##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 07:16:24 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS40092
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-06-20 15:00:14","https://demo.boskon.com.au/?u=script","offline","malware_download","js|strelastealer|svg","demo.boskon.com.au","66.102.133.180","40092","CA"
"2024-09-21 06:22:06","https://www.urnammu.org/wp-content/plugins/z-downloads/","offline","malware_download","BruteRatel","www.urnammu.org","66.102.132.32","40092","CA"
"2024-02-08 18:13:07","https://nutritionaloncology.org/4jyta/","offline","malware_download","","nutritionaloncology.org","66.102.132.133","40092","CA"
"2024-02-06 07:56:09","https://pamperpod.co.nz/kPRkOAHlMT38.bin","offline","malware_download","encrypted|GuLoader","pamperpod.co.nz","66.102.132.192","40092","CA"
"2024-01-19 12:01:08","http://visionchallenge.org.au/twos.exe","offline","malware_download","dropped-by-smokeloader","visionchallenge.org.au","66.102.133.24","40092","CA"
"2024-01-15 14:06:06","https://stoneyarchkennels.com/mega.js","offline","malware_download","","stoneyarchkennels.com","190.180.145.98","40092","IE"
"2023-12-19 15:06:15","https://glubbar.com/6r8jp/","offline","malware_download","TR","glubbar.com","194.146.104.10","40092","US"
"2023-12-07 10:40:40","https://progressiveconcrete.com.au/me/","offline","malware_download","msi|Pikabot|TA577|TR|zip","progressiveconcrete.com.au","66.102.128.81","40092","CA"
"2023-11-26 08:31:13","http://cynshare.com/amd.exe","offline","malware_download","Amadey|amandey","cynshare.com","66.102.133.110","40092","CA"
"2023-11-22 22:50:10","http://cynorix.com/netTimer.exe","offline","malware_download","AgentTesla|dropped-by-PrivateLoader|njrat|Phonk","cynorix.com","66.102.133.110","40092","CA"
"2023-10-23 15:45:33","https://fokabs.com/tlid/","offline","malware_download","TA577|TR","fokabs.com","103.26.141.194","40092","CA"
"2023-10-05 13:22:15","https://actecksoft.com/do/?1","offline","malware_download","Pikabot|TR","actecksoft.com","172.96.176.118","40092","CA"
"2023-09-29 08:39:08","http://blindsportssa.org.au/save.exe","offline","malware_download","exe|RedLineStealer","blindsportssa.org.au","66.102.133.24","40092","CA"
"2023-08-09 08:31:15","http://walleyewanderers.ca/somn64win.dll","offline","malware_download","dropped-by-amadey|SystemBC","walleyewanderers.ca","66.102.137.74","40092","CA"
"2023-07-17 11:46:09","https://arcq.info/download/File.7z?pfile=file.zip","offline","malware_download","1234|7z|password-protected","arcq.info","66.102.137.52","40092","CA"
"2023-05-31 21:05:45","https://writesongs.com/rrrp/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","writesongs.com","66.102.137.52","40092","CA"
"2023-05-30 16:50:39","https://writesongs.com/esmq/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","writesongs.com","66.102.137.52","40092","CA"
"2023-05-30 12:09:38","https://writesongs.com/ii/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","writesongs.com","66.102.137.52","40092","CA"
"2023-05-26 05:29:09","https://ycnexgroup.com/download/Install_pass1234.7z","offline","malware_download","1234|7z|password-protected","ycnexgroup.com","199.204.250.81","40092","US"
"2023-05-19 13:21:11","https://ridersintl.org/vincent-sewe/f1.ps1","offline","malware_download","ascii|NetSupport|PowerShell|ps|RAT","ridersintl.org","66.102.128.49","40092","CA"
"2023-05-16 11:26:06","https://rossandmorrison.com/mldu/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","rossandmorrison.com","45.56.219.214","40092","CA"
"2023-05-15 15:15:14","https://rossandmorrison.com/des/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","rossandmorrison.com","45.56.219.214","40092","CA"
"2023-05-11 11:58:12","https://rossandmorrison.com/dr/","offline","malware_download","BB27|geofenced|js|Qakbot|Quakbot|USA","rossandmorrison.com","45.56.219.214","40092","CA"
"2023-05-10 15:08:12","https://rossandmorrison.com/oeq/","offline","malware_download","BB27|geofenced|js|Qakbot|Quakbot|USA","rossandmorrison.com","45.56.219.214","40092","CA"
"2023-05-05 14:13:12","https://iotil.com.mx/pis/","offline","malware_download","BB26|geofenced|js|Qakbot|Quakbot|USA|zip","iotil.com.mx","172.96.178.66","40092","CA"
"2023-05-02 13:08:15","https://ycnexgroup.com/download/File_pass1234.7z","offline","malware_download","1234|7z|password-protected","ycnexgroup.com","199.204.250.81","40092","US"
"2023-04-25 17:05:16","http://rossandmorrison.com/cache/rentfree.zip","offline","malware_download","geofenced|obama256|Qakbot|Quakbot|wsf|zip","rossandmorrison.com","45.56.219.214","40092","CA"
"2023-04-25 12:58:26","https://drhectorpaniagua.com.mx/lrut/eligendinumquam.php","offline","malware_download","BB25|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","drhectorpaniagua.com.mx","172.96.178.66","40092","CA"
"2023-04-19 12:48:43","https://hatech.com.mx/vnam/praesentiumconsequuntur.php","offline","malware_download","921|BB24|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","hatech.com.mx","172.96.178.66","40092","CA"
"2023-04-19 12:47:18","https://e-corporate.com.mx/uneq/sequia.php","offline","malware_download","921|BB24|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","e-corporate.com.mx","172.96.178.66","40092","CA"
"2023-04-11 13:44:12","https://writesongs.com/etao/etao.php","offline","malware_download","BB23|geofenced|Qakbot|Qbot|Quakbot|R89|tr|USA|wsf|zip","writesongs.com","66.102.137.52","40092","CA"
"2023-03-09 12:10:14","http://johnstewartstudies.org/clL1rQdzP1XCeJa5O3Z/","offline","malware_download","dll|emotet|epoch4|Heodo|zip","johnstewartstudies.org","200.69.17.201","40092","US"
"2023-02-22 06:45:24","https://ycnexgroup.com/upload/Setup_pass1234.zip","offline","malware_download","1234|password-protected|zip","ycnexgroup.com","199.204.250.81","40092","US"
