##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 19:40:16 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS48287
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-02-05 06:43:34","http://mogagrocol.ru/wp-content/plugins/akismet/fv/index.php?email=121212@letsdefend.io","offline","malware_download","","mogagrocol.ru","195.24.68.4","48287","RU"
"2024-04-24 08:58:04","http://putin.zelenskyj.ru/bot.x86_64","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:58:04","http://putin.zelenskyj.ru/bot.x86_64","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:07","http://putin.zelenskyj.ru/bot.arm6","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:07","http://putin.zelenskyj.ru/bot.arm6","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:07","http://putin.zelenskyj.ru/bot.arm7","offline","malware_download","botnetdomain|elf|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:07","http://putin.zelenskyj.ru/bot.arm7","offline","malware_download","botnetdomain|elf|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:07","http://putin.zelenskyj.ru/bot.mips","offline","malware_download","botnetdomain|elf|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:07","http://putin.zelenskyj.ru/bot.mips","offline","malware_download","botnetdomain|elf|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.arm5","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.arm5","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.m68k","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.m68k","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.mpsl","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.mpsl","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.ppc","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.ppc","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.sh4","offline","malware_download","botnetdomain|elf|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.sh4","offline","malware_download","botnetdomain|elf|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.x86","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:06","http://putin.zelenskyj.ru/bot.x86","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2024-04-24 08:57:05","http://putin.zelenskyj.ru/bot.arm","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.76.32","48287","RU"
"2024-04-24 08:57:05","http://putin.zelenskyj.ru/bot.arm","offline","malware_download","botnetdomain|elf|Mirai|moobot","putin.zelenskyj.ru","31.177.80.32","48287","RU"
"2023-11-27 05:53:04","http://1.oooksu.z8.ru/attivita/index.php","offline","malware_download","agenziaentrate|geo|geofenced|ITA|redir-302","1.oooksu.z8.ru","91.189.114.27","48287","RU"
"2023-03-14 19:01:48","https://ack-s.ru/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","ack-s.ru","109.70.26.37","48287","RU"
"2023-03-14 19:01:48","https://ack-s.ru/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","ack-s.ru","194.85.61.76","48287","RU"
"2023-03-14 19:00:48","https://ack-s.ru/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","ack-s.ru","109.70.26.37","48287","RU"
"2023-03-14 19:00:48","https://ack-s.ru/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","ack-s.ru","194.85.61.76","48287","RU"
"2023-03-14 18:59:11","https://ack-s.ru/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","ack-s.ru","109.70.26.37","48287","RU"
"2023-03-14 18:59:11","https://ack-s.ru/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","ack-s.ru","194.85.61.76","48287","RU"
"2023-01-07 21:47:09","http://195.24.67.214/bins.sh","offline","malware_download","|script","195.24.67.214","195.24.67.214","48287","RU"
"2022-01-21 00:09:07","http://xn--80adicyfwmly7g.xn--p1ai/-/5r/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo","xn--80adicyfwmly7g.xn--p1ai","31.177.76.70","48287","RU"
"2022-01-21 00:09:07","http://xn--80adicyfwmly7g.xn--p1ai/-/5r/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo","xn--80adicyfwmly7g.xn--p1ai","31.177.80.70","48287","RU"
"2022-01-21 00:07:29","http://xn--80adicyfwmly7g.xn--p1ai/-/5r/","offline","malware_download","emotet|epoch4|redir-doc|xls","xn--80adicyfwmly7g.xn--p1ai","31.177.76.70","48287","RU"
"2022-01-21 00:07:29","http://xn--80adicyfwmly7g.xn--p1ai/-/5r/","offline","malware_download","emotet|epoch4|redir-doc|xls","xn--80adicyfwmly7g.xn--p1ai","31.177.80.70","48287","RU"
"2021-07-21 06:36:06","http://185.26.113.95:8095/excludes2.dat","offline","malware_download","","185.26.113.95","185.26.113.95","48287","RU"
"2021-07-21 06:36:05","http://185.26.113.95:8095/s.txt","offline","malware_download","","185.26.113.95","185.26.113.95","48287","RU"
"2021-07-21 06:36:04","http://185.26.113.95:8095/1201.dat","offline","malware_download","CoinMiner","185.26.113.95","185.26.113.95","48287","RU"
"2021-07-21 06:36:04","http://185.26.113.95:8095/power.txt","offline","malware_download","","185.26.113.95","185.26.113.95","48287","RU"
"2021-04-21 18:20:06","http://myplanet.group/WTYVa/catalogue-7.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","myplanet.group","195.208.1.107","48287","RU"
"2021-04-21 18:13:30","http://myplanet.group/WTYVa/catalogue-60.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","myplanet.group","195.208.1.107","48287","RU"
"2021-04-21 14:25:49","http://myplanet.group/WTYVa/catalogue-17.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","myplanet.group","195.208.1.107","48287","RU"
