##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-12-26 21:05:40 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS57344
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-09-07 15:06:06","https://adapadske.org/zfg.lim","offline","malware_download","clickfix","adapadske.org","78.128.60.222","57344","BG"
"2025-08-22 15:32:12","http://www.supercf.co.ke/a/cryptedddd.zip","offline","malware_download","opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:32:08","http://www.supercf.co.ke/a/CRYPTEDDD.zip","offline","malware_download","opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:32:07","http://www.supercf.co.ke/a/BRAINNN.zip","offline","malware_download","opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:32:07","http://www.supercf.co.ke/a/Server.ps1","offline","malware_download","ascii|opendir|PowerShell|ps1","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:32:07","http://www.supercf.co.ke/a/w.ps1","offline","malware_download","ascii|opendir|PowerShell|ps1","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:32:07","http://www.supercf.co.ke/a/yyyy.ps1","offline","malware_download","ascii|opendir|PowerShell|ps1","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:32:07","http://www.supercf.co.ke/a/zz.ps1","offline","malware_download","ascii|opendir|PowerShell|ps1","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:22","http://www.supercf.co.ke/a/EASYPROTON.exe","offline","malware_download","AgentTesla|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:18","http://www.supercf.co.ke/a/NWLEE.exe","offline","malware_download","DarkCloud|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:15","http://www.supercf.co.ke/a/asyaugusth5858.exe","offline","malware_download","AsyncRAT|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:12","http://www.supercf.co.ke/a/raman.exe","offline","malware_download","exe|opendir|RemcosRAT","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:11","http://www.supercf.co.ke/a/26-10-2021.exe","offline","malware_download","exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:11","http://www.supercf.co.ke/a/HorusClient.exe","offline","malware_download","exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:11","http://www.supercf.co.ke/a/limeeee.txt","offline","malware_download","exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:10","http://www.supercf.co.ke/a/BIN.exe","offline","malware_download","AgentTesla|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:10","http://www.supercf.co.ke/a/easy.exe","offline","malware_download","AgentTesla|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:10","http://www.supercf.co.ke/a/emmajay.exe","offline","malware_download","AgentTesla|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:31:10","http://www.supercf.co.ke/a/k2.exe","offline","malware_download","AgentTesla|exe|opendir","www.supercf.co.ke","78.142.63.228","57344","BG"
"2025-08-22 15:30:10","http://www.supercf.co.ke/a/euro.exe","offline","malware_download","AsyncRAT|exe|opendir|XWorm","www.supercf.co.ke","78.142.63.228","57344","BG"
"2024-10-06 12:53:48","http://130.185.229.3:64408/Mozi.m","offline","malware_download","elf|Hajime","130.185.229.3","130.185.229.3","57344","BG"
"2024-10-06 09:19:18","http://130.185.229.3:64408/i","offline","malware_download","elf|Hajime","130.185.229.3","130.185.229.3","57344","BG"
"2024-06-25 12:19:05","http://elconnova.com/images/pic7.exe","offline","malware_download","Amadey|payloads","elconnova.com","91.148.168.149","57344","BG"
"2024-06-08 03:41:07","http://elconnova.com/images/pic5.exe","offline","malware_download","64|exe|LummaStealer","elconnova.com","91.148.168.149","57344","BG"
"2024-06-08 03:36:16","http://elconnova.com/images/pic6.exe","offline","malware_download","64|exe|LummaStealer","elconnova.com","91.148.168.149","57344","BG"
"2024-06-08 03:36:15","http://elconnova.com/images/pic4.exe","offline","malware_download","32|exe|LummaStealer","elconnova.com","91.148.168.149","57344","BG"
"2024-06-08 03:36:15","http://elconnova.com/images/pic9.exe","offline","malware_download","64|exe|LummaStealer","elconnova.com","91.148.168.149","57344","BG"
"2024-05-12 13:01:13","https://sirsamvidambu.com/assistant_v7.exe","offline","malware_download","dropped-by-Smokeloader|RedLineStealer","sirsamvidambu.com","78.128.60.222","57344","BG"
"2024-04-20 01:12:08","http://79.124.73.65:63274/i","offline","malware_download","elf|Hajime","79.124.73.65","79.124.73.65","57344","BG"
"2024-03-28 09:10:17","https://elconnova.com/images/tmp/1.jpg","offline","malware_download","32|exe|UACModuleSmokeLoader","elconnova.com","91.148.168.149","57344","BG"
"2024-03-28 08:02:07","https://elconnova.com/images/1.jpg","offline","malware_download","dropped-by-Smokeloader|UACModuleSmokeLoader","elconnova.com","91.148.168.149","57344","BG"
"2023-12-27 07:15:23","http://79.124.73.65:63274/.i","offline","malware_download","Hajime","79.124.73.65","79.124.73.65","57344","BG"
"2023-12-22 11:59:11","https://lakenaivasharesort.co.ke/uia/","offline","malware_download","Pikabot|TA577|TR|zip","lakenaivasharesort.co.ke","78.142.63.228","57344","BG"
"2023-11-15 09:26:33","https://giraffeambassadors.org/em/","offline","malware_download","js|Pikabot|TR|zip","giraffeambassadors.org","78.142.63.230","57344","BG"
"2023-10-23 15:48:20","https://cleanairsystems.co.ke/aatq/","offline","malware_download","TA577|TR","cleanairsystems.co.ke","217.174.152.36","57344","BG"
"2023-10-23 15:47:09","http://cleanairsystems.co.ke/aatq/","offline","malware_download","TA577|TR","cleanairsystems.co.ke","217.174.152.36","57344","BG"
"2023-06-22 06:06:10","https://omax.com.pk/ed/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","omax.com.pk","217.174.148.54","57344","BG"
"2023-06-02 05:13:16","https://speedlab.com.eg/tmp/index.php","offline","malware_download","payloads|RedLineStealer|Smoke Loader|viaSmokeLoader","speedlab.com.eg","91.148.168.149","57344","BG"
"2023-04-04 16:10:21","https://sunraysinvestigators.com/piid/piid.php","offline","malware_download","BB22|geofenced|js|Qakbot|qbot|Quakbot|TR|USA","sunraysinvestigators.com","217.174.148.54","57344","BG"
"2023-03-03 10:11:25","https://kabile-art.net/download/File_pass1234.zip","offline","malware_download","1234|password-protected|zip","kabile-art.net","91.148.168.100","57344","BG"
