##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-12-24 22:09:01 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS8648
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-12-24 12:38:10","http://vps-3002.onecom-cloud.one/bins/shadow.arm","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:38:10","http://vps-3002.onecom-cloud.one/bins/shadow.arm64","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:38:10","http://vps-3002.onecom-cloud.one/bins/shadow.mpsl","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:38:09","http://vps-3002.onecom-cloud.one/bins/shadow.i586","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:20","http://vps-3002.onecom-cloud.one/bin","online","malware_download","botnetdomain|Mirai|sh|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:20","http://vps-3002.onecom-cloud.one/bins/shadow.arm6","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:20","http://vps-3002.onecom-cloud.one/bins/shadow.arm7","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:20","http://vps-3002.onecom-cloud.one/bins/shadow.ppc","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:20","http://vps-3002.onecom-cloud.one/yarn","online","malware_download","botnetdomain|Mirai|sh|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/asus.sh","online","malware_download","botnetdomain|Mirai|sh|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.arm5","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.arm5n","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.i486","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.m68k","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.mips","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.sh4","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.spc","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/bins/shadow.x86","online","malware_download","botnetdomain|elf|Mirai|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/pay","online","malware_download","botnetdomain|Mirai|sh|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:22:19","http://vps-3002.onecom-cloud.one/shadow.sh","online","malware_download","botnetdomain|Mirai|sh|ua-wget","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-24 12:20:16","http://81.88.18.108/yarn","online","malware_download","Mirai|sh|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-24 12:19:14","http://81.88.18.108/shadow.sh","online","malware_download","Mirai|sh|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-24 12:19:10","http://81.88.18.108/pay","online","malware_download","Mirai|sh|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-24 12:18:10","http://81.88.18.108/asus.sh","online","malware_download","Mirai|sh|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-23 06:21:12","http://81.88.18.108/bins/shadow.arm64","online","malware_download","ARM|ELF|geofenced|Mirai|opendir|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-23 06:21:11","http://vps-3002.onecom-cloud.one/bins/shadow.x86_64","online","malware_download","ELF|geofenced|Mirai|ua-wget|USA|x86","vps-3002.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-12-21 15:47:14","http://81.88.18.108/bins/shadow.armv5l","offline","malware_download","elf|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 15:47:14","http://81.88.18.108/bins/shadow.armv7l","offline","malware_download","elf|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 15:47:14","http://81.88.18.108/bins/shadow.i686","offline","malware_download","elf|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 15:47:14","http://81.88.18.108/bins/shadow.mipsel","offline","malware_download","elf|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 15:47:14","http://81.88.18.108/bins/shadow.powerpc","offline","malware_download","elf|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 15:16:16","http://81.88.18.108/bin","online","malware_download","Mirai|sh|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.arm","online","malware_download","elf|MIrai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.arm5","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.arm5n","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.arm6","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.arm7","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.i486","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.i586","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.m68k","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.mips","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.mpsl","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.ppc","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.sh4","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.spc","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.x86","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-12-21 12:35:21","http://81.88.18.108/bins/shadow.x86_64","online","malware_download","elf|Mirai|opendir|ua-wget","81.88.18.108","81.88.18.108","8648","DE"