"2021-04-20 22:55:05","http://myplanet.group/AJDG/catalogue-83.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","myplanet.group","195.208.1.107","48287","RU"
"2021-04-20 14:03:27","http://myplanet.group/AJDG/catalogue-48.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","myplanet.group","195.208.1.107","48287","RU"
"2021-02-08 09:30:31","http://hansolo.ru/white/java-update.msi","offline","malware_download","msi","hansolo.ru","31.177.76.70","48287","RU"
"2021-02-08 09:30:31","http://hansolo.ru/white/java-update.msi","offline","malware_download","msi","hansolo.ru","31.177.80.70","48287","RU"
"2021-01-22 16:28:04","http://a-web.webprofi.me/willetts-funeral-xgj6a/VDJN6dDRn3K9ert0TfNf8iRGnPjpvr9k40kpFBwZq6yq0uOV3yQodkEgRt5Mq2/","offline","malware_download","doc|emotet|epoch2|Heodo","a-web.webprofi.me","31.177.76.32","48287","RU"
"2021-01-22 16:28:04","http://a-web.webprofi.me/willetts-funeral-xgj6a/VDJN6dDRn3K9ert0TfNf8iRGnPjpvr9k40kpFBwZq6yq0uOV3yQodkEgRt5Mq2/","offline","malware_download","doc|emotet|epoch2|Heodo","a-web.webprofi.me","31.177.80.32","48287","RU"
"2021-01-04 01:14:03","http://185.26.113.95/excludes.dat","offline","malware_download","exe","185.26.113.95","185.26.113.95","48287","RU"
"2021-01-04 01:10:05","http://185.26.113.95/updat.dat","offline","malware_download","CoinMiner|exe","185.26.113.95","185.26.113.95","48287","RU"
"2021-01-04 00:42:04","http://185.26.113.95:8095/updat.dat","offline","malware_download","CoinMiner|exe","185.26.113.95","185.26.113.95","48287","RU"
"2021-01-03 20:38:03","http://185.26.113.95:8095/excludes.dat","offline","malware_download","exe","185.26.113.95","185.26.113.95","48287","RU"
"2020-12-25 08:37:32","http://185.26.113.95:8221/power.txt","offline","malware_download","bat","185.26.113.95","185.26.113.95","48287","RU"
"2020-12-25 08:37:03","http://185.26.113.95:8095/uninstall.txt","offline","malware_download","bat","185.26.113.95","185.26.113.95","48287","RU"
"2020-12-25 08:37:02","http://185.26.113.95:8095/download.txt","offline","malware_download","bat","185.26.113.95","185.26.113.95","48287","RU"
"2020-12-25 08:37:02","http://185.26.113.95:8095/kill.txt","offline","malware_download","bat","185.26.113.95","185.26.113.95","48287","RU"
"2020-12-25 08:36:03","http://185.26.113.95:8095/batpower2.txt","offline","malware_download","bat","185.26.113.95","185.26.113.95","48287","RU"
"2020-11-18 12:24:06","https://aleba.pro/ebfrx57.rar","offline","malware_download","dll|Dridex","aleba.pro","195.24.68.16","48287","RU"
"2020-10-26 16:00:06","http://volgatermolazer.ru/i9hxccqt.jpg","offline","malware_download","Dridex|exe","volgatermolazer.ru","195.24.68.13","48287","RU"
"2020-10-16 17:42:04","http://drgauer.ru/wp-content/Documentation/ni23uc528k25g/","offline","malware_download","doc|emotet|epoch2|Heodo","drgauer.ru","195.24.68.18","48287","RU"
"2020-08-26 20:00:07","http://ecoferma23.ru/contacts_files/Pages/GFC/","offline","malware_download","doc|emotet|epoch3|Heodo","ecoferma23.ru","89.111.156.232","48287","RU"
"2020-08-25 06:47:47","http://mediadrive.nichost.ru/awfcatfre/9thw57489/","offline","malware_download","emotet|epoch3|exe|Heodo","mediadrive.nichost.ru","91.189.114.15","48287","RU"
"2020-08-04 16:16:34","http://westore.me/srynhvj/H/Su9h6kfHA.zip","offline","malware_download","Qakbot|Quakbot|zip","westore.me","91.189.114.7","48287","RU"
"2020-06-12 18:02:53","http://himtara.com/zuejy/b/jXhVBCX9X.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-06-12 17:32:40","http://himtara.com/zuejy/Q/98X1mpiVq.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-06-10 19:54:03","http://himtara.com/cloqpmnjctw/NLtgiRh3un.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-06-10 19:32:14","http://himtara.com/cloqpmnjctw/hJ/ts/J2xGyu8X.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-06-10 19:14:09","http://himtara.com/cloqpmnjctw/wVKHRDuBxS.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-06-10 19:12:36","http://himtara.com/cwjxmck/DygXOpUpOH.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-06-10 12:38:03","http://himtara.com/cwjxmck/mnm3gok5NQ.zip","offline","malware_download","Qakbot|Quakbot|zip","himtara.com","195.208.1.113","48287","RU"
"2020-05-28 13:14:17","http://advokatyanao.ru/cmdccsoe/94586109/DQOR_94586109_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.76.32","48287","RU"
"2020-05-28 13:14:17","http://advokatyanao.ru/cmdccsoe/94586109/DQOR_94586109_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.80.32","48287","RU"
"2020-05-28 13:00:14","http://advokatyanao.ru/cmdccsoe/50510945/DQOR_50510945_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.76.32","48287","RU"
"2020-05-28 13:00:14","http://advokatyanao.ru/cmdccsoe/50510945/DQOR_50510945_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.80.32","48287","RU"
"2020-05-28 11:38:59","http://advokatyanao.ru/cmdccsoe/DQOR_75109641_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.76.32","48287","RU"
"2020-05-28 11:38:59","http://advokatyanao.ru/cmdccsoe/DQOR_75109641_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.80.32","48287","RU"
"2020-05-28 11:17:19","http://advokatyanao.ru/cmdccsoe/052/DQOR_052_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.76.32","48287","RU"
"2020-05-28 11:17:19","http://advokatyanao.ru/cmdccsoe/052/DQOR_052_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.80.32","48287","RU"