"2022-12-22 20:06:31","https://writesongs.com/PIIQ.php","offline","malware_download","B1|BB11|ISO|Qakbot|Qbot|Quakbot|TR|U22|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-20 20:55:13","https://writesongs.com/trmm/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-20 17:27:17","https://writesongs.com/ivdo/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-19 16:41:19","https://writesongs.com/si/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-15 17:36:13","https://writesongs.com/ta/index.php","offline","malware_download","50000|E17|gozi|ISFB|ISO|PM11|TR|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-14 16:16:49","https://writesongs.com/ee/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-13 21:51:44","https://writesongs.com/iuu/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","writesongs.com","66.102.137.52","40092","CA"
"2022-12-05 18:09:50","https://varevenementiel.fr/oau/index.php?QBOT.zip","offline","malware_download","BB09|N54|qakbot|qbot|quakbot|TR|VHD|zip","varevenementiel.fr","45.56.223.75","40092","CA"
"2022-09-29 12:01:06","http://200.69.19.101:37855/i","offline","malware_download","32-bit|ELF|MIPS|Mozi","200.69.19.101","200.69.19.101","40092","US"
"2022-06-09 19:08:04","https://acfm.ca/upload/tmp/load.exe","offline","malware_download","32|exe|Smoke Loader","acfm.ca","66.102.128.117","40092","CA"
"2022-06-09 18:46:05","https://acfm.ca/upload/load.exe","offline","malware_download","32|exe|Smoke Loader","acfm.ca","66.102.128.117","40092","CA"
"2022-05-21 21:13:04","http://picsmaker.com/cgi-bin/OEEtgXEetqIvVsq/","offline","malware_download","emotet|epoch4|exe|Heodo","picsmaker.com","199.204.250.24","40092","US"
"2022-05-18 20:42:07","http://picsmaker.com/cgi-bin/jWdUsHIsoD/","offline","malware_download","dll|emotet|epoch4|heodo","picsmaker.com","199.204.250.24","40092","US"
"2022-04-14 14:04:33","https://donogilvie.net/eep/etut","offline","malware_download","qakbot|qbot|Quakbot|tr","donogilvie.net","45.56.221.16","40092","CA"
"2022-04-14 14:04:25","https://donogilvie.net/eep/dorlouqo","offline","malware_download","qakbot|qbot|Quakbot|tr","donogilvie.net","45.56.221.16","40092","CA"
"2022-04-14 14:03:31","https://donogilvie.net/eep/iueqa","offline","malware_download","qakbot|qbot|Quakbot|tr","donogilvie.net","45.56.221.16","40092","CA"
"2022-04-14 14:03:21","https://donogilvie.net/eep/msrrcpooatiorpe","offline","malware_download","qakbot|qbot|Quakbot|tr","donogilvie.net","45.56.221.16","40092","CA"
"2022-02-24 19:03:05","https://marineboyrecords.com/font-awesome/t37LOj/","offline","malware_download","emotet|epoch5|exe|Heodo","marineboyrecords.com","190.180.145.25","40092","IE"
"2022-02-03 16:31:23","https://marineboyrecords.com/font-awesome/QBBByHDDYl0slxlQ/","offline","malware_download","dll|emotet|epoch5|heodo","marineboyrecords.com","190.180.145.25","40092","IE"
"2022-01-05 17:50:35","https://lumenhomes.ca/zoptr.exe","offline","malware_download","AveMaria|AveMariaRAT|exe|WarzoneRAT","lumenhomes.ca","66.102.132.19","40092","CA"
"2022-01-05 01:45:10","http://lumenhomes.ca/1.exe","offline","malware_download","32|exe|RemcosRAT","lumenhomes.ca","66.102.132.19","40092","CA"
"2022-01-04 22:02:06","https://lumenhomes.ca/remcos_a.exe","offline","malware_download","32|exe|RemcosRAT","lumenhomes.ca","66.102.132.19","40092","CA"
"2022-01-04 21:54:04","https://lumenhomes.ca/4.exe","offline","malware_download","32|exe|RemcosRAT","lumenhomes.ca","66.102.132.19","40092","CA"
"2022-01-04 20:13:04","https://lumenhomes.ca/coo.exe","offline","malware_download","AveMaria|AveMariaRAT|exe|WarzoneRAT","lumenhomes.ca","66.102.132.19","40092","CA"
"2021-09-18 12:52:08","http://200.69.19.100:40222/Mozi.a","offline","malware_download","elf|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-09-13 19:29:05","http://200.69.19.100:40222/i","offline","malware_download","32-bit|ELF|MIPS|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-09-13 19:00:10","http://200.69.19.100:40222/bin.sh","offline","malware_download","32-bit|ELF|MIPS|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-09-12 09:51:06","http://200.69.19.100:40222/Mozi.m","offline","malware_download","elf|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-09-08 15:18:04","http://paidinsunshine.com/profligate.php","offline","malware_download","doc|hancitor|html","paidinsunshine.com","200.69.18.145","40092","US"
"2021-09-06 17:01:13","http://200.69.19.100:33230/i","offline","malware_download","32-bit|ELF|MIPS|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-09-06 16:07:10","http://200.69.19.100:33230/Mozi.m","offline","malware_download","elf|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-09-02 00:22:05","http://200.69.19.100:33230/bin.sh","offline","malware_download","32-bit|ELF|MIPS|Mozi","200.69.19.100","200.69.19.100","40092","US"
"2021-08-18 06:10:05","https://exascale.ca/m1.dll","offline","malware_download","dll","exascale.ca","66.102.132.118","40092","CA"
"2021-06-21 19:46:11","https://niirit.com/COPYRIGHT/gqXs0Qm85x.php","offline","malware_download","Dridex","niirit.com","66.102.132.197","40092","CA"
"2021-05-26 19:36:36","https://firstcanadianmedical.ca/wp-admin/2thsRO3R.php","offline","malware_download","Dridex","firstcanadianmedical.ca","66.102.128.189","40092","CA"
"2021-05-26 12:59:11","https://jetone.com.au/dora-carter-jr-/SophiaJones-1.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","jetone.com.au","45.56.216.16","40092","CA"
"2021-05-05 18:01:06","https://www.iglobine.com/env/skins/default/print/images/tCMNr6AtcWKkuzw.php","offline","malware_download","Dridex","www.iglobine.com","208.79.219.86","40092","CA"
"2021-04-20 22:55:06","https://walidtourism.com/47U7/catalogue-43.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","walidtourism.com","45.56.221.112","40092","CA"
"2021-04-20 14:03:31","https://walidtourism.com/47U7/catalogue-35.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","walidtourism.com","45.56.221.112","40092","CA"
"2021-04-19 22:53:42","https://walidtourism.com/3LDmT/catalogue-20.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","walidtourism.com","45.56.221.112","40092","CA"
"2020-12-03 00:23:08","https://vcah.co.uk/zcgsra.zip","offline","malware_download","dll|dridex","vcah.co.uk","66.102.128.49","40092","CA"
"2020-11-24 18:23:08","http://vcah.co.uk/ef9y6la.rar","offline","malware_download","dridex","vcah.co.uk","66.102.128.49","40092","CA"
