet|epoch1|exe|Heodo","kamelot.marketing-pr.biz","85.13.165.224","34788","DE"
"2019-01-17 12:58:21","http://diederich.lu/Januar2019/NZKYYMM3444875/Scan/RECH/","offline","malware_download","emotet|epoch2|Heodo","diederich.lu","85.13.134.12","34788","DE"
"2019-01-15 15:38:03","http://www.werbetafel.net/vtgcl5_6OcN/","offline","malware_download","emotet|exe|heodo","www.werbetafel.net","85.13.144.51","34788","DE"
"2018-12-21 02:15:16","http://teising.de/Transaction_details/12_18/","offline","malware_download","emotet|epoch1|Heodo","teising.de","85.13.137.50","34788","DE"
"2018-12-19 21:09:04","http://www.teising.de/Transaction_details/12_18/","offline","malware_download","emotet|epoch1|Heodo","www.teising.de","85.13.137.50","34788","DE"
"2018-12-18 17:01:00","http://www.rabia.info/GioO-pQulDybJ_C-7J/Southwire/VVM17343812/DOC/US_us/Invoice-4847198-December/","offline","malware_download","emotet|epoch2|Heodo","www.rabia.info","85.13.139.242","34788","DE"
"2018-12-18 15:14:32","http://www.next.lesvideosjaunes.eu/5qgF26_0pf2","offline","malware_download","emotet|exe","www.next.lesvideosjaunes.eu","85.13.136.37","34788","DE"
"2018-12-18 13:23:07","http://www.next.lesvideosjaunes.eu/5qgF26_0pf2/","offline","malware_download","emotet|epoch2|exe|Heodo","www.next.lesvideosjaunes.eu","85.13.136.37","34788","DE"
"2018-12-17 22:32:08","http://www.jnetworks.at/content/utB8h1/","offline","malware_download","emotet|epoch2|exe|Heodo","www.jnetworks.at","85.13.152.122","34788","DE"
"2018-11-24 02:25:02","http://gruen-mobil.de/di4N9ljM6/DHLKunden_439875450020573475048.zip","offline","malware_download","zip","gruen-mobil.de","85.13.156.26","34788","DE"
"2018-11-24 01:21:03","http://gruen-mobil.de/di4N9ljM6","offline","malware_download","zip","gruen-mobil.de","85.13.156.26","34788","DE"
"2018-11-19 19:51:18","http://jurischmidt.com/wp-content/9357516OQ/SEP/Commercial/","offline","malware_download","emotet|heodo","jurischmidt.com","85.13.135.242","34788","DE"
"2018-11-19 19:42:14","http://campus-colonia.com/1098FM/com/Business/","offline","malware_download","emotet|heodo","campus-colonia.com","85.13.141.17","34788","DE"
"2018-11-09 06:26:21","http://utcwildon.at/wp-content/uploads/US/Attachments/2018-11/","offline","malware_download","","utcwildon.at","85.13.146.5","34788","DE"
"2018-11-08 23:50:18","http://utcwildon.at/wp-content/uploads/US/Attachments/2018-11","offline","malware_download","","utcwildon.at","85.13.146.5","34788","DE"
"2018-11-08 20:20:23","http://www.utcwildon.at/wp-content/uploads/US/Attachments/2018-11/","offline","malware_download","doc|emotet|epoch1","www.utcwildon.at","85.13.146.5","34788","DE"
"2018-11-08 14:39:56","http://www.utcwildon.at/wp-content/uploads/US/Attachments/2018-11","offline","malware_download","doc|emotet|heodo","www.utcwildon.at","85.13.146.5","34788","DE"
"2018-11-06 15:17:24","http://pandastorm.com/wp-content/uploads/63BFZTHGNX/com/Commercial/","offline","malware_download","doc|emotet|epoch2","pandastorm.com","85.13.129.30","34788","DE"
"2018-11-06 10:24:19","http://pandastorm.com/wp-content/uploads/63BFZTHGNX/com/Commercial","offline","malware_download","doc|emotet|Heodo","pandastorm.com","85.13.129.30","34788","DE"
"2018-10-08 15:23:07","http://pfeiffer-gmbh.com/cms/wp-content/uploads/8289298SHJVRVXC/BIZ/US","offline","malware_download","doc|emotet","pfeiffer-gmbh.com","85.13.137.10","34788","DE"
"2018-10-08 06:31:41","http://campus-colonia.com/1098FM/com/Business","offline","malware_download","doc|emotet|heodo","campus-colonia.com","85.13.141.17","34788","DE"