"2020-05-28 11:12:50","http://advokatyanao.ru/cmdccsoe/161371911/DQOR_161371911_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.76.32","48287","RU"
"2020-05-28 11:12:50","http://advokatyanao.ru/cmdccsoe/161371911/DQOR_161371911_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.80.32","48287","RU"
"2020-05-28 11:10:17","http://advokatyanao.ru/cmdccsoe/759/DQOR_759_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.76.32","48287","RU"
"2020-05-28 11:10:17","http://advokatyanao.ru/cmdccsoe/759/DQOR_759_27052020.zip","offline","malware_download","Qakbot|Quakbot|zip","advokatyanao.ru","31.177.80.32","48287","RU"
"2020-05-23 11:47:12","http://petrosklad.ru/order/cert.exe","offline","malware_download","exe|Formbook","petrosklad.ru","91.189.114.18","48287","RU"
"2020-05-15 06:04:15","http://xn--80aax1cva.xn--80asehdb/wp-content/themes/busify/vfaqk/LoanAgreement_134399105_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--80aax1cva.xn--80asehdb","91.189.114.17","48287","RU"
"2020-05-15 05:56:04","http://xn--80aax1cva.xn--80asehdb/wp-content/themes/busify/vfaqk/15535/LoanAgreement_15535_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","xn--80aax1cva.xn--80asehdb","91.189.114.17","48287","RU"
"2020-04-28 19:42:06","http://canvasprint.ru/wp-content/uploads/2020/04/izrz/2285543/Buy-Sell_Agreement_2285543_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","canvasprint.ru","31.177.76.70","48287","RU"
"2020-04-28 19:42:06","http://canvasprint.ru/wp-content/uploads/2020/04/izrz/2285543/Buy-Sell_Agreement_2285543_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","canvasprint.ru","31.177.80.70","48287","RU"
"2020-01-30 19:47:40","http://xn--h1adbkfg.xn--p1ai/wp-admin/xp6wzc-79z-04/","offline","malware_download","doc|emotet|epoch3|heodo","xn--h1adbkfg.xn--p1ai","31.177.76.32","48287","RU"
"2020-01-30 19:47:40","http://xn--h1adbkfg.xn--p1ai/wp-admin/xp6wzc-79z-04/","offline","malware_download","doc|emotet|epoch3|heodo","xn--h1adbkfg.xn--p1ai","31.177.80.32","48287","RU"
"2020-01-22 20:37:09","http://sportident.ru/arenarace_spb/njewud20c8ypuesz_3fvh4uksew1qjc6_zone/additional_portal/bA8olAWE_2ynw1q0u6y64/","offline","malware_download","doc|emotet|epoch1|Heodo|word2007","sportident.ru","178.210.77.85","48287","RU"
"2020-01-21 20:43:03","http://xn--80aeffopfnf8l.xn--p1ai/includes/common-box/RZpP-aqXktPG36f-warehouse/g5u3iloL-k38jhIma9dIj/","offline","malware_download","doc|emotet|epoch1|Heodo","xn--80aeffopfnf8l.xn--p1ai","91.189.114.18","48287","RU"
"2020-01-18 04:50:06","http://sportident.ru/mgupp/HTeCmn/","offline","malware_download","doc|emotet|epoch3|heodo","sportident.ru","178.210.77.85","48287","RU"
"2020-01-17 13:58:05","https://kaakaadoo.ru/c_img/j1znu5qr/","offline","malware_download","doc|emotet|epoch2|heodo","kaakaadoo.ru","31.177.76.32","48287","RU"
"2020-01-17 13:58:05","https://kaakaadoo.ru/c_img/j1znu5qr/","offline","malware_download","doc|emotet|epoch2|heodo","kaakaadoo.ru","31.177.80.32","48287","RU"
"2020-01-15 22:06:04","http://sportident.ru/mgupp/Reporting/h0gvix0hnuwi/","offline","malware_download","doc|emotet|epoch2|heodo","sportident.ru","178.210.77.85","48287","RU"
"2020-01-15 08:41:05","http://neonservice.ru/wp-admin/Documentation/fv8-1956900078-88589176-2hok88xc-ial8ut/","offline","malware_download","doc|emotet|epoch2|Heodo","neonservice.ru","91.189.114.11","48287","RU"
"2019-12-19 22:11:03","http://poptyre.ru/new-key/MygCc/","offline","malware_download","doc|emotet|epoch3|heodo","poptyre.ru","31.177.76.70","48287","RU"
"2019-12-19 22:11:03","http://poptyre.ru/new-key/MygCc/","offline","malware_download","doc|emotet|epoch3|heodo","poptyre.ru","31.177.80.70","48287","RU"
"2019-12-17 17:32:04","http://poptyre.ru/new-key/common_disk/JOayb_8xjyqkkH4pvue_forum/jBI6y_x9jobofq5spax/","offline","malware_download","doc|emotet|epoch1|Heodo","poptyre.ru","31.177.76.70","48287","RU"
"2019-12-17 17:32:04","http://poptyre.ru/new-key/common_disk/JOayb_8xjyqkkH4pvue_forum/jBI6y_x9jobofq5spax/","offline","malware_download","doc|emotet|epoch1|Heodo","poptyre.ru","31.177.80.70","48287","RU"
"2019-12-12 22:13:30","http://abm-jsc.ru/backup__/closed_92468726_CyVAE9q3d/verified_space/qbpovbv2q8_1v9s/","offline","malware_download","doc|emotet|epoch1|Heodo","abm-jsc.ru","195.208.1.104","48287","RU"
"2019-12-12 10:18:03","http://aquaocean.ru/wp-admin/07917210487523/mfy0s6s2/zlx1c2-3587273-003994-hem1-2r3f326/","offline","malware_download","doc|emotet|epoch2|heodo","aquaocean.ru","91.189.114.27","48287","RU"
"2019-12-09 19:59:01","http://brand.abm-jsc.ru/css/Reporting/","offline","malware_download","doc|emotet|epoch2|Heodo","brand.abm-jsc.ru","195.208.1.104","48287","RU"
"2019-12-09 19:57:23","http://abm-jsc.ru/backup__/U9XIDM2O7A9U/psczqdwb998/v9ccb-344698671-12139-8sr8c5nehs-u1b59uopn4/","offline","malware_download","doc|emotet|epoch2|Heodo","abm-jsc.ru","195.208.1.104","48287","RU"
"2019-12-09 15:08:08","http://autod.kws-auto.ru/wp-content/common-zone/guarded-area/n2OOkBqZ-jL6u19h9/","offline","malware_download","doc|emotet|epoch1|Heodo","autod.kws-auto.ru","31.177.76.32","48287","RU"
"2019-12-09 15:08:08","http://autod.kws-auto.ru/wp-content/common-zone/guarded-area/n2OOkBqZ-jL6u19h9/","offline","malware_download","doc|emotet|epoch1|Heodo","autod.kws-auto.ru","31.177.80.32","48287","RU"
"2019-12-06 22:10:06","http://brand.abm-jsc.ru/css/0032654734/5uzvf2bk2s/","offline","malware_download","doc|emotet|epoch2|Heodo","brand.abm-jsc.ru","195.208.1.104","48287","RU"