"2020-11-23 19:00:07","https://vcah.co.uk/ef9y6la.rar","offline","malware_download","Dridex","vcah.co.uk","66.102.128.49","40092","CA"
"2020-11-17 10:19:07","http://oceanparkstampauction.com/Bidder_Setup.exe","offline","malware_download","exe","oceanparkstampauction.com","66.102.132.133","40092","CA"
"2020-11-09 14:18:13","https://cartagoimports.p2plendingexpert.com/qixre7.gif","offline","malware_download","dll|Dridex","cartagoimports.p2plendingexpert.com","45.56.223.169","40092","CA"
"2020-11-05 19:45:05","https://susansquires.com/2014-style2.php","offline","malware_download","dll|zloader","susansquires.com","199.204.250.24","40092","US"
"2020-10-29 00:12:06","http://baedekker.com/forum/Yqm8lkxUhqmhWISSsK3vmMledx0PnIqwkD6gq5Hi/","offline","malware_download","doc|emotet|epoch2|Heodo","baedekker.com","66.102.133.175","40092","CA"
"2020-10-28 10:36:05","https://baedekker.com/forum/Yqm8lkxUhqmhWISSsK3vmMledx0PnIqwkD6gq5Hi/","offline","malware_download","doc|emotet|epoch2|Heodo","baedekker.com","66.102.133.175","40092","CA"
"2020-09-30 12:41:30","https://count.mail.163.com.impactmedfoundation.com/fn58ds.pdf","offline","malware_download","Dridex|exe","count.mail.163.com.impactmedfoundation.com","200.69.17.201","40092","US"
"2020-09-22 06:35:56","https://athenstavern.com/app.php","offline","malware_download","","athenstavern.com","200.69.17.201","40092","US"
"2020-08-18 00:11:05","http://janakre.com/opusliere.com/available-zone/external-Ulza68Deq5-vkP08mPf3gp/99541603918692-uao94/","offline","malware_download","doc|emotet|epoch1|Heodo","janakre.com","66.102.133.221","40092","CA"
"2020-08-17 22:53:05","https://overcreative.com/css/common-IDDWxkjn-jZNG8S49/VyMf0XaO-KBDkdagHdm-portal/0407848-cHlmFlnZ/","offline","malware_download","doc|emotet|epoch1|heodo","overcreative.com","66.102.133.66","40092","CA"
"2020-08-12 06:46:25","http://janakre.com/Lf0709YEdM/nOAYwJZnK/","offline","malware_download","doc|emotet|epoch3|Heodo","janakre.com","66.102.133.221","40092","CA"
"2020-08-12 02:22:20","http://overcreative.com/css/PHY/","offline","malware_download","doc|emotet|epoch3","overcreative.com","66.102.133.66","40092","CA"
"2020-08-11 14:39:09","http://tksb.net/serenna/open-zone/h3jvaIWJT-cT5geY4dZ-portal/7e6sq-6uxwu6ty581x/","offline","malware_download","doc|emotet|epoch1|heodo","tksb.net","66.102.132.248","40092","CA"
"2020-08-11 12:55:50","https://overcreative.com/css/PHY/","offline","malware_download","doc|emotet|epoch3|Heodo","overcreative.com","66.102.133.66","40092","CA"
"2020-08-07 12:25:51","https://overcreative.com/css/fgn_al1_gav0/","offline","malware_download","emotet|epoch2|exe|Heodo","overcreative.com","66.102.133.66","40092","CA"
"2020-08-07 05:29:03","http://janakre.com/Lf0709YEdM/common-awoxggw7ekyp8-i0viklmqgssnywr/interior-forum/rGzDDm-IoLdw551s/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","janakre.com","66.102.133.221","40092","CA"
"2020-08-06 12:24:34","http://tksb.net/serenna/personal-sector/dtcmb-7d2m-cloud/nllezkuwdnn1n92-236u472xxw03x/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","tksb.net","66.102.132.248","40092","CA"
"2020-07-31 18:46:13","http://gvits.co.uk/css/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","gvits.co.uk","66.102.128.49","40092","CA"
"2020-07-31 11:00:03","http://overcreative.com/css/y35yu2/j0t17991379438ny1ndfquvf7o9se4scil9z/","offline","malware_download","doc|emotet|epoch2","overcreative.com","66.102.133.66","40092","CA"
"2020-07-31 06:24:12","https://overcreative.com/css/y35yu2/j0t17991379438ny1ndfquvf7o9se4scil9z/","offline","malware_download","doc|emotet|epoch2|Heodo","overcreative.com","66.102.133.66","40092","CA"
"2020-07-30 11:01:18","http://janakre.com/Lf0709YEdM/eTrac/zsf9ft4i8c6p/","offline","malware_download","doc|emotet|epoch2|heodo","janakre.com","66.102.133.221","40092","CA"
"2020-07-29 13:37:03","http://gvits.co.uk/img/parts_service/mqb4765620800764364dlcxfteuixyn79d9m43d/","offline","malware_download","doc|emotet|epoch2|Heodo","gvits.co.uk","66.102.128.49","40092","CA"
"2020-07-28 01:17:05","http://www.catamountcenter.org/OLDSITE/protected-box/security-cloud/609076864-lGLAe/","offline","malware_download","doc|emotet|epoch1","www.catamountcenter.org","200.69.17.230","40092","US"
"2020-07-27 17:54:11","https://www.catamountcenter.org/OLDSITE/protected-box/security-cloud/609076864-lGLAe/","offline","malware_download","doc|emotet|epoch1|heodo","www.catamountcenter.org","200.69.17.230","40092","US"
"2020-04-09 17:23:36","http://destinationpinnacle.com/slider/95638/95638.zip","offline","malware_download","Qakbot|qbot|zip","destinationpinnacle.com","200.69.18.139","40092","US"
"2020-04-08 15:43:33","http://destinationpinnacle.com/slider/58793056/58793056.zip","offline","malware_download","Qakbot|qbot|zip","destinationpinnacle.com","200.69.18.139","40092","US"
"2020-04-07 20:14:55","http://destinationpinnacle.com/slider/64211326.zip","offline","malware_download","qakbot|qbot|zip","destinationpinnacle.com","200.69.18.139","40092","US"
"2020-02-05 12:00:37","http://nealhunterhyde.com/FingerlickinFierce/common_zone/6005444727_XxnHf5_portal/98nsye_tt3vu/","offline","malware_download","doc|emotet|epoch1|heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2020-01-29 10:20:05","http://nealhunterhyde.com/HappyWellBe/esp/hhf76q7p/","offline","malware_download","doc|emotet|epoch2|heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2020-01-21 19:24:07","http://iglesiaverbo.ca/administrator/hy-h1n87-215189/","offline","malware_download","doc|emotet|epoch3|heodo","iglesiaverbo.ca","200.69.19.43","40092","US"
"2020-01-14 07:24:35","http://nealhunterhyde.com/HappyWellBe/Ld728989/","offline","malware_download","emotet|epoch1|exe|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-12-19 01:46:05","http://catamountcenter.org/OLDSITE/346291489/38hqx8oo4c/","offline","malware_download","doc|emotet|epoch2|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-12-18 22:36:04","http://nealhunterhyde.com/HappyWellBe/swift/2b8dmae6qx/","offline","malware_download","doc|emotet|epoch2|heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-12-18 21:01:04","http://triadjourney.com/elements/DOC/aq7kj-7389256506-374291132-fiz6vszx9o0-dwr7/","offline","malware_download","doc|emotet|epoch2|heodo","triadjourney.com","200.69.17.230","40092","US"