"2025-11-29 09:45:15","http://85.190.102.98/d/xd.arm4","offline","malware_download","elf|ua-wget","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:35:07","http://85.190.102.98/d/xd.ppc","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.arm","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.arm5","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.arm6","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.arm7","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.m68k","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.mips","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.mpsl","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.sh4","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.spc","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/d/xd.x86","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/sensi.sh","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-11-28 19:34:09","http://85.190.102.98/xd.x86","offline","malware_download","mirai|opendir","85.190.102.98","85.190.102.98","8648","NL"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.arm5","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.arm7","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.mips","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.mpsl","offline","malware_download","ELF|geofenced|MIPS|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.x86","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.x86_64","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:13","http://81.88.18.108/shadow/bins/shadow.arm","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:13","http://81.88.18.108/shadow/bins/shadow.arm6","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:11","http://81.88.18.108/shadow/bins/shadow.arm64","offline","malware_download","ELF|geofenced|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:08","http://81.88.18.108/shadow/bins/binary.sh","offline","malware_download","geofenced|sh|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-02-19 18:55:04","http://212.57.37.63/nc.exe","offline","malware_download","exe|hacktool|NetCat|opendir","212.57.37.63","212.57.37.63","8648","SK"
"2025-02-19 18:55:04","http://212.57.37.63/pics.zip","offline","malware_download","opendir|zip","212.57.37.63","212.57.37.63","8648","SK"
"2025-01-22 23:04:03","http://212.57.37.63/uac_bypass.vbs","offline","malware_download","opendir|reverseshell|vbs","212.57.37.63","212.57.37.63","8648","SK"
"2023-02-02 05:07:10","http://medjugorje.tours/SMU.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","medjugorje.tours","89.22.104.142","8648","DE"
"2023-02-01 11:07:14","https://medjugorje.tours/SMU.php?URAQEAT=7","offline","malware_download","QakBot|QuakBot","medjugorje.tours","89.22.104.142","8648","DE"
"2022-12-28 00:28:12","http://royalrangerseurope.net/rulesupdate/QBOT_AZD.ZIP","offline","malware_download","514126|azd|img|iso|qakbot|qbot|quakbot|zip","royalrangerseurope.net","5.44.111.74","8648","DE"
"2022-12-14 20:06:32","https://grubi-co.de/otos/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","grubi-co.de","37.218.252.218","8648","DE"
"2022-06-13 13:30:06","https://www.xpert.sk/upload/checker/Invoice_US260999.jar","offline","malware_download","","www.xpert.sk","195.181.249.13","8648","SK"
"2022-01-11 11:35:05","http://diasforte.sk/LOGS/zFLEEKgSmmzACqAJ/","offline","malware_download","emotet|epoch4|redir-doc|xls","diasforte.sk","212.57.32.97","8648","SK"
"2021-10-22 07:20:08","http://rujewz6.sweb.cz/ok/Sample.exe","offline","malware_download","SnakeKeyLogger","rujewz6.sweb.cz","195.181.250.118","8648","SK"
"2020-12-29 11:51:04","http://tuerkiyemspor.de/d/2HwekzifbsEP6/","offline","malware_download","doc|emotet|epoch2|Heodo","tuerkiyemspor.de","5.44.111.67","8648","DE"
"2020-08-27 10:46:05","http://bss-ticket.de/wp-content/browse/7o06yaxzr8/p3xywzd24817897103294146tnev8250q0q/","offline","malware_download","doc|emotet|epoch2","bss-ticket.de","89.22.122.156","8648","DE"
"2020-08-27 07:46:04","https://www.bss-ticket.de/wp-content/browse/7o06yaxzr8/p3xywzd24817897103294146tnev8250q0q/","offline","malware_download","doc|emotet|epoch2|heodo","www.bss-ticket.de","89.22.122.156","8648","DE"
"2020-08-18 21:16:11","https://3spower.sk/bck/attachments/h75wkxyd6r/d3c53jr78977932zt5lxrjpts9wzhj5/","offline","malware_download","doc|emotet|epoch2|Heodo","3spower.sk","195.181.248.14","8648","SK"
"2020-08-17 23:19:38","https://koenigsmarck.de/blogs/Scan/lflwywmj/","offline","malware_download","doc|emotet|epoch2|Heodo","koenigsmarck.de","93.90.186.201","8648","DE"