"2019-09-20 09:36:59","http://nprg.ru/wp-content/themes/emulator/css/assets/img/doc/","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","nprg.ru","195.24.68.13","48287","RU"
"2019-09-19 16:22:16","http://mirtepla05.ru/PO.exe","offline","malware_download","exe","mirtepla05.ru","31.177.76.32","48287","RU"
"2019-09-19 16:22:16","http://mirtepla05.ru/PO.exe","offline","malware_download","exe","mirtepla05.ru","31.177.80.32","48287","RU"
"2019-08-23 10:05:25","http://propremiere.com/errordocs/style/2c.jpg","offline","malware_download","Troldesh","propremiere.com","195.24.68.30","48287","RU"
"2019-08-23 10:03:13","http://propremiere.com/errordocs/style/1c.jpg","offline","malware_download","Troldesh","propremiere.com","195.24.68.30","48287","RU"
"2019-05-24 08:31:50","http://c7715.nichost.ru/errordocs/style/ural_zakaz.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","c7715.nichost.ru","91.189.114.6","48287","RU"
"2019-05-23 17:36:37","http://c7715.nichost.ru/errordocs/style/1c.jpg","offline","malware_download","exe|Troldesh","c7715.nichost.ru","91.189.114.6","48287","RU"
"2019-05-06 18:34:03","http://kviv-avto.ru/wp-admin/INC/KPaIMsFtFLjPcthVImVdBNmwnc/","offline","malware_download","Emotet|epoch2|Heodo","kviv-avto.ru","31.177.76.32","48287","RU"
"2019-05-06 18:34:03","http://kviv-avto.ru/wp-admin/INC/KPaIMsFtFLjPcthVImVdBNmwnc/","offline","malware_download","Emotet|epoch2|Heodo","kviv-avto.ru","31.177.80.32","48287","RU"
"2019-05-06 15:58:04","http://inter-ag.ru/wp-content/cg76-vwaqlo-utjjp/","offline","malware_download","Emotet|epoch2|Heodo","inter-ag.ru","178.210.84.54","48287","RU"
"2019-05-01 20:11:40","http://kviv-avto.ru/wp-admin/Scan/WWlvyhiEACMaKtsjJYMCVfAtL/","offline","malware_download","Emotet|Heodo","kviv-avto.ru","31.177.76.32","48287","RU"
"2019-05-01 20:11:40","http://kviv-avto.ru/wp-admin/Scan/WWlvyhiEACMaKtsjJYMCVfAtL/","offline","malware_download","Emotet|Heodo","kviv-avto.ru","31.177.80.32","48287","RU"
"2019-04-29 09:58:05","http://kviv-avto.ru/wp-admin/h5umf-n4zpt-izehp/","offline","malware_download","Emotet|Heodo","kviv-avto.ru","31.177.76.32","48287","RU"
"2019-04-29 09:58:05","http://kviv-avto.ru/wp-admin/h5umf-n4zpt-izehp/","offline","malware_download","Emotet|Heodo","kviv-avto.ru","31.177.80.32","48287","RU"
"2019-03-25 20:53:14","http://akmps-shop.ru/blogs/aAdai-toML8_XCwjR-qLG/","offline","malware_download","doc|emotet|epoch2|Heodo","akmps-shop.ru","195.24.68.22","48287","RU"
"2019-03-23 15:23:21","http://ware.ru/win/29420_dmaster.exe","offline","malware_download","exe","ware.ru","31.177.76.32","48287","RU"
"2019-03-23 15:23:21","http://ware.ru/win/29420_dmaster.exe","offline","malware_download","exe","ware.ru","31.177.80.32","48287","RU"
"2019-03-23 14:14:06","http://ware.ru/win/26033_ASPMONITOR-0-15-Install.exe","offline","malware_download","exe","ware.ru","31.177.76.32","48287","RU"
"2019-03-23 14:14:06","http://ware.ru/win/26033_ASPMONITOR-0-15-Install.exe","offline","malware_download","exe","ware.ru","31.177.80.32","48287","RU"
"2019-03-23 10:19:02","http://ware.ru/win/14779_SETUP_opl.exe","offline","malware_download","exe","ware.ru","31.177.76.32","48287","RU"
"2019-03-23 10:19:02","http://ware.ru/win/14779_SETUP_opl.exe","offline","malware_download","exe","ware.ru","31.177.80.32","48287","RU"
"2019-02-15 09:33:03","http://kiabongo.ru/Februar2019/EIJOSYZCD2755748/DE/FORM/","offline","malware_download","Emotet|Heodo","kiabongo.ru","31.177.76.32","48287","RU"
"2019-02-15 09:33:03","http://kiabongo.ru/Februar2019/EIJOSYZCD2755748/DE/FORM/","offline","malware_download","Emotet|Heodo","kiabongo.ru","31.177.80.32","48287","RU"
"2019-02-13 14:24:19","http://kurzal.ru/wordpress/wp-content/uploads/EN_en/xerox/Copy_Invoice/037995644072/ypFYI-V36NG_N-oqO/","offline","malware_download","doc|emotet|epoch2|Heodo","kurzal.ru","31.177.76.70","48287","RU"
"2019-02-13 14:24:19","http://kurzal.ru/wordpress/wp-content/uploads/EN_en/xerox/Copy_Invoice/037995644072/ypFYI-V36NG_N-oqO/","offline","malware_download","doc|emotet|epoch2|Heodo","kurzal.ru","31.177.80.70","48287","RU"
"2019-02-13 10:54:05","http://orionmarketing.ru/En/corporation/Copy_Invoice/WuRwl-HAJ90_xRTt-zpk/","offline","malware_download","Emotet|Heodo","orionmarketing.ru","178.210.74.43","48287","RU"
"2019-02-13 08:58:04","http://kiabongo.ru/de_DE/VQOXIRMIBW5374595/Rechnungs-docs/Rechnungsanschrift/","offline","malware_download","Emotet|Heodo","kiabongo.ru","31.177.76.32","48287","RU"
"2019-02-13 08:58:04","http://kiabongo.ru/de_DE/VQOXIRMIBW5374595/Rechnungs-docs/Rechnungsanschrift/","offline","malware_download","Emotet|Heodo","kiabongo.ru","31.177.80.32","48287","RU"
"2019-02-12 11:47:06","http://expert-centr.com/errordocs/style/messg.jpg","offline","malware_download","exe|Troldesh","expert-centr.com","178.210.92.160","48287","RU"
"2019-02-08 21:54:02","http://kurzal.ru/wordpress/wp-content/uploads/czt7YdTi3rZV_pa7/","offline","malware_download","emotet|epoch2|exe|Heodo","kurzal.ru","31.177.76.70","48287","RU"
"2019-02-08 21:54:02","http://kurzal.ru/wordpress/wp-content/uploads/czt7YdTi3rZV_pa7/","offline","malware_download","emotet|epoch2|exe|Heodo","kurzal.ru","31.177.80.70","48287","RU"
"2019-02-05 16:04:08","http://s-sibsb.ru/new/pma_/locale/sv/xs/Invoice6837.doc","offline","malware_download","Dyre|macro-doc|Trickbot","s-sibsb.ru","91.189.114.18","48287","RU"