"2019-12-12 23:08:06","http://justbill.co.uk/info/LLC/bhzr0f1svau1/8zv1wn-1258129-0747-i0l3la-0d5tkcd/","offline","malware_download","doc|emotet|epoch2|heodo","justbill.co.uk","66.102.133.66","40092","CA"
"2019-11-18 20:08:40","https://www.patrickblay.com/lkg/451jpm/","offline","malware_download","emotet|epoch2|exe|Heodo","www.patrickblay.com","66.102.133.18","40092","CA"
"2019-10-08 14:27:13","http://ooch.co.uk/upload/images/1c.jpg","offline","malware_download","exe|Troldesh","ooch.co.uk","199.204.250.88","40092","US"
"2019-10-08 12:50:08","http://ooch.co.uk/styles/2c.jpg","offline","malware_download","exe|Troldesh","ooch.co.uk","199.204.250.88","40092","US"
"2019-09-16 13:15:28","http://www.inesmanila.com/cgi-bin/otxpnmxm-3okvb2-29756/","offline","malware_download","emotet|exe|heodo","www.inesmanila.com","45.56.216.160","40092","CA"
"2019-07-24 08:57:14","http://geteffective.biz/aloiuy.exe","offline","malware_download","Trickbot","geteffective.biz","66.102.137.19","40092","CA"
"2019-05-31 19:41:03","http://garel.co.uk/Document/tbZYZiEYgTehWPwTHSSWOKw/","offline","malware_download","doc|emotet|epoch2|Heodo","garel.co.uk","66.102.133.156","40092","CA"
"2019-05-28 15:34:03","http://adminwhiz.ca/FTPwhiz/jgldbTNBgBbUHdmt/","offline","malware_download","doc|emotet|epoch2|Heodo","adminwhiz.ca","66.102.128.117","40092","CA"
"2019-05-22 22:38:06","http://lekei.ca/ecard/images/css/parts_service/y5ut8akutvb3d35tipvisdkntq91_afo5x-4801493307/","offline","malware_download","doc|Emotet|epoch2|Heodo","lekei.ca","66.102.137.74","40092","CA"
"2019-05-22 11:31:04","http://adminwhiz.ca/FTPwhiz/Inf/wp263xuemluf2emkg_2sizfv716-508435817400199/","offline","malware_download","doc|Emotet|epoch2|Heodo","adminwhiz.ca","66.102.128.117","40092","CA"
"2019-05-20 18:21:04","https://overcreative.com/css/shecgesia_cjtf7s6-2586658720/","offline","malware_download","emotet|epoch2|exe|Heodo","overcreative.com","66.102.133.66","40092","CA"
"2019-05-16 10:48:20","http://myscs.ca/1124_938_0029.php","offline","malware_download","Dyre|exe|trickbot","myscs.ca","66.102.133.54","40092","CA"
"2019-05-13 22:51:08","http://xginformatica.com/aydasesores.com/g0183/","offline","malware_download","emotet|epoch1|exe|Heodo","xginformatica.com","66.102.137.36","40092","CA"
"2019-05-11 05:59:35","http://www.digitalmidget.com/llama-speak/aCBPrpdBwjmbEF/","offline","malware_download","emotet|epoch2","www.digitalmidget.com","66.102.128.43","40092","CA"
"2019-05-10 05:01:08","http://xginformatica.com/aydasesores.com/LLC/qulNXemGvExWiOtrr/","offline","malware_download","emotet|epoch2","xginformatica.com","66.102.137.36","40092","CA"
"2019-05-09 18:12:43","http://www.lounadekker.com/wp-admin/zvxgww-80coo17-ovbsxcu/","offline","malware_download","epoch2","www.lounadekker.com","200.69.17.154","40092","US"
"2019-05-08 20:52:03","http://groupegps.com/twilio/Pages/vWFQSSMXn/","offline","malware_download","doc|emotet|epoch2","groupegps.com","66.102.133.54","40092","CA"
"2019-05-08 20:38:03","http://gvits.co.uk/img/OhnsxabZ/","offline","malware_download","doc|emotet|epoch2","gvits.co.uk","66.102.128.49","40092","CA"
"2019-05-08 15:48:08","http://digitalmidget.com/llama-speak/RpWlt-ALzUMvZjjTWZJ6i_ilUpaplU-7np/","offline","malware_download","emotet|epoch1|Heodo","digitalmidget.com","66.102.128.43","40092","CA"
"2019-05-08 09:30:03","http://ddraiggoch.co.uk/family/uwfx-edvl1c7-pkyfb/","offline","malware_download","doc|emotet|epoch2|Heodo","ddraiggoch.co.uk","66.102.133.221","40092","CA"
"2019-05-08 06:09:06","http://stahlke.ca/svchost.exe","offline","malware_download","exe","stahlke.ca","66.102.133.250","40092","CA"
"2019-05-08 05:29:06","http://stahlke.ca/Quasar.exe","offline","malware_download","exe|QuasarRAT","stahlke.ca","66.102.133.250","40092","CA"
"2019-05-07 20:35:33","http://www.digitalmidget.com/llama-speak/RpWlt-ALzUMvZjjTWZJ6i_ilUpaplU-7np/","offline","malware_download","doc|emotet|epoch1|Heodo","www.digitalmidget.com","66.102.128.43","40092","CA"
"2019-05-06 21:50:13","http://garel.co.uk/Szs0514JGxP/open.EN.myacc.public.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","garel.co.uk","66.102.133.156","40092","CA"
"2019-05-06 20:41:02","http://xginformatica.com/aydasesores.com/DOC/3z96sxsf86p8i3pqji0_7xr6ckmfxd-3681421790197/","offline","malware_download","doc|emotet|epoch2|Heodo","xginformatica.com","66.102.137.36","40092","CA"
"2019-05-01 05:52:04","http://lotussim.com/Scripts/Scan/UqKtVMyo94v/","offline","malware_download","Emotet|Heodo","lotussim.com","66.102.132.32","40092","CA"
"2019-04-30 18:07:04","http://carcounsel.com/hid/sec.accs.resourses.com/","offline","malware_download","doc|emotet|epoch1|Heodo","carcounsel.com","200.69.18.139","40092","US"
"2019-04-29 22:40:03","http://nealhunterhyde.com/HappyWellBe/verif.myacc.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-29 17:52:32","http://tksb.net/DHL-tracking-1534878060/Scan/JQWgEI5u0Amg/","offline","malware_download","Emotet|Heodo","tksb.net","66.102.132.248","40092","CA"
"2019-04-26 23:22:02","http://nealhunterhyde.com/HappyWellBe/yZpx-SD0QB1hntvs3yah_vMticWOd-mMG/","offline","malware_download","doc|emotet|epoch1","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-26 19:23:04","http://tksb.net/DHL-tracking-1534878060/INC/nqKqx9gy/","offline","malware_download","doc|emotet|epoch2|Heodo","tksb.net","66.102.132.248","40092","CA"
"2019-04-25 21:48:04","http://steelimage.ca/cgi-bin/Document/sIhh72ulT/","offline","malware_download","Emotet|Heodo","steelimage.ca","66.102.133.237","40092","CA"
"2019-04-24 19:20:31","http://tklarchitect.com/Scan/MwrYUgca4/","offline","malware_download","","tklarchitect.com","66.102.137.52","40092","CA"
"2019-04-24 18:31:11","http://lotussim.com/Scripts/LLC/9z2IjISvue/","offline","malware_download","Emotet|Heodo","lotussim.com","66.102.132.32","40092","CA"