"2023-02-02 23:15:27","https://muhamediherbalremedies.co.ke/ESU.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","muhamediherbalremedies.co.ke","217.174.152.36","57344","BG"
"2022-12-22 20:03:14","https://nilbike.es/VRU.php","offline","malware_download","B1|BB11|ISO|Qakbot|Qbot|Quakbot|TR|U22|zip","nilbike.es","78.142.63.55","57344","BG"
"2022-12-14 16:02:44","https://elconnova.com/ei/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","elconnova.com","91.148.168.149","57344","BG"
"2022-12-13 20:16:36","https://asperlabs.co.ke/oasr/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","asperlabs.co.ke","217.174.152.36","57344","BG"
"2022-11-30 18:31:50","https://globaltempingservices.co.ke/pi/index.php?qbot.zip","offline","malware_download","BB08|iso|qakbot|qbot|quakbot|T34|TR|zip","globaltempingservices.co.ke","78.142.63.63","57344","BG"
"2022-11-28 21:46:21","https://hostelchollo.es/oa/index.php?qakbot.zip","offline","malware_download","BB08|iso|P32M|qakbot|qbot|quakbot|TR|zip","hostelchollo.es","217.174.149.250","57344","BG"
"2022-10-27 23:36:17","https://hostelchollo.es/er/qakbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","hostelchollo.es","217.174.149.250","57344","BG"
"2022-10-27 23:36:13","https://hostelchollo.es/ruip/qakbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","hostelchollo.es","217.174.149.250","57344","BG"
"2022-10-27 23:36:12","https://hostelchollo.es/trhe/qakbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","hostelchollo.es","217.174.149.250","57344","BG"
"2022-10-27 23:36:11","https://hostelchollo.es/nmt/qakbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","hostelchollo.es","217.174.149.250","57344","BG"
"2022-09-30 21:31:44","https://millenniumbg.com/nut/nmiosba","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:44","https://millenniumbg.com/nut/seecitnutn","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:43","https://millenniumbg.com/nut/lcniismaife","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:29","https://millenniumbg.com/nut/cuostaerqqiuuna","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:26","https://millenniumbg.com/nut/rnasumequcetmepui","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:25","https://millenniumbg.com/nut/nmmgucai","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:22","https://millenniumbg.com/nut/qudmioen","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:22","https://millenniumbg.com/nut/quiulamdoro","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:22","https://millenniumbg.com/nut/quiut","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:22","https://millenniumbg.com/nut/stniaiim","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:17","https://millenniumbg.com/nut/oetipsavutomsln","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:17","https://millenniumbg.com/nut/umoomrrled","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:16","https://millenniumbg.com/nut/asprmaeeuii","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:16","https://millenniumbg.com/nut/ituqau","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:11","https://millenniumbg.com/nut/eaqeun","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:11","https://millenniumbg.com/nut/mrluuruvetpotma","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-30 21:31:09","https://millenniumbg.com/nut/qoerouold","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","millenniumbg.com","217.174.149.211","57344","BG"
"2022-09-28 18:12:06","https://rethinkmentalhealthcare.or.ke/el/amissbueuestitrncer","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","rethinkmentalhealthcare.or.ke","217.174.152.36","57344","BG"
"2022-09-22 21:22:05","https://softlesson.ac.tz/tupq/trsucks","offline","malware_download","bb|encrypted|iso|qakbot|qbot|quakbot|tr|zip","softlesson.ac.tz","217.174.148.54","57344","BG"
"2022-09-22 10:10:12","https://www.konutmarket.com/loader/uploads/vbc_Ttjzwpyk.bmp","offline","malware_download","","www.konutmarket.com","78.128.81.226","57344","BG"
"2022-06-23 14:16:20","https://adanflora.com/ele/iqdeluetdino","offline","malware_download","AA|qakbot|qbot|TR|U523|zip","adanflora.com","217.174.152.36","57344","BG"
"2022-06-07 19:33:06","http://cncadventist.org/wp-content/9qikjVD84B/","offline","malware_download","dll|emotet|epoch4|heodo","cncadventist.org","217.174.152.36","57344","BG"
"2022-02-22 08:37:09","https://wavetronics.co.in/v/Vide0Playerv.exe","offline","malware_download","AsyncRAT|exe|opendir","wavetronics.co.in","78.128.43.176","57344","BG"
"2022-02-22 08:37:07","https://wavetronics.co.in/v/WndowsPlay.exe","offline","malware_download","exe|opendir","wavetronics.co.in","78.128.43.176","57344","BG"
"2022-02-22 08:37:07","https://wavetronics.co.in/v/WndowsPlayers.exe","offline","malware_download","exe|opendir","wavetronics.co.in","78.128.43.176","57344","BG"
"2022-02-22 08:37:06","https://wavetronics.co.in/v/WndowsPlayer.exe","offline","malware_download","exe|opendir","wavetronics.co.in","78.128.43.176","57344","BG"
"2022-02-22 08:36:07","https://wavetronics.co.in/v/WndowsPlays.exe","offline","malware_download","exe|Formbook|opendir","wavetronics.co.in","78.128.43.176","57344","BG"
"2022-02-22 08:36:06","https://wavetronics.co.in/v/VideoPloyers.exe","offline","malware_download","AgentTesla|exe|opendir","wavetronics.co.in","78.128.43.176","57344","BG"
"2022-02-18 11:11:05","http://esalog-bg.com/images1/book/gig/a/Criyop.jpg","offline","malware_download","AsyncRAT|encrypted|RAT","esalog-bg.com","78.142.47.202","57344","BG"
"2022-02-18 11:10:07","http://esalog-bg.com/images1/book/gig/a/Criyop.exe","offline","malware_download","AsyncRAT|exe","esalog-bg.com","78.142.47.202","57344","BG"
"2022-02-16 09:01:04","http://www.konutmarket.com/as/vbc.exe","offline","malware_download","AgentTesla|exe","www.konutmarket.com","78.128.81.226","57344","BG"
"2022-02-08 18:59:05","http://www.konutmarket.com/2/vbc.exe","offline","malware_download","AgentTesla|exe","www.konutmarket.com","78.128.81.226","57344","BG"
"2021-12-06 13:39:15","https://100services.co.uk/b0nac7b.zip","offline","malware_download","dll|Dridex","100services.co.uk","217.174.148.54","57344","BG"