"2020-08-06 21:39:19","https://koenigsmarck.de/blogs/FILE/","offline","malware_download","doc|emotet|epoch2|Heodo|QuakBot","koenigsmarck.de","93.90.186.201","8648","DE"
"2020-08-06 05:33:03","https://3spower.sk/bck/DOC/evangsemr/","offline","malware_download","doc|emotet|epoch2|heodo","3spower.sk","195.181.248.14","8648","SK"
"2020-08-05 06:08:05","https://dobrecasy.sk/wp-admin/user/documents.zip","offline","malware_download","Qakbot|Quakbot|zip","dobrecasy.sk","195.181.248.41","8648","SK"
"2020-07-31 09:00:07","http://comars.sk/images/LSBGF5D22A2L/mbe9wos/","offline","malware_download","doc|emotet|epoch2|heodo","comars.sk","212.57.32.164","8648","SK"
"2020-07-28 14:48:03","http://comars.sk/images/payment/","offline","malware_download","doc|emotet|epoch2|Heodo","comars.sk","212.57.32.164","8648","SK"
"2020-07-22 21:43:03","https://3spower.sk/bck/report/09vp236394718420280682sx40pg6435xpnzp5fn5i/","offline","malware_download","doc|emotet|epoch2|heodo","3spower.sk","195.181.248.14","8648","SK"
"2020-05-22 19:54:06","http://acherner-buergerstiftung.de/wp-content/plugins/tinymce-advanced/mce/advlist/da2_2020-05-07_21-39.exe","offline","malware_download","exe|gtag: da2|Trickbot","acherner-buergerstiftung.de","89.22.104.92","8648","DE"
"2020-05-15 08:47:37","https://eudubai.com/wp-content/plugins/apikey/qqduaxjzimih/80749/LoanAgreement_80749_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","eudubai.com","185.102.21.79","8648","CZ"
"2020-05-15 05:59:48","https://eudubai.com/wp-content/plugins/apikey/qqduaxjzimih/5787581/LoanAgreement_5787581_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","eudubai.com","185.102.21.79","8648","CZ"
"2020-04-21 19:17:16","http://svs-atzen.de/flower.exe","offline","malware_download","exe|Neutrino","svs-atzen.de","93.90.188.45","8648","DE"
"2020-04-21 19:17:09","http://smi-dienstleistungen.de/chrome.exe","offline","malware_download","exe","smi-dienstleistungen.de","93.90.188.45","8648","DE"
"2020-04-21 19:17:05","http://www.svs-atzen.de/flower.exe","offline","malware_download","exe|Neutrino","www.svs-atzen.de","93.90.188.45","8648","DE"
"2020-01-29 10:13:04","http://specialtactics.sk/encyclopedia/common_PTei1u_cO7nM7qD/976117_6N8unoXjEpcppfN_portal/6447603333646_pJbGj/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2020-01-22 21:13:03","http://vyboh.com/doc/Adobe-Reader-PDF-Plugin-5.0.2.exe","offline","malware_download","ArkeiStealer|exe","vyboh.com","195.181.249.13","8648","SK"
"2020-01-17 00:36:03","http://grafity-sk.sk/admin/upnpikai-n8-923/","offline","malware_download","doc|emotet|epoch3|Heodo","grafity-sk.sk","212.57.32.27","8648","SK"
"2020-01-16 03:14:03","http://specialtactics.sk/paladin/protected_module/test_cloud/H0a0EjyGR_zm4Mhg0v/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2020-01-14 00:51:03","http://specialtactics.sk/paladin/personal-5771035336275-mVZFXJm0TrK3/test-portal/MACS4OJbfa-a67mli6tazea/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2019-12-19 03:05:03","https://kavovary-saeco.sk/wp-includes/EAtQHf233167/","offline","malware_download","doc|emotet|epoch3|heodo","kavovary-saeco.sk","195.181.251.30","8648","SK"
"2019-12-19 02:53:05","https://remont.sk/wp-admin/sites/yfc6vij/","offline","malware_download","doc|emotet|epoch2|heodo","remont.sk","195.181.251.30","8648","SK"
"2019-12-19 02:26:02","http://archipelago.sk/LOGS/j9ryoq7vht-qqo4lf-disk/external-area/pDVOLy-l284H9tK68s/","offline","malware_download","doc|emotet|epoch1|Heodo","archipelago.sk","212.57.32.7","8648","SK"
"2019-12-18 21:42:07","http://specialtactics.sk/paladin/personal-sector/open-forum/7014894-cctMWiYxNSLq/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2019-12-16 13:07:59","http://grafity-sk.sk/videos/multifunctional_array/guarded_eF4x8kGbnt_umdduH0TtjW/0lbzp4oi_v214/","offline","malware_download","doc|emotet|epoch1|Heodo","grafity-sk.sk","212.57.32.27","8648","SK"
"2019-12-12 22:13:15","http://oknoplastik.sk/index_soubory/common_sector/external_area/61551354147_t4d0KY73JJyWFfGY/","online","malware_download","doc|emotet|epoch1|Heodo","oknoplastik.sk","212.57.32.76","8648","SK"
"2019-12-10 09:09:32","http://www.freizeichen.com/wp-content/personal-sector/corporate-cloud/vqGmvwQLk6gA-lJer4xgwntzn27/","offline","malware_download","doc|emotet|epoch1|Heodo","www.freizeichen.com","178.250.170.184","8648","DE"
"2019-10-09 19:02:37","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/4","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-09-17 21:53:01","http://spiritofbeauty.de/AGBs/DOC/vfh24cc39oo_utqej-98578577745/","offline","malware_download","doc|emotet|epoch2","spiritofbeauty.de","178.250.170.150","8648","DE"