"2018-10-06 07:28:31","http://pfeiffer-gmbh.com/cms/wp-content/uploads/481900FFXTAAUF/identity/Personal","offline","malware_download","doc|emotet|heodo","pfeiffer-gmbh.com","85.13.137.10","34788","DE"
"2018-10-03 18:44:45","http://jurischmidt.com/wp-content/9357516OQ/SEP/Commercial","offline","malware_download","doc|emotet|heodo","jurischmidt.com","85.13.135.242","34788","DE"
"2018-10-03 15:23:24","http://www.utcwildon.at/wp-content/uploads/661YECGI/PAYMENT/Personal","offline","malware_download","doc|emotet","www.utcwildon.at","85.13.146.5","34788","DE"
"2018-10-03 11:32:03","http://www.utcwildon.at/wp-content/uploads/661YECGI/PAYMENT/Personal/","offline","malware_download","doc|Heodo","www.utcwildon.at","85.13.146.5","34788","DE"
"2018-10-03 10:22:36","http://utcwildon.at/wp-content/uploads/661YECGI/PAYMENT/Personal","offline","malware_download","doc|emotet|Heodo","utcwildon.at","85.13.146.5","34788","DE"
"2018-10-03 04:54:03","http://realcube.com/wp-content/uploads/591842A/ACH/Business","offline","malware_download","doc|emotet|heodo","realcube.com","85.13.138.16","34788","DE"
"2018-10-02 11:13:02","http://eden-iss.net/wp-content/wmFRCFXr","offline","malware_download","emotet|exe|Heodo","eden-iss.net","85.13.128.64","34788","DE"
"2018-10-02 11:12:12","http://travel-junky.de/zzRBdKw","offline","malware_download","emotet|exe|Heodo","travel-junky.de","85.13.162.3","34788","DE"
"2018-09-28 11:18:01","http://franzrogowski.com/200776F/oamo/US/","offline","malware_download","doc|Heodo","franzrogowski.com","85.13.151.94","34788","DE"
"2018-09-28 10:54:05","http://franzrogowski.com/200776F/oamo/US","offline","malware_download","doc|emotet|Heodo","franzrogowski.com","85.13.151.94","34788","DE"
"2018-09-28 10:06:03","http://hs-borg.com/1Y/PAY/Smallbusiness","offline","malware_download","doc|Heodo","hs-borg.com","85.13.156.248","34788","DE"
"2018-09-24 15:31:33","http://flasharts.de/mpz/mp33_beta/MP3D_Installer.exe","offline","malware_download","exe","flasharts.de","85.13.162.162","34788","DE"
"2018-09-19 18:01:19","http://joerg-luedtke.de/7gIpW","offline","malware_download","emotet|exe|Heodo","joerg-luedtke.de","85.13.161.205","34788","DE"
"2018-08-28 04:11:15","http://nicolaisen.de/554ZPGXCAFF/oamo/Smallbusiness","offline","malware_download","doc|emotet|Heodo","nicolaisen.de","85.13.161.81","34788","DE"
"2018-08-24 23:46:46","http://rabacdiving.com/9344V/PAYMENT/Commercial","offline","malware_download","doc|emotet|Heodo","rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-24 14:09:43","http://www.rabacdiving.com/9344V/PAYMENT/Commercial","offline","malware_download","doc|emotet|Heodo","www.rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-23 04:49:22","http://nicolaisen.de/FILE/US/Document-needed/","offline","malware_download","doc|Heodo","nicolaisen.de","85.13.161.81","34788","DE"
"2018-08-22 19:13:07","http://nicolaisen.de/FILE/US/Document-needed","offline","malware_download","doc|emotet|Heodo","nicolaisen.de","85.13.161.81","34788","DE"
"2018-08-16 03:42:28","http://www.rabacdiving.com/Wellsfargo/Commercial/Aug-15-2018/","offline","malware_download","doc|emotet|Heodo","www.rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-15 18:47:10","http://www.rabacdiving.com/Wellsfargo/Commercial/Aug-15-2018","offline","malware_download","doc|emotet|Heodo","www.rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-13 22:23:15","http://www.rabacdiving.com/ROBJLTnW","offline","malware_download","emotet|exe|Heodo","www.rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-09 05:45:18","http://haus-engelstein-travemuende.de/CY9n","offline","malware_download","emotet|exe|Heodo","haus-engelstein-travemuende.de","85.13.154.248","34788","DE"