"2021-10-22 15:21:10","https://drtimsdental.com/voluptatempraesentium/documents.zip","offline","malware_download","TR|zip","drtimsdental.com","217.174.152.36","57344","BG"
"2021-10-13 13:15:12","https://gc.dcimg.com/o0zgwz.rar","offline","malware_download","Dridex","gc.dcimg.com","78.128.8.27","57344","BG"
"2021-10-06 21:02:10","https://wakenyawataliitourstravel.com/quia-autem/documents.zip","offline","malware_download","SilentBuilder|TR|zip","wakenyawataliitourstravel.com","217.174.152.36","57344","BG"
"2021-10-04 18:14:06","https://advancepoly.com/perspiciatis-voluptas/documents.zip","offline","malware_download","TR|zip","advancepoly.com","78.142.63.63","57344","BG"
"2021-06-14 12:00:04","http://78.128.92.33/documennt/win32.exe","offline","malware_download","exe|GuLoader|NetWire|opendir|RemcosRAT|Smoke Loader","78.128.92.33","78.128.92.33","57344","BG"
"2021-06-09 06:20:04","http://78.128.92.33/scmdoc/win32.exe","offline","malware_download","AsyncRAT|exe|GuLoader|opendir|Smoke Loader","78.128.92.33","78.128.92.33","57344","BG"
"2021-06-02 05:45:23","https://istarbs.com/transmigrator.php","offline","malware_download","doc|hancitor","istarbs.com","78.142.63.28","57344","BG"
"2021-06-02 05:45:05","https://istarbs.com/exuberance.php","offline","malware_download","doc|hancitor","istarbs.com","78.142.63.28","57344","BG"
"2021-05-24 16:45:09","https://dint.digital/mr--percival-herzog/Noah.Garcia-77.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","dint.digital","78.128.60.120","57344","BG"
"2021-05-20 14:36:09","https://bizomate.co.ke/2UudEchwcxa7df.php","offline","malware_download","Dridex","bizomate.co.ke","78.142.63.230","57344","BG"
"2021-05-20 14:36:09","https://bizomate.co.ke/2UudEchwcxa7df.php","offline","malware_download","Dridex","bizomate.co.ke","78.142.63.231","57344","BG"
"2021-05-13 18:05:15","https://grocerysumo.com/6UVFl/NoahWilliams-86.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","grocerysumo.com","217.174.148.211","57344","BG"
"2021-05-13 13:40:33","https://grocerysumo.com/6UVFl/SophiaSmith-13.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","grocerysumo.com","217.174.148.211","57344","BG"
"2021-05-12 19:38:23","https://grocerysumo.com/6UVFl/AvaGarcia-0.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","grocerysumo.com","217.174.148.211","57344","BG"
"2021-04-26 22:27:09","https://theunitedsports.com/N4fJM/OliviaJones-57.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","theunitedsports.com","91.148.168.30","57344","BG"
"2021-04-26 14:26:40","https://theunitedsports.com/N4fJM/SophiaBrown-14.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","theunitedsports.com","91.148.168.30","57344","BG"
"2021-04-26 14:25:51","https://theunitedsports.com/N4fJM/LiamSmith-69.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","theunitedsports.com","91.148.168.30","57344","BG"
"2021-04-22 18:40:11","https://theunitedsports.com/p14S/catalogue-76.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","theunitedsports.com","91.148.168.30","57344","BG"
"2021-04-22 14:41:20","https://theunitedsports.com/p14S/catalogue-55.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","theunitedsports.com","91.148.168.30","57344","BG"
"2021-01-05 09:02:07","http://speed-bg.com/kapa3/ferrazio/typla/jbm/5bYDAStoeJnLmro.exe","offline","malware_download","exe","speed-bg.com","79.124.76.25","57344","BG"
"2021-01-05 09:02:06","http://speed-bg.com/kalaz/ferrapos/gudda/aglz/JDd7pspBArx5F5a.exe","offline","malware_download","exe|QuasarRAT","speed-bg.com","79.124.76.25","57344","BG"
"2021-01-04 13:19:05","http://speed-bg.com/kalaz/ferrapos/gudda/aglz/RT2cSc6DgcZ5t8G.exe","offline","malware_download","exe|opendir|QuasarRAT","speed-bg.com","79.124.76.25","57344","BG"
"2021-01-04 13:18:07","http://speed-bg.com/kapa2/ferrazio/typla/jbm/GWqhcX68z24xeAO.exe","offline","malware_download","exe|opendir|QuasarRAT","speed-bg.com","79.124.76.25","57344","BG"
"2020-11-04 06:42:04","http://78.128.92.94/business/vbc.exe","offline","malware_download","AgentTesla|exe|opendir","78.128.92.94","78.128.92.94","57344","BG"
"2020-11-04 06:42:02","http://78.128.92.94/business/document.doc","offline","malware_download","AgentTesla|opendir|rtf","78.128.92.94","78.128.92.94","57344","BG"
"2020-11-03 14:40:05","http://78.128.92.94/win/vbc.exe","offline","malware_download","AgentTesla|exe|opendir","78.128.92.94","78.128.92.94","57344","BG"
"2020-11-03 14:39:03","http://78.128.92.94/win/document.doc","offline","malware_download","AgentTesla|doc|opendir","78.128.92.94","78.128.92.94","57344","BG"
"2020-10-26 05:00:05","http://78.128.92.26/system/vbc.exe","offline","malware_download","AgentTesla","78.128.92.26","78.128.92.26","57344","BG"
"2020-10-22 16:52:08","http://78.128.92.26/vbc.exe","offline","malware_download","AgentTesla|exe","78.128.92.26","78.128.92.26","57344","BG"
"2020-10-22 02:42:09","https://serenitykenya.co.ke/jupyter-notebook/45704771596/","offline","malware_download","doc|emotet|epoch2|Heodo","serenitykenya.co.ke","217.174.152.36","57344","BG"
"2020-10-19 22:35:10","https://serenitykenya.co.ke/wiremu-kingi/eTrac/624039604382/eobr-91974/","offline","malware_download","doc|emotet|epoch3|Heodo","serenitykenya.co.ke","217.174.152.36","57344","BG"
"2020-10-16 10:11:02","http://78.128.92.22/svch.exe","offline","malware_download","exe","78.128.92.22","78.128.92.22","57344","BG"
"2020-10-16 10:03:03","http://78.128.92.22/vbc.exe","offline","malware_download","AgentTesla|exe","78.128.92.22","78.128.92.22","57344","BG"
"2020-08-26 09:21:06","http://78.128.92.46/main/Host_xmNIY97.bin","offline","malware_download","encrypted|GuLoader","78.128.92.46","78.128.92.46","57344","BG"
"2020-08-26 09:21:03","http://78.128.92.46/back/Host_xmNIY97.bin","offline","malware_download","encrypted|GuLoader","78.128.92.46","78.128.92.46","57344","BG"
"2020-08-20 09:58:03","http://78.128.92.100/vbc.exe","offline","malware_download","AgentTesla|exe","78.128.92.100","78.128.92.100","57344","BG"
"2020-08-20 08:39:02","http://78.128.92.100/invoice_102142.doc","offline","malware_download","rtf","78.128.92.100","78.128.92.100","57344","BG"
"2020-08-13 09:34:19","http://rhusseini.com/wp-includes/Qdq/","offline","malware_download","doc|emotet|epoch3|Heodo","rhusseini.com","78.128.43.95","57344","BG"