"2019-04-23 23:45:04","http://catamountcenter.org/cgi-bin/LLC/vnBMA5xXeip/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-04-23 08:05:06","http://nealhunterhyde.com/HappyWellBe/nachrichten/sich/042019/","offline","malware_download","doc|emotet|epoch1|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-23 06:59:03","http://carcounsel.com/hid/7hp9-8klic-dukwhn/","offline","malware_download","doc|emotet|epoch2|Heodo","carcounsel.com","200.69.18.139","40092","US"
"2019-04-22 17:51:00","http://lotussim.com/Scripts/INC/IZzrsvoMeM/","offline","malware_download","Emotet|Heodo","lotussim.com","66.102.132.32","40092","CA"
"2019-04-20 04:53:05","http://carcounsel.com/hid/Document/ooYne711mh2m/","offline","malware_download","","carcounsel.com","200.69.18.139","40092","US"
"2019-04-18 23:42:03","http://catamountcenter.org/cgi-bin/vLleo-4QPyiLyydLF9AN_UkqxZJkYE-gyY/","offline","malware_download","doc|emotet|epoch1","catamountcenter.org","200.69.17.230","40092","US"
"2019-04-18 17:34:07","http://nealhunterhyde.com/HappyWellBe/Document/vvvqbHvz44NQ/","offline","malware_download","doc|emotet|epoch2","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-17 21:59:04","http://lotussim.com/Scripts/DOC/hk7D9j3u/","offline","malware_download","doc|emotet|epoch2","lotussim.com","66.102.132.32","40092","CA"
"2019-04-16 21:14:06","http://catamountcenter.org/cgi-bin/Bbygz-WOVE0VmFcWQ41W_FevtvJIto-ov/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-04-16 16:36:13","http://elizabethkarr.com/Directing_files/DLzWx-BJMxMjpEJ4bKKb_QqEtPiyrE-vu/","offline","malware_download","doc|emotet|epoch1|Heodo","elizabethkarr.com","200.69.17.158","40092","US"
"2019-04-16 06:17:05","http://nealhunterhyde.com/HappyWellBe/qfdsg-hrr1t0-wzvm/","offline","malware_download","doc|emotet|epoch2|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-15 21:57:04","http://carcounsel.com/hid/dBVId-Y303XPMUO4Dx8V_jKjkVLTU-X8X/","offline","malware_download","doc|emotet|epoch2|Heodo","carcounsel.com","200.69.18.139","40092","US"
"2019-04-12 23:21:05","http://carcounsel.com/hid/ONRY-zI6HCTMi2dtEvt_BGVhRNpx-PDV/","offline","malware_download","doc|emotet|epoch1|Heodo","carcounsel.com","200.69.18.139","40092","US"
"2019-04-12 08:34:27","http://catamountcenter.org/cgi-bin/VFywG-ksiJX8HBxtJAmzJ_nzOnXpjM-D51/","offline","malware_download","doc|emotet|epoch2|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-04-11 07:19:07","http://carcounsel.com/hid/NhU/","offline","malware_download","emotet|epoch1|exe|Heodo","carcounsel.com","200.69.18.139","40092","US"
"2019-04-10 20:13:24","http://nealhunterhyde.com/HappyWellBe/joLiO/","offline","malware_download","emotet|epoch1|exe|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-10 06:52:19","http://catamountcenter.org/cgi-bin/32k1f-qkhiz-rcbrw/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-04-08 17:33:07","http://nealhunterhyde.com/HappyWellBe/nr/","offline","malware_download","emotet|epoch1","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-05 22:46:32","http://nealhunterhyde.com/HappyWellBe/ccrcf-eOeloBGFGzWpXCL_qnruFHya-QRi/","offline","malware_download","doc|emotet|epoch1|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-04-02 06:31:18","http://catamountcenter.org/cgi-bin/verif.accs.send.net/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-04-02 06:30:42","http://joecamera.biz/slip3.exe","offline","malware_download","","joecamera.biz","66.84.21.130","40092","US"
"2019-03-28 05:33:44","http://joecamera.biz/memo.exe","offline","malware_download","","joecamera.biz","66.84.21.130","40092","US"
"2019-03-20 09:31:04","http://catamountcenter.org/cgi-bin/sendincsec/service/Nachprufung/de_DE/201903/","offline","malware_download","doc|emotet|heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-03-20 09:05:02","http://catamountcenter.org/cgi-bin/d6ze-u863z7-zorb/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-03-19 22:44:03","http://carcounsel.com/cgi-bin/4rhz3-uqhfl-decp/","offline","malware_download","doc|emotet|epoch2|Heodo","carcounsel.com","200.69.18.139","40092","US"
"2019-03-15 19:38:08","http://catamountcenter.org/cgi-bin/y03j-ynuzi-zutgv/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-03-15 00:14:20","http://nealhunterhyde.com/HappyWellBe/trust.accs.send.com/","offline","malware_download","emotet|epoch1|Heodo","nealhunterhyde.com","200.69.17.158","40092","US"
"2019-03-14 03:59:04","http://catamountcenter.org/cgi-bin/hgcw-r6i4j-qjjctshs/","offline","malware_download","doc|emotet|epoch2|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-03-11 19:21:57","http://catamountcenter.org/cgi-bin/pd3hs-dm1f6s-xqxfhi/","offline","malware_download","Emotet|Heodo","catamountcenter.org","200.69.17.230","40092","US"
"2019-03-07 17:50:40","http://thehalihans.com/data/secure.myacc.resourses.com/","offline","malware_download","doc|emotet|epoch1|Heodo","thehalihans.com","216.222.197.63","40092","US"
"2019-02-11 22:22:55","http://billfritzjr.com/verif.accs.docs.com/","offline","malware_download","emotet|epoch1|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-02-07 13:44:34","http://billfritzjr.com/Telekom/Rechnung/01_19/","offline","malware_download","Andromeda|doc|emotet|epoch1|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-02-05 12:17:03","http://billfritzjr.com/uOIIIykS/","offline","malware_download","emotet|epoch1|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-31 14:19:10","http://billfritzjr.com/3Vg36tn/","offline","malware_download","emotet|epoch1|exe|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-28 12:17:12","http://billfritzjr.com/6RR99em0pT/","offline","malware_download","emotet|epoch1|exe|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-26 00:49:06","http://billfritzjr.com/Lngr-D7bH_cKnuPBV-tC/Ref/12481130En/Inv-653966-PO-4D904439/","offline","malware_download","doc|emotet|epoch2|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-24 12:37:08","http://fbroz.com/COeg4ZZ/","offline","malware_download","emotet|epoch1|exe|Heodo","fbroz.com","200.69.17.230","40092","US"
"2019-01-23 22:19:04","http://billfritzjr.com/Messages/012019/","offline","malware_download","doc|emotet|epoch1|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-22 09:31:04","http://fbroz.com/de_DE/HYACAGKJFA5762347/Dokumente/FORM/","offline","malware_download","doc|emotet|heodo","fbroz.com","200.69.17.230","40092","US"