"2018-08-08 05:06:47","http://haus-engelstein-travemuende.de/LLC/AB48972LHQ/083263/BB-KLW-Aug-06-2018/","offline","malware_download","doc|emotet|heodo","haus-engelstein-travemuende.de","85.13.154.248","34788","DE"
"2018-08-07 10:24:05","http://haus-engelstein-travemuende.de/LLC/AB48972LHQ/083263/BB-KLW-Aug-06-2018","offline","malware_download","doc|emotet|heodo","haus-engelstein-travemuende.de","85.13.154.248","34788","DE"
"2018-08-03 08:01:26","http://haus-engelstein-travemuende.de/files/En_us/Receipt-attached","offline","malware_download","doc|emotet|Heodo","haus-engelstein-travemuende.de","85.13.154.248","34788","DE"
"2018-08-03 05:19:53","http://www.rabacdiving.com/doc/EN_en/Payment-enclosed","offline","malware_download","doc|emotet|Heodo","www.rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-03 04:31:17","http://www.rabacdiving.com/doc/EN_en/Payment-enclosed/","offline","malware_download","doc|emotet|Heodo","www.rabacdiving.com","85.13.166.241","34788","DE"
"2018-08-01 21:17:13","http://haus-engelstein-travemuende.de/files/En_us/Receipt-attached/","offline","malware_download","doc|emotet|epoch2|Heodo","haus-engelstein-travemuende.de","85.13.154.248","34788","DE"
"2018-07-31 22:27:28","http://aktuelldata-ev.de/files/US/Address-Update","offline","malware_download","doc|emotet|heodo","aktuelldata-ev.de","85.13.130.241","34788","DE"
"2018-07-31 18:14:03","http://aktuelldata-ev.de/files/US/Address-Update/","offline","malware_download","Emotet doc macro|Heodo","aktuelldata-ev.de","85.13.130.241","34788","DE"
"2018-07-30 20:26:23","http://haus-engelstein-travemuende.de/sites/En_us/ACCOUNT/Invoice-07-30-18/","offline","malware_download","doc|emotet|epoch2|Heodo","haus-engelstein-travemuende.de","85.13.154.248","34788","DE"
"2018-07-28 05:47:04","http://www.dupke.at/rFQAhttp","offline","malware_download","emotet|heodo|payload","www.dupke.at","85.13.145.203","34788","DE"
"2018-07-27 16:31:21","http://www.dupke.at/rFQA","offline","malware_download","emotet|heodo|payload","www.dupke.at","85.13.145.203","34788","DE"
"2018-07-21 08:18:28","http://reitmaier.de/01cedmfXo","offline","malware_download","emotet|exe|heodo","reitmaier.de","85.13.162.85","34788","DE"
"2018-07-20 03:01:01","https://cornelia-ernst.de/Factura-pagada/","offline","malware_download","doc|emotet|epoch1|Heodo","cornelia-ernst.de","85.13.143.71","34788","DE"
"2018-07-17 23:14:10","http://reitmaier.de/Facturation/","offline","malware_download","doc|emotet|epoch1|Heodo","reitmaier.de","85.13.162.85","34788","DE"
"2018-07-11 07:37:43","http://dr-popa.com/newsletter/GER/DOC/Bezahlen-Sie-die-Rechnung-0020-795/","offline","malware_download","doc|emotet|heodo","dr-popa.com","85.13.145.52","34788","DE"
"2018-07-11 03:55:47","http://fashionattitude.de/Rechnung/","offline","malware_download","doc|emotet|epoch1","fashionattitude.de","85.13.130.84","34788","DE"
"2018-07-10 09:52:21","http://www.fashionattitude.de/Rechnung/","offline","malware_download","doc|emotet|heodo","www.fashionattitude.de","85.13.130.84","34788","DE"
"2018-07-09 18:56:17","http://laboria.de/newsletter/EN_en/STATUS/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|heodo","laboria.de","85.13.167.26","34788","DE"
"2018-07-09 16:34:21","http://laboria.de/default/US_us/New-Order-Upcoming/Order-1002867446/","offline","malware_download","Heodo","laboria.de","85.13.167.26","34788","DE"
"2018-07-09 13:58:05","http://www.laboria.de/default/US_us/New-Order-Upcoming/Order-1002867446/","offline","malware_download","doc|emotet|Heodo","www.laboria.de","85.13.167.26","34788","DE"
"2018-07-06 05:16:13","http://dr-popa.com/The-FOURTH-of-July-2018/","offline","malware_download","doc|emotet|heodo","dr-popa.com","85.13.145.52","34788","DE"