"2019-08-24 01:39:07","http://code-cheats.8u.cz/Loader0/CodeBoT.exe","offline","malware_download","exe","code-cheats.8u.cz","185.102.21.125","8648","CZ"
"2019-07-28 03:35:04","http://185.80.92.4/backdoor.exe","offline","malware_download","exe","185.80.92.4","185.80.92.4","8648","DE"
"2019-07-28 03:23:03","http://185.80.92.4/chrome.exe","offline","malware_download","exe","185.80.92.4","185.80.92.4","8648","DE"
"2019-07-11 13:27:03","http://89.22.103.139:8000/bulkFont.bin","offline","malware_download","Dridex|exe","89.22.103.139","89.22.103.139","8648","DE"
"2019-07-05 09:13:03","http://kupaliskohs.sk/wp-content/themes/kupaliskohs/styles/1c.jpg","offline","malware_download","exe|Troldesh","kupaliskohs.sk","195.181.248.12","8648","SK"
"2019-05-29 22:16:02","http://spiritofbeauty.de/AGBs/FILE/KZQzKdKpSJJQRiBAepUIdJlD/","offline","malware_download","doc|emotet|epoch2|Heodo","spiritofbeauty.de","178.250.170.150","8648","DE"
"2019-04-30 00:09:02","http://ione.sk/isotope/FILE/8eBIbUhqgQM/","offline","malware_download","doc|emotet|epoch2|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-29 22:32:03","http://reckon.sk/e107_admin/verif.accs.send.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-29 17:43:02","http://specialtactics.sk/encyclopedia/trust.myacc.send.com/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2019-04-26 23:10:04","http://reckon.sk/e107_admin/FILE/tRM7hYrKbxi/","offline","malware_download","doc|emotet|epoch2","reckon.sk","195.181.248.14","8648","SK"
"2019-04-24 22:29:02","http://ione.sk/isotope/INC/36iO9PRRdX4/","offline","malware_download","doc|emotet|epoch2|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-23 08:02:03","http://reckon.sk/e107_admin/service/Frage/2019-04/","offline","malware_download","doc|emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-18 21:33:03","http://ione.sk/isotope/Document/g0TnHARB5FV/","offline","malware_download","doc|emotet|epoch2","ione.sk","195.181.248.17","8648","SK"
"2019-04-18 21:31:05","http://reckon.sk/e107_admin/LP_Rl/","offline","malware_download","emotet|epoch2|exe|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-16 11:50:03","http://ione.sk/isotope/legale/Frage/04-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-16 05:49:02","http://reckon.sk/e107_admin/3guc-rpaur-pawhxiy/","offline","malware_download","doc|emotet|epoch2|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-12 05:41:03","http://ione.sk/isotope/Ixhl-dmcVBe1HjDyJOK_hZxLyUbnI-mYM/","offline","malware_download","Emotet|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-10 17:13:12","http://reckon.sk/e107_admin/VkZW-3EDLLbA9SvtziFx_fIXcIjMh-HRS/","offline","malware_download","doc|emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-08 13:23:02","http://reckon.sk/e107_admin/IinDo-SR3wiEcsbEXj03_uNpnFBYir-EO/","offline","malware_download","Emotet|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-05 20:12:18","http://reckon.sk/e107_admin/PKHHe-7R7UNvxUjgxe9CL_zCFngvAxI-LR/","offline","malware_download","emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-03 17:57:05","http://ione.sk/isotope/secure.accounts.docs.net/","offline","malware_download","","ione.sk","195.181.248.17","8648","SK"
"2019-04-02 11:13:38","http://archipelago.sk/LOGS/sec.myaccount.resourses.com/","offline","malware_download","Emotet|Heodo","archipelago.sk","212.57.32.7","8648","SK"
"2019-03-29 13:05:02","http://magiccomp.sk/projekt_eu/bEnL-Hh_xpM-sC/","offline","malware_download","doc|emotet|epoch2|Heodo","magiccomp.sk","195.181.248.12","8648","SK"
"2019-03-27 14:36:17","http://manik.sk/drgatko.exe","offline","malware_download","exe","manik.sk","195.181.248.12","8648","SK"
"2019-03-27 12:20:05","http://magiccomp.sk/projekt_eu/II_pj/","offline","malware_download","emotet|epoch2|exe|Heodo","magiccomp.sk","195.181.248.12","8648","SK"
"2019-03-25 18:43:16","http://bercikjakub.sk/znlgu9h/secure.accounts.docs.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","bercikjakub.sk","212.57.32.73","8648","SK"
"2019-03-21 08:01:01","http://rezidenciahron.sk/_sub/pi59h-h2f22l-kjvxeusk/","offline","malware_download","Emotet|Heodo","rezidenciahron.sk","212.57.32.128","8648","SK"
"2019-03-18 17:52:05","http://layoutd.net/css/5sl1-2abwa7-rvkhlyd/","offline","malware_download","doc|emotet|epoch2|Heodo","layoutd.net","195.181.248.13","8648","SK"
"2019-03-16 00:51:11","http://privat-cyprian.sk/_ZALOHA_/4ql19-ch4bnm-czfjdlr/","offline","malware_download","doc|emotet|epoch2|Heodo","privat-cyprian.sk","195.181.248.21","8648","SK"
"2019-03-16 00:13:04","http://servicepartner.sk/usage/drbz1-7b0rw-xxzestmp/","offline","malware_download","doc|emotet|epoch2|Heodo","servicepartner.sk","212.57.32.36","8648","SK"