"2019-01-18 00:51:05","http://billfritzjr.com/qPym-LnC3_JbrjwrVOo-11A/PaymentStatus/EN_en/Companies-Invoice-4907735/","offline","malware_download","doc|emotet|epoch2|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-17 12:16:12","http://fbroz.com/Transaktion/2018/","offline","malware_download","emotet|epoch1|Heodo","fbroz.com","200.69.17.230","40092","US"
"2019-01-16 05:12:08","http://billfritzjr.com/DwrF-WNx8b_SbJm-ec/US_us/Outstanding-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2019-01-15 16:07:05","http://com2c.com.au/PAYMENT%20SWIFT_152878_20190115_E3S1805049075282.jar","offline","malware_download","jSocket|RAT","com2c.com.au","66.102.137.52","40092","CA"
"2019-01-15 00:50:10","http://beard-companies.com/qYzoAAzm/","offline","malware_download","emotet|epoch1|Heodo","beard-companies.com","200.69.17.201","40092","US"
"2019-01-15 00:50:06","http://beardelect.com/Documents/2019-01/","offline","malware_download","emotet|epoch1|Heodo","beardelect.com","200.69.17.201","40092","US"
"2019-01-14 19:35:20","http://www.beardelect.com/Documents/2019-01/","offline","malware_download","doc|emotet|Heodo","www.beardelect.com","200.69.17.201","40092","US"
"2019-01-14 08:28:11","http://www.beard-companies.com/qYzoAAzm/","offline","malware_download","Emotet|exe|Heodo","www.beard-companies.com","200.69.17.201","40092","US"
"2019-01-14 07:51:36","http://billfritzjr.com/bkdmj_e4MS/","offline","malware_download","Emotet|exe|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-22 01:38:07","http://beard-companies.com/0I8TiQ88/","offline","malware_download","emotet|epoch1|Heodo","beard-companies.com","200.69.17.201","40092","US"
"2018-12-20 19:54:02","http://www.beard-companies.com/0I8TiQ88/","offline","malware_download","emotet|epoch1|exe|Heodo","www.beard-companies.com","200.69.17.201","40092","US"
"2018-12-20 12:15:46","http://stonestruestory.org/QFiVff_c30QDh_qhlxDFb/","offline","malware_download","emotet|epoch2|exe","stonestruestory.org","66.84.21.130","40092","US"
"2018-12-20 03:46:30","http://billfritzjr.com/EWALZQNJBH8849894/Dokumente/Fakturierung/","offline","malware_download","emotet|epoch2|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-19 13:31:05","http://starstonesoftware.com/DE/UPAVIJQIJ0609969/Rechnungs/DOC-Dokument/","offline","malware_download","emotet|epoch2|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-19 02:22:02","http://beardelect.com/mdzSt-m8tmNbsG_lR-4v/PaymentStatus/default/En/Past-Due-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","beardelect.com","200.69.17.201","40092","US"
"2018-12-18 23:59:31","http://beard-companies.com/Amazon/En_us/Transactions/12_18/","offline","malware_download","emotet|epoch1|Heodo","beard-companies.com","200.69.17.201","40092","US"
"2018-12-18 21:56:58","http://beardelect.com/mdzSt-m8tmNbsG_lR-4v/PaymentStatus/default/En/Past-Due-Invoice","offline","malware_download","doc","beardelect.com","200.69.17.201","40092","US"
"2018-12-18 19:36:31","http://com2c.com.au/123456789.jpg","offline","malware_download","AZORult|exe","com2c.com.au","66.102.137.52","40092","CA"
"2018-12-18 19:13:31","http://com2c.com.au/qazxswqaz.jpg","offline","malware_download","exe|Formbook","com2c.com.au","66.102.137.52","40092","CA"
"2018-12-18 17:43:14","http://www.beardelect.com/mdzSt-m8tmNbsG_lR-4v/PaymentStatus/default/En/Past-Due-Invoice/","offline","malware_download","emotet|epoch2|Heodo","www.beardelect.com","200.69.17.201","40092","US"
"2018-12-18 17:01:35","http://www.stitchit.ca/MDBGC-TFbalOVOhcprSHY_ysaQvRjbE-T75/","offline","malware_download","emotet|epoch2|Heodo","www.stitchit.ca","66.102.128.60","40092","CA"
"2018-12-18 16:59:52","http://www.beard-companies.com/Amazon/En_us/Transactions/12_18/","offline","malware_download","emotet|epoch1|Heodo","www.beard-companies.com","200.69.17.201","40092","US"
"2018-12-18 12:53:10","http://com2c.com.au/standardn.jpg","offline","malware_download","exe|RemcosRAT","com2c.com.au","66.102.137.52","40092","CA"
"2018-12-18 05:54:46","http://starstonesoftware.com/whVat-AWCNFx2uftJhy91_ceyIYsMzo-tz/","offline","malware_download","emotet|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-17 15:08:04","http://thehalihans.com/Amazon/Transactions/2018-12/","offline","malware_download","doc|emotet|Heodo","thehalihans.com","216.222.197.63","40092","US"
"2018-12-17 11:56:11","http://billfritzjr.com/zZAX9a790J/","offline","malware_download","emotet|epoch1|exe|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-14 22:48:47","http://starstonesoftware.com/vwlK-3AHlv2GCuSjDc3M_LlOuinCEF-E1T/","offline","malware_download","doc|emotet|epoch2|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-14 22:47:05","http://billfritzjr.com/1QebEVBvcfE/SEPA/200-Jahre/","offline","malware_download","doc|emotet|epoch2|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-14 18:15:32","http://precisionmechanical.org/En_us/Messages/122018/","offline","malware_download","emotet|epoch1|Heodo","precisionmechanical.org","199.204.250.122","40092","US"
"2018-12-14 07:12:06","http://thehalihans.com/xiyh-RotPDKvZmEAVv5e_bPNeJTJup-Sx/biz/US/","offline","malware_download","emotet|epoch2|Heodo","thehalihans.com","216.222.197.63","40092","US"
"2018-12-13 00:23:43","http://com2c.com.au/food.jpg","offline","malware_download","exe","com2c.com.au","66.102.137.52","40092","CA"