"2018-07-05 07:09:24","http://www.fashionattitude.de/Independence-Day-Greetings/","offline","malware_download","doc|emotet|heodo","www.fashionattitude.de","85.13.130.84","34788","DE"
"2018-07-04 10:45:11","http://www.rokka.eu/test/111post.bin","offline","malware_download","Azorult","www.rokka.eu","85.13.162.179","34788","DE"
"2018-07-04 10:18:03","http://www.rokka.eu/test/111post.exe","offline","malware_download","exe|Gozi","www.rokka.eu","85.13.162.179","34788","DE"
"2018-07-02 16:26:30","http://dr-popa.com/Greeting-eCard/","offline","malware_download","doc|emotet|heodo","dr-popa.com","85.13.145.52","34788","DE"
"2018-07-01 06:43:23","http://dr-popa.com/ACCOUNT/Please-pull-invoice-705924/","offline","malware_download","Heodo","dr-popa.com","85.13.145.52","34788","DE"
"2018-06-27 03:30:04","http://www.dr-popa.com/ACCOUNT/Please-pull-invoice-705924/","offline","malware_download","doc|emotet|epoch2|Heodo","www.dr-popa.com","85.13.145.52","34788","DE"
"2018-06-19 23:12:03","http://www.caroline-bell.com/STATUS/Invoice-5052827/","offline","malware_download","doc|emotet|epoch2|Heodo","www.caroline-bell.com","85.13.166.179","34788","DE"
"2018-06-11 14:41:03","http://luxartscreendesign.de/IRS-TRANSCRIPTS-2776/","offline","malware_download","doc|emotet|epoch1|Heodo","luxartscreendesign.de","85.13.157.137","34788","DE"
"2018-06-07 16:21:02","http://sandwichpicker.com/ups.com/WebTracking/EL-9320270/","offline","malware_download","doc|emotet|epoch1|Heodo","sandwichpicker.com","85.13.141.242","34788","DE"
"2018-06-05 17:17:14","http://vts-folientechnik.de/js/WamX8wRQa/","offline","malware_download","emotet|Heodo|payload","vts-folientechnik.de","85.13.166.225","34788","DE"
"2018-06-05 16:12:28","http://dolmetscherbueromueller.de/wp-content/plugins/gxp/3","offline","malware_download","","dolmetscherbueromueller.de","85.13.161.175","34788","DE"
"2018-06-05 16:12:17","http://dolmetscherbueromueller.de/wp-content/plugins/gxp/2","offline","malware_download","","dolmetscherbueromueller.de","85.13.161.175","34788","DE"
"2018-06-05 16:12:14","http://dolmetscherbueromueller.de/wp-content/plugins/gxp/1","offline","malware_download","","dolmetscherbueromueller.de","85.13.161.175","34788","DE"
"2018-06-05 16:10:10","http://ralfkisch.de/FORM/Rech/","offline","malware_download","doc|emotet|Heodo","ralfkisch.de","85.13.138.242","34788","DE"
"2018-06-04 22:14:40","http://luxartscreendesign.de/Client/Invoice/","offline","malware_download","doc|emotet|Heodo","luxartscreendesign.de","85.13.157.137","34788","DE"
"2018-06-01 22:51:42","http://vts-folientechnik.de/Vos-facture-impayee/","offline","malware_download","doc|emotet|Heodo","vts-folientechnik.de","85.13.166.225","34788","DE"
"2018-06-01 17:12:31","http://sandwichpicker.com/Facturation/","offline","malware_download","doc|emotet|Heodo","sandwichpicker.com","85.13.141.242","34788","DE"
"2018-05-31 22:56:20","http://architektcordes.de/Inv-0213475/","offline","malware_download","doc|emotet|Heodo","architektcordes.de","85.13.161.212","34788","DE"
"2018-05-30 18:46:32","http://networkproductions.de/ups.com/WebTracking/ICI-445093075901096/","offline","malware_download","doc|emotet|Heodo","networkproductions.de","85.13.130.178","34788","DE"
"2018-05-30 14:56:41","http://luxartscreendesign.de/Facture-impayee-30/05/2018/","offline","malware_download","doc|emotet|Heodo","luxartscreendesign.de","85.13.157.137","34788","DE"
"2018-05-29 19:21:05","http://reitmaier.de/STATUS/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|Heodo","reitmaier.de","85.13.162.85","34788","DE"