"2019-03-14 18:36:05","http://lemuria.sk/ww4w/vr1h-kaegqe-cxtp/","offline","malware_download","doc|emotet|epoch2|Heodo","lemuria.sk","195.181.248.18","8648","SK"
"2019-03-14 18:33:06","http://layoutd.net/aukro/270p-f03urt-zudsp/","offline","malware_download","doc|emotet|epoch2|Heodo","layoutd.net","195.181.248.13","8648","SK"
"2019-03-13 06:57:32","http://ione.sk/isotope/fa9n-ilztc-raiydwlsg/","offline","malware_download","Emotet|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-03-09 21:28:07","http://sweet-bud.com/1/6526.vbs","offline","malware_download","loader|vbs","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:40:03","http://sweet-bud.com/1/Firefox.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:39:03","http://sweet-bud.com/1/Protected24.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:39:02","http://sweet-bud.com/1/data24.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:38:05","http://sweet-bud.com/1/65.exe","offline","malware_download","exe|njrat","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:38:04","http://sweet-bud.com/1/Protected244.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:31:09","http://sweet-bud.com/1/4.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:22:50","http://sweet-bud.com/1/d22_signed.exe","offline","malware_download","exe|njrat","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:22:38","http://sweet-bud.com/1/80.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:22:13","http://sweet-bud.com/1/6565.exe","offline","malware_download","exe|njrat","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 08:42:10","http://sweet-bud.com/1/24.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-02-27 00:10:47","http://musicatemporis.recordtogo.com/sendincencrypt/support/secure/EN_en/201902/","offline","malware_download","doc|emotet|epoch1|Heodo","musicatemporis.recordtogo.com","195.181.251.27","8648","SK"
"2019-02-26 20:57:43","http://abcstudio.sk/wp-content/themes/fusion-base/fonts/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","abcstudio.sk","195.181.248.157","8648","SK"
"2019-02-26 15:56:09","http://autoskolaprimcar.sk/wp-content/themes/primi/images/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","autoskolaprimcar.sk","212.57.32.164","8648","SK"
"2019-02-26 09:40:01","http://bercikjakub.sk/phocadownloadpap/userupload/msg.jpg","offline","malware_download","exe|RUS|Troldesh","bercikjakub.sk","212.57.32.73","8648","SK"
"2019-02-20 19:52:16","http://kelvingee.hys.cz/kev4.exe","offline","malware_download","exe|HawkEye","kelvingee.hys.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:12","http://www.kokopellz.4fan.cz:80/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:10","http://kokopellz.4fan.cz:80/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:09","http://www.kokopellz.4fan.cz/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:07","http://kokopellz.4fan.cz/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:06","http://www.kokopellz.4fan.cz:80/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:05","http://kokopellz.4fan.cz:80/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:05","http://www.kokopellz.4fan.cz/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:04","http://kokopellz.4fan.cz/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-13 20:51:01","http://www.marconuenlist.ch/trust.myaccount.send.com/","offline","malware_download","doc|emotet|epoch1","www.marconuenlist.ch","5.44.111.74","8648","DE"
"2019-02-13 16:16:30","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/3","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-02-13 16:16:06","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/2","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-02-13 16:13:17","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/1","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-02-13 00:34:42","http://marconuenlist.ch/verif.accounts.docs.net/","offline","malware_download","doc|emotet|epoch1","marconuenlist.ch","5.44.111.74","8648","DE"
"2019-02-12 11:12:46","http://marconuenlist.ch/KQQGNCDOFN5346015/gescanntes-Dokument/Zahlungserinnerung/","offline","malware_download","emotet|epoch2","marconuenlist.ch","5.44.111.74","8648","DE"
"2019-02-06 12:57:54","http://frenesis.net/Telekom/Transaktion/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","frenesis.net","195.181.249.10","8648","SK"
"2019-01-16 12:20:34","http://admaacademy.sk/DE/UCUORDYIJ7907481/Dokumente/DOC-Dokument/","offline","malware_download","emotet|epoch2|Heodo","admaacademy.sk","212.57.32.116","8648","SK"
"2018-12-18 23:49:43","http://magiccomp.sk/lSaQN-ppXDNbFvXjfYkDf_IVIkFzyat-va/","offline","malware_download","emotet|epoch1|Heodo","magiccomp.sk","195.181.248.12","8648","SK"