"2018-12-12 13:25:03","http://starstonesoftware.com/jDETViUJ3E","offline","malware_download","Emotet","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-12 09:41:03","http://starstonesoftware.com/jDETViUJ3E/","offline","malware_download","emotet|epoch1|exe|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-11 03:27:43","http://starstonesoftware.com/Telekom/Rechnungen/11_18/","offline","malware_download","doc|emotet|epoch1|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-10 16:08:02","http://starstonesoftware.com/Telekom/Rechnungen/11_18","offline","malware_download","doc","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-10 13:28:02","http://billfritzjr.com/z02GOziY","offline","malware_download","emotet|exe","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-10 12:18:04","http://billfritzjr.com/z02GOziY/","offline","malware_download","emotet|exe|heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-07 23:45:41","http://billfritzjr.com/INFO/US/Invoice-for-you","offline","malware_download","emotet|epoch2","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-07 16:09:08","http://starstonesoftware.com/US/Clients_transactions/2018-12/","offline","malware_download","doc|emotet|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-07 15:44:02","http://starstonesoftware.com/US/Clients_transactions/2018-12","offline","malware_download","emotet|epoch1|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-07 02:58:28","http://starstonesoftware.com/xerox/US_us/804-48-734328-976-804-48-734328-554/","offline","malware_download","doc|emotet|epoch2|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-07 00:52:37","http://smashboxband.co.nz/IRS.GOV/IRS-Transcript-treasury-gov/Record-of-Account-Transcript/12062018/","offline","malware_download","doc|emotet|epoch2|Heodo","smashboxband.co.nz","66.102.132.45","40092","CA"
"2018-12-06 16:14:26","http://smashboxband.co.nz/IRS.GOV/IRS-Transcript-treasury-gov/Record-of-Account-Transcript/12062018","offline","malware_download","emotet|epoch2|Heodo","smashboxband.co.nz","66.102.132.45","40092","CA"
"2018-12-06 12:28:03","http://billfritzjr.com/US/Messages/122018/","offline","malware_download","doc|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-06 11:43:03","http://billfritzjr.com/US/Messages/122018","offline","malware_download","emotet|epoch1|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-06 07:39:08","http://starstonesoftware.com/xerox/US_us/804-48-734328-976-804-48-734328-554","offline","malware_download","emotet|epoch2|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-04 15:28:03","http://billfritzjr.com/FILE/En_us/Invoice-78263967-December/","offline","malware_download","doc|Heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-04 14:28:12","http://billfritzjr.com/FILE/En_us/Invoice-78263967-December","offline","malware_download","doc|emotet|heodo","billfritzjr.com","200.69.17.158","40092","US"
"2018-12-04 08:12:10","http://com2c.com.au/ddd.jpg","offline","malware_download","exe|RemcosRAT","com2c.com.au","66.102.137.52","40092","CA"
"2018-12-04 08:12:08","http://com2c.com.au/lel.jpg","offline","malware_download","exe","com2c.com.au","66.102.137.52","40092","CA"
"2018-12-04 07:39:04","http://starstonesoftware.com/LLC/US_us/Scan/","offline","malware_download","doc|emotet|epoch2|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-03 15:15:19","http://starstonesoftware.com/LLC/US_us/Scan","offline","malware_download","emotet|epoch2|Heodo","starstonesoftware.com","200.69.17.158","40092","US"
"2018-12-01 00:47:27","http://kiramarch.com/files/En_us/Important-Please-Read/","offline","malware_download","doc|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-30 23:33:10","http://kiramarch.com/files/En_us/Important-Please-Read","offline","malware_download","emotet|epoch2|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-28 15:24:09","http://kiramarch.com/3f11kFZb/","offline","malware_download","Emotet|exe|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-28 14:27:03","http://kiramarch.com/3f11kFZb","offline","malware_download","emotet|epoch1|exe|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-26 16:10:03","http://kiramarch.com/HFDL/","offline","malware_download","Emotet|exe|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-26 15:58:04","http://kiramarch.com/pon6I/","offline","malware_download","Emotet|exe|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-26 15:44:01","http://precisionmechanical.org/TxvUgBC3LySY3t3wn/de/200-Jahre/","offline","malware_download","doc|emotet|epoch2|Heodo","precisionmechanical.org","199.204.250.122","40092","US"
"2018-11-26 15:29:13","http://stonestruestory.org/EN/Clients_CM_Coupons/","offline","malware_download","doc|emotet|epoch1","stonestruestory.org","66.84.21.130","40092","US"
"2018-11-26 15:28:43","http://stonestruestory.org/EN/Clients_CM_Coupons","offline","malware_download","doc|emotet|epoch1","stonestruestory.org","66.84.21.130","40092","US"
"2018-11-26 14:29:14","http://kiramarch.com/HFDL","offline","malware_download","emotet|epoch2|exe|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-26 12:29:30","http://precisionmechanical.org/TxvUgBC3LySY3t3wn/de/200-Jahre","offline","malware_download","doc|emotet|heodo","precisionmechanical.org","199.204.250.122","40092","US"
"2018-11-21 20:42:09","http://kiramarch.com/DOC/EN_en/Invoice-3686833-November","offline","malware_download","Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-21 20:42:03","http://kiramarch.com/DOC/EN_en/Invoice-3686833-November/","offline","malware_download","Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-16 02:11:48","http://stonestruestory.org/default/US_us/Invoice-for-x/a-11/15/2018/","offline","malware_download","doc|emotet|epoch2","stonestruestory.org","66.84.21.130","40092","US"
"2018-11-16 02:11:18","http://stonestruestory.org/default/US_us/Invoice-for-x/a-11/15/2018","offline","malware_download","doc|emotet|epoch2","stonestruestory.org","66.84.21.130","40092","US"
"2018-11-15 00:01:03","http://aartinc.net/EN_US/Details/2018-11/","offline","malware_download","doc|emotet|epoch1|Heodo","aartinc.net","66.102.137.52","40092","CA"
"2018-11-14 22:38:17","http://aartinc.net/EN_US/Details/2018-11","offline","malware_download","emotet|Heodo","aartinc.net","66.102.137.52","40092","CA"
"2018-11-13 22:36:43","http://seegeesolutions.com/DOC/En_us/Invoices-attached/","offline","malware_download","doc|emotet|epoch2|Heodo","seegeesolutions.com","200.69.18.145","40092","US"
"2018-11-13 17:50:28","http://seegeesolutions.com/DOC/En_us/Invoices-attached","offline","malware_download","doc|emotet|heodo","seegeesolutions.com","200.69.18.145","40092","US"
"2018-11-12 13:57:06","http://com2c.com.au/logg.png","offline","malware_download","AgentTesla|exe|Loki","com2c.com.au","66.102.137.52","40092","CA"