"2020-06-17 22:50:37","http://styleswim.com/xvfwopgybd/f/Xakk3oVys.zip","offline","malware_download","Qakbot|qbot|spx142|zip","styleswim.com","78.142.63.124","57344","BG"
"2020-06-17 12:42:21","http://styleswim.com/mumrwwygxys/r/ZhHvFsLst.zip","offline","malware_download","Qakbot|Quakbot|zip","styleswim.com","78.142.63.124","57344","BG"
"2020-06-17 12:29:35","http://styleswim.com/mumrwwygxys/M/KUiAIjxPh.zip","offline","malware_download","Qakbot|Quakbot|zip","styleswim.com","78.142.63.124","57344","BG"
"2020-06-17 12:17:07","http://styleswim.com/mumrwwygxys/FdbUkvBQuT.zip","offline","malware_download","Qakbot|Quakbot|zip","styleswim.com","78.142.63.124","57344","BG"
"2020-06-17 11:55:53","http://styleswim.com/mumrwwygxys/NM/Rs/c0PZZNns.zip","offline","malware_download","Qakbot|Quakbot|zip","styleswim.com","78.142.63.124","57344","BG"
"2020-06-17 11:47:16","http://styleswim.com/xvfwopgybd/ec/m7/7JnSRTL3.zip","offline","malware_download","Qakbot|Quakbot|zip","styleswim.com","78.142.63.124","57344","BG"
"2020-05-26 15:41:40","https://inttraders.net/xktapyaw/525990/Aufhebung_525990_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","inttraders.net","79.124.76.171","57344","BG"
"2020-05-26 15:27:47","https://inttraders.net/xktapyaw/Aufhebung_166705_25052020.zip","offline","malware_download","Qakbot|qbot|spx127|zip","inttraders.net","79.124.76.171","57344","BG"
"2020-05-26 15:23:36","https://inttraders.net/xktapyaw/1295882/Aufhebung_1295882_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","inttraders.net","79.124.76.171","57344","BG"
"2020-05-26 14:09:13","https://inttraders.net/xktapyaw/07070214/Aufhebung_07070214_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","inttraders.net","79.124.76.171","57344","BG"
"2020-05-26 11:43:27","https://inttraders.net/xktapyaw/Aufhebung_53657042_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","inttraders.net","79.124.76.171","57344","BG"
"2019-10-11 17:08:58","http://graphos.co.ke/cgi-bin/aq817iimjrpkmmugc5ah39ho8u6q5lg0/","offline","malware_download","doc|emotet|epoch2|Heodo","graphos.co.ke","217.174.152.50","57344","BG"
"2019-03-16 06:43:02","http://130.185.250.220/mips","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:40:05","http://130.185.250.220/x86","offline","malware_download","elf|mirai","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:40:02","http://130.185.250.220/m68k","offline","malware_download","elf|mirai","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:18:06","http://130.185.250.220/mipsel","offline","malware_download","elf|mirai","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:14:03","http://130.185.250.220/sh4","offline","malware_download","elf|mirai","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:13:03","http://130.185.250.220/i586","offline","malware_download","elf|mirai","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:11:04","http://130.185.250.220/sparc","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:10:05","http://130.185.250.220/i686","offline","malware_download","elf|mirai","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-16 06:09:03","http://130.185.250.220/ppc","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-13 13:49:45","http://mountbluekandy.com/wp-content/themes/colosseum/widgets/tehnikol.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","mountbluekandy.com","217.174.148.151","57344","BG"
"2019-03-13 13:49:42","http://mountbluekandy.com/wp-content/themes/colosseum/widgets/stroi-industr.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","mountbluekandy.com","217.174.148.151","57344","BG"
"2019-03-08 06:45:04","http://130.185.250.220/hehe.mpsl","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:44:14","http://130.185.250.220/hehe.m68","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:24:33","http://130.185.250.220/hehe.arm5","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:24:33","http://130.185.250.220/hehe.arm6","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:24:32","http://130.185.250.220/hehe.mips64","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:23:04","http://130.185.250.220/hehe.i686","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:23:03","http://130.185.250.220/hehe.arm7","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:22:08","http://130.185.250.220/hehe.mips","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:20:40","http://130.185.250.220/hehe.arm4l","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:20:04","http://130.185.250.220/hehe.arm4tl","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:17:10","http://130.185.250.220/hehe.spc","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:16:09","http://130.185.250.220/hehe.ppc","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:14:03","http://130.185.250.220/hehe.x86_64","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-08 06:05:02","http://130.185.250.220/hehe.sh4","offline","malware_download","bashlite|elf|gafgyt","130.185.250.220","130.185.250.220","57344","BG"
"2019-03-07 09:44:24","http://78.128.92.27/jsloda.exe","offline","malware_download","exe","78.128.92.27","78.128.92.27","57344","BG"
"2019-03-07 08:56:04","http://78.128.92.27/letsencrypt.exe","offline","malware_download","exe","78.128.92.27","78.128.92.27","57344","BG"
"2019-03-07 08:47:03","http://78.128.92.27/powarc190105.exe","offline","malware_download","exe","78.128.92.27","78.128.92.27","57344","BG"
"2019-03-07 05:50:37","http://78.128.92.27/favicons.exe","offline","malware_download","exe|loader|payload|smokeloader","78.128.92.27","78.128.92.27","57344","BG"
"2019-01-30 12:41:03","http://78.128.92.27/MailspringSetup.exe","offline","malware_download","Smokebot","78.128.92.27","78.128.92.27","57344","BG"
"2018-11-27 09:48:02","http://91.148.168.141/~vtimer01igg/files/ike.exe","offline","malware_download","azorult","91.148.168.141","91.148.168.141","57344","BG"
"2018-11-09 13:42:41","http://78.128.92.15/netde.exe","offline","malware_download","exe|netwire|rat","78.128.92.15","78.128.92.15","57344","BG"
"2018-11-09 13:42:41","http://78.128.92.15/respay.exe","offline","malware_download","exe|rat|remcos|remcosrat","78.128.92.15","78.128.92.15","57344","BG"