"2019-02-05 16:04:04","http://s-sibsb.ru/new/pma_/locale/sv/xs/Invoice5421.doc","offline","malware_download","Dyre|macro-doc|Trickbot","s-sibsb.ru","91.189.114.18","48287","RU"
"2019-01-31 20:08:06","http://pokos.su/Rei7MfvAffl/","offline","malware_download","emotet|epoch2|exe|Heodo","pokos.su","109.70.26.37","48287","RU"
"2019-01-31 20:08:06","http://pokos.su/Rei7MfvAffl/","offline","malware_download","emotet|epoch2|exe|Heodo","pokos.su","194.85.61.76","48287","RU"
"2019-01-31 06:15:57","http://speak-and-translate.com/errordocs/style/messg.jpg","offline","malware_download","exe|Ransomware.Troldesh|Troldesh","speak-and-translate.com","195.208.0.16","48287","RU"
"2019-01-30 14:08:47","http://kurzal.ru/wordpress/wp-content/uploads/De_de/YINZDUHNM4763924/Rechnung/RECHNUNG/","offline","malware_download","doc|emotet|epoch2|Heodo","kurzal.ru","31.177.76.70","48287","RU"
"2019-01-30 14:08:47","http://kurzal.ru/wordpress/wp-content/uploads/De_de/YINZDUHNM4763924/Rechnung/RECHNUNG/","offline","malware_download","doc|emotet|epoch2|Heodo","kurzal.ru","31.177.80.70","48287","RU"
"2019-01-28 07:57:04","http://www.biometricsystems.ru/Vodafone_Gmbh/Rechnungen/012019/","offline","malware_download","Heodo","www.biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-25 16:50:07","http://www.biometricsystems.ru/IcGDV-mjWxd_ooO-Hz/INVOICE/91634/OVERPAYMENT/US_us/4-Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","www.biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-24 11:22:27","http://xn----dtbhwpgtp5b1b.xn--p1ai/de_DE/KTDKOYSVR2495087/Rechnungs/Rechnungsanschrift/","offline","malware_download","emotet|epoch2|Heodo","xn----dtbhwpgtp5b1b.xn--p1ai","31.177.76.70","48287","RU"
"2019-01-24 11:22:27","http://xn----dtbhwpgtp5b1b.xn--p1ai/de_DE/KTDKOYSVR2495087/Rechnungs/Rechnungsanschrift/","offline","malware_download","emotet|epoch2|Heodo","xn----dtbhwpgtp5b1b.xn--p1ai","31.177.80.70","48287","RU"
"2019-01-24 01:03:49","http://biometricsystems.ru/AMAZON/Bestelldetails/2019-01/","offline","malware_download","doc|emotet|epoch1|Heodo","biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-23 17:13:04","http://xn--h1agffkv.xn--p1ai/errordocs/style/ssj.jpg","offline","malware_download","exe|Ransomware.Shade|Ransomware.Troldesh|Troldesh","xn--h1agffkv.xn--p1ai","91.189.114.18","48287","RU"
"2019-01-23 14:44:20","http://www.biometricsystems.ru/AMAZON/Bestelldetails/2019-01/","offline","malware_download","doc|emotet|epoch1|Heodo","www.biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-21 13:43:50","http://biometricsystems.ru/Amazon/DE/Kunden-transaktion/01_19/","offline","malware_download","doc|emotet|epoch1","biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-21 08:14:24","http://www.biometricsystems.ru/Amazon/DE/Kunden-transaktion/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","www.biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-17 21:34:45","http://biometricsystems.ru/DfI5jgz_WjwyzgT/","offline","malware_download","emotet|epoch2|Heodo","biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-17 13:44:06","http://www.biometricsystems.ru/DfI5jgz_WjwyzgT/","offline","malware_download","emotet|epoch2|exe|Heodo","www.biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-16 05:13:31","http://ng-tech.ru/xVhG-gt7a_LB-E8/Invoice/619377086/US/Question/","offline","malware_download","doc|emotet|epoch2|Heodo","ng-tech.ru","195.24.68.15","48287","RU"
"2019-01-16 05:12:07","http://avto4x4.ru/DE/HJSEEJTFA1293851/de/Rechnungszahlung/","offline","malware_download","doc|emotet|epoch2|Heodo","avto4x4.ru","195.24.68.30","48287","RU"
"2019-01-16 01:01:29","http://biometricsystems.ru/Januar2019/ZVOHZLAOJO4450541/Rechnungs-Details/DOC-Dokument/","offline","malware_download","emotet|epoch2|Heodo","biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-15 22:06:31","http://infocentertour.ru/Attachments/2019-01/","offline","malware_download","emotet|epoch1|Heodo","infocentertour.ru","91.189.114.30","48287","RU"
"2019-01-15 14:10:17","http://www.avto4x4.ru/DE/HJSEEJTFA1293851/de/Rechnungszahlung/","offline","malware_download","emotet|epoch2|Heodo","www.avto4x4.ru","195.24.68.30","48287","RU"
"2019-01-15 14:09:05","http://www.infocentertour.ru/Attachments/2019-01/","offline","malware_download","emotet|epoch1|Heodo","www.infocentertour.ru","91.189.114.30","48287","RU"
"2019-01-15 12:38:04","http://www.biometricsystems.ru/Januar2019/ZVOHZLAOJO4450541/Rechnungs-Details/DOC-Dokument/","offline","malware_download","emotet|epoch2|Heodo","www.biometricsystems.ru","91.189.114.12","48287","RU"
"2019-01-14 20:43:03","http://www.ng-tech.ru/xVhG-gt7a_LB-E8/Invoice/619377086/US/Question/","offline","malware_download","emotet|epoch2|Heodo","www.ng-tech.ru","195.24.68.15","48287","RU"
"2018-12-20 20:41:27","http://www.rosscan.info/Amazon/En_us/Transactions/122018/","offline","malware_download","doc|emotet|heodo","www.rosscan.info","91.189.114.13","48287","RU"
"2018-12-18 22:23:02","http://rosscan.info/Amazon/Payments_details/12_18/","offline","malware_download","doc|Heodo","rosscan.info","91.189.114.13","48287","RU"
"2018-12-18 16:59:54","http://www.rosscan.info/Amazon/Payments_details/12_18/","offline","malware_download","emotet|epoch1|Heodo","www.rosscan.info","91.189.114.13","48287","RU"