"2018-11-12 10:44:34","http://kiramarch.com/3701776GNOAGJ/PAYMENT/Business/","offline","malware_download","doc|emotet|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-12 10:44:17","http://kiramarch.com/3701776GNOAGJ/PAYMENT/Business","offline","malware_download","doc|emotet|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-11-09 05:18:17","http://seegeesolutions.com/Document/EN_en/Invoice-for-you/","offline","malware_download","doc|emotet|epoch2|Heodo","seegeesolutions.com","200.69.18.145","40092","US"
"2018-11-09 02:29:05","http://seegeesolutions.com/Document/EN_en/Invoice-for-you","offline","malware_download","doc|emotet|heodo","seegeesolutions.com","200.69.18.145","40092","US"
"2018-11-08 17:40:10","http://com2c.com.au/nnnjj.png","offline","malware_download","exe|fareit|pony","com2c.com.au","66.102.137.52","40092","CA"
"2018-10-25 15:47:04","https://raveoncorp.com/October_Transfer_list.jar","offline","malware_download","zip","raveoncorp.com","216.222.197.63","40092","US"
"2018-10-12 04:41:04","https://raveoncorp.com/NERT_09.10.2018.jar","offline","malware_download","jacksbot|jar","raveoncorp.com","216.222.197.63","40092","US"
"2018-10-06 07:28:36","http://flintbg.com/files/En_us/Client/Invoice-205730","offline","malware_download","doc|emotet|heodo","flintbg.com","216.222.196.82","40092","US"
"2018-10-02 19:02:24","http://kiramarch.com/Oct2018/En/Important-Please-Read","offline","malware_download","doc|emotet|Heodo","kiramarch.com","200.69.18.139","40092","US"
"2018-09-25 08:34:11","http://gvits.co.uk/CEQpaKp","offline","malware_download","emotet|exe|Heodo","gvits.co.uk","66.102.128.49","40092","CA"
"2018-09-18 13:52:25","http://gvits.co.uk/FACTURES","offline","malware_download","doc|emotet|Heodo","gvits.co.uk","66.102.128.49","40092","CA"
"2018-09-05 10:45:24","http://com2c.com.au/filehome/mettu.exe","offline","malware_download","exe|Loki|Trickbot","com2c.com.au","66.102.137.52","40092","CA"
"2018-08-28 10:47:29","http://com2c.com.au/filehome/4hih","offline","malware_download","exe","com2c.com.au","66.102.137.52","40092","CA"
"2018-08-27 17:01:45","http://sneetches.net/default/Rechnungs-docs/Rechnungsanschrift/Rechnung-scan-KO-38-12858","offline","malware_download","doc|emotet","sneetches.net","216.222.199.197","40092","US"
"2018-08-14 04:46:39","http://devel0per.com/1XTIPAY/CMXD12465ZCLXZB/Aug-13-2018-3673598943/FSOV-MZFN/","offline","malware_download","doc|emotet","devel0per.com","66.102.137.52","40092","CA"
"2018-08-13 13:32:21","http://devel0per.com/1XTIPAY/CMXD12465ZCLXZB/Aug-13-2018-3673598943/FSOV-MZFN","offline","malware_download","doc|emotet|heodo","devel0per.com","66.102.137.52","40092","CA"
"2018-08-08 23:15:04","http://dandoesinternet.com/cis1610/ch08/shit.exe","offline","malware_download","exe|pony","dandoesinternet.com","200.69.18.145","40092","US"
"2018-08-07 06:04:50","http://sneetches.net/PAY/EJ00403572640HGOHI/Aug-07-2018-620554/IUOK-JPCPR-Aug-07-2018/","offline","malware_download","Heodo","sneetches.net","216.222.199.197","40092","US"
"2018-08-07 00:58:40","http://sneetches.net/PAY/EJ00403572640HGOHI/Aug-07-2018-620554/IUOK-JPCPR-Aug-07-2018","offline","malware_download","doc|emotet|Heodo","sneetches.net","216.222.199.197","40092","US"
"2018-08-02 03:31:57","http://iacobelli.cl/DHL/En/","offline","malware_download","doc|emotet|epoch2|Heodo","iacobelli.cl","216.222.197.63","40092","US"
"2018-08-02 03:31:38","http://flywheelstudios.com/DHL-Express/US_us/","offline","malware_download","doc|emotet|epoch2|Heodo","flywheelstudios.com","216.222.199.252","40092","US"
"2018-08-01 16:14:21","http://sneetches.net/default/Rechnungs-docs/Rechnungsanschrift/Rechnung-scan-KO-38-12858/","offline","malware_download","doc|emotet|epoch2|Heodo","sneetches.net","216.222.199.197","40092","US"
"2018-08-01 14:28:05","http://com2c.com.au/o.exe","offline","malware_download","AgentTesla|exe|razy","com2c.com.au","66.102.137.52","40092","CA"
"2018-07-31 06:22:11","http://com2c.com.au/k.exe","offline","malware_download","exe|fareit","com2c.com.au","66.102.137.52","40092","CA"
"2018-07-30 23:06:08","http://iacobelli.cl/mUjjl","offline","malware_download","emotet|epoch2|Heodo|payload","iacobelli.cl","216.222.197.63","40092","US"
"2018-07-27 16:31:07","http://iacobelli.cl/default/EN_en/STATUS/Invoice-77565","offline","malware_download","doc|emotet|heodo","iacobelli.cl","216.222.197.63","40092","US"
"2018-07-27 04:45:05","http://dandoesinternet.com/css/fall.exe","offline","malware_download","exe|Formbook|Pony","dandoesinternet.com","200.69.18.145","40092","US"
"2018-07-27 04:06:33","http://iacobelli.cl/default/EN_en/STATUS/Invoice-77565/","offline","malware_download","doc|emotet|epoch2|Heodo","iacobelli.cl","216.222.197.63","40092","US"
"2018-07-27 04:05:20","http://flintbg.com/DHL-Tracking/En/","offline","malware_download","doc|emotet|epoch2|Heodo","flintbg.com","216.222.196.82","40092","US"
"2018-07-20 02:59:36","http://flintbg.com/Factura-Venta/","offline","malware_download","doc|emotet|epoch1|Heodo","flintbg.com","216.222.196.82","40092","US"
"2018-07-20 01:59:03","http://billfritzjr.com/bOHg53ns/","offline","malware_download","emotet|epoch1|Heodo|payload","billfritzjr.com","200.69.17.158","40092","US"
"2018-07-06 04:45:06","http://dandoesinternet.com/js/hect.exe","offline","malware_download","exe|Formbook|Pony","dandoesinternet.com","200.69.18.145","40092","US"
"2018-05-31 14:52:35","http://flintbg.com/Overdue-payment","offline","malware_download","doc|emotet|Heodo","flintbg.com","216.222.196.82","40092","US"
"2018-05-30 19:03:27","http://flywheelstudios.com/Vos-facture-impayee-30/05/2018/","offline","malware_download","doc|emotet|Heodo","flywheelstudios.com","216.222.199.252","40092","US"
"2018-04-25 14:45:57","http://billfritzjr.com/Outstanding-Invoices/","offline","malware_download","doc|emotet","billfritzjr.com","200.69.17.158","40092","US"
"2018-04-11 19:52:29","http://flintbg.com/Overdue-payment/","offline","malware_download","doc|emotet|heodo","flintbg.com","216.222.196.82","40092","US"
"2018-03-24 16:04:13","http://excelgroup.co.nz/Rechnung-Nr-12809/P21YJ8FTP11Y/","offline","malware_download","doc|emotet|heodo","excelgroup.co.nz","66.102.132.230","40092","CA"
# of entries: 291