"2018-10-24 07:03:03","http://78.128.92.22/zyno/zyno.exe","offline","malware_download","exe|Formbook","78.128.92.22","78.128.92.22","57344","BG"
"2018-10-16 11:22:10","http://91.148.168.141/~ultrasoftusa/materialDP.exe","offline","malware_download","exe","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:09","http://91.148.168.141/~ultrasoftusa/YOUNG.doc","offline","malware_download","downloader|rtf","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:09","http://91.148.168.141/~ultrasoftusa/YOUNGNDP.exe","offline","malware_download","AgentTesla|exe","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:08","http://91.148.168.141/~ultrasoftusa/TRILLIUM20171.doc","offline","malware_download","downloader|rtf","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:07","http://91.148.168.141/~ultrasoftusa/PRODUCT-REQUEST.doc","offline","malware_download","downloader|rtf","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:06","http://91.148.168.141/~ultrasoftusa/NONSO.doc","offline","malware_download","downloader|rtf","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:06","http://91.148.168.141/~ultrasoftusa/NONSODP.exe","offline","malware_download","exe","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:05","http://91.148.168.141/~ultrasoftusa/MATERIAL.doc","offline","malware_download","downloader|rtf","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:04","http://91.148.168.141/~ultrasoftusa/GREGORYDP.exe","offline","malware_download","AgentTesla|exe","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-16 11:22:03","http://91.148.168.141/~ultrasoftusa/TRILLIUM20172.doc","offline","malware_download","downloader|rtf","91.148.168.141","91.148.168.141","57344","BG"
"2018-10-08 08:48:03","http://130.185.250.201/bash","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:47:03","http://130.185.250.201/apache2","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:47:03","http://130.185.250.201/pftp","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:45:04","http://130.185.250.201/ftp","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:44:04","http://130.185.250.201/cron","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:42:02","http://130.185.250.201/tftp","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:21:04","http://130.185.250.201/ntpd","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:21:03","http://130.185.250.201/[cpu]","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:19:01","http://130.185.250.201/sshd","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:17:05","http://130.185.250.201/openssh","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-08 08:16:02","http://130.185.250.201/wget","offline","malware_download","elf","130.185.250.201","130.185.250.201","57344","BG"
"2018-10-03 21:23:03","http://78.128.92.15/shortcuty.exe","offline","malware_download","exe","78.128.92.15","78.128.92.15","57344","BG"
"2018-10-03 15:33:21","http://78.128.92.15/custom.doc","offline","malware_download","rtf","78.128.92.15","78.128.92.15","57344","BG"
"2018-09-11 05:14:25","http://robertsd.com/tibudr/50521AUOBWPGI/PAYMENT/Commercial/","offline","malware_download","doc|emotet|epoch2","robertsd.com","217.174.149.13","57344","BG"
"2018-09-10 16:45:44","http://78.128.92.104/file/po2.exe","offline","malware_download","exe|Trickbot","78.128.92.104","78.128.92.104","57344","BG"
"2018-09-10 09:18:04","http://78.128.92.104/file/b_output7939DE0.exe","offline","malware_download","exe|Formbook","78.128.92.104","78.128.92.104","57344","BG"
"2018-09-10 05:06:03","http://78.128.92.104/file/file1.exe","offline","malware_download","exe|RevCodeRAT","78.128.92.104","78.128.92.104","57344","BG"
"2018-09-10 04:45:07","http://78.128.92.104/file/po1.exe","offline","malware_download","exe|NanoCore|Trickbot","78.128.92.104","78.128.92.104","57344","BG"
"2018-09-07 04:16:23","http://robertsd.com/tibudr/50521AUOBWPGI/PAYMENT/Commercial","offline","malware_download","doc|emotet|epoch2|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-09-06 02:03:07","http://robertsd.com/Receipts/","offline","malware_download","doc|emotet|epoch1|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-09-04 23:26:41","http://robertsd.com/Receipts","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-28 04:12:12","http://robertsd.com/INFO/EN_en/Service-Invoice/","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-26 13:24:04","http://robertsd.com/INFO/EN_en/Service-Invoice","offline","malware_download","doc|emotet|heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-21 04:43:39","http://robertsd.com/29395OUPPC/SWIFT/Business/","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-20 23:23:41","http://robertsd.com/29395OUPPC/SWIFT/Business","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-17 03:36:48","http://robertsd.com/Aug2018/US_us/STATUS/Order-51745670681/","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-16 11:41:49","http://robertsd.com/Aug2018/US_us/STATUS/Order-51745670681","offline","malware_download","doc|Emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-07 22:45:08","http://78.128.92.104/file/file2.exe","offline","malware_download","Emotet|exe|Formbook","78.128.92.104","78.128.92.104","57344","BG"
"2018-08-06 23:11:06","http://robertsd.com/tibudr/sites/US_us/Change-of-Address","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-06 16:27:34","http://robertsd.com/tibudr/sites/US_us/Change-of-Address/","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-08-01 16:12:14","http://newbiesinc.com/Aug2018/Bestellungen/Zahlungserinnerung/Erinnerung-an-die-Rechnungszahlung-LQ-59-86729/","offline","malware_download","doc|emotet|epoch2|Heodo","newbiesinc.com","78.142.63.187","57344","BG"