"2018-12-17 16:57:19","http://hps-sk.sk/Amazon/Information/2018-12/","offline","malware_download","emotet|epoch1|Heodo","hps-sk.sk","195.181.250.133","8648","SK"
"2018-12-14 13:04:16","http://hps-sk.sk/boHj-qwNSBL33lOqC6XH_bFPbwJUxb-5D/","offline","malware_download","doc|emotet|heodo","hps-sk.sk","195.181.250.133","8648","SK"
"2018-12-14 00:28:18","http://frenesis.net/EN_US/Attachments/122018/","offline","malware_download","emotet|epoch1|Heodo","frenesis.net","195.181.249.10","8648","SK"
"2018-12-12 06:03:06","http://marc.optimroute.com/tLztWf7","offline","malware_download","Emotet","marc.optimroute.com","185.102.21.14","8648","CZ"
"2018-12-11 19:50:02","http://marc.optimroute.com/tLztWf7/","offline","malware_download","emotet|epoch1|exe|Heodo","marc.optimroute.com","185.102.21.14","8648","CZ"
"2018-11-28 18:09:39","http://frenesis.net/En/Clients_CyberMonday_Coupons","offline","malware_download","doc|emotet|heodo","frenesis.net","195.181.249.10","8648","SK"
"2018-11-12 16:01:03","http://asakoko.cekuj.net/ehiz.hta","offline","malware_download","","asakoko.cekuj.net","185.102.21.125","8648","CZ"
"2018-11-12 16:01:02","http://asakoko.cekuj.net/ehiz.exe","offline","malware_download","Loki","asakoko.cekuj.net","185.102.21.125","8648","CZ"
"2018-10-28 14:25:02","http://envi-herzog.de/uyitfu65uy??LeeWdH=LeeWdH","offline","malware_download","exe|Locky|Ransomware","envi-herzog.de","194.116.187.130","8648","DE"
"2018-10-04 08:45:42","http://www.hradisko.cz/3122571YQXP/biz/Personal","offline","malware_download","doc|emotet|heodo","www.hradisko.cz","185.102.21.209","8648","CZ"
"2018-09-26 11:18:36","http://diablo2friend.de/En_us/Attachments/092018","offline","malware_download","doc|emotet|Heodo","diablo2friend.de","89.22.100.72","8648","DE"
"2018-09-11 05:20:24","http://www.nellyvonalven.com/default/US_us/Paid-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-09-11 05:11:24","http://nellyvonalven.com/default/US_us/Paid-Invoices","offline","malware_download","doc|emotet|epoch2|Heodo","nellyvonalven.com","178.20.102.92","8648","DE"
"2018-09-07 06:56:04","http://www.nellyvonalven.com/default/US_us/Paid-Invoices","offline","malware_download","doc|emotet|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-09-05 03:36:29","http://waterski.sk/Corrections/","offline","malware_download","doc|emotet|epoch1|Heodo","waterski.sk","195.181.248.18","8648","SK"
"2018-09-04 16:51:50","http://waterski.sk/Corrections","offline","malware_download","doc|emotet|heodo","waterski.sk","195.181.248.18","8648","SK"
"2018-08-24 07:08:06","http://nellyvonalven.com/9741UH/oamo/Commercial","offline","malware_download","doc|emotet|Heodo","nellyvonalven.com","178.20.102.92","8648","DE"
"2018-08-22 23:50:16","http://www.nellyvonalven.com/9741UH/oamo/Commercial","offline","malware_download","doc|emotet|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-08-22 22:26:04","http://www.nellyvonalven.com/9741UH/oamo/Commercial/","offline","malware_download","doc|emotet|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-08-10 10:45:09","http://stud.clanweb.eu/gym.exe","offline","malware_download","Emotet|exe|Loki","stud.clanweb.eu","185.102.21.125","8648","CZ"
"2018-08-07 12:57:05","http://studio.maweb.eu/bidniz.exe","offline","malware_download","exe|Loki","studio.maweb.eu","185.102.21.125","8648","CZ"
"2018-08-07 12:57:03","http://studio.maweb.eu/EgO.hta","offline","malware_download","hta|Loki","studio.maweb.eu","185.102.21.125","8648","CZ"
"2018-07-30 14:27:02","http://www.ferrettconsulting.com/Jul2018/Rech/Hilfestellung/in-Rechnung-gestellt-STU-44-82239/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-30 14:26:36","http://ferrettconsulting.com/Jul2018/Rech/Hilfestellung/in-Rechnung-gestellt-STU-44-82239/","offline","malware_download","doc|emotet|epoch2|Heodo","ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-26 03:57:53","http://www.ferrettconsulting.com/sites/EN_en/Invoice/Invoice-0593121/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-25 04:31:14","http://bckm.sk/Jul2018/EN_en/Open-invoices/Invoice-658257","offline","malware_download","doc|emotet|heodo","bckm.sk","195.181.251.8","8648","SK"
"2018-07-25 04:02:16","http://www.ferrettconsulting.com/pdf/Rechnung/RECH/Fakturierung-ZZN-91-18275/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-25 03:57:42","http://ferrettconsulting.com/pdf/Rechnung/RECH/Fakturierung-ZZN-91-18275/","offline","malware_download","doc|emotet|epoch2|Heodo","ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-25 03:56:31","http://bckm.sk/Jul2018/EN_en/Open-invoices/Invoice-658257/","offline","malware_download","doc|emotet|epoch2|Heodo","bckm.sk","195.181.251.8","8648","SK"