"2018-12-16 00:03:04","http://download.ware.ru/win/14779_SETUP_opl.exe","offline","malware_download","exe","download.ware.ru","31.177.76.32","48287","RU"
"2018-12-16 00:03:04","http://download.ware.ru/win/14779_SETUP_opl.exe","offline","malware_download","exe","download.ware.ru","31.177.80.32","48287","RU"
"2018-12-11 22:35:14","http://c-sert.ru/assets/images/zIM8ozmY/","offline","malware_download","emotet|epoch2|exe|Heodo","c-sert.ru","178.210.74.92","48287","RU"
"2018-11-30 13:05:13","http://178.210.89.16/VTXawsz","offline","malware_download","emotet|epoch2|exe|Heodo","178.210.89.16","178.210.89.16","48287","RU"
"2018-11-28 04:11:20","http://www.azksg.ru/71D/BIZ/US/","offline","malware_download","doc|emotet|epoch2","www.azksg.ru","91.189.114.26","48287","RU"
"2018-11-27 14:03:08","http://azksg.ru/71D/BIZ/US","offline","malware_download","emotet|epoch2|Heodo","azksg.ru","91.189.114.26","48287","RU"
"2018-11-26 14:20:07","http://1.bwtrans.z8.ru/5955BWNNIANU/SEP/US","offline","malware_download","emotet|epoch2","1.bwtrans.z8.ru","91.189.114.25","48287","RU"
"2018-11-23 20:58:05","http://www.wind7.ru/0293188TOJNED/oamo/Smallbusiness/","offline","malware_download","doc|emotet|epoch2","www.wind7.ru","91.189.114.10","48287","RU"
"2018-11-23 08:32:24","http://www.wind7.ru/0293188TOJNED/oamo/Smallbusiness","offline","malware_download","doc|emotet|heodo","www.wind7.ru","91.189.114.10","48287","RU"
"2018-11-21 09:45:02","http://1.bwtrans.z8.ru/EN_US/Messages/11_18/","offline","malware_download","doc|Heodo","1.bwtrans.z8.ru","91.189.114.25","48287","RU"
"2018-11-21 08:57:03","http://1.bwtrans.z8.ru/EN_US/Messages/11_18","offline","malware_download","emotet|epoch1|Heodo","1.bwtrans.z8.ru","91.189.114.25","48287","RU"
"2018-11-18 16:48:04","http://rucop.ru/java.dat","offline","malware_download","Adware.Generic|exe","rucop.ru","185.26.112.217","48287","RU"
"2018-11-09 15:38:03","http://uc-olimp.ru/r7nv7Do","offline","malware_download","emotet|exe|Heodo","uc-olimp.ru","31.177.76.144","48287","RU"
"2018-11-09 15:38:03","http://uc-olimp.ru/r7nv7Do","offline","malware_download","emotet|exe|Heodo","uc-olimp.ru","31.177.80.144","48287","RU"
"2018-11-09 14:33:03","http://uc-olimp.ru/r7nv7Do/","offline","malware_download","emotet|Heodo","uc-olimp.ru","31.177.76.144","48287","RU"
"2018-11-09 14:33:03","http://uc-olimp.ru/r7nv7Do/","offline","malware_download","emotet|Heodo","uc-olimp.ru","31.177.80.144","48287","RU"
"2018-11-07 15:06:08","http://stanzza.ru/newsletter/US_us/Past-Due-Invoices/Invoice-27125893-080918","offline","malware_download","doc|emotet|heodo","stanzza.ru","91.189.114.15","48287","RU"
"2018-11-06 07:48:07","http://superpipe.ru/5Or9I6A","offline","malware_download","emotet|exe|Heodo","superpipe.ru","31.177.76.70","48287","RU"
"2018-11-06 07:48:07","http://superpipe.ru/5Or9I6A","offline","malware_download","emotet|exe|Heodo","superpipe.ru","31.177.80.70","48287","RU"
"2018-11-06 00:09:05","http://krmar.ru/9qiWCR4b","offline","malware_download","emotet|exe|Heodo","krmar.ru","178.210.77.85","48287","RU"
"2018-10-22 16:11:03","http://adaptronic.ru/wp-content/plugins/maintenance/2","offline","malware_download","","adaptronic.ru","195.24.68.23","48287","RU"
"2018-10-22 16:11:03","http://adaptronic.ru/wp-content/plugins/maintenance/3","offline","malware_download","","adaptronic.ru","195.24.68.23","48287","RU"
"2018-10-22 16:11:02","http://adaptronic.ru/wp-content/plugins/maintenance/1","offline","malware_download","","adaptronic.ru","195.24.68.23","48287","RU"
"2018-10-08 15:47:04","http://abeliks.ru/DHL-Express/US","offline","malware_download","doc|emotet","abeliks.ru","195.24.68.11","48287","RU"
"2018-09-28 09:33:06","http://profsouz55.ru/6hSSkB3I","offline","malware_download","emotet|exe|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-09-26 14:48:15","http://kitezona.ru/wp-content/plugins/redirection/modules/3","offline","malware_download","","kitezona.ru","91.189.114.29","48287","RU"
"2018-09-26 14:38:28","http://kitezona.ru/wp-content/plugins/redirection/modules/4","offline","malware_download","","kitezona.ru","91.189.114.29","48287","RU"
"2018-09-26 14:38:26","http://kitezona.ru/wp-content/plugins/redirection/modules/2","offline","malware_download","","kitezona.ru","91.189.114.29","48287","RU"
"2018-09-26 14:38:24","http://kitezona.ru/wp-content/plugins/redirection/modules/1","offline","malware_download","","kitezona.ru","91.189.114.29","48287","RU"
"2018-09-18 13:52:43","http://mipz.ru/8623X/SWIFT/Business","offline","malware_download","doc|emotet|Heodo","mipz.ru","91.189.114.24","48287","RU"
"2018-09-13 07:26:58","http://xn--80aeffopfnf8l.xn--p1ai/libraries/legacy/Buchungsnummer-11-19581591674-85067419634.php","offline","malware_download","DEU|Nymaim|zipped-MZ","xn--80aeffopfnf8l.xn--p1ai","91.189.114.18","48287","RU"
"2018-09-13 05:41:52","http://ultren.info/LLC/US_us/Scan/","offline","malware_download","doc|emotet|epoch2|Heodo","ultren.info","195.208.1.159","48287","RU"
"2018-09-12 02:12:12","http://profsouz55.ru/4916LEGQ/WIRE/US/","offline","malware_download","doc|emotet|epoch2|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-09-11 14:17:24","http://ultren.info/LLC/US_us/Scan","offline","malware_download","doc|emotet|Heodo","ultren.info","195.208.1.159","48287","RU"
"2018-09-11 11:01:57","http://profsouz55.ru/4916LEGQ/WIRE/US","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-09-07 06:55:09","http://ultren.info/Zl7AIWX","offline","malware_download","emotet|exe|Heodo","ultren.info","195.208.1.159","48287","RU"
"2018-09-07 03:56:30","http://astralux-service.ru/payment/","offline","malware_download","doc|emotet|epoch1|Heodo","astralux-service.ru","109.70.26.37","48287","RU"
"2018-09-07 03:56:30","http://astralux-service.ru/payment/","offline","malware_download","doc|emotet|epoch1|Heodo","astralux-service.ru","194.85.61.76","48287","RU"
"2018-09-07 03:03:13","http://profsouz55.ru/1640VQN/WIRE/Personal/","offline","malware_download","doc|emotet|epoch2|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-09-06 21:56:02","http://profsouz55.ru/1640VQN/WIRE/Personal","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-09-06 05:04:05","http://tortik.spb.ru/XLV9xlgQlZ","offline","malware_download","emotet|exe|Heodo","tortik.spb.ru","195.208.1.102","48287","RU"
"2018-09-05 10:35:11","http://astralux-service.ru/payment","offline","malware_download","doc|emotet|Heodo","astralux-service.ru","109.70.26.37","48287","RU"
"2018-09-05 10:35:11","http://astralux-service.ru/payment","offline","malware_download","doc|emotet|Heodo","astralux-service.ru","194.85.61.76","48287","RU"
"2018-09-05 04:56:21","http://astralux-service.ru/82OiiIWall/DE/200-Jahre/","offline","malware_download","doc|emotet|epoch2|Heodo","astralux-service.ru","109.70.26.37","48287","RU"
"2018-09-05 04:56:21","http://astralux-service.ru/82OiiIWall/DE/200-Jahre/","offline","malware_download","doc|emotet|epoch2|Heodo","astralux-service.ru","194.85.61.76","48287","RU"
"2018-09-04 14:28:33","http://astralux-service.ru/82OiiIWall/DE/200-Jahre","offline","malware_download","doc|emotet|Heodo","astralux-service.ru","109.70.26.37","48287","RU"
"2018-09-04 14:28:33","http://astralux-service.ru/82OiiIWall/DE/200-Jahre","offline","malware_download","doc|emotet|Heodo","astralux-service.ru","194.85.61.76","48287","RU"
"2018-08-31 09:47:02","http://astralux-service.ru/DOC/US/Paid-Invoice/","offline","malware_download","doc|Heodo","astralux-service.ru","109.70.26.37","48287","RU"
"2018-08-31 09:47:02","http://astralux-service.ru/DOC/US/Paid-Invoice/","offline","malware_download","doc|Heodo","astralux-service.ru","194.85.61.76","48287","RU"
"2018-08-30 06:34:30","http://astralux-service.ru/DOC/US/Paid-Invoice","offline","malware_download","doc|emotet|epoch2|Heodo","astralux-service.ru","109.70.26.37","48287","RU"
"2018-08-30 06:34:30","http://astralux-service.ru/DOC/US/Paid-Invoice","offline","malware_download","doc|emotet|epoch2|Heodo","astralux-service.ru","194.85.61.76","48287","RU"
"2018-08-25 00:21:04","http://profsouz55.ru/4154264VH/PAYROLL/Business/","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-25 00:16:40","http://abeliks.ru/2278YVOBN/WIRE/US/","offline","malware_download","doc|emotet|Heodo","abeliks.ru","195.24.68.11","48287","RU"
"2018-08-24 07:08:36","http://abeliks.ru/2278YVOBN/WIRE/US","offline","malware_download","doc|emotet|Heodo","abeliks.ru","195.24.68.11","48287","RU"
"2018-08-23 19:04:04","http://1.almaz13.z8.ru/PO20188.jpg","offline","malware_download","Lokibot","1.almaz13.z8.ru","91.189.114.14","48287","RU"
"2018-08-23 09:24:07","http://profsouz55.ru/4154264VH/PAYROLL/Business","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-21 16:36:06","http://profsouz55.ru/8722109BMCIN/PAYROLL/Personal/","offline","malware_download","Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-21 08:41:37","http://profsouz55.ru/8722109BMCIN/PAYROLL/Personal","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-20 13:14:42","http://abeliks.ru/8POKMF/biz/Smallbusiness","offline","malware_download","doc|emotet|Heodo","abeliks.ru","195.24.68.11","48287","RU"
"2018-08-14 04:30:12","http://tortik.spb.ru/sites/En_us/OVERDUE-ACCOUNT/Invoice-09021439467-08-13-2018/","offline","malware_download","doc|emotet|Heodo","tortik.spb.ru","195.208.1.102","48287","RU"
"2018-08-14 04:27:58","http://profsouz55.ru/doc/US/Open-invoices/Invoice/","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-14 04:27:57","http://profsouz55.ru/187TEQCorporation/GU414658JP/6889361/UT-BJFB/","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-13 22:21:11","http://tortik.spb.ru/sites/En_us/OVERDUE-ACCOUNT/Invoice-09021439467-08-13-2018","offline","malware_download","doc|emotet|Heodo","tortik.spb.ru","195.208.1.102","48287","RU"
"2018-08-13 19:32:27","http://profsouz55.ru/doc/US/Open-invoices/Invoice","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-13 12:47:34","http://profsouz55.ru/187TEQCorporation/GU414658JP/6889361/UT-BJFB","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-09 16:15:28","http://stanzza.ru/newsletter/US_us/Past-Due-Invoices/Invoice-27125893-080918/","offline","malware_download","doc|emotet|Heodo","stanzza.ru","91.189.114.15","48287","RU"
"2018-08-09 05:52:57","http://uc-olimp.ru/99YLLC/EGY03811464680QSJHP/592331/HZCU-ISGKK-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","uc-olimp.ru","31.177.76.144","48287","RU"
"2018-08-09 05:52:57","http://uc-olimp.ru/99YLLC/EGY03811464680QSJHP/592331/HZCU-ISGKK-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","uc-olimp.ru","31.177.80.144","48287","RU"
"2018-08-09 05:49:08","http://profsouz55.ru/4MJPAY/UN3808459200K/367209864/KG-HUIB","offline","malware_download","doc|emotet|Heodo","profsouz55.ru","91.189.114.14","48287","RU"
"2018-08-09 05:49:06","http://stroy-h.ru/3KODownload/GDOO0792317490AXC/65988/RYPZ-UUS","offline","malware_download","doc|emotet|Heodo","stroy-h.ru","91.189.114.16","48287","RU"
"2018-08-09 05:46:16","http://tortik.spb.ru/23VDownload/FOD146903511C/Aug-08-2018-27034179253/OXY-MWAS/","offline","malware_download","Heodo","tortik.spb.ru","195.208.1.102","48287","RU"
"2018-08-08 16:30:44","http://tortik.spb.ru/23VDownload/FOD146903511C/Aug-08-2018-27034179253/OXY-MWAS","offline","malware_download","doc|emotet|Heodo","tortik.spb.ru","195.208.1.102","48287","RU"
"2018-08-08 05:51:38","http://s-roof.ru/files/En_us/My-current-address-update/","offline","malware_download","doc|emotet|Heodo","s-roof.ru","91.189.114.16","48287","RU"
"2018-08-07 00:58:44","http://s-roof.ru/files/En_us/My-current-address-update","offline","malware_download","doc|emotet|Heodo","s-roof.ru","91.189.114.16","48287","RU"
"2018-08-06 23:11:41","http://stroy-h.ru/INFO/CTHB66630462392CZ/5472851/EON-VOVE-Aug-06-2018","offline","malware_download","doc|emotet|Heodo","stroy-h.ru","91.189.114.16","48287","RU"
"2018-08-03 04:31:08","http://www.abeliks.ru/DHL-Express/US/","offline","malware_download","doc|emotet|Heodo","www.abeliks.ru","195.24.68.11","48287","RU"
"2018-08-03 04:30:11","http://stroy-h.ru/Tracking/US/","offline","malware_download","doc|emotet|Heodo","stroy-h.ru","91.189.114.16","48287","RU"
"2018-08-03 04:30:08","http://s-roof.ru/DHL/US/","offline","malware_download","doc|emotet|Heodo","s-roof.ru","91.189.114.16","48287","RU"
"2018-07-31 19:18:55","http://s-roof.ru/files/En_us/Recent-money-transfer-details/","offline","malware_download","doc|emotet|epoch2|Heodo","s-roof.ru","91.189.114.16","48287","RU"
"2018-07-31 13:26:34","http://abeliks.ru/DHL-Tracking/EN_en/","offline","malware_download","doc|emotet|heodo","abeliks.ru","195.24.68.11","48287","RU"
"2018-07-30 20:26:43","http://mfc50.ru/Tracking/En/","offline","malware_download","doc|emotet|epoch2|Heodo","mfc50.ru","91.189.114.4","48287","RU"
"2018-07-26 03:55:30","http://mfc50.ru/pdf/EN_en/STATUS/Pay-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","mfc50.ru","91.189.114.4","48287","RU"
"2018-07-25 03:56:50","http://buhalter.pro/pdf/EN_en/INVOICE-STATUS/Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","buhalter.pro","195.208.0.126","48287","RU"
"2018-07-20 03:44:30","http://stroy-tehno.ru/Jul2018/EN_en/OVERDUE-ACCOUNT/Invoice-182462/","offline","malware_download","doc|emotet|epoch2|Heodo","stroy-tehno.ru","31.177.76.70","48287","RU"
"2018-07-20 03:44:30","http://stroy-tehno.ru/Jul2018/EN_en/OVERDUE-ACCOUNT/Invoice-182462/","offline","malware_download","doc|emotet|epoch2|Heodo","stroy-tehno.ru","31.177.80.70","48287","RU"
"2018-07-11 04:05:53","http://buro.lego-web.ru/Rechnungs-Details/FORM/Rech-Nr011270/","offline","malware_download","doc|emotet|epoch2","buro.lego-web.ru","31.177.76.144","48287","RU"
"2018-07-11 04:05:53","http://buro.lego-web.ru/Rechnungs-Details/FORM/Rech-Nr011270/","offline","malware_download","doc|emotet|epoch2","buro.lego-web.ru","31.177.80.144","48287","RU"
"2018-07-10 09:42:11","http://www.soft.lego-web.ru/HBQM6F/","offline","malware_download","emotet|exe|Heodo","www.soft.lego-web.ru","31.177.76.144","48287","RU"
"2018-07-10 09:42:11","http://www.soft.lego-web.ru/HBQM6F/","offline","malware_download","emotet|exe|Heodo","www.soft.lego-web.ru","31.177.80.144","48287","RU"
"2018-07-09 16:35:02","http://venets.gluschenkoizdat.ru/pdf/EN_en/FILE/Payment/","offline","malware_download","Heodo","venets.gluschenkoizdat.ru","195.24.68.15","48287","RU"
"2018-07-09 13:58:03","http://www.venets.gluschenkoizdat.ru/pdf/EN_en/FILE/Payment/","offline","malware_download","doc|emotet|Heodo","www.venets.gluschenkoizdat.ru","195.24.68.15","48287","RU"
"2018-07-05 11:52:12","http://www.venets.gluschenkoizdat.ru/Zahlungserinnerung/","offline","malware_download","doc|emotet|epoch1|Heodo","www.venets.gluschenkoizdat.ru","195.24.68.15","48287","RU"
"2018-06-22 16:46:05","http://download.ware.ru/win/29890_passwordspy.exe","offline","malware_download","Azorult|exe","download.ware.ru","31.177.76.32","48287","RU"
"2018-06-22 16:46:05","http://download.ware.ru/win/29890_passwordspy.exe","offline","malware_download","Azorult|exe","download.ware.ru","31.177.80.32","48287","RU"
"2018-06-22 13:01:28","http://lipribhoz.ru/Zahlungserinnerung/Rechnung","offline","malware_download","emotet|Heodo","lipribhoz.ru","195.24.68.15","48287","RU"
"2018-06-22 12:04:58","http://avangardstone.com/bgoluaeQ0/","offline","malware_download","emotet|exe|heodo","avangardstone.com","91.189.114.17","48287","RU"
"2018-06-21 05:40:37","http://www.lipribhoz.ru/Zahlungserinnerung/Rechnung/","offline","malware_download","emotet|Heodo","www.lipribhoz.ru","195.24.68.15","48287","RU"
"2018-06-20 05:34:13","http://www.dc-tech.ru/P1lzAK/","offline","malware_download"," heodo| payload|emotet|Heodo","www.dc-tech.ru","195.208.1.106","48287","RU"
"2018-05-18 10:31:41","http://www.gidromash48.ru/Service-Report-73642/","offline","malware_download","doc|emotet|Heodo","www.gidromash48.ru","91.189.114.29","48287","RU"
"2018-04-09 18:04:32","http://mamont-tk.ru/Download/IW7553965242GGLWT/89690962/VP-MSFZI/","offline","malware_download","doc|emotet|heodo","mamont-tk.ru","195.24.68.11","48287","RU"
"2018-04-04 11:06:59","http://mobilemedicine.ru/css/FILE/Invoice/","offline","malware_download","doc|emotet|heodo","mobilemedicine.ru","195.208.1.101","48287","RU"
# of entries: 268