"2018-07-25 13:31:10","http://novomet.bg/javascripts/pass.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:09","http://novomet.bg/javascripts/pass.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:08","http://novomet.bg/javascripts/ok.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:07","http://novomet.bg/javascripts/obb.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:07","http://novomet.bg/javascripts/ok.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:05","http://novomet.bg/javascripts/mango.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:05","http://novomet.bg/javascripts/obb.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:03","http://novomet.bg/javascripts/cha.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-25 13:31:03","http://novomet.bg/javascripts/cha.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:21","http://novomet.bg/flash/yg.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:20","http://novomet.bg/flash/osm.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:20","http://novomet.bg/flash/yg.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:19","http://novomet.bg/flash/jo.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:18","http://novomet.bg/flash/ion.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:18","http://novomet.bg/flash/jo.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:17","http://novomet.bg/flash/ion.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:16","http://novomet.bg/flash/free.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:15","http://novomet.bg/flash/franc.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:15","http://novomet.bg/flash/free.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:14","http://novomet.bg/flash/figg.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:14","http://novomet.bg/flash/fran.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:13","http://novomet.bg/flash/figg.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:12","http://novomet.bg/flash/emm.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:11","http://novomet.bg/flash/elbb.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:11","http://novomet.bg/flash/emm.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:10","http://novomet.bg/flash/decx.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:10","http://novomet.bg/flash/elbb.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:09","http://novomet.bg/flash/dec.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:08","http://novomet.bg/flash/chuk.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:07","http://novomet.bg/flash/chii.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:07","http://novomet.bg/flash/chk.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:06","http://novomet.bg/flash/chii.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:05","http://novomet.bg/flash/chambers.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:04","http://novomet.bg/flash/bobm.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:04","http://novomet.bg/flash/chambers.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:03","http://novomet.bg/flash/bobm.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:05:02","http://novomet.bg/flash/bobb.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:04:06","http://novomet.bg/flash/osm.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:04:05","http://novomet.bg/flash/okii.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:04:04","http://novomet.bg/flash/okii.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 14:04:03","http://novomet.bg/flash/kc.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 13:57:03","http://novomet.bg/flash/kc.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:33","http://novomet.bg/templates/yg.exe","offline","malware_download","exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:32","http://novomet.bg/templates/sod.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:32","http://novomet.bg/templates/yg.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:31","http://novomet.bg/templates/sod.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:18","http://novomet.bg/templates/putty.SettingContent-ms","offline","malware_download","settingcontent-ms","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:17","http://novomet.bg/templates/pass.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:16","http://novomet.bg/templates/p5.exe","offline","malware_download","exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:16","http://novomet.bg/templates/pass.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:15","http://novomet.bg/templates/p4.exe","offline","malware_download","exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:15","http://novomet.bg/templates/p5.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:14","http://novomet.bg/templates/p4.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:13","http://novomet.bg/templates/p3.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:12","http://novomet.bg/templates/p2.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:12","http://novomet.bg/templates/p3.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:11","http://novomet.bg/templates/p1z.exe","offline","malware_download","exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:11","http://novomet.bg/templates/p2.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:10","http://novomet.bg/templates/p1z.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:09","http://novomet.bg/templates/jiv.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:09","http://novomet.bg/templates/jov.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:08","http://novomet.bg/templates/ji.exe","offline","malware_download","exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:07","http://novomet.bg/templates/fr.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:07","http://novomet.bg/templates/ji.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:06","http://novomet.bg/templates/fr.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:05","http://novomet.bg/templates/emn.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:05","http://novomet.bg/templates/emn.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:04","http://novomet.bg/templates/bobb.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-24 06:50:03","http://novomet.bg/templates/agg.doc","offline","malware_download","CVE201711882|rtf|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:20","http://novomet.bg/templates/whe.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:19","http://novomet.bg/templates/ok.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:19","http://novomet.bg/templates/whe.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:18","http://novomet.bg/templates/ok.