"2018-07-24 05:36:23","http://www.lutz-nachhilfe.de/sites/US/Client/Services-07-23-18-New-Customer-YY/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-23 19:14:07","http://www.lutz-nachhilfe.de/sites/US/Client/Services-07-23-18-New-Customer-YY","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-20 03:45:22","http://www.ferrettconsulting.com/sites/En_us/OVERDUE-ACCOUNT/Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-19 09:32:42","http://www.lutz-nachhilfe.de/doc/US=5Fus/Purchase/Invoices","offline","malware_download","doc|emotet","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-19 09:32:41","http://www.lutz-nachhilfe.de/doc/US_us/Purchase/Invoices","offline","malware_download","doc|emotet|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-19 09:31:18","http://lutz-nachhilfe.de/doc/US=5Fus/Purchase/Invoices","offline","malware_download","doc|emotet","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-19 09:31:18","http://lutz-nachhilfe.de/doc/US_us/Purchase/Invoices","offline","malware_download","doc|emotet|Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-17 23:08:41","http://www.lutz-nachhilfe.de/Jul2018/En/Client/Customer-Invoice-HX-0973348/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-17 14:39:08","http://lutz-nachhilfe.de/Jul2018/En/Client/Customer-Invoice-HX-0973348/","offline","malware_download","Emotet|Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-17 09:12:06","http://www.lutz-nachhilfe.de/Jul2018/En/Client/Customer-Invoice-HX-0973348","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-16 17:12:12","http://www.elinst.sk/default/Scan/Zahlungserinnerung/Zahlungserinnerung-vom-Juli-GJN-11-52225/","offline","malware_download","doc|emotet|heodo","www.elinst.sk","212.57.32.27","8648","SK"
"2018-07-14 16:45:11","http://studio.clanweb.eu/fekir.exe","offline","malware_download","exe|Fuery|Loki|Pony","studio.clanweb.eu","185.102.21.125","8648","CZ"
"2018-07-13 15:36:39","http://www.pozarni-revize.eu/default/En_us/Order/Invoice-605099/","offline","malware_download","doc|emotet|heodo","www.pozarni-revize.eu","185.102.21.34","8648","CZ"
"2018-07-13 12:09:50","http://lutz-nachhilfe.de/doc/En_us/Order/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-13 06:59:34","http://www.lutz-nachhilfe.de/doc/En_us/Order/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-12 11:51:06","http://papillo.jecool.net/chapo.exe","offline","malware_download","Loki","papillo.jecool.net","185.102.21.125","8648","CZ"
"2018-07-11 15:37:20","http://www.lutz-nachhilfe.de/pdf/En/Jul2018/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-10 05:06:14","http://www.lutz-nachhilfe.de/sites/En_us/Payment-and-address/Invoice-79627/","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-09 20:57:07","http://lutz-nachhilfe.de/sites/En_us/Payment-and-address/Invoice-79627/","offline","malware_download","Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-06 19:35:57","http://lutz-nachhilfe.de/newsletter/US/ACCOUNT/Pay-Invoice/","offline","malware_download","Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-05 21:33:09","http://www.lutz-nachhilfe.de/newsletter/US/ACCOUNT/Pay-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-06-26 08:21:11","http://woelf.in/SheqtIxR3U/050euiM/","offline","malware_download","emotet|exe|heodo","woelf.in","93.90.186.40","8648","DE"
"2018-06-20 14:24:06","http://lemat.sk/Rechs/","offline","malware_download","Heodo","lemat.sk","195.181.248.15","8648","SK"
"2018-06-15 18:29:17","http://seda.sk/Rechnungszahlung/Zahlung-bequem-per-Rechnung-017-5026/","offline","malware_download","Heodo","seda.sk","195.181.248.10","8648","SK"
"2018-06-15 15:42:43","http://tigress.de/UPS.com/02-Jan-18-08-25-25/","offline","malware_download","Heodo","tigress.de","89.22.104.252","8648","DE"
"2018-06-15 00:12:42","http://makymaky.cz/wp-content/New-invoice-7256793/","offline","malware_download","Heodo","makymaky.cz","185.102.21.150","8648","CZ"
"2018-06-14 11:03:09","http://lemat.sk/LI5995/","offline","malware_download","emotet|epoch1|Heodo|payload","lemat.sk","195.181.248.15","8648","SK"
"2018-06-13 19:16:04","http://woelf.in/FILE/Services-06-13-18-New-Customer-MO/","offline","malware_download","doc|emotet|epoch1|Heodo","woelf.in","93.90.186.40","8648","DE"
"2018-06-11 16:19:04","http://meta-designs.com/IRS-Tax-Transcipts-062018-088L/1","offline","malware_download","doc|emotet|epoch1|Heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-06-08 10:46:05","http://lemat.sk/WKx1y/","offline","malware_download","emotet|epoch1|Heodo|payload","lemat.sk","195.181.248.15","8648","SK"
"2018-06-07 17:07:02","http://meta-designs.com/STATUS/Invoice-50418617-Invoice-date-060718-Order-no-3169541221/","offline","malware_download","doc|emotet|epoch1|Heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-06-07 14:10:12","http://lemat.sk/Hilfestellung/Hilfestellung-zu-Ihrer-Rechnung/","offline","malware_download","Heodo","lemat.sk","195.181.248.15","8648","SK"
"2018-06-05 14:58:02","http://promoagency.sk/xmlGGDtvW/","offline","malware_download","emotet|payload","promoagency.sk","212.57.32.7","8648","SK"
"2018-06-04 17:23:39","http://meta-designs.com/Client/Invoice-55567/","offline","malware_download","doc|emotet|Heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-06-01 16:38:08","http://seda.sk/ups.com/WebTracking/AR-26258614745/","offline","malware_download","doc|emotet|Heodo","seda.sk","195.181.248.10","8648","SK"
"2018-06-01 15:31:57","http://halcak.sk/ups.com/WebTracking/PK-2610131696348/","offline","malware_download","doc|emotet|Heodo","halcak.sk","212.57.32.36","8648","SK"
"2018-06-01 07:49:47","http://promoagency.sk/MC9R/","offline","malware_download","emotet|Heodo","promoagency.sk","212.57.32.7","8648","SK"
"2018-05-30 16:23:14","http://opoj.eu/Facture/","offline","malware_download","doc|emotet|Heodo","opoj.eu","195.181.248.21","8648","SK"
"2018-05-30 01:01:19","http://it-partners.sk/Bezahlen-Sie-die-Rechnung/","offline","malware_download","doc|emotet|Heodo","it-partners.sk","195.181.249.10","8648","SK"
"2018-05-29 19:59:51","http://seda.sk/ACCOUNT/HRI-Monthly-Invoice/","offline","malware_download","doc|emotet|Heodo","seda.sk","195.181.248.10","8648","SK"
"2018-05-29 19:46:07","http://promoagency.sk/ups.com/WebTracking/VXH-4422375110774/","offline","malware_download","doc|emotet|Heodo","promoagency.sk","212.57.32.7","8648","SK"
"2018-05-29 19:42:03","http://asv-frueh-auf.de/Notification-de-facture/","offline","malware_download","doc|emotet|Heodo","asv-frueh-auf.de","5.44.111.57","8648","DE"
"2018-05-29 19:40:57","http://halcak.sk/FORM/Rechnung-fur-Zahlung-Nr084592/","offline","malware_download","doc|emotet|Heodo","halcak.sk","212.57.32.36","8648","SK"
"2018-05-24 08:17:20","http://meta-designs.com/ups.com/WebTracking/QW-03559800990/","offline","malware_download","doc|emotet|heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-05-24 06:53:25","http://puchovsky.sk/ups.com/WebTracking/DWA-50428116311/","offline","malware_download","doc|Emotet|Heodo","puchovsky.sk","212.57.32.128","8648","SK"
"2018-05-23 20:30:15","http://promoagency.sk/ups.com/WebTracking/OH-1031899501/","offline","malware_download","doc|emotet|Heodo","promoagency.sk","212.57.32.7","8648","SK"
"2018-05-21 19:45:36","http://halcak.sk/Scan-35311/","offline","malware_download","doc|emotet","halcak.sk","212.57.32.36","8648","SK"
"2018-05-18 08:47:26","http://lemat.sk/YQJHmA/","offline","malware_download","emotet|Heodo|payload","lemat.sk","195.181.248.15","8648","SK"
"2018-05-17 15:20:19","http://darsser-ort.de/Paid-Invoices/","offline","malware_download","emotet","darsser-ort.de","185.3.235.205","8648","DE"
"2018-05-17 06:11:44","http://asv-frueh-auf.de/kdecFjEAD62/","offline","malware_download"," doc|emotet","asv-frueh-auf.de","5.44.111.57","8648","DE"
"2018-05-11 11:46:38","http://basedow-bilder.de/gando.bin","offline","malware_download","exe|trickbot","basedow-bilder.de","194.116.187.130","8648","DE"
"2018-05-10 13:51:21","http://basedow-bilder.de/kporto.bin","offline","malware_download","trickbot","basedow-bilder.de","194.116.187.130","8648","DE"
"2018-05-09 15:04:19","http://darsser-ort.de/h2FfAeP0yDGQ/","offline","malware_download","doc|emotet|Heodo","darsser-ort.de","185.3.235.205","8648","DE"
"2018-04-27 13:17:05","http://woelf.in/picture_library/nmzWXqMpg3O/","offline","malware_download","doc|emotet|Heodo","woelf.in","93.90.186.40","8648","DE"
"2018-04-09 18:06:11","http://oasis-lab.sk/INV/WP-22372047/","offline","malware_download","doc|emotet|heodo","oasis-lab.sk","212.57.32.43","8648","SK"
"2018-04-07 08:35:23","http://mittel.sk/ACH-FORM/NSQ-17803/","offline","malware_download","doc|emotet|heodo","mittel.sk","195.181.248.11","8648","SK"
"2018-04-06 05:49:12","http://opoj.eu/ZE-8070822513/","offline","malware_download","doc|emotet|heodo","opoj.eu","195.181.248.21","8648","SK"
"2018-04-05 17:13:30","http://novatel.sk/MpwthUI/","offline","malware_download","emotet","novatel.sk","195.181.248.17","8648","SK"
"2018-04-04 05:35:05","http://veucon.sk/W8V7rj/","offline","malware_download","emotet|exe|heodo","veucon.sk","195.181.249.11","8648","SK"
"2018-04-03 19:13:45","http://holovac.eu/WIRE-FORM/DYJ-5292811/","offline","malware_download","doc|emotet|heodo","holovac.eu","195.181.248.14","8648","SK"
"2018-04-03 19:13:30","http://halcak.sk/LUA-4336886324239/","offline","malware_download","doc|emotet|heodo","halcak.sk","212.57.32.36","8648","SK"
"2018-03-29 07:25:36","http://envi-herzog.de/uglvvah.exe","offline","malware_download","exe|retefe","envi-herzog.de","194.116.187.130","8648","DE"
# of entries: 269