"2018-05-29 16:53:34","http://sandwichpicker.com/Notification-de-facture/","offline","malware_download","doc|emotet|Heodo","sandwichpicker.com","85.13.141.242","34788","DE"
"2018-05-25 17:21:20","http://sorafilm.it/wp-admin/images/7777.exe","offline","malware_download","7b75c36983aecee28cde6b85958845b8|gandcrab|ransomware|Ransomware.GandCrab","sorafilm.it","85.13.132.231","34788","DE"
"2018-05-25 06:26:41","http://das-team.tv/Zahlung/Ihre-Rechnung-vom-25.05.2018/","offline","malware_download","doc|emotet|Heodo","das-team.tv","85.13.131.57","34788","DE"
"2018-05-24 08:06:40","http://das-team.tv/FILE/Emailing-X093230GZ-82509/","offline","malware_download","doc|emotet|heodo","das-team.tv","85.13.131.57","34788","DE"
"2018-05-19 16:00:01","http://das-team.tv/FR18/","offline","malware_download","","das-team.tv","85.13.131.57","34788","DE"
"2018-05-17 15:34:27","https://cornelia-ernst.de/0zJV/","offline","malware_download","emotet","cornelia-ernst.de","85.13.143.71","34788","DE"
"2018-05-16 14:50:42","http://architektcordes.de/j3HQad0RsSpH6Gs/","offline","malware_download","doc|emotet|Heodo","architektcordes.de","85.13.161.212","34788","DE"
"2018-05-16 05:07:38","http://dimex-export.de/JBetH0kXP7G/","offline","malware_download","","dimex-export.de","85.13.165.112","34788","DE"
"2018-05-15 11:44:56","http://das-team.tv/5bzIcV6/","offline","malware_download","doc|emotet","das-team.tv","85.13.131.57","34788","DE"
"2018-05-14 18:38:56","http://architektcordes.de/jNVmItyUnreIO8/","offline","malware_download","doc|emotet|Heodo","architektcordes.de","85.13.161.212","34788","DE"
"2018-05-10 19:49:58","http://heizlastberechnung.net/referenzen/topleft.exe","offline","malware_download","exe|Pony","heizlastberechnung.net","85.13.139.19","34788","DE"
"2018-05-10 15:48:33","http://destroit.eu/Gh7p8mcbv6Tfp6K/","offline","malware_download","doc|emotet|Heodo","destroit.eu","85.13.145.215","34788","DE"
"2018-05-08 17:03:27","http://architektcordes.de/edNmcQWx5nMZk/","offline","malware_download","doc|emotet|Heodo","architektcordes.de","85.13.161.212","34788","DE"
"2018-04-24 16:02:28","http://reitmaier.de/Question/","offline","malware_download","Doc|Emotet","reitmaier.de","85.13.162.85","34788","DE"
"2018-04-13 05:10:17","http://sandwichpicker.com/HU-8576875554839/","offline","malware_download","doc|emotet|heodo","sandwichpicker.com","85.13.141.242","34788","DE"
"2018-04-06 05:44:26","http://eskimue.de/INVOICE/BS-344733601140174/","offline","malware_download","doc|emotet|heodo","eskimue.de","85.13.149.198","34788","DE"
"2018-04-06 05:41:47","http://das-team.tv/QDS-20433690/","offline","malware_download","doc|emotet|heodo","das-team.tv","85.13.131.57","34788","DE"
"2018-04-06 05:36:43","http://sandwichpicker.com/AMA-493956174139762/","offline","malware_download","doc|emotet|heodo","sandwichpicker.com","85.13.141.242","34788","DE"
"2018-04-05 17:13:29","http://destroit.eu/Lh7EO/","offline","malware_download","emotet","destroit.eu","85.13.145.215","34788","DE"
"2018-04-04 11:10:20","http://virtual-power.de/ACH-FORM/RTZ-8597/","offline","malware_download","doc|emotet|heodo","virtual-power.de","85.13.162.56","34788","DE"
"2018-04-04 11:05:21","http://haberkern-online.de/JE-166488940403586/","offline","malware_download","doc|emotet|heodo","haberkern-online.de","85.13.154.85","34788","DE"
"2018-03-29 05:21:04","http://kosmetikinstitut-apart.de/WIRE-FORM/JE-4251687971468/","offline","malware_download","doc|emotet|heodo","kosmetikinstitut-apart.de","85.13.128.68","34788","DE"
"2018-03-14 07:54:06","http://molly-dating.de/EIlq/","offline","malware_download","Emotet|exe|Heodo","molly-dating.de","85.13.134.8","34788","DE"
# of entries: 238