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:17","http://novomet.bg/templates/mi.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:17","http://novomet.bg/templates/mi.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:16","http://novomet.bg/templates/kc.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:16","http://novomet.bg/templates/kc.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:15","http://novomet.bg/templates/jo.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:14","http://novomet.bg/templates/ion.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:14","http://novomet.bg/templates/jo.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:13","http://novomet.bg/templates/france.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:13","http://novomet.bg/templates/ion.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:12","http://novomet.bg/templates/fig.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:12","http://novomet.bg/templates/franc.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:11","http://novomet.bg/templates/fig.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:10","http://novomet.bg/templates/ell.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:10","http://novomet.bg/templates/ell.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:09","http://novomet.bg/templates/decc.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:08","http://novomet.bg/templates/cov.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:08","http://novomet.bg/templates/decc.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:07","http://novomet.bg/templates/chii.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:07","http://novomet.bg/templates/cov.doc","offline","malware_download","SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:06","http://novomet.bg/templates/cha.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:05","http://novomet.bg/templates/ch.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:05","http://novomet.bg/templates/cha.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:04","http://novomet.bg/templates/bob.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:04","http://novomet.bg/templates/bob.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:03","http://novomet.bg/templates/ag.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:41:02","http://novomet.bg/templates/ag.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:10","http://novomet.bg/doors/brochures/apps/yg.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:09","http://novomet.bg/doors/brochures/apps/osm.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:08","http://novomet.bg/doors/brochures/apps/figg.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:08","http://novomet.bg/doors/brochures/apps/fran.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:07","http://novomet.bg/doors/brochures/apps/dec.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:07","http://novomet.bg/doors/brochures/apps/emyy.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:06","http://novomet.bg/doors/brochures/apps/chala.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:06","http://novomet.bg/doors/brochures/apps/chii.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:05","http://novomet.bg/doors/brochures/apps/bob.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:04","http://novomet.bg/abi/file.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:40:03","http://novomet.bg/abi/file.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:12","http://novomet.bg/doors/images2/p33.exe","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:11","http://novomet.bg/doors/images2/p22.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:11","http://novomet.bg/doors/images2/p33.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:10","http://novomet.bg/doors/images2/p22.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:09","http://novomet.bg/doors/images2/p11.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:08","http://novomet.bg/doors/images2/p1.exe","offline","malware_download","AgentTesla","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:07","http://novomet.bg/doors/brochures/apps/okii.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:06","http://novomet.bg/doors/brochures/apps/mi.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:05","http://novomet.bg/doors/brochures/apps/jizz.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:05","http://novomet.bg/doors/brochures/apps/kcc.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-23 04:39:04","http://novomet.bg/doors/brochures/apps/ioan.doc","offline","malware_download","","novomet.bg","78.128.43.156","57344","BG"
"2018-07-18 08:10:03","http://novomet.bg/calendarium/core/conf/obi.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-18 08:05:03","http://novomet.bg/calendarium/core/conf/obi.doc","offline","malware_download","doc|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-18 06:56:06","http://novomet.bg/flash/jiz.exe","offline","malware_download","AgentTesla|exe|razy","novomet.bg","78.128.43.156","57344","BG"
"2018-07-18 06:56:04","http://novomet.bg/flash/jfk.doc","offline","malware_download","CVE201711882|rtf|shellcode|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:15","http://novomet.bg/doors/brochures/apps/whe.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:15","http://novomet.bg/doors/brochures/apps/yg.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:14","http://novomet.bg/doors/brochures/apps/osm.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:13","http://novomet.bg/doors/brochures/apps/okii.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:12","http://novomet.bg/doors/brochures/apps/mi.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:12","http://novomet.bg/doors/brochures/apps/obi.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:11","http://novomet.bg/doors/brochures/apps/kc.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:10","http://novomet.bg/doors/brochures/apps/jizz.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:09","http://novomet.bg/doors/brochures/apps/ioan.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:08","http://novomet.bg/doors/brochures/apps/figg.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:07","http://novomet.bg/doors/brochures/apps/emy.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:06","http://novomet.bg/doors/brochures/apps/elb.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:05","http://novomet.bg/doors/brochures/apps/dec.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:04","http://novomet.bg/doors/brochures/apps/chii.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-17 09:24:03","http://novomet.bg/doors/brochures/apps/chala.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:12","http://novomet.bg/doors/brochures/apps/uche.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:12","http://novomet.bg/doors/brochures/apps/whesilo.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:11","http://novomet.bg/doors/brochures/apps/skim.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:10","http://novomet.bg/doors/brochures/apps/running.exe","offline","malware_download","AgentTesla|exe|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:09","http://novomet.bg/doors/brochures/apps/okilo.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:08","http://novomet.bg/doors/brochures/apps/jizzy.exe","offline","malware_download","exe|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:08","http://novomet.bg/doors/brochures/apps/joe.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:07","http://novomet.bg/doors/brochures/apps/ike.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:06","http://novomet.bg/doors/brochures/apps/elber.exe","offline","malware_download","exe|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:06","http://novomet.bg/doors/brochures/apps/francis.exe","offline","malware_download","AgentTesla|exe|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:05","http://novomet.bg/doors/brochures/apps/chuwku.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:04","http://novomet.bg/doors/brochures/apps/bren.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:04","http://novomet.bg/doors/brochures/apps/chambers.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:03","http://novomet.bg/doors/brochures/apps/bobb.exe","offline","malware_download","exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:29:02","http://novomet.bg/doors/brochures/apps/ago.exe","offline","malware_download","AgentTesla|exe","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:10","http://novomet.bg/doors/brochures/apps/uch.doc","offline","malware_download","doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:10","http://novomet.bg/doors/brochures/apps/whe.doc","offline","malware_download","AgentTesla|doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:09","http://novomet.bg/doors/brochures/apps/oki.doc","offline","malware_download","AgentTesla|doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:09","http://novomet.bg/doors/brochures/apps/run.doc","offline","malware_download","doc|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:09","http://novomet.bg/doors/brochures/apps/skim.doc","offline","malware_download","doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:08","http://novomet.bg/doors/brochures/apps/jiz.doc","offline","malware_download","doc|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:08","http://novomet.bg/doors/brochures/apps/jo.doc","offline","malware_download","AgentTesla|doc|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:07","http://novomet.bg/doors/brochures/apps/france.doc","offline","malware_download","doc|Loki","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:07","http://novomet.bg/doors/brochures/apps/ike.doc","offline","malware_download","AgentTesla|doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:06","http://novomet.bg/doors/brochures/apps/chuk.doc","offline","malware_download","doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:06","http://novomet.bg/doors/brochures/apps/elb.doc","offline","malware_download","doc|Loki|SocStealer","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:05","http://novomet.bg/doors/brochures/apps/bren.doc","offline","malware_download","doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:05","http://novomet.bg/doors/brochures/apps/chan.doc","offline","malware_download","AgentTesla|doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:04","http://novomet.bg/doors/brochures/apps/bobb.doc","offline","malware_download","AgentTesla|doc","novomet.bg","78.128.43.156","57344","BG"
"2018-07-12 08:25:03","http://novomet.bg/doors/brochures/apps/ago.doc","offline","malware_download","doc","novomet.bg","78.128.43.156","57344","BG"
"2018-06-07 13:52:06","http://rashev.org/qnp7xg/","offline","malware_download","emotet|epoch1|Heodo|payload","rashev.org","78.128.60.201","57344","BG"
"2018-06-05 14:41:04","http://robertsd.com/Rechnungs-scan/","offline","malware_download","doc|emotet|Heodo","robertsd.com","217.174.149.13","57344","BG"
"2018-06-01 20:04:29","http://rashev.org/Facture/","offline","malware_download","doc|emotet|Heodo","rashev.org","78.128.60.201","57344","BG"
"2018-05-30 20:26:37","http://rashev.org/Facturation-30/05/2018/","offline","malware_download","doc|emotet|Heodo","rashev.org","78.128.60.201","57344","BG"
"2018-05-18 10:54:18","http://78.128.76.165/~t1onishl/zeal.exe","offline","malware_download","AgentTesla","78.128.76.165","78.128.76.165","57344","BG"
"2018-05-18 10:53:39","http://78.128.76.165/~t1onishl/edu.exe","offline","malware_download","","78.128.76.165","78.128.76.165","57344","BG"
"2018-05-18 10:52:55","http://78.128.76.165/~t1onishl/Emeka.exe","offline","malware_download","AgentTesla","78.128.76.165","78.128.76.165","57344","BG"
"2018-05-15 08:51:25","http://amerium.se/XHaMG8g/","offline","malware_download","emotet","amerium.se","217.174.149.112","57344","BG"
"2018-04-27 18:26:18","http://amerium.se/OhGBSLx7Kukh3C/","offline","malware_download","doc|emotet|Heodo","amerium.se","217.174.149.112","57344","BG"
"2018-04-26 14:06:06","http://rashev.org/x2tsa7ukq","offline","malware_download","doc|emotet","rashev.org","78.128.60.201","57344","BG"
"2018-04-19 13:07:14","http://78.128.92.109/order.exe","offline","malware_download","doc|downloader","78.128.92.109","78.128.92.109","57344","BG"
# of